1. Responsibility for data processing
Responsible according to Art. 2 para. 7 of the EU General Data Protection Regulation (GDPR):
Joachim Herz Stiftung
Langenhorner Chaussee 384
T. +49 40 533295-0
2. Contacting the data protection officer
You can contact our data protection officer at datenschutz(at)joachim-herz-stiftung(dot)de or at our mailing address, to the attention of the "data protection officer".
3. Your rights
You have the following rights towards us with regard to personal data relating to you:
3.1 General rights
You have a right to information, rectification, deletion, restriction of processing, objection to processing and data transferability. If processing is based on your consent, you have the right to revoke this consent with effect for the future.
3.2 Rights with regard to data processing according to legitimate interest
According to Art. 21 para. 1 GDPR, you have the right to object at any time for reasons arising from your particular situation to the processing of your personal data pursuant to Art. 6 para. 1 letter e GDPR (data processing in the public interest) or Article 6 para. 1 letter f GDPR (data processing to safeguard a legitimate interest). This also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
3.3 Rights with regard to direct marketing
If we process your personal data for direct marketing purposes, you have the right pursuant to Art. 21 para. 2 GDPR to object at any time to the processing of your personal data for the purpose of such advertising. This also applies to profiling insofar as it is associated with such direct marketing.
In the event of your objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.
3.4 Right of appeal to a supervisory authority
You also have the right to complain to an appropriate data protection supervisory authority regarding our processing of your personal data.
4. Collection of personal data when visiting our website
When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis for this is Art. 6 para.1 letter f GDPR:
IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transmitted in each case, requesting website, browser, operating system and its interface, language and version of the browser software.
5. Contact via e-mail or contact form
When you contact us via e-mail or contact form, e.g. in the context of funding applications, the data you provide (your e-mail address, if applicable your name and your telephone number) will be retained by us in order to answer your questions. When our contact form requests information that is not required to establish contact, the field is always marked as optional. These details enable us to give you more concrete information regarding your inquiry and to improve the processing of your request. This information is expressly communicated on a voluntary basis and with your consent, Art. 6 para. 1 letter a GDPR. If it involves information on communication channels (e.g. e-mail address, telephone number), you also agree to our contacting you via this communication channel in order to respond to your request. You can of course revoke this consent at any time in the future. In this case, please contact: datenschutz(at)joachim-herz-stiftung(dot)de.
We delete the data collected in this context after retention is no longer necessary, or limit processing if statutory retention obligations exist.
Users of the PlayEconomy project interested in business games can register online as course/game managers and thereby gain access to a password-protected area with various information, license applications and teaching materials (e.g. software, presentations, assignment sheets, manuals etc.) for downloading. If you (course/game leader) decide to register for the PlayEconomy project, the personal data (first name, surname, mailing address, name of institution/school) you use to register for the password-protected area of PlayEconomy via the appropriate form will be stored on servers used by us to check the necessary requirements for registration. This enables us to provide access to the password-protected area with your individually available materials and to ensure communication between you and the JHS. For communication purposes, the personal data is also made available to the regional coordinators if they are responsible for communication for the JHS.
The personal data mentioned here can be viewed by all registered users. This is meant to enable a personal, above all regional, exchange of experience among the registered users regarding the use of the business games. The legal basis for this data processing is your consent, Art. 6 para. 1 letter a GDPR.
The user can request the deletion of their registration at any time. In this case the JHS will immediately delete all personal data.
In addition, in connection with access to PlayEconomy's server via our login area, other personal data allowing identification of the user (e.g. IP address, date, time of access, etc.) is temporarily stored on the servers we use for data security purposes. The data mentioned here will not be analyzed except for statistical purposes and in an anonymous form.
With your consent according to Art. 6 para. 1 letter a GDPR you can subscribe to our newsletter, with which we inform you about our current offers. For the registration for our newsletter we use the so-called double opt-in procedure. This means that after your registration we will send you an e-mail to the specified e-mail address in which we ask you to confirm that you would like the newsletter to be sent to you. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month.
In addition, we store your IP addresses and the time of registration and confirmation. The purpose of the procedure is to be able to prove your registration and, if necessary, to clarify a possible misuse of your personal data.
The only mandatory information for sending the newsletter is your e-mail address. After your confirmation we will save your e-mail address for the purpose of sending you the newsletter. The legal basis is Art. 6 para. 1 letter a GDPR. We will retain your e-mail address until you unsubscribe from the newsletter.
You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter-e-mail, which sends an e-mail to Kommunikation(at)joachim-herz-stiftung(dot)de, or by sending a message to the contact details given in the legal notice.
You have the possibility of registering with us and creating an account. For registration we collect and retain the following data from you:
After registration you will receive personal, password-protected access and can view and manage the data you have provided. Registration is voluntary, but may be a prerequisite for using our services.
If you use our portal, we will retain your data until you definitively delete your access. The legal basis is Art. 6 para 1 letter a GDPR.
You can apply to us electronically, especially via e-mail. We will of course use your details exclusively for processing your application and will not pass them on to third parties. Please note that unencrypted e-mails are not transmitted with access protection.
If you have applied for a specific position and it has already been filled or if we consider you to also be qualified or better-suited for another position, we would like to forward your application within the company. Please inform us if you do not agree to this.
Your personal data will be deleted immediately after completion of the application process or after a maximum of 6 months, unless you have expressly given us your consent for longer retention of your data or a contract has been concluded. The legal basis is Art. 6 para. 1 letters a, b and f GDPR and § 26 BDSG (German Federal Data Protection Act).
This website uses the following types of cookies, the scope and functionality of which are explained below:
10.1 Transient cookies
These cookies are automatically deleted when you close your browser. This includes session cookies in particular. These store a so-called session ID, with which different requests from your browser can be assigned to that session. This enables our website to recognize your computer when you return. Session cookies are deleted when you log out or close your browser.
10.2 Persistent cookies
These cookies are automatically deleted after a specified period, which may vary depending on the cookie. You can delete cookies at any time in the security settings of your browser.
10.3 Blocking cookies
You can configure your browser settings according to your wishes and, for example, refuse to accept third party cookies or all cookies. Please note that you then may not be able to use all functions of this website.
10.4 Legal bases and storage period
The legal bases for possible processing of personal data and its retention period vary and are described in the following sections.
11 Website analysis
For the purpose of analyzing and optimizing our websites we use various services which are described below. For example, we can analyze how many users visit our site, which information is most in demand or how users find the offer. Among other things, we collect data about which website a person has accessed another website from (so-called referrers), which subpages of the website were accessed or how often and for how long a subpage was viewed. This helps us to design and improve our offers in a user-friendly way. The data collected in this case is not used to personally identify individual users. Anonymous or at most pseudonymous data is collected. The legal basis for this is Art. 6 para. 1 letter f GDPR.
11.1 Matomo (formerly Piwik)
This website uses the web analysis service Matomo (formerly Piwik) to analyze and regularly improve the use of our website. By means of the statistics obtained, we can improve our offer and make it more interesting for you as a user. The legal basis for the use of Matomo is Art. 6 para. 1 letter f GDPR.
Cookies are stored on your computer for this analysis. You can stop the analysis by deleting existing cookies and preventing the storage of cookies. If you prevent the storage of cookies, we point out that you may not be able to use this website in its entirety. Preventing the storage of cookies is possible via your browser settings. To prevent Matomo from being used, uncheck the following box to activate the opt-out plug-in:
You can decide here whether a unique web analytics cookie may be stored in your browser to enable the operator of the website to collect and analyze various statistical data.
If you wish to opt out, click the following link to place the Matomo deactivation cookie in your browser.
This website uses Matomo with the "Privacy Manager" extension. This makes IP addresses unrecognizable and direct personal references can thereby be ruled out. The IP address transmitted from your browser using Matomo will not be merged with other data collected by us.
The Matomo program is an open source project. You can obtain information on data protection from the third-party provider at matomo.org/privacy/
12. Data transmission
A transfer of your data to third parties does not take place in principle, unless we are legally obliged to do so, or the transfer of data is necessary for the execution of the contractual relationship, or you have previously expressly consented to the transfer of your data.
As far as external service providers may come into contact with your personal data, we ensure within the scope of order processing that these comply with the provisions of data protection laws in accordance with Art. 28 GDPR. Please also note the providers’ respective privacy information. The respective service provider is responsible for the content of external services. Within reason, we verify the service’s compliance with legal requirements.
13. Data security
We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to the latest technological standard.