Data protection

Our data protection notices contain the following information:

Our contact details and general data processing information

Name and contact details of the responsible party

Staatliche Schlösser, Burgen und Gärten Sachsen gemeinnützige GmbH Stauffenbergallee 2a D-01099 Dresden

represented by the Managing Director, Dr. Striefler

Tel. +49 351 56391-1001

Fax +49 351 56391-1009

service@schloesserland-sachsen.de  

Further information: https://www.schloesserland-sachsen.de/en/legal-notice/   

Contact details of the company data protection officer of the responsible party

Staatliche Schlösser, Burgen und Gärten Sachsen gemeinnützige GmbH

Company data protection officer

Stauffenbergallee 2a

D-01099 Dresden

Datenschutz@schloesserland-sachsen.de 

Legal bases for processing personal data

A contractual relationship in which an event booking, or the order of an annual card, is brought about is normally the basis for processing personal data. Sending information material and newsletters is based on express consent, which you can withdraw at any time with an effect for the future. In such a case, the data in that respect will then no longer be processed.

Deleting data and storage period

We delete the personal data as soon as the purpose for storing the data no longer applies and a statutory regulation does not permit or require further storage.

Our personal data sources

The personal data we process primarily emanates from the data subjects themselves, for example in that

  • in the capacity of users these forward information, such as the IP addresses, to our web server,
  • in the capacity of interested parties request information material or an offer from us,
  • in the capacity of customers grant us an order or enter into a contract with us,
  • in the capacity of press representatives request press releases, comments and the like,
  • in the capacity of suppliers as per agreement supply us with goods or render services and the like on our behalf.

Only in exceptional cases can the personal data we process also emanate from third parties, for example if a person acts in the name of a third party.

Specific categories, purposes and legal bases for processing personal data

We process the following categories of personal data:

  • Users of our website,
  • Interested parties,
  • Representatives of the press,
  • Customers as well as
  • Suppliers.

Depending on the data category, we process personal data for the 

following purposes:

User data: We cannot allocate to any specific person data, which can be attributed to a certain person, of the users of our website (for example the IP address).

Data of interested parties/data of press representatives: Data made available to us as part of an inquiry are only processed in line with the intended purpose as per agreement.

Customer data: We process our customers' data to process contracts or based on granted consent. This also applies to processing procedures that are required to adopt pre-contractual measures (e.g. as part of preparing and negotiating offers).

Supplier data/data from business partners: We process our suppliers' and business partners data to process contracts or based on granted consent. This also applies to processing procedures that are required to adopt pre-contractual measures (e.g. as part of preparing and negotiating offers).

Recipients or categories of recipients of the personal data

Your personal data will only be forwarded to third parties, or otherwise forwarded, if such action is required for the purpose of processing contracts (e.g. to process an order) or for settlement purposes (e.g. to process a payment transaction when purchasing goods or services), if there is a justified interest in forwarding and such action does not override your interests, rights and freedoms or you had effectively consented to such action in the past. Categories of recipients can be 

  • Service providers (publishing houses, printers, promoters and the like)
  • Shipping service providers, suppliers
  • Payment service providers, banks

Data processing for newsletter circulation

It is possible to subscribe to a free newsletter on our website or as part of an inquiry to us. When you register for the newsletter, the data from the entry window is sent to us. This data includes your

  • Title
  • First name
  • Surname
  • E-mail address

This enables us to address you personally.

 

The following data is also collected when you register for the newsletter:

  • the IP address of the user, and
  • the date and time of the registration.

This serves to prevent misuse of the services or the data subject's e-mail address.

What is known as a double opt-in procedure is used when registering for our newsletter. This means that you will receive an e-mail after registration asking you to confirm your registration. This confirmation is necessary so that no one can register using someone else's e-mail address.

Your consent is obtained for the processing of the data during the registration process and reference is made to this privacy policy.

The data will be used exclusively for sending the personalized newsletter.

We also store the interests you have indicated and your use of the individual newsletter information so that we can always send you the information that interests you. The newsletters are thus qualified according to your newsletter usage.

The data will be deleted as soon as it is no longer required for sending a newsletter or you have unsubscribed or objected to receiving the newsletter. We also store restricted e-mail addresses for processing for up to three years on the basis of our legitimate interests in order to be able to prove that consent was previously given.

The subscription to the newsletter can be canceled by the user at any time. For this purpose, there is a corresponding link in every newsletter.

Data processing for competitions and promotions

If you take part in a competition on our websites, we collect the data from you that is required for participation in the competition. This is usually: first and surname, e-mail address, postal address. We process this data for the purpose of enabling participation in the respective competition and to be able to notify you by e-mail if you win. We need your address so that we can send you the prize if you win. Please also note the conditions of participation for the respective competition.

Data processing in the online store

Order forms on the websites

To procure information/material/tickets via SBG, the data required for shipping needs to be collected. Such data are, in each case, collected to process the order and are not forwarded to third parties. The personal data forwarded to SBG in the case of an order are used as follows:

  • Evaluation for internal statistical purposes
  • Use to optimize user-friendliness (e.g. if you send us information or we answer questions after the order process)
  • Use for marketing campaigns (e.g. newsletters) if you have given your consent

Purchase of the schlösserlandCARD

We process your personal data, in particular your contact details, to process your order. We may use information (e.g. a so-called score value) from external service providers to check your creditworthiness. By purchasing schlösserlandCARDs, you agree that we will inform you about current schlösserlandCARD offers after one year.

Processing of complaints/exchanges for the schlösserlandCARD

Your data will be processed exclusively for accounting purposes when handling complaints/exchange campaigns for the schlösserlandCARD.

Purchase of a schloesserlandCARD in the app

In the »Schloesserland erleben« app, it is possible to purchase one or more schloesserlandCARDs as a digital ticket. In doing so, personal data is processed for the purpose of handling the order. For this purpose, the purchase process is started in the app, the forwarding to the store takes place automatically. In order to use the schloesserlandCARD, customer data (first name, surname, e-mail address, card type, validity) is processed and stored. The correct entry is a prerequisite for using the personal card. All personal data is collected and stored exclusively for the purpose of the personal use of the schloesserlandCARD. IT service providers support SBG and are contractually bound to data protection. Users can have stored data deleted at any time via the service. When personal customer data is deleted, any schlösserlandCARD purchased in the app is also deleted and is then no longer available.

During the check-in process with the schloesserlandCARD to one of our castles, palaces or gardens, location and time-related data is stored and used for internal evaluations.

Purchase processing of the schloesserlandCARD via the »Schloesserland erleben« app

The purchase processing is carried out by the external service provider Etix (etix.com event GmbH & Co.KG). The regulations from Etix's privacy policy apply. These can be read here. For the purchase process, the user's specified e-mail address is transmitted to Etix. Etix delivers information (first name, surname, mail, card type) about the purchase process to the external service provider Fluxguide via an interface.

Import of an existing digital card

As part of the new development of the »Schloesserland erleben« app, the user has the option to import an existing card from the schloesserlandCARD app into the new app. If this service is used, the service provider of the schloesserlandCARD app transfers the user data (first name, surname, e-mail, card type, validity) to the service provider of the »Schloesserland erleben« app. Our service providers are contractually bound to data protection.

Notifications of the app

The app offers a push message function, the use of which requires the user's consent. Provided that the user consents to the push message function, »Schloesserland Sachsen« can send information about upcoming dates and news to the corresponding cell phone, the receipt of which is notified by a corresponding function of the mobile phone. If the offer is taken up, the assignment and storage of an anonymized, non-traceable identification number takes place with consent. The push messages can be deactivated again in the system settings of the smartphone and thus the consent revoked.

Legal basis for the data processing

The processing of this data takes place on the basis of Art. 6 para. 1 letter b of the GDPR for the use of the »Schloesserland erleben« app, on the basis of Art. 6 para. 1 letter a of the GDPR for the use of the push notifications, and on the basis of Art. 6 para. 1 f of the GDPR for the statistical evaluation of the use of the app.

Sale of tickets via third party suppliers

Ticket sales via Eventim

In some sections we make use of the sale via the outside service provider Eventim for the service-oriented sale of event and exhibition tickets. The provisions set out in Eventim data protection apply.

Ticket sales via Etix

In some sections we make use of the sale via the outside service provider Eventim for the service-oriented sale of event and exhibition tickets. The provisions set out in Etix data protection apply. 

Data processing via brochure orders

You can order our brochures via the brochure database of the Free Federal City of Saxony. By way of the publication database, the Free Federal City of Saxony provides an extensive electronic range of brochures, flyers and other communications media of the State Chancellery, all ministries and numerous other authorities, which can be ordered in electronic or paper form. The authorities that enter their publications in the central publication database maintain the content of their range themselves.

In accordance with Article 4, Number 7, in conjunction with Article13 and Article 14, General Data Protection Regulation, the Saxony State Ministry of the Interior is responsible for processing the personal data. You can find the contact details of the Saxony State Ministry of the Interior, and the official data protection officer, via the link: http://www.smi.sachsen.de/kontakt.htm. 

Your data are processed, by way of applying the security requirements agreed upon accordingly, by the Staatsbetrieb Sächsische Informatik Dienste and T-Systems International GmbH service provider. You can obtain additional data protection information here when ordering brochures via the publication database.

Data processing in the case of customer feedback

Your contact details will be processed to reply to your questions and feedback, and as required where requested by you for participation in the prize draw.  

Guest monitoring via Netigate

Participation in guest monitoring

The guest monitoring on our web pages is provided by Netigate Deutschland GmbH. You will find extensive information about data protection here. Personal data are processed and only used for the purpose of feedback/establishing contact with the customer. The data are stored at SBP only for the purpose of establishing contact.  By way of the guest monitoring via Netigate you are informed of this and your consent is requested. 

Participation in a competition in guest monitoring

When taking part in a competition, we will ask you to provide your first and surnames, your address and e-mail address for the purpose of shipping the respective prize.

Data processing at trade fairs, congresses and events

You can establish contact with us at any time at trade fairs/congresses and events. If you are interested in receiving information and further material, you can complete a contact form at the respective event. You will find further data protection information here for personally establishing contact at fairs or events.

Press data processing

We perform professional and strategic press and public relations work to honor our public service. To that end we collect and store the contact details of editors, journalists, publishers and media representatives. The contact details can be deleted at any time from our distribution list via the unsubscribe button in the corresponding media information or via a corresponding note by e-mail directed to presse@schloesserland-sachsen.de.

Data processing in social media channels

In order to promote its services, SBG uses well-known social media platforms, such as Facebook, YouTube, Twitter, Instagram, and LinkedIn. However, our website refrains from the use of social media plug-ins. If you are a user of these platforms, then you can gain access via the links displayed on our website and, if applicable, communicate with us via these channels. The platforms process personal data according to their own conditions of participation and data protection rules, over which we have no influence.
This initially includes data such as the IP address, date, time, and page visited. If the user is logged into his or her user account of the respective network during this time, the network operator may be able to correlate the information collected regarding the user’s specific visit to the user’s personal account. If the user interacts via a “Share” button of the respective network, this information may be stored in the user’s personal user account and possibly published. If the user wishes to prevent the collected information from being directly correlated with his or her user account, he or she must log out before clicking on the graphic. It is also possible to configure the respective user account accordingly.
We would like to point out that it is also possible for user data to be processed outside of the European Union, in particular in the USA. The USA is not a safe third country within the meaning of EU data protection law. US companies are obliged to hand over personal data to security authorities without you as a data subject being able to take legal action against this. It can therefore not be ruled out that US authorities (e.g. intelligence services) process, evaluate, and permanently store your data located on US servers for surveillance purposes. We have no influence on these processing activities.

The following social networks are integrated into our site via links:

Twitter
We maintain an online presence on Twitter in order to present SBG and our services and to communicate with you.  Twitter is a service of Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Privacy policy: https://twitter.com/en/privacy 

YouTube
We maintain an online presence on YouTube in order to present SBG and our services and to communicate with you. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA. Privacy policy:  https://policies.google.com/privacy 

Facebook
We maintain an online presence on the Facebook platform in order to advertise our products and services and to communicate with you. According to a ruling of the European Court of Justice, we are jointly responsible for this social media platform together with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. However, it cannot be excluded that processing by Facebook Ireland Ltd. is carried out in the USA via Facebook Inc., 1601 Willow Road, Menlo Park, California 94025. You can reach Facebook’s data protection officer by means of a contact form: https://www.facebook.com/help/contact/540977946302970 

Facebook is aware of its joint responsibility with SBG and has published the content of an agreement from which the mutual obligations arise under the following link: https://www.facebook.com/legal/terms/page_controller_addendum 

When users access our online presence on the Facebook platform, their user data (e.g. personal information, IP address, etc.) is processed by Facebook Ireland Ltd. as the operator of the platform in the EU. Our legitimate interest lies in the analysis, communication, sales, and advertising of our products and services, which Facebook makes available to us in anonymized form. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create profiles of users. These profiles enable Facebook Ireland Ltd., for example, to advertise to users within and outside of Facebook according to their individual interests. If a user is logged into his or her Facebook account at the time of accessing our website, Facebook Ireland Ltd. can also link the data to the corresponding user account.
If the user contacts us via Facebook, the personal data he or she enters at this time will be used to process the inquiry. We delete the user’s data provided that the user’s inquiry has been answered conclusively and there are no legal obligations to retain data, e.g. in the case of subsequent contract processing. 
Facebook Ireland Ltd. may also set cookies in order to process the data. If the user does not consent to this processing, he or she may prevent the installation of cookies by configuring the browser accordingly. Cookies that have already been stored can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented via the browser settings, but rather by configuring the Flash player accordingly. If the user prevents or restricts the installation of cookies, he or she may not be able to make full use of all the functions of Facebook. 
More details on the processing activities, their prevention, and the deletion of data processed by Facebook can be found in Facebook’s privacy policy: https://www.facebook.com/privacy/explanation 

Instagram
We maintain an online presence on the Instagram platform in order to advertise our products and services and to communicate with interested parties or customers. We are jointly responsible for this social media platform together with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. However, it cannot be excluded that processing by Facebook Ireland Ltd. is carried out in the USA via Facebook Inc., 1601 Willow Road, Menlo Park, California 94025.
You can reach Instagram’s data protection officer by means of a contact form: https://www.facebook.com/help/contact/540977946302970 
When users access our online presence on the Instagram platform, their user data (e.g. personal information, IP address, etc.) is processed by Facebook Ireland Ltd. as the operator of the platform in the EU.
Our legitimate interest is the analysis, communication, sales, and promotion of our products and services. This user data is used for statistical information about the use of our company presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create profiles of users. These profiles enable Facebook Ireland Ltd., for example, to advertise to users within and outside of Instagram according to their individual interests. If a user is logged into his or her Instagram account at the time of accessing our website, Facebook Ireland Ltd. can also link the data to the corresponding user account. If the user contacts us via Instagram, the personal data he or she enters at this time will be used to process the inquiry. We delete the user’s data provided that the user’s inquiry has been answered conclusively and there are no legal obligations to retain data, e.g. in the case of subsequent contract processing.
Facebook Ireland Ltd. may also set cookies in order to process the data. If the user does not consent to this processing, he or she may prevent the installation of cookies by configuring the browser accordingly. Cookies that have already been stored can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented via the browser settings, but rather by configuring the Flash player accordingly. If the user prevents or restricts the installation of cookies, he or she may not be able to make full use of all the functions of Facebook. 
More details on the processing activities, their prevention, and the deletion of data processed by Instagram can be found in Instagram’s privacy policy: https://help.instagram.com/519522125107875/ 

LinkedIn
We maintain an online presence on LinkedIn in order to present SBG and our specialists and executives: Staatliche Schlösser, Burgen und Gärten Sachsen gemeinnützige GmbH | LinkedIn. The data controller is LinkedIn Ireland Unlimited Company , Wilton Place, Dublin 2, Ireland.
Privacy policy: LinkedIn privacy policy https://de.linkedin.com/legal/privacy-policy 

Data processing in the "Schlösserland erleben" app

The following data is processed when you use the app:

The app offers the possibility to retrieve information about experiences and special features in palaces, castles & gardens from a central information system (editorial system). The information service uses various formats (text, image, map, video, audio). The retrieved data is stored on the mobile device used to access the app. Much of the content from the editorial system is loaded onto the mobile device the first time the app is launched. In addition, information about functions of the app can be deleted from the mobile device and retrieved and stored by the central editorial system.

The app only transmits data from the mobile device to the central information system that is required to retrieve data from the editorial system or to operate the information service properly.

The transmitted IP address is used to deliver requested information. The IP address is technically required to answer the HTTP request of the client (app), i.e. to deliver the content of the requested HTML page or multimedia file (image, audio, video). The IP address is not stored or forwarded beyond this. Thus, there is explicitly also no storage of the IP address in the server log files.

When the app is installed, a unique, non-traceable, anonymized identification number is assigned and stored on the mobile device. This anonymized identification number is used to ensure the system operates properly and to evaluate the information on offer.

The following data is stored and also processed when the central system is accessed:

  • Date and time of access
  • Name/ID of the accessed information/file
  • Anonymized, non-traceable identification number
  • The data collected for the administration of the system is stored centrally on the web server in a log file and deleted after 60 days.

State Palaces, Castles and Gardens of Saxony, non-profit (SBG) would like to continuously improve the information offered and also report on its impact. Therefore, accesses to the central editorial system are stored in a database in anonymized form with regard to the use of the information on offer and evaluated for statistical purposes.

The following data is further evaluated for the usage statistics:

  • Date and time of access
  • Name/ID of the accessed information/file
  • The selected language in the app
  • Anonymized, non-traceable identification number
  • Interests noted by the user (e.g. culinary arts or the Middle Ages)
  • Travel information (e.g. Saxony region and e-car)
  • Ratings of games (5-star rating for visitor tour)
  • Favorites lists (places & experiences) compiled by the user
  • Purchase, administration, card type and use of the digital schlösserlandCARD
  • Anonymized visit history when using the schlösserlandCARD
  • Duration of use of experiences (e.g. multimedia guide)
  • Anonymized usage behavior in the app (accessing page content, experiences)
  • Accessing push notifications

Consent to tracking

The user has the option of consenting to the tracking of their user behavior in the app. The basic requirement for tracking is a digital schlösserlandCARD

The personal usage data collected in the app will be transmitted to the customer relationship management tool Hubspot if consent is given and used as follows:

  • Evaluation for internal statistical purposes
  • Use for marketing campaigns (such as newsletters)
  • Recording of the user's interests (e.g. interest in cuisine or the Middle Ages) directly during excursion planning or indirectly via usage behavior in the app (experience locations and experiences, favorites)
  • schlösserlandCARD usage behavior
  • Trip planning

Legal basis for the data processing

The processing of this data takes place on the basis of Art. 6 para. 1 letter e of the GDPR.

App support

Technical support for the Schloesserland app from State Palaces, Castles and Gardens of Saxony, non-profit (SBG) is provided by Fluxguide Ausstellungssysteme GmbH (insert central contact address). The editorial responsibility lies with State Palaces, Castles and Gardens of Saxony, non-profit (SBG).

Data Processing of Video Surveillance

To protect our historic buildings and gardens, we operate video surveillance. The pictograms and informational texts regarding the recorded rooms, buildings and gardens are in accordance with Article 13 GDPR. The people concerned also receive information about who is responsible for the video surveillance, for which purposes as well as on which legal basis video surveillance is carried out and how long the video recording footage is saved by us.
Alongside the video surveillance, only image data relating to the date and location of the footage is recorded.

For the operation of the video surveillance system we occasionally use external service providers. As part of legal proceedings we transmit individual video footage to the relevant law enforcement authority such as the police or public prosecutor’s office.

The legal basis is Article 6, (1), lit. f), c), e) GDPR in connection with §§ 161, (1), 163 (1), (3), StPO.

Your rights as a data subject

By way of this data protection statement, we are inform you pursuant to Article 13, GDPR about how we process data that can be attributable to a certain person or personal data. In that respect, you have the following rights:

Right to obtain information

You have the right to receive confirmation from us free of charge as to whether or not we process your personal data. If this is the case, you will have the right to obtain information about such personal data and additional information pursuant to Article 15 GDPR. To that end, you can approach us by post or e-mail with your ID details.

Right to rectification

Furthermore, you are entitled to request that we correct without delay inaccurate data that apply to you. 

Right to erasure

You have the right to request the deletion of your personal data if one of the preconditions of Article 17, GDPR, is met. 

Right to restriction of the processing

You have the right to request that we restrict the processing if one of the preconditions of Article 18, GDPR, is met. 

Right to data portability

You are entitled to receive the personal data that applies to you, and which you have made available to us, in a structured, conventional and machine-readable format, and you are have the right to forward such data to another controller without restrictions by us if the preconditions of Article 20 GDPR are met. 

Right to object in the case of processing due to a justified interest

Insofar as we process personal data in exceptional cases as a result of justified interests, you have the right to object at any time to the processing of your personal data for reasons that arise from your special situation. 

Right to object in the case of granted consent

You have the right to withdraw at any time consent given to the use of the collection and use of personal data with an effect for the future. 

Automated decision-making, including profiling

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. However, we do not perform such automated decision-making.

Voluntary nature of the provision of data

If the provision of personal data is specified by or set out in a contract, as a matter of principle we will draw attention to that when collecting the data. Furthermore, data may, however, be required to enter into a contract. 

Right to lodge a complaint with a supervisory authority

Furthermore, you have the right to lodge a complaint at any time with a data protection supervisory authority at your place of work, place of residence or place of abode within the EU if you believe that the processing of your personal data is unlawful.

Our relevant supervisory authority is

The Saxony Data Protection Officer
Kontor am Landtag
Devrientstraße 5
D-01067 Dresden

Scope of the processing of personal data via our website

We process and use personal data of our users as a matter of principle only in so far as this is necessary to provide a functioning website, our content and render services. 

Making the website available and creating log files

Server logs

When an internet page is viewed, our system automatically records data and information for technical reasons. Such data are only collected as required in the case of a specific attack or error analysis, and are deleted following the end of the analysis. In that respect, these are

  • Access inquiry on server with URL
  • Browser address
  • IP address

Logs for search words

When using the search function that is made available on our website, we store all the search terms entered in the search with the IP address of the searching party via TYPO3 Search Extension. We use such data as required for internal statistics and to prevent attacks by exploiting security gaps. The IP addresses are rendered anonymous after 10 days.

Establishing contact via the contact form, e-mail contacts, sending faxes and telephone calls

Our website contains contact forms that can be used to establish contact with us electronically in various areas and regarding various topics. In addition to the data you state in the contact form, the IP address and the time of the inquiry are stored. The data will be deleted as soon as the collection of such data is no longer required. 

Using Cookies

 

When accessing certain pages, “cookies” may be used. These are small text files that are stored on your terminal device (PC, smartphone, tablet, etc.). If you call up a website, a cookie may be stored by your browser. This cookie contains a characteristic character string that enables the browser to be uniquely identified when the website is accessed again. In addition, it may be that third-party providers wish to use tracking technologies in order to offer their services, to constantly improve these services, and to display advertisements according to the interests of the users. If this is the case, we explicitly ask you to give your consent by means of the Usercentrics cookie consent banner. You can revoke your consent at any time in the privacy policy (Use of cookies) with effect for the future. We store your consent; this data is deleted after a period of three years. Some of the cookies we use are deleted after the end of the browser session, i.e. after you close your browser (“session cookies”). Other cookies that were set with your consent remain on your terminal device and enable us or our service providers (third parties) to recognize your browser on your next visit (“persistent cookies”). 

Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc. (»Google«) Google Analytics uses »Cookies«, which are stored on your terminal and facilitate an analysis of how you use the website. The information created by the Cookie about how you use this website (including your IP address) is transferred to a Google server in the US and stored there. Prior to the storage, the final digits will be removed from your IP address so prevent unequivocally attributing it to a certain person. Google will use this information to evaluate your use of the website, to put together reports on the website activities for the website operator and to render additional services associated with the website and internet use. Where applicable, Google will also forward this information to third parties insofar as this is legally specified or insofar as third parties process the data by order of Google. Under no circumstances will Google associate your IP address with other data of Google. You can prevent the installation of Cookies by way of a corresponding setting in your browser software; however, we draw attention to the fact that in such a case you may not be able to fully use all the functions on this website. By way of using this website you consent to the processing of your personal data that have been gathered by Google in the manner described above and for the purpose described above. Furthermore, the user can prevent the recording of the data created by the Cookie and data related to your use of the website (including your IP address) and forwarding to Google, as well as the processing of such data by Google, by downloading and installing the browser plug-in via the following link: https://tools.google.com/dlpage/gaoptout?hl=en   

In addition, to that end we use Google Analytics to evaluate data from AdWords and the DoubleClick Cookie as well as data from the Google advertising functions solely for statistical purposes. You can deactivate such evaluation at any time via the following link: https://adssettings.google.com/authenticated?hl=en.

Google Adwords Remarketing/Conversion Tracking:

Our website uses the Google Adwords service. Google AdWords is an online advertising program of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). By way of the remarketing function, we can present advertisements to the users of our website, based on their interests, on other websites within the Google Display Network (on Google itself, so-called "Google Advertisements" or on other websites).  

In the case of Google services such as AdWords, DoubleClick for Publishers, AdExchange and AdSense, Google is responsible for processing the data because in this respect Google uses its own user data.

You will find an overview here and here of how Google specifically protects and processes your data.

As part of the so-called Conversion Tracking, a Cookie will be placed on your computer/terminal when you click on an advertisement placed by Google. These cookies are no longer valid after 30 days. They do not contain any personal data and are, therefore, not aimed at personal identification.

You can deactivate interest-related advertisements on Google as well as interest-related Google advertisements on the web (within the Google Display Network) in your browser by clicking in the "Off" button at https://adssettings.google.com/authenticated?hl=en 

Google DoubleClick (including SafeFrame and Publisher Tags):

The DoubleClick service/platform of the supplier Google Inc. (Google) is used to provide, process, control and optimize advertisements, based on your interests, on the websites of publishers. Cookies are used to that end. As part of the use of DoubleClick, we furthermore use the functionalities of Google Publisher Tags, whereby the targeting can be adjusted ideally to the content of the website. We also use Google SafeFrame to optimize the provision of advertisements. 

You can deactivate interest-related advertisements of Google in your browser by clicking on the respective link "deactivate" in the sub-point "Deactivation Settings" at https://adssettings.google.com/authenticated?hl=en or insofar as you use Google Chrome, Firefox or Internet Explorer as a browser, you can deactivate the DoubleClick Cookie by installing the extension for your browser that is available at https://adssettings.google.com/authenticated?hl=en.

GA Audience

Our website uses GA Audience, a service of the company Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: GA Audience). GA Audience uses, inter alia, Cookies, which are stored on your computer as well as other mobile devices (e.g. Smartphones and Tablets etc.) and which facilitate an analysis of the use of the corresponding devices. In that respect, the data are, in part, evaluated on a device-wide basis. In that respect Google Audience is granted access to the Cookies that are created as part of using Google AdWords and Google Analytics. As part of the use, data, in particular such as the IP address, and activities of the user can be forwarded to a server of the company Google Inc. and stored there. Google Inc. will, where applicable, forward such information to third parties where such action is specified by law or insofar as such data are processed by third parties. You can prevent the recording and forwarding of personal data (in particular your IP address), as well as the processing of such data, by deactivating the implementation of Java Script in your browser or by installing a tool such as "NoScript". Furthermore, you can prevent the recording of the data created by the Cookie and data related to your use of the website (including your IP address) and forwarding to Google, as well as the processing of such data by Google, by downloading and installing the browser plug-in available via the following link: (https://tools.google.com/dlpage/gaoptout?hl=en). You can obtain further data protection information in the case of using GA Audience via the following link: https://support.google.com/analytics/answer/2700409?hl=en&ref_topic=2611283

TYPO3 Session Cookie 

On our website we use a TYPO3 session Cookie to store your filter settings on an intermediate basis for the next time you visit our website. The data used in that respect are not personal, are not rendered anonymous and are deleted at the end of the session (final closure of the website).

Buttons containing labels of the social networks Facebook, Twitter, Google+ or their logos

The website merely contains buttons with labels of the social networks Facebook, Twitter, Google+ or their logos. These buttons are qualified links to the respective social networks. When clicking on a button, users are forwarded via a link to the respective social network. Furthermore, a link is also sent by the visited website for the purpose of sharing in the social networks. Users' personal data are not collected via the buttons or forwarded to the operators of the social networks.

External content suppliers: YouTube

When activating the videos embedded in our web pages based on the "schloesserland Saxony" YouTube channel, we will draw your attention to the fact that you are hereby entering the area of validity of the Google data application guidelines at https://policies.google.com/privacy?hl=en&gl=de. 

Please be aware of the information you disclose in these channels via comments. They can be viewed by other visitors on the page and by the administrators. In view of the fact that the pages are generally accessible, the information that you share on a page is public data. This means that a comment can also be used outside of YouTube. Please consider that such information may be indexed by search machines, including Google.

The administrators of our YouTube channel will not evaluate or record such data elsewhere, neither currently nor in the future. The statistics that YouTube makes available to the administrators are issued in an aggregated form and do not enable the administrators to draw any conclusions about personal data.

Encrypting the website

The website and therefore the data forwarding via the website are encrypted using the SSL-Standard (HTTPS protocol).

Hosting the website and the APP SchloesserlandCARD

We largely process data by way of calling on the services of so-called hosting service providers that make storage space and processing capacities available to us in their computer centers and pursuant to our instructions also process personal data on our behalf.  Wirtschaftsförderung Sachsen GmbH is our hosting service provider. You can find all the necessary data protection information of Wirtschaftsförderung Sachsen GmbH here.

Forwarding personal data to a third country (foreign countries in the EU)

If we forward data to third countries, i.e. countries outside the European Union, the forwarding applies exclusively by way of complying with the admission requirements specified by law. If the forwarding of data to a third country is not aimed at performing a contract concluded with you, you have not granted us your consent in that respect, the forwarding is not necessary for the establishment, exercise or defense of legal claims, and otherwise an exemption provision pursuant to Article 49 GDPR does not apply, we will only forward your data to a third country if an adequacy decision pursuant to Article 45 GDPR is adopted or suitable guarantees pursuant to Article 46 GDPR have been provide. One of these adequacy decisions is the (EU) 2016/1250 Commission Implementing Decision of 12.07.2016 on the so-called "EU-US Privacy Shield" for the US. As a matter of principle, the German data protection standard is deemed appropriate for forwarding data to companies that are certified pursuant to the EU-US Privacy Shield within the meaning of Article 45 GDPR or it is to be additionally established by way of entering into the EU standard data protection clauses issued by the European Commission with the receiving party, suitable guarantees pursuant to Article 46 (2c), GDPR, or an appropriate data protection standard. You can obtain copies of the EU standard data protection clauses on the European Commission website at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en

Transfer of personal data to a third country (other EU countries)