Privacy Policy

1. Privacy at a Glance

General Information

The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data refers to any data that can personally identify you. Detailed information on data protection can be found in our privacy policy below.

 

Data Collection on This Website

Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. The operator’s contact details can be found in the section “Information on the Responsible Party” in this privacy policy.

 

How do we collect your data?
Your data is collected in two ways:

1. You provide it to us directly, for example, by entering data into a contact form.

2. Other data is automatically collected or recorded with your consent when you visit the website. This includes technical data (e.g., internet browser, operating system, or time of page access). These data are collected automatically as soon as you enter this website.

 

What do we use your data for?
Some of the data is collected to ensure the proper functioning of the website. Other data may be used to analyze your user behavior. If contracts can be concluded or initiated via the website, the transmitted data will also be processed for contract offers, orders, or other service requests.

 

What rights do you have regarding your data?
You have the right to request information about the origin, recipient, and purpose of your stored personal data at any time, free of charge. You also have the right to request the correction or deletion of your data. If you have given consent to data processing, you may withdraw this consent at any time with future effect. Additionally, under certain circumstances, you have the right to request the restriction of the processing of your personal data. Furthermore, you have the right to lodge a complaint with the relevant supervisory authority.

For any questions regarding data protection, you can contact us at any time.

 

2. Hosting

We host the content of our website with the following provider:

 

WIX

The provider is Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (hereinafter referred to as "WIX").

WIX is a tool for creating and hosting websites. When you visit our website, WIX analyzes user behavior, visitor sources, the geographical region of website visitors, and visitor numbers. WIX stores cookies in your browser that are necessary for displaying the website and ensuring its security (essential cookies).

The data collected via WIX may be stored on various servers worldwide. WIX servers are located in several countries, including the United States.

For more details, please refer to WIX’s privacy policy:
https://de.wix.com/about/privacy.

 

Data Transfer to the USA and Other Third Countries

According to WIX, data transfers to the USA and other third countries are based on the Standard Contractual Clauses (SCCs) of the European Commission or comparable guarantees pursuant to Article 46 of the GDPR. Further details can be found here:
https://de.wix.com/about/privacy-dpa-users.

The use of WIX is based on Article 6(1)(f) GDPR. We have a legitimate interest in ensuring the most reliable presentation of our website. If consent is requested, data processing will be based exclusively on Article 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.

 

EU-US Data Privacy Framework (DPF)

The company is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States that ensures compliance with European data protection standards for data processing in the USA. Every company certified under the DPF commits to adhering to these data protection standards.

For more information, please visit:
https://www.dataprivacyframework.gov/participant/5626.

 

3. General Information and Mandatory Notices

Data Protection

The operators of this website take the protection of your personal data very seriously. We handle your personal data confidentially and in accordance with statutory data protection regulations as well as this privacy policy.

When you use this website, various personal data are collected. Personal data refers to data that can personally identify you. This privacy policy explains which data we collect and how we use it. It also explains how and for what purpose this occurs.

We would like to point out that data transmission over the internet (e.g., communication via email) may have security vulnerabilities. A complete protection of data from access by third parties is not possible.

Information on the Responsible Entity

 

The responsible entity for data processing on this website is:

Kinderladen „Storkower Zauberwäldchen“ e.V.
Franz-Jacob-Str. 4A
10369 Berlin
Phone: +49 (0) 3034627656
Email: info@storkower-zauberwaeldchen.de

 

The responsible entity is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g., names, email addresses, etc.).

 

Storage Duration

Unless a more specific storage period is stated in this privacy policy, your personal data will remain with us until the purpose for data processing ceases. If you make a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in such cases, deletion will occur after these reasons no longer apply.

 

General Information on Legal Bases for Data Processing on This Website

If you have given your consent to data processing, we process your personal data based on Article 6(1)(a) GDPR or Article 9(2)(a) GDPR if special categories of data under Article 9(1) GDPR are processed. In the case of explicit consent for data transfer to third countries, data processing is also based on Article 49(1)(a) GDPR. If you have consented to the storage of cookies or access to information on your device (e.g., device fingerprinting), data processing is additionally based on § 25(1) TDDDG. Consent can be revoked at any time.

If your data is required for contract fulfillment or pre-contractual measures, we process your data based on Article 6(1)(b) GDPR. Furthermore, we process your data if necessary to fulfill a legal obligation based on Article 6(1)(c) GDPR. Data processing may also be based on our legitimate interest under Article 6(1)(f) GDPR. The specific legal bases applicable in individual cases are outlined in this privacy policy.

 

Recipients of Personal Data

In the course of our business activities, we work with various external parties. In some cases, it is necessary to transfer personal data to these external entities. We only share personal data with external parties if this is required for contract fulfillment, if we are legally obligated to do so (e.g., transfer of data to tax authorities), if we have a legitimate interest under Article 6(1)(f) GDPR, or if another legal basis permits the data transfer.

When using data processors, we only transfer personal data based on a valid data processing agreement. In the case of joint processing, an agreement on joint processing is concluded.

 

Revocation of Your Consent to Data Processing

Many data processing operations are only possible with your explicit consent. You may revoke consent at any time. The legality of data processing carried out before revocation remains unaffected.

 

Right to Object to Data Collection in Special Cases and to Direct Marketing (Article 21 GDPR)

IF DATA PROCESSING IS BASED ON ARTICLE 6(1)(E) OR (F) GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION. THIS ALSO APPLIES TO PROFILING BASED ON THESE PROVISIONS. YOU CAN FIND THE LEGAL BASIS FOR EACH PROCESSING OPERATION IN THIS PRIVACY POLICY.

IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR AFFECTED PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE REASONS FOR PROCESSING THAT OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS OR IF PROCESSING SERVES THE ASSERTION, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ARTICLE 21(1) GDPR).

IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING, INCLUDING PROFILING RELATED TO DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ARTICLE 21(2) GDPR).

 

Right to Lodge a Complaint with a Supervisory Authority

In the event of a GDPR violation, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the EU member state of their habitual residence, place of work, or the place of the alleged violation. This right to complain is without prejudice to other administrative or judicial remedies.

 

Right to Data Portability

You have the right to receive data that we process automatically based on your consent or in fulfillment of a contract, in a common, machine-readable format. If you request direct transfer to another controller, this will only be done if technically feasible.

 

Access, Correction, and Deletion

You have the right at any time, within the scope of applicable legal provisions, to receive free information about your stored personal data, its origin, recipients, and the purpose of data processing. You may also have the right to correct or delete this data. If you have questions about personal data, you can contact us at any time.

 

Right to Restriction of Processing

You have the right to request the restriction of processing of your personal data. You can contact us at any time regarding this. The right to restriction of processing applies in the following cases:

• If you contest the accuracy of your stored personal data, we usually need time to verify this. During the verification period, you have the right to restrict processing of your personal data.

• If data processing was/is unlawful, you may request restriction instead of deletion.

• If we no longer need your personal data, but you need it for legal claims, defense, or assertion, you can request restriction instead of deletion.

• If you have objected under Article 21(1) GDPR, a balancing of interests between your rights and ours must be conducted. Until it is determined whose interests prevail, you have the right to request restriction of processing.

If you have restricted the processing of your personal data, such data may only be processed—aside from storage—with your consent or for the assertion, exercise, or defense of legal claims, or to protect the rights of another person or for reasons of substantial public interest in the EU or a member state.

 

4. Plugins and Tools

Google Maps

This website uses the Google Maps mapping service. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland. This service allows us to integrate map material into our website.

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this website has no control over this data transmission.

If Google Maps is activated, Google may use Google Fonts to ensure a uniform display of fonts. When you access Google Maps, your browser loads the required web fonts into its cache to display text and fonts correctly.

The use of Google Maps is based on our legitimate interest in an attractive presentation of our online services and in ensuring easy findability of the locations we specify on the website. This constitutes a legitimate interest pursuant to Article 6(1)(f) GDPR. If explicit consent has been requested, processing occurs exclusively based on Article 6(1)(a) GDPR and § 25(1) TDDDG, insofar as consent includes the storage of cookies or access to information on the user's device (e.g., device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.

 

Data Transfer to the USA

The transfer of data to the USA is based on the Standard Contractual Clauses (SCCs) of the European Commission. Details can be found here:

• https://privacy.google.com/businesses/gdprcontrollerterms/

• https://privacy.google.com/businesses/gdprcontrollerterms/sccs/

For more information on how Google handles user data, please refer to Google's privacy policy:
https://policies.google.com/privacy?hl=en.

 

EU-US Data Privacy Framework (DPF)

Google is certified under the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the United States that ensures compliance with European data protection standards for data processing in the USA.

Every company certified under the DPF commits to adhering to these data protection standards. Further information is available from the provider at the following link:
https://www.dataprivacyframework.gov/participant/5780