Privacy policy

We,
the City of Rastatt
Marktplatz 1
76437 Rastatt
Phone: 07222 972-1001
E-mail: ob-buero@rastatt.de
represented by Lord Mayor Hans Jürgen Pütsch;

(hereinafter "we/our"), take the protection of your personal data very seriously and strictly comply with all applicable laws and regulations on data protection, in particular the European Data Protection Regulation (EU GDPR), the Federal Data Protection Act (BDSG), the State Data Protection Act (LDSG) and the Telemedia Act (TMG). The following explanations give you an overview of how we ensure this protection and which data we process for which purpose.

Usage data

Every time our website is accessed and every time a file is retrieved, general data about this process is automatically stored in a log file. The storage serves exclusively system-related and statistical purposes (based on Art. 6 para. 1 letter b) DSGVO), as well as in exceptional cases for the reporting of criminal offences (based on Art. 6 para. 1 letter e) DSGVO).

The data is not passed on to third parties or evaluated in any other way, unless there is a legal obligation to do so (Art. 6 (1) (e) DSGVO).
In detail, the following data record is stored for each retrieval:

  • Name of the retrieved file
  • Date and time of retrieval
  • data volume transferred
  • Message whether the retrieval was successful
  • Description of the type of web browser used
  • operating system used
  • the previously visited page
  • Provider
  • Your IP address

Cookies

Newsletter dispatch

We use the required data only for sending newsletters. A forwarding to third parties does not take place.

In the double opt-in process, the user places a check mark for consent to the processing of his personal data. The user receives an e-mail with the confirmation link. Only through the confirmation is consent given to the processing. By registering for the newsletter service, you agree to the procedure.

You can revoke your consent at any time.

Contact

On our website you have the opportunity to contact us. If you use this option, the data entered in the input mask will be transmitted to us and stored. The following data is collected by us:

  • Salutation
  • First name
  • Last name
  • Phone
  • E-mail address

In addition, the following data is stored when the message is sent:

  • Date
  • Time of contact

Alternatively, it is possible to contact us via an e-mail address. In this case, the personal data of the user transmitted with the e-mail address will be stored.
A transfer does not take place in this context.

Relevant is § 4 LDSG in conjunction with Art. 6 para. 1 lit. e) EU-DSGVO.

The legal basis for the processing is Art. 6 para. 1 lit. b) EU-DSGVO.

Use of analysis tools

Our website uses Matomo (https://matomo.org/), an open source software to analyze visitor traffic to our own website. Matomo uses so-called cookies - text files that are stored on your computers and enable an analysis of your use of the website. The information generated by the cookie about the use of this website is stored on our servers in Germany and is not passed on to third parties. Your IP address is anonymized immediately after processing and before it is stored. We base the use of the aforementioned analysis tool on: § 4 LDSG in conjunction with Art 6 para. 1 lit. e) EU-DSGVO.

Social media offerings

The protection of your personal data is very important to us. Therefore, we do not directly implement the various social plugins. On our pages, we only set links to these social networks. Only when you follow the links, the corresponding social plugins are activated.

Please note that data is only transmitted when you have activated the corresponding social plugins by clicking on the corresponding link. Simply visiting our pages does not trigger any data transmission.

If you activate the data transfer by clicking on the corresponding link, the following data transfer will occur:

Facebook

Plugins of the social network Facebook (Facebook Ireland ltd., 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland") are integrated on our site. You can recognize the Facebook plugins by the Facebook logo or the "Like button" ("Like") on our page. You can find an overview of the Facebook plugins here: http://developers.facebook.com/docs/plugins/.

A direct connection between your browser and the Facebook server is established via the plugin. Facebook thereby receives the information that you have visited our site with your IP address. If you click the Facebook "Like" button while logged into your Facebook account, you can link the content of our platform to your Facebook account. This allows Facebook to associate the visit to our site with your account.

We would like to point out that we, as the site operator, have no knowledge of the content of the transmitted data or its use by Facebook. For more information, please refer to Facebook's privacy policy at http://de-de.facebook.com/policy.php.

If you do not want Facebook to associate your visit to our site with your Facebook account, please log out of your Facebook account or do not activate the social plugins.

Instagram

Functions of the Instagram service are integrated on our site. These functions are offered by Instagram LLC, 1601 Willow Road Menlo Park, CA 94025, USA. Since 2012, Instagram LLC has been part of the Facebook Inc. group of companies, 1601 Willow Road, Menlo Park, CA 94025, USA.

When you interact with the plugins, for example by clicking the "Instagram" button, a direct connection is established between your browser and the Instagram server via the plugin. Instagram thereby receives the information that your browser has called up the corresponding page of our website, even if you do not have an Instagram account or are not currently logged into Instagram. This information (including your IP address) is transmitted from your browser directly to the Instagram server in the USA and stored there. This allows Instagram to associate your visit to our site with your Instagram account.

Use of the social plugins from YouTube

Our website also refers through links to the page of the social network YouTube. We also operate a social media page here.

If you click on a link to YouTube, you will be redirected to the respective page on YouTube. If you are also logged in as a member of YouTube, the operator, YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066 USA, can assign your visit to our site to your respective user account. We would like to point out that YouTube LLC is part of the Google Ireland Limited group of companies, Gordon House, Barrow Street, Dublin 4, Ireland.

If you do not want YouTube to collect and store data about your visit to our website, you must log out of your YouTube account before clicking on the link.

For the purpose and scope of data collection and the further processing and use of your data by YouTube, please refer to the corresponding privacy policy, which you can find here: http://www.google.de/intl/de/policies/privacy/

We base the use of YouTube on Art. 6 para. 1 lit. a) EU-DSGVO. By clicking on the link and simultaneously logging in to YouTube, you give us your consent to data processing.

Use of OpenStreetMap

We use a map section from OpenStreetMap(https://www.openstreetmap.de/) on our website to show you how to get to our office and to make it easier for you to plan your journey.

OpenStreetMap is an open source mapping tool. When using OpenStreetMap, personal data is routed through a (reverse) proxy of our website. For more information, please visit https://wiki.openstreetmap.org/wiki/DE:Legal_FAQ

The legal basis for the use of OpenStreetMap is Art. 6 I S. 1 lit. e) DSGVO in conjunction with. § 4 LDSG.

Stage

In order to make social media content available to visitors of the municipal website without having to use the channels, the city of Rastatt uses the service of Jaimo Solutions GmbH. This displays the content of the municipal social media channels in a so-called widget on this page of the municipal website.

Content from Facebook and Instagram is displayed in such a way that it is loaded by an order processor, not by Facebook or Instagram themselves. An analysis of the retrieval behavior does not take place there.

Click here for the privacy policy of Jaimo Solutions GmbH.

Duration of storage

Your data will be stored by us for as long as it is required for the final processing of your request. If there are legal or otherwise prescribed retention obligations, your data will be stored for this period and then deleted. The statistical data collected via the "Matomo" analysis tool is already anonymized during collection and the results are stored for a maximum of 14 months.

Read aloud function Readspeaker

Data collected, stored and used

ReadSpeaker does not collect and store any personal data. ReadSpeaker only logs how many clicks the reading function generates. With the exception of general web server logs, which are temporary, user-specific data is never collected, logged, or documented.

If personal data is present on a website and can be read, it can be sent to Readspeaker's data center to be converted into sound files. If there is no personal data on the website, no data will be processed by webReader.

There are two types of protocols used for different purposes.

Web server protocols

These logs are required for troubleshooting and to prevent unlawful use. Web server logs store IP addresses. Access to these logs is restricted to a limited number of individuals with specific roles related to maintenance. Web server log records older than 30 days are permanently deleted.

Protocol information is restricted to technical personnel and accessible only through encrypted private channels with MFA. ReadSpeaker does not sell or share log information.

Statistics logs

Statistics are stored per activation. An activation occurs when a user clicks the Read Aloud button to have content read to them. The statistics log contains the URL from which the Read Aloud button was activated. Unless the URLs are unique to each user, no user information is stored.

Caching

The data required for webReader to function optimally consists of the audio files, which by default are stored only temporarily in our cache on disc. The cache is dynamic. Depending on how often requests are received from users, a cached file will remain for 20 minutes or more. It is deleted when it has not been used for 2 hours. A cached file is deleted after 24 hours, regardless of how often it is requested. Depending on the general load situation, these values can be adjusted to compensate for this.

Disclosure to third parties

The data collected is not passed on to third parties.

Cookies

webReader

sets up two technical cookies:

  1. A technical session cookie that determines whether or not the script is loaded when the page loads. This cookie is named "_rspkrLoadCore" and is a session-only cookie. The cookie is set after webReader has been activated, that is, when an interaction with the player has taken place. This cookie is used to tell ReadSpeaker that a user has activated webReader on a page. ReadSpeaker then automatically loads the ReadSpeaker scripts when the user navigates to another page, so that the user gets the audio faster.
  2. A cookie for storing settings changes in the settings menu. By default, this cookie is called "ReadSpeakerSettings". The cookie has a default lifetime of 360000000 ms (i.e. about 4 days).

Data purposes: webReader stores users' settings in a cookie so that they are saved and applied when the user navigates between pages.

Data collected: No data is collected. Information about speed, highlight colors, etc. is stored in the cookies. No
IP address is stored.

Data recipient: No data is sent from the cookie, it is only stored in the browser.

docReader

docReader sets up two technical cookies:

  1. dcrjobnames - contains an encrypted version of the document URL and the page number that was last accessed. Lifetime: 30 days.
  2. dcrsettings - lifetime: 30 days and stores information about: whether JavaScript mode was used last or not, whether the user selected text mode or not, interface language, reading speed, highlighting method, text and background color for highlighting, font size in text mode, font in
    text mode.

Data center in the European Union

The data center is located in the EU - in Sweden. The servers used are readspeaker's own servers. All data remains in the EU.

GDPR

Since May 2018, ReadSpeaker is fully compliant with the EU regulation - the General Data Protection Regulation (GDPR).

Data Protection Officer
gdpr@readspeaker.com

DeepL

The DeepL API is used in the translation function of webReader. You can find more information about data handling on the pages of DeepL:
https://www.deepl.com/pro-data-security

Data subject rights

Right to information Art. 15 EU-DSGVO

You have the right to request confirmation from us as to whether we are processing personal data relating to you. To do so, please simply send an e-mail to datenschutz@rastatt.de.

Right of rectification Art. 16 EU GDPR

You have the right to have inaccurate personal data concerning you corrected without delay (right to rectification). To do so, please simply send an e-mail to datenschutz@rastatt.de.

Right to deletion Art. 17 EU-DSGVO

You have the right to have personal data concerning you deleted immediately (right to erasure). To do so, please simply send an e-mail to datenschutz@rastatt.de.

Right to restriction Art. 18 EU-DSGVO

You have the right to have the processing of personal data concerning you restricted (right to restriction of processing). To do so, please simply send an e-mail to datenschutz@rastatt.de.

Right to portability Art. 20 EU-DSGVO

You have the right to receive personal data concerning you that you have provided to us in a structured, common and machine-readable format and to transfer this data to another responsible party. To do so, please simply send an e-mail to datenschutz@rastatt.de.

Revocation of consent Art. 7 para.3 EU-DSGVO

You have the right to revoke your consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
To do so, please simply send an e-mail to datenschutz@rastatt.de.

Right of objection Art. 21 EU-DSGVO

If the processing of your personal data is necessary for the performance of a task carried out in the public interest (Art. 6 (1) (e) EU-DSGVO) or for the protection of our legitimate interests (Art. 6 (1) (f) EU-DSGVO), you have the right to object. To do so, please simply send an email to datenschutz@rastatt.de.

Right of appeal Art. 77 EU-DSGVO

If you believe that the processing of personal data concerning you violates the EU GDPR, you have the right to lodge a complaint with a supervisory authority, without prejudice to other legal remedies.

The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Home address: Lautenschlagerstr. 20, D-70173 Stuttgart
Postal address: Postfach 10 29 32, 70025 Stuttgart
Switchboard: +49 711/61 55 41-0
E-mail: poststelle@lfdi.bwl.de

Contact details of the data protection officer

Information on data protection is available from the Data Protection Coordination Office, Herrenstr. 15, Tel. 07222 972-1026, e-mail: datenschutz@rastatt.de. Should you wish to contact the data protection officer directly, you can do so at e-mail: datenschutzbeauftragter@rastatt.de .

Security

For the security of your data we use the latest internet technologies. During the online request process, your information is secured with SSL encryption. For secure storage of your data, our systems are protected by firewalls that prevent unauthorized access from the outside.

General correspondence information

General correspondence

We store and process your data for processing applications, requests, submissions, etc., as well as for invitations to municipal events. Depending on the application, request, input, there are different retention/deletion periods. Information about the retention/deletion periods is available upon request to the e-mail address datenschutz@rastatt.de. The legal basis for the processing of your personal data results from Art. 6 I a) DSGVO, if there is consent from you, Art. 6 I c) DSGVO, if there is a legal obligation, Art. 6 I e) DSGVO, if the agreement is made for the fulfillment of an order incumbent upon us and Art. 6 I f) DSGVO, if we have a special interest in the data processing that outweighs your interest.

Contact

If you contact us, we store your data on the basis of Art. 6 (1) b) DSGVO for the purpose of processing your request, as well as in the event that further correspondence should take place.

Duration of storage

We store your data for as long as is necessary for the final processing of your request. An exception to this is data for which there are legal or otherwise prescribed retention obligations; this is stored for the duration of the respective retention period and then routinely deleted.

Data subject rights

Right of access: You have the right to request confirmation from us as to whether and which personal data concerning you are being processed.To do so, please simply send an e-mail to datenschutz@rastatt.de.

Rectification/deletion/restriction of processing

Furthermore, you have the right to demand from us that

  • Inaccurate personal data concerning you be corrected without delay (right to rectification);
  • Personal data concerning you are deleted without delay (right to erasure)
  • Note: Regarding invitations to city events, you can declare at any time that you want to be removed from the invitation list
  • the processing is restricted (right to restrict processing).

To do so, please simply send an e-mail to datenschutz@rastatt.de

Right of withdrawal

You have the right to revoke your consent at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation. To do so, please simply send an e-mail to datenschutz@rastatt.de

Right of objection

If the processing of personal data concerning you is necessary for the performance of a task carried out in the public interest (Art. 6 (1) (e) DSGVO) or for the protection of our legitimate interests (Art. 6 (1) (f) DSGVO), you have the right to object.To do so, please simply send an e-mail to datenschutz@rastatt.de

Right of appeal

If you believe that the processing of personal data concerning you violates the GDPR, you also have the right to lodge a complaint with the competent supervisory authority, which you can reach as follows, without prejudice to other legal remedies: State Commissioner for Data Protection and Freedom of Information Baden-Württemberg, Lautenschlagerstraße 20, 70173 Stuttgart, e-mail: poststelle@lfdi.bw.de. This does not preclude you from appealing to another supervisory authority.

Should your concern lie within the scope of application of the German Fiscal Code (Section 32h (1) AO), the competent supervisory authority is: Federal Commissioner for Data Protection and Freedom of Information, Husarenstraße 30, 53117 Bonn, e-mail: poststelle@bfdi.bund.de. This does not preclude recourse to another supervisory authority.

Our data protection officer

Information on data protection is available from the Data Protection Coordination Office, Herrenstr. 15, Tel. 07222 972-1026, e-mail: datenschutz@rastatt.de. If you wish to contact the data protection officer directly, you can do so at e-mail: datenschutzbeauftragter@rastatt.de .