Privacy Policy
All websites within the enma.eu domain, as well as the social media channels of the European Network on Monitoring Antisemitism (ENMA), are provided and cared for by its member organization Bundesverband RIAS e.V. (RIAS) in Germany.
RIAS is committed to protecting your privacy and processing personal data in line with the EU’s General Data Protection Regulation (GDPR), the German Federal Data Protection Act as well as the German Telecommunications-Telemedia Data Protection Act (TTDSG).
To inform you of our data processing policy and of your rights as well as to comply with our obligations under Articles 13 and 14 of the GDPR, the following declaration outlines how we process the personal data we receive when you visit the ENMA website, when you use ENMA’s social media channels or when you contact us (via email, by telephone or mail).
Status: April 16th 2024
1. Basics
1.1 Controller and Data Protection Commissioner
Under Article 4 (7) of the GDPR, responsibility for the processing of personal data lies with:
Bundesverband RIAS e.V.
Postfach 58 03 50
10413 Berlin
Germany
Telephone: +49 30 50 93 119 10
e-mail: info@report-antisemitism.de
Managing Director: Benjamin Steinitz
If you have any questions regarding the protection of your data or if you want to exercise your rights, please contact the RIAS data protection officer:
Bundesverband RIAS e.V.
The data protection officer
Postfach 58 03 50
10413 Berlin
Germany
e-mail: datenschutz@rias-bund.de
1.2 Personal data
The term “personal data” means any information relating to an identified or identifiable natural person. An identifiable natural person can be identified, directly or indirectly, in particular by linking them to an identifier such as a name, an identification number, location data or an online identifier (Article 4 (1) of the GDPR).
1.3 Legal basis for processing
We process your personal data based on
Article 6 (1) (a) of the GDPR, if we obtain consent from the data subject to process personal data,
Article 6 (1) (b) of the GDPR, if the processing is necessary for the performance of a contract or a measure before entering into a contract,
Article 6 (1) (c) of the GDPR, if the processing is necessary to comply with a legal obligation to which we are subject,
Article 6 (1) (d) of the GDPR, if the processing is necessary to protect the vital interests of the person in question or of another natural person,
Article 6 (1) (f) of the GDPR, if the processing is necessary to safeguard a legitimate interest of our association or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest.
2. The data processed when you visit this website
2.1 Log files
When you access our website, personal data is automatically collected and temporarily stored (server log files) using a necessary cookie. This data includes, for example, the web browser type/version (e.g. Firefox 115.0), the operating system used (e.g. Windows 10), the domain name of your internet service provider, and your IP address.
The temporary storage of this data is necessary to ensure the functionality and delivery of the website. We also use this data to obtain anonymous statistical information to evaluate the use, system security and stability of the website. In addition, the data is processed to trace and prevent unauthorized access to the internet server and, if necessary, misuse of the website and to ensure the security of our information technology systems.
The processing of any personal data involved is carried out in our legitimate interests (in accordance with Article 6 (1) (f) of the GDPR) in the technical provision and safeguarding of the website.
This data is deleted no later than 7 days after collection.
2.2 Adobe Fonts
We use Typekit web fonts from Adobe Fonts for the visual design of our website. Adobe Fonts is a service provided by Adobe Systems Software Ireland Companies (4-6 Riverwalk, Citywest Business Campus, Dublin 24, Republic of Ireland; hereinafter “Adobe”), which gives us access to a font library.
When you access pages of this website and give your consent, your browser will load the required fonts directly from the Adobe site to be able to display them correctly on your device. As a result, your browser will establish a connection with Adobe’s servers in the United States. Hence, Adobe learns that your IP address was used to access this website. According to the information provided by Adobe, no cookies will be stored in conjunction with the provision of the fonts.
Data is stored and analyzed based on Art. 6 (1) (f) GDPR. RIAS has a legitimate interest in a uniform presentation of the font on the ENMA website.
If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6 (1) (a) GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or the access to information in the user’s end device (e.g. device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://www.adobe.com/privacy/eudatatransfers.html.
For more information about Adobe Fonts, please read the policies under: https://www.adobe.com/privacy/policies/adobe-fonts.html.
Adobe’s Data Privacy Policy may be reviewed at: https://www.adobe.com/privacy/policy.html.
2.3 YouTube Videos
Our website includes embedded videos from the social media platform YouTube, whose operator is Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland; hereinafter “Google”).
We use YouTube in the expanded data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. Nevertheless, this does not necessarily mean that the sharing of data with YouTube partners can be ruled out as a result of the expanded data protection mode. For instance, regardless of whether you are watching a video, YouTube will always establish a connection with the Google DoubleClick network.
As soon as you start to play a YouTube video on this website, a connection to YouTube’s servers will be established. As a result, the YouTube server will be notified of which of our pages you have visited. If you are logged into your YouTube account while you visit our site, you enable YouTube to directly allocate your browsing patterns to your personal profile. You have the option to prevent this by logging out of your YouTube account.
Furthermore, after you have started to play a video, YouTube will be able to place various cookies on your device or comparable technologies for recognition (e.g. device fingerprinting). In this way, YouTube will be able to obtain information about this website’s visitors. Among other things, this information will be used to generate video statistics to improve the user-friendliness of the site and preventing attempts to commit fraud.
Under certain circumstances, additional data processing transactions may be triggered after you have started to play a YouTube video, which is beyond our control.
The use of YouTube is based on our interest in presenting our online content in an appealing manner. Pursuant to Art. 6 (1) (f) GDPR, this is a legitimate interest. If appropriate consent has been obtained, the processing is carried out exclusively based on Art. 6 (1) (a) GDPR and § 25 (1) TTDSG, insofar as the consent includes the storage of cookies or the access to information in the user’s end device (e.g., device fingerprinting) within the meaning of the TTDSG. This consent can be revoked at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
For more information on how YouTube handles user data, please consult the YouTube Data Privacy Policy under: https://policies.google.com/privacy?hl=en.
3. Personal data processed when using social networks
We maintain an online presence within the social networks Facebook and Instagram to communicate with users or to offer information about us and our activities. All social media channels can only be accessed through this website via an external link. We do not use plug-ins or other interfaces on any website within the enma.eu domain.
If you are logged into your social media account and visit our social media presences, the operator of the social media platform can assign this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account for the respective social media platform. In this case, this data collection takes place, for example, via cookies that are stored on your terminal device or by recording your IP address.
We want to point out that social networks store personal data (e.g. personal information, IP address etc.) by with their data usage guidelines and are responsible for the use of this data for their commercial interests. Your data may also be processed outside the European Union. This may result in a situation, for example, that would make it more difficult for you to enforce your rights. For details, please refer to the terms of use and data protection provisions of the respective social media platforms:
Facebook
The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland.
Privacy Policy: www.facebook.com/policy.php
Instagram
The provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Irland.
Privacy Policy: www.instagram.com/about/legal/privacy
4. Personal data processed when you contact us
When you contact us via e-mail, letter or telephone, your contact details (email address and possibly also your name, address, telephone number), and any information you may provide (including personal data) are processed to handle your inquiry. Depending on your inquiry, this might include forwarding your message to the organizations of ENMA.
5. Your rights
5.1 In dealings with us, you have the following rights regarding your personal data:
· Right of access, Article 15 GDPR: This right gives data subjects comprehensive access to data concerning them and to a few other key criteria, such as the purpose of processing or the length of storage. Exceptions to this right are governed by Section 34 BDSG.
· Right to rectification, Article 16 GDPR: This right enables data subjects to have inaccurate personal data concerning them to be corrected.
· Right to erasure, Article 17 GDPR: This right enables data subjects to have the controller delete personal data concerning them. However, such data may be deleted only if they are no longer needed, if they were processed unlawfully or if consent covering their processing has been withdrawn. Exceptions to this right are governed by Section 35 BDSG.
· Right to restriction of processing, Article 18 GDPR: This right enables data subjects to temporarily prevent further processing of personal data concerning them. Such a restriction is used above all when data subjects are examining whether to claim other rights.
· Right to data portability, Article 20 GDPR: This right enables data subjects to receive the personal data concerning them in a commonly used and machine-readable format from the controller and to transmit that data to another controller. According to Article 20 (3), second sentence of the GDPR, this right does not apply if the data processing is necessary for the performance of a task carried out in the public interest.
· Right to object, Article 21 GDPR: This right enables data subjects to object to further processing of their personal data if such processing is justified by the performance of public tasks or by public or private interests. Exceptions to this right are governed by Section 36 BDSG.
· Right to withdraw consent, Articles 13 and 14 GDPR: If the personal data is processed based on consent, data subjects can withdraw their consent at any time for the purpose in question. Withdrawing consent does not affect the lawfulness of any use based on your consent prior to its withdrawal (Article 7 (3) of the GDPR).
You may claim these rights by contacting us using the contact details given in section 1.1 at the start of this privacy policy.
5.2 Your right to complain to a supervisory authority
You also have the right to complain to a data protection supervisory authority about our processing of your personal data (Article 77 of the GDPR).
The supervisory authority responsible for RIAS is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Alt-Moabit 59-61
10555 Berlin
Germany
Telephone: +49 30/138 89-0
e-mail: mailbox@datenschutz-berlin.de