Privacy Policy

• Inventory data (e.g., names, addresses)
• Contact details (e.g., email, phone numbers)
• Content data (e.g., entries in online forms)
• Payment data (e.g., bank details, invoices, payment history)
• Contract data (e.g., subject matter of the contract, term)
• Usage data (e.g., websites visited, interest in content, access times)
• Meta/communication data (e.g., device information, IP addresses, ID)

We collect the data that is generated when you access our digital offers automatically. Otherwise, we collect data based on your entries or messages or through the use of cookies or similar technologies.

Bereitstellung der Inhalte

• Cookies und ähnliche Technologien
• technische Bereitstellung und Sicherheit
• Unbedingt erforderliche Technologie

Kommunikation

• Spendenabwicklung

If you have given your consent or we are otherwise legally authorized to do so, we will pass on your personal data to service providers (e.g., hosting, marketing, sales partners, payment service providers) for the above-mentioned purposes. In such cases, we comply with the legal requirements and, in particular, conclude appropriate contracts or agreements with the recipients of your data to protect your data.

We transfer personal data to other companies within our group of companies or grant them access to this data for administrative purposes. This transfer of data is based on our legitimate business and economic interests or takes place if it is necessary to fulfill our contractual obligations or if the consent of the data subjects or legal permission has been obtained.

In order to use our digital services, it may be necessary to transfer certain personal data to third countries, i.e. countries where the GDPR does not apply. However, we only allow your data to be processed in a third country if the specific requirements of Art. 44 ff. GDPR are met and thus an adequate level of data protection is guaranteed in that country. This means that the third country must either have an adequacy decision by the European Commission or suitable safeguards in accordance with Art. 46 GDPR or one of the conditions of Art. 49 GDPR. Unless otherwise stated below, we use the currently valid [standard contractual clauses](https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/? uri=CELEX:32021D0914&from=DE “current version of the standard contractual clauses”) for the transfer of personal data to processors in third countries.

In order to protect your privacy and ensure a level of protection appropriate to the risk, we take technical and organizational measures in accordance with legal requirements, taking into account the state of the art, implementation costs, and the nature, scope, circumstances, and purposes of processing, as well as the varying likelihood and severity of threats to the rights and freedoms of natural persons. These measures ensure the confidentiality, integrity, availability, and resilience of your data. This includes, among other things, the use of recognized encryption methods (SSL or TLS) and pseudonymization.

However, we would like to point out that, due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures may not be observed by other persons or institutions outside our area of responsibility. In particular, unencrypted data disclosed, e.g., by email, may be read by third parties. We have no technical influence on this.

We delete or anonymize your personal data as soon as it is no longer required for the purposes for which we collected or used it.

However, we may still need to store your data until the expiry of the retention obligations and periods imposed by the legislator or supervisory authorities, which may arise from the German Commercial Code, the German Fiscal Code, and the German Money Laundering Act (usually 6 to 10 years). In addition, we may retain your data until the expiry of the statutory limitation periods (i.e., usually 3 years, but in individual cases up to 30 years) if this is necessary for the assertion, exercise, or defense of legal claims. After that, the relevant data will be deleted.

• Information
• Deletion
• Correction
• Objection

You can contact the data protection officer with your request by mail or by email at swmh-datenschutz@atarax.de.

This privacy policy is updated from time to time. The date of the last update can be found at the beginning of this information.

You can obtain an overview of all the tools and cookies we use as well as an option to withdraw your consent by clicking on Privacy settings at the bottom of the website you are visiting.

You will find detailed data protection information below.

We use cookies and similar technologies to provide you with the best experience when using our digital offerings. We use them to ensure functionality, IT security, and fraud prevention.

If cookies, device identifiers, or other personal data are stored or accessed on your device for processing purposes, this is done on one of the legal bases set out in Art. 6 GDPR.

In order to be able to provide the telemedia service you have expressly requested, we also take into account the provisions of Section 25 of the German Telecommunications Digital Services Data Protection Act (TDDDG), in particular the requirement under Section 25 (2) No. 2 TDDDG.

Cookies are text files that contain data from visited websites or domains and are stored by a browser on users' devices. A cookie primarily serves to store information about a user during or after their visit to an online offering. The stored information may include, for example, language settings on a website, login status, a shopping cart, or video interactions. The term “cookies” also includes other technologies that perform the same functions as cookies (e.g., when user information is stored using pseudonymous online identifiers, also known as “user IDs”).

There are the following types of cookies and functions:

• Temporary cookies (also known as session cookies): Temporary cookies are deleted at the latest after a user leaves an online offering and closes their browser.
• Permanent cookies: Permanent cookies remain stored even after the browser is closed. This allows, for example, the login status to be saved or preferred content to be displayed directly when the user visits a website again. Similarly, the interests of users, which are used for reach measurement or marketing purposes, can be stored in such a cookie.
• First-party cookies: First-party cookies are set and used by us to process user information.
• Third-party cookies: Third-party cookies are mainly used by advertisers (so-called third parties) or other partners to process user information.
• Strictly necessary (also: essential or necessary) cookies: These cookies ensure functions without which these digital offerings could not be used as desired. They may be absolutely necessary for the operation of a website, for example to store logins or other user entries, or for security reasons.
• Analysis and statistics cookies: These cookies enable us to analyze the use of our digital offerings, in particular to measure reach—i.e., clicks, visits, and visitor numbers. The aim is to statistically determine the number of visits and visitors and their surfing behavior (duration, origin) and thus obtain market-wide comparable values. The information collected is evaluated in aggregate form in order to derive improvements and optimizations for our products.
• Marketing and personalization cookies: Cookies are also used to store a user's interests or behavior (e.g., viewing certain content, using functions, etc.) in a user profile. Such profiles are used, for example, to display content to users that corresponds to their potential interests. This process is also referred to as “tracking,” i.e., tracking the potential interests of users. If we use cookies or tracking technologies, we will provide separate information about this in our privacy policy or when obtaining consent.

When our offer is used, we automatically employ essential technologies and process the following information:

• Information about the accessing device and the software used
• Date and time of access
• Websites from which the user accesses our website or which the user visits via our website
• IP address

The collection of these logs and their temporary storage and processing are necessary to ensure system security and integrity (in particular to ward off and defend against attempts at attack or damage) and are carried out in accordance with our legitimate interest (§ 25 (2) No. 2 TDDDG, Art. 6 (1) f GDPR).

The storage period for this log data is usually seven days; for reliable detection of AI bots, it is 30 days. From this point on, this specific server log data is anonymized based on our legitimate interest in statistical evaluation to assess AI bots and their impact on our content (Art. 6 (1) f GDPR).

The legal basis for the aforementioned data processing is our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR.

Diese Cookies sind notwendig, damit Sie auf der Webseite navigieren und ihre Funktionen verwenden können, zum Beispiel um Ihre Datenschutzpräferenzen einzustellen, sich anzumelden oder um Formulare auszufüllen. Ohne diese Cookies können die von Ihnen über die Webseite angefragten Leistungen nicht ordnungsgemäß erbracht werden. Unbedingt erforderliche Cookies benötigen nach anwendbarem Recht keine Einwilligung durch den Nutzer.

Sie können Ihren Webbrowser so konfigurieren, dass auch unbedingt erforderliche Cookies blockiert werden, doch können Sie die Webseite dann möglicherweise nicht in der vorgesehenen Weise nutzen.

Sofern die mit Hilfe von unbedingt erforderlichen Cookies verarbeiteten Daten im Einzelfall als personenbeziehbar anzusehen sind, stellt unser berechtigtes Interesse am Betrieb der Webseite die Rechtsgrundlage für die Verarbeitung dieser Daten dar.

The legal basis for the data processing described below is our legitimate interest pursuant to Art. 6 (1) (f) GDPR.

Sie haben die Möglichkeit zu spenden oder Spenden zu beantragen.

Von Spendern verarbeiten wir

• Name, Adresse, Bankverbindung
• Höhe der Spende
• Datum des jeweiligen Spendeneingangs bzw. der Spendeneingänge bei Dauerspendern.

Um Ihren Spendenantrag bearbeiten zu können, insbesondere um eine Berechtigung auf Unterstützung, Art und Umfang der notwendigen Unterstützung festzustellen, die Unterstützung zu leisten und die ordnungsmäße Verwendung zu belegen, verarbeiten wir:

• Stammdaten: Titel, Vorname, Nachname
• Kontaktdaten: Anschrift, Telefon- und Mobilfunknummer
• Betreuungsstelle (karitative Organisation) und/ oder gesetzlicher Betreuer
• Bankverbindung der karitativen Organisation
• Angaben zum Familienstand und zur Wohnsituation des Betroffenen
• Angaben zur finanziellen Situation
• Gesundheits- und Behandlungsdaten, Art. 9 DSGVO.

Die Daten von Spendenempfängerinnen oder -empfängern werden durch die den jeweiligen Spendenantrag stellende karitative Organisation oder die gesetzlichen Betreuer erfasst. Diesen obliegt auch die Informationspflicht der Betroffenen über diese Verarbeitung personenbezogener Daten gemäß Art. 13 DSGVO.

Wir tauschen uns mit heutigen und früheren Beratungsstellen des Antragstellers und anderen Stiftungen aus, um die notwendigen Hilfen abwickeln zu können. Die Auszahlung von Spenden erfolgt nicht direkt an die Spendenempfänger, sondern an die sie betreuenden karitativen Organisationen oder gesetzlichen Vertreter.

Weiter sind wir nach §53 der Abgabenordnung verpflichtet nachzuweisen, dass unsere Hilfe mildtätig ist.
Dazu ist es notwendig, auch Gesundheitsdaten und Informationen zur wirtschaftlichen Situation zu verarbeiten, die eine besondere Kategorie personenbezogener Daten nach Art. 9 DSGVO darstellen und für die ein besonderes Schutzbedürfnis besteht. Die Prüfung der Bedürftigkeit und die Weiterleitung des Spendenantrags an uns erfolgt durch die betreuenden karitativen Organisationen oder gesetzlichen Vertreter.

Durch Einreichung des jeweiligen Antrags willigen Sie in die Verarbeitung Ihrer Daten ein, Art. 6 Abs. 1 lit. a DSGVO. Sie versichern, dass wenn Sie Angaben zu oder für Dritte machen, Sie die jeweilige(n) Person(en) über die Angaben informiert und eine Einwilligung für die Angaben erhalten haben.

Zur Erfüllung unserer satzungsgemäßen Zwecke erhalten konzerninterne sowie externe Dienstleister Zugriff auf Ihre personenbezogenen Daten.

• Konzerninterne Stellen: Buchhaltung, Redaktion
• externe Stellen: Fahrer der Lebensmittelpakete, IT-Dienstleistungen (z.B. externe Rechenzentren), Akten- und Datenvernichtung, Druckdienstleistungen, staatliche Stellen und Behörden

Ihre personenbezogenen Daten werden solange gespeichert, wie wir dazu aufgrund gesetzlicher Nachweis- und Aufbewahrungspflichten wie dem Handelsgesetzbuch, der Abgabeordnung und dem Geldwäschegesetz verpflichtet sind. Speicherfristen betragen danach bis zu zehn Jahre.

Eine redaktionelle Berichterstattung etwa über "Schicksalsschläge" findet nur anonymisiert statt, so dass keine Rückschlüsse auf tatsächlich Betroffene möglich sind.

Sie können Ihre Einwilligungserklärung jederzeit widerrufen.
Hierzu erreichen Sie die Kurier Stiftung „Menschen in Not“ e.V. über die E-Mail-Adresse:
info@menschen-in-not.org.

Sie haben ferner gem. Art. 77 DS-GVO das Recht, eine Beschwerde bei der zuständigen Aufsichtsbehörde einzureichen.

1. Aufgrund einer von Ihnen erteilten Einwilligung gemäß Art. 6 Abs. 1 lit. a) DSGVO

Durch Einreichung des jeweiligen Antrags willigen Sie in die Verarbeitung Ihrer Daten ein, Art. 6 Abs. 1 lit. a) DSGVO. Sie versichern, dass Sie sofern Sie Angaben zu oder für Dritte machen, Sie die jeweilige(n) Person(en) über die Angaben informiert und eine Einwilligung für die Angaben erhalten haben

Wenn Sie uns Informationen bezüglich Ihrer Gesundheit bereitstellen, damit wir Ihnen die evtl. entsprechende Unterstützung im Rahmen Ihres Hilfebedarfs zur Verfügung stellen können, sind Sie damit einverstanden, dass wir diese Daten zum Zwecke der Bereitstellung und Durchführung des Hilfebedarfs verarbeiten.

Sie können Ihre Einwilligungserklärung jederzeit widerrufen.

2. Zur Bewilligung eines Spendenantrags gemäß Art. 6 Abs. 1 lit. b) DSGVO

Sie haben einen Antrag auf Unterstützung gestellt. Um diesen bearbeiten zu können, insbesondere um eine Berechtigung auf Unterstützung, Art und Umfang der notwendigen Unterstützung festzustellen, die Unterstützung zu leisten und die ordnungsmäße Verwendung zu belegen, müssen Ihre persönlichen Daten erfasst, gespeichert und verarbeitet werden.

Dazu speichern, bearbeiten wir alle Daten des Antragsformulars sowie des Schriftverkehrs und Antragsbearbeitung wie unter Punkt 3 „Spendenempfänger“ im Spendenantrag aufgelistet.

Diese Daten tauschen wir mit heutigen und früheren Beratungsstellen des Antragstellers und anderen Stiftungen aus, um die notwendigen Hilfen abwickeln zu können.

3. Zur Erfüllung rechtlicher Verpflichtungen gemäß Art. 6 Abs. 1 lit. c) DSGVO.

Als Unternehmen unterliegen wir verschiedenen rechtlichen Verpflichtungen. Zur Erfüllung dieser Verpflichtungen kann eine Verarbeitung von personenbezogenen Daten erforderlich sein.

Insbesondere sind wir zudem nach § 53 der Abgabenordnung verpflichtet nachzuweisen, dass unsere Hilfe mildtätig ist.

Ihre Rechte

Sie haben zu Ihren persönlichen Daten das Recht auf Auskunft, Berichtigung, Löschung, Einschränkung der Verarbeitung, Widerspruch gegen die Verarbeitung sowie Datenübertragbarkeit. Dazu wenden Sie sich bitte schriftlich an den obengenannten Verantwortlichen.

In order to offer you various payment functions, we use software from service providers who support us in processing the payment transaction. The software also manages transactions and controls access control, billing, the checkout process, invoice dispatch, and payment transactions. It also supports our user, product, and price management. In doing so, we process your personal master data (e.g., name, address data), your communication data (e.g., email), order data, contract billing and payment data, and our planning and control data.

The legal basis for this is the fulfillment of the contract (Art. 6 (1) (b) GDPR) and our legitimate interest in proper and functioning payment processing (Art. 6 (1) (f) GDPR).

At your request, you can use the services of PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg) for payment. For this purpose, we pass on your payment data (total amount of the order, reference on the PayPal account) to PayPal on the basis of Art. 6 para. 1 sentence 1 lit. b) GDPR. The processing of data for payment with PayPal is necessary for the fulfilment of the contract.

PayPal collects information about the transaction as well as other information associated with the transaction, such as the amount sent or requested, the amount paid for products or services, information about the merchant, including information about the means of payment used to carry out the transaction, device information, technical usage data and location data. In the case of a PayPal payment, we may see your data in our PayPal account.

With PayPal Express Checkout, you do not have to re-enter order information or credit card or address details, as these are transferred directly by PayPal.

PayPal reserves the right to carry out an identity and credit check via credit agencies under certain circumstances. Further information on PayPal's data protection can be found here.

When you contact us, we only collect personal data (e.g. name, e-mail address, telephone number) if you provide it to us voluntarily. This information is expressly provided on a voluntary basis. The purpose of processing your data is to process and respond to your enquiry. This is also our legitimate interest in data processing in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR.

In the case of a telephone enquiry, your data will also be processed by telephone applications and in some cases also via a voice dialogue system in order to support us in the distribution and processing of enquiries.

We will delete your data that we have received in the course of contacting you as soon as your request has been fully processed and no further communication with you is required or requested by you.

Verantwortlicher im Sinne der DSGVO ist die

Nordbayerischer Kurier Zeitungsverlag GmbH
Theodor-Schmidt-Straße 17
95448 Bayreuth

atarax group of companies

Luitpold-Maier-Str. 7
D-91074 Herzogenaurach
Phone: 09132 79800
Email: swmh-datenschutz@atarax.de.

• In accordance with Art. 15 GDPR, you have the right to request information about your personal data processed by us. In this context, you also have the right to receive a copy of your personal data processed by us in accordance with Art. 15 para. 3-4 GDPR.
• In accordance with Art. 16 GDPR, you can immediately request the correction of incorrect or the completion of your personal data stored by us.
• In accordance with Art. 17 GDPR, you can request the erasure of your personal data stored by us.
• In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data.
• In accordance with Art. 20 GDPR, you can request to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format and you can request the transfer to another controller.
• In accordance with Art. 7 para. 3 GDPR, you can revoke your consent once given to us at any time. This means that the processing carried out on the basis of the consent prior to the revocation was lawful and has the consequence that we may no longer continue the data processing based on this consent in the future.

Right to object

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR or Art. 6 para. 1 sentence 1 lit. e) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR. In the event of such an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
In the case of direct marketing, you have the right to object at any time to the processing of personal data concerning you. If you object to processing for direct marketing purposes, the personal data will no longer be processed for these purposes.

Right to lodge a complaint with the supervisory authority

You have the right to lodge a complaint with a data protection supervisory authority against the processing of your personal data if you feel that your rights under the GDPR have been violated. As a rule, you can contact the supervisory authority of your usual place of residence, your workplace or our company headquarters.

We link to websites of other providers or have integrated elements from them into our website. This data protection information does not apply to them - we have no influence on these sites and cannot check that others comply with the applicable data protection regulations.

We reserve the right to change or adapt this privacy policy at any time in compliance with the applicable data protection regulations.