The Church of the Nazarene Eurasia Region (“us” or “we”) is pleased that you are visiting our website. Data protection and data security are very important to us. We would like to inform you at this point which of your personal data we collect when you visit our website and for what purposes we use your personal data.

I. Contact details of the controller

The controller in terms of the EU General Data Protection Regulation (hereafter GDPR) and other national data protection laws of the member states in the EU as well as other data protection regulations is:

Church of the Nazarene Eurasia Region
Eurasia Regional Office
Junkerstrasse 60
78266 Buesingen Am Hochrhein
office@eurasiaregion.org

II. General information about data processing

We process your personal data as a user only to the extent that this is necessary to provide you with a functional website and our content and services. Exceptions apply in cases where you have given us your consent for certain processing or where the processing of the data is permitted by legal regulations.

III. Data collection on the website

1. Description and scope of data processing:

Whenever you visit our website, our system automatically collects data and information from your computer system. These are:

  • IP address (anonymous)
  • Browser type
  • Referral source
  • Number of page views

The data are not merged with other data sources.

2. The purpose of the data processing and its legal basis
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to your computer. For this purpose, your IP address must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, the data is used to ensure the security of our information technology systems.

With regard to the evaluation of website use, by weighing up our legitimate interests against your interests worthy of protection, a legal basis in accordance with Art. 6 (1) (f) GDPR. Our legitimate interest consists in increasing the efficiency of our website, evaluating the success of representations and descriptions of our products, and testing and improving the usability of the website.

3. Duration of storage
The data will be stored for as long as necessary to achieve legitimate purposes. In the case of the collection of data for the provision of the website (so-called “session-based data”), the data will be stored until the respective session has ended.

IV. E-Mail and contact form

  1. Description and scope of data processing

When contacting us via the e-mail address provided on our website and via the contact form, personal data is processed and stored by us for the purpose of processing your request. We will not pass on this data without your consent.

  1. The purpose of the data processing and its legal basis

The processing of this data is carried out on the basis of Art. 6 (1) (b) GDPR, insofar as your request is connected with the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on your consent (Art. 6 (1) (a) GDPR) and / or on our legitimate interests (Art. 6 (1) (f) GDPR), as we have a legitimate interest in the effective processing of the requests addressed to us.

  1. Duration of storage

The data are generally deleted as soon as they are no longer necessary for the purpose of their collection. In addition, data that has been stored on the basis of your consent will only be stored on this basis until your consent is revoked.

Insofar as data is no longer required for the fulfilment of contractual or legal obligations, including commercial and tax law obligations to retain data, and for the pursuit of legitimate interests, i.e. for the preservation of evidence within the framework of the statutory limitation regulations, it will be regularly deleted.

V. Cookies

  1. Description and scope of data processing

A cookie is a small file which asks permission to be placed on your computer’s hard drive. This cookie helps analyse web traffic. Cookies allow web applications to respond to you as an individual. You can periodically delete them from your browser.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our web site in order to tailor it to customer needs. We only use this information for statistical analysis purposes.

  1. The purpose of the data processing and its legal basis

The processing of this data is carried out on the basis of Art. 6 (1) (f) GDPR (legitimate interests). Overall, cookies help us provide you with a better web site, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

  1. Duration of storage

When you visit our website, cookies are permanently stored on your computer. This serves to optimize the user-friendliness and the simple and fast access to the web pages. You can delete the cookies at any time in the settings of your browser.

VI. Newsletter

  1. Description and scope of data processing

In order to subscribe to our e-mail newsletter service, we need, in addition to your consent, at least your name and the e-mail address to which the newsletter is to be sent. Any further information is optional. It is your free decision whether you provide us with this data. Without this information, however, we cannot send you our newsletter.

  1. The purpose of the data processing and its legal basis

The processing of this data is carried out on the basis of your consent (Art. 6 (1) (a) GDPR). You can revoke this consent at any time with the Unsubscribe link in the newsletter.

  1. Duration of storage

The data are generally deleted as soon as they are no longer necessary for the purpose of their collection. In addition, data that has been stored on the basis of your consent will only be stored on this basis until your consent is revoked.

Insofar as data is no longer required for the fulfilment of contractual or legal obligations, including commercial and tax law obligations to retain data, and for the pursuit of legitimate interests, i.e. for the preservation of evidence within the framework of the statutory limitation regulations, it will be regularly deleted.

VII. Data subject rights

If personal data are processed, the affected data subject must be informed about the following rights:

  1. Right of access by the data subject (Art. 15 GDPR)

You may request confirmation from the data controller as to whether personal data concerning you is being processed by us.

  1. Right to rectification (Art. 16 GDPR)

You have the right to obtain from the data controller the rectification and/or integration of any personal data processed concerning you if it is incorrect or incomplete. The data controller shall make the correction without delay.

  1. Right to erasure (“right to be forgotten”) (Art. 17 GDPR)

You can demand from the data controller that the personal data relating to you be deleted immediately, and the data controller is obliged to delete this data immediately, unless one of the exceptions regulated in the GDPR applies or other legal retention obligations obligate us to retain the data.

  1. Right to restriction of processing (Art. 18 GDPR)

It is your right to request the restriction of the processing of personal data concerning you, if the requirements of Art. 18 GDPR are fulfilled.

  1. Right to data portability (Art. 20 GDPR)

You have the right to obtain, in a structured, common and machine-readable format, the personal data concerning you which you have provided to the controller and the processing of which is based on consent  or a contract with you. You also have the right to transfer this data to another controller without interference from the controller to whom the personal data has been made available.

In exercising this right, you also have the right to request that the personal data concerning you be transferred directly from one data controller to another data controller, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

  1. Right to object (Art. 21 GDPR)

You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you which is based on Art. 6 (1) (e) or (f) GDPR. This also applies to profiling based on these provisions.

If the personal data concerning you are processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing, including profiling, insofar as it is linked to such direct marketing. In the event of an objection, the personal data concerning you will no longer be processed for those purposes.

  1. Right to withdraw consent (Art. 7 (3) GDPR)

You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the legality of the processing that has taken place on the basis of your consent until revocation. This also applies to the revocation of declarations of consent that were issued to us prior to the validity of the GDPR, i.e. before 25 May 2018. In this case, all personal data stored on the basis of the consent granted in each case will be deleted, unless the law provides another legal basis for further storage.

To revoke your consent, please contact the contact details under point I.

VIII. Right of appeal

In the event of breaches of the GDPR, data subjects have a right of appeal to a data protection supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place where the alleged breach occurred. This right of appeal is without prejudice to other administrative or judicial remedies.

Our responsible data protection supervisory authority is:

Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg
Königstrasse 10 a
70173 Stuttgart
Tel.: 0711 61 55 41 0
E-Mail: poststelle@lfdi.bwl.de

The contact details of other data protection supervisory authorities can be found under the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

IX. Links to other websites

Our web site may contain links to enable you to visit other web sites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other web site. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the web site in question.

X. Social Media

Our website offers you the possibility to access the respective platform by clicking on the links from Twitter, Facebook and Vimeo. As operators of these channels on the platforms, we process personal data jointly with the respective social network provider (joint responsibility according to Art. 26 GDPR). The legal basis for data processing is our legitimate interest (Art. 6 (1) (f) GDPR) in presenting our company in current communications media and in offering applicants, interested parties and other persons a preferred opportunity to contact us, which is common practice in current communications.

XI. Vimeo

On our website the services of Vimeo are embedded. By clicking on the videos, Vimeo content is played on our website. Embedding always requires that the third-party providers of this content process the IP address of the users, since without the IP address they would not be able to send the content to their browsers. The IP address is therefore required to display this content or function. We make every effort to use only such content whose respective providers use the IP address only to deliver the content. Third party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. Pixel tags” can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymous information may also be stored in cookies on the user’s device and may contain technical information about the browser and operating system, websites to be referred to, the time of visit and other details about the use of our online offer, as well as being linked to such information from other sources.

Service provider: Vimeo Inc., Attention: Legal Department, 555 West 18th Street New York, New York 10011, USA; Website: https://vimeo.com; Privacy Policy: https://vimeo.com/privacy; Opt-Out: Please note that Vimeo may use Google Analytics and refer to the Privacy Policy (https://policies.google.com/privacy) and the opt-out options for Google Analytics (http://tools.google.com/dlpage/gaoptout?hl=de) or the settings of Google for the use of data for marketing purposes (https://adssettings.google.com/).

The legal basis of the described data processing is based on your consent (Art. 6 (1) (a) GDPR).

XII. Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc. (www.google.de). Google Analytics uses methods that enable an analysis of your use of the website. The information generated about your use of this website is usually transferred to a Google server in the USA and stored there.  By activating IP anonymisation on this website, the IP address is shortened before transmission within the member states of the European Union or in other states that are parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. The anonymised IP address transmitted by your browser within the framework of Google Analytics is not merged with other Google data. For the exceptional cases in which personal data is transferred to the USA, Google has subjected itself to the EU-US Privacy Shield.

XIII. Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. Despite all our efforts, the internet can’t be guaranteed to be 100 % secure, and there is always a risk when you submit data. Nevertheless, we have done all we can to protect your data in full compliance with best practice.

XIV. Children’s online privacy

We are concerned about the privacy of young children and do not knowingly collect any personal information from a child under 13. We encourage you to become involved with your child’s access to the Internet and to our site in order to ensure that his or her privacy is well protected.

XV. General notes

Church of the Nazarene Eurasia Region may change this policy from time to time by updating this page. If you have any questions or suggestions, please use the contact details in section 1.

Last updated 23-1-2020