Privacy policy

We,
the City of Rastatt
Marktplatz 1
76437 Rastatt
Phone: 07222 972-1001
E-Mail: ob-buero@rastatt.de
represented by Mayor Monika Müller;

(hereinafter referred to as "we/our") take the protection of your personal data very seriously and strictly adhere to all applicable data protection laws and regulations, in particular the European General Data Protection Regulation (EU GDPR), the German Federal Data Protection Act (BDSG), the German State Data Protection Act (LDSG) and the German Digital Services Act (DDG). The following explanations give you an overview of how we ensure this protection and which data we process for which purpose.

Usage data

Each time our website is accessed and each time a file is retrieved, general data about this process is automatically stored in a log file. This data is stored exclusively for system-related and statistical purposes (on the basis of Art. 6 (1) (b) GDPR) and, in exceptional cases, to report criminal offenses (on the basis of Art. 6 (1) (e) GDPR).

The data will not be passed on to third parties or otherwise analyzed unless there is a legal obligation to do so (Art. 6 (1) (e) GDPR).
The following data record is stored for each retrieval:

  • Name of the retrieved file
  • Date and time of retrieval
  • amount of data transferred
  • Message as to whether the retrieval was successful
  • Description of the type of web browser used
  • operating system used
  • the previously visited page
  • Provider
  • Your IP address

Cookies

Newsletter dispatch

We only use the required data for sending newsletters. It will not be forwarded to third parties.

In the double opt-in procedure, the user ticks a box to consent to the processing of their personal data. The user receives an e-mail with the confirmation link. Consent to the processing is only given after confirmation. By subscribing to the newsletter service, you agree to the procedure.

You can withdraw your consent at any time.

Contact us

You have the option of contacting us on our website. If you use this option, the data entered in the input mask will be transmitted to us and stored. We collect the following data:

  • Salutation
  • First name
  • Surname
  • Telephone
  • E-mail address

In addition, the following data is stored when the message is sent:

  • Date
  • Time of contact

Alternatively, it is possible to contact us via an e-mail address. In this case, the user's personal data transmitted with the e-mail address will be stored.
will not be passed on in this context.

Section 4 LDSG in conjunction with Art. 6 para. 1 lit. e) EU GDPR is relevant.

The legal basis for the processing is Art. 6 para. 1 lit. b) EU GDPR.

Use of analysis tools

Our website uses Matomo (https://matomo.org/), an open source software for analyzing visitor access to our website. Matomo uses so-called cookies - text files that are stored on your computer and enable your use of the website to be analyzed. The information generated by the cookie about the use of this website is stored on our servers in Germany and is not passed on to third parties. Your IP address is anonymized immediately after processing and before it is stored. We base the use of the aforementioned analysis tool on: § 4 LDSG in conjunction with Art. 6 para. 1 lit. e) EU-DSGVO.

Social media offerings

The protection of your personal data is very important to us. That is why we do not directly implement the various social plugins. We only place links to these social networks on our pages. The corresponding social plugins are only activated when you follow the links.

Please note that data is only transmitted once you have activated the relevant social plugins by clicking on the corresponding link. Simply visiting our pages does not trigger any data transmission.

If you activate data transmission by clicking on the corresponding link, the following data transmission will take place:

Facebook

Plugins of the social network Facebook (Facebook Ireland ltd., 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland") are integrated on our website. You can recognize the Facebook plugins by the Facebook logo or the "Like" button on our site. You can find an overview of the Facebook plugins here: http://developers.facebook.com/docs/plugins/.

A direct connection is established between your browser and the Facebook server via the plugin. Facebook receives the information that you have visited our site with your IP address. If you click on the Facebook "Like" button while you are logged into your Facebook account, you can link the content of our platform to your Facebook account. This allows Facebook to associate your visit to our site with your account.

We would like to point out that, as the website operator, we have no knowledge of the content of the transmitted data or its use by Facebook. Further information on this can be found in Facebook's privacy policy at http://de-de.facebook.com/policy.php.

If you do not want Facebook to be able to associate your visit to our site with your Facebook account, please log out of your Facebook account or do not activate the social plugins.

Instagram

Functions of the Instagram service are integrated on our website. These functions are offered by Instagram LLC, 1601 Willow Road Menlo Park, CA 94025, USA. Since 2012, Instagram LLC has been part of the Facebook Inc. group of companies, 1601 Willow Road, Menlo Park, CA 94025, USA.

If you interact with the plugins, for example by clicking the "Instagram" button, a direct connection is established between your browser and the Instagram server via the plugin. Instagram receives the information that your browser has accessed the corresponding page of our website, even if you do not have an Instagram account or are not currently logged in to Instagram. This information (including your IP address) is transmitted directly from your browser to the Instagram server in the USA and stored there. This allows Instagram to associate your visit to our site with your Instagram account.

Use of the social plugins from YouTube

Our website also links to the YouTube social network page. We also operate a social media page here.

If you click on a link to YouTube, you will be redirected to the relevant YouTube page. If you are also logged in as a member of YouTube, the operator, YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066 USA, can assign your visit to our site to your respective user account. We would like to point out that YouTube LLC is part of the Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland group of companies.

If you do not want YouTube to collect and store data about your visit to our website, you must log out of your YouTube account before clicking on the link.

For the purpose and scope of data collection and the further processing and use of your data by YouTube, please refer to the corresponding privacy policy, which you can find here: http://www.google.de/intl/de/policies/privacy/

We base the use of YouTube on Art. 6 para. 1 lit. a) EU GDPR. By clicking on the link and logging in to YouTube at the same time, you give us your consent to data processing.

Use of OpenStreetMap

We use a map section from OpenStreetMap(https://www.openstreetmap.de/) on our website to show you the route to our office and to make it easier for you to plan your journey.

OpenStreetMap is an open source mapping tool. When using OpenStreetMap, personal data is routed via a (reverse) proxy on our website. You can find more information at https://wiki.openstreetmap.org/wiki/DE:Legal_FAQ

The legal basis for the use of OpenStreetMap is Art. 6 I S. 1 lit. e) GDPR i.V.m. § 4 LDSG.

Stage

To make social media content accessible to visitors to the city's website without having to use the channels, the city of Rastatt uses the service of Jaimo Solutions GmbH. This displays the content of the city's social media channels in a widget on this page of the city's website.

Content from Facebook and Instagram is displayed in such a way that it is loaded by a processor, not by Facebook or Instagram itself. An analysis of the retrieval behavior does not take place there.

Click here for the privacy policy of Jaimo Solutions GmbH.

Duration of storage

Your data will be stored by us for as long as is necessary for the final processing of your request. If there are statutory or otherwise prescribed retention obligations, your data will be stored for this period and then deleted. The statistical data collected via the "Matomo" analysis tool is anonymized as soon as it is collected and the results are stored for a maximum of 14 months.

Readspeaker function

Data collected, stored and used

ReadSpeaker does not collect or store any personal data. ReadSpeaker only logs how many clicks the reading function generates. With the exception of general web server logs, which are temporary, user-specific data is never collected, logged or documented.

If personal data is available on a website and can be read, it can be sent to Readspeaker's data centers to be converted into audio files. If there is no personal data on the website, no data is processed by webReader.

There are two types of protocols that are used for different purposes.

Web server protocols

These logs are required for troubleshooting and to prevent unlawful use. Web server logs store IP addresses. Access to these logs is restricted to a limited number of people with specific roles related to maintenance. Web server log records older than 30 days are permanently deleted.

Log information is restricted to technical personnel and is only accessible via encrypted private channels with MFA. ReadSpeaker does not sell or share log information.

Statistics logs

Statistics are saved per activation. An activation occurs when a user clicks on the "Read aloud" button to have content read aloud. The statistics log contains the URL from which the read aloud button was activated. If the URLs are not unique for each user, no user information is saved.

Caching

The data required for webReader to function optimally consists of the audio files, which are only stored temporarily in our cache on disc by default. The cache is dynamic. Depending on how often requests are received from users, a cached file remains for 20 minutes or longer. It is deleted if it has not been used for 2 hours. A cached file is deleted after 24 hours, regardless of how often it is requested. Depending on the general load situation, these values can be adjusted to compensate for this.

Disclosure to third parties

The data collected will not be passed on to third parties.

Cookies

webReader

sets up two technical cookies:

  1. A technical session cookie that determines whether or not the script is loaded when the page is loaded. This cookie has the name "_rspkrLoadCore" and is a pure session cookie. The cookie is set after webReader has been activated, i.e. when an interaction with the player has taken place. This cookie is used to inform ReadSpeaker that a user has activated webReader on a page. ReadSpeaker then automatically loads the ReadSpeaker scripts when the user navigates to another page so that the user receives the audio more quickly.
  2. A cookie for saving setting changes in the settings menu. By default, this cookie is called "ReadSpeakerSettings". The cookie has a default lifetime of 360000000 ms (i.e. approx. 4 days).

Data purposes: webReader stores the user's settings in a cookie so that they are saved and applied when the user navigates between pages.

Collected data: No data is collected. Information about speed, highlight colors, etc. is stored in the cookies. No
IP address is stored.

Data recipient: No data is sent from the cookie, but only stored in the browser.

docReader

docReader sets up two technical cookies:

  1. dcrjobnames - contains an encrypted version of the URL of the document and the page number that was last accessed. Lifetime: 30 days.
  2. dcrsettings - Lifetime: 30 days and stores information on: whether JavaScript mode was last used or not, whether the user selected text mode or not, interface language, reading speed, highlighting method, text and background color for highlighting, font size in text mode, font in
    text mode.

Data center in the European Union

The data center is located in the EU - in Sweden. The servers used are readspeaker's own servers. All data remains in the EU.

GDPR

Since May 2018, ReadSpeaker has been fully compliant with the EU regulation - the General Data Protection Regulation (GDPR).

Data Protection Officer
gdpr@readspeaker.com

DeepL

The DeepL API is used in the translation function of webReader. Further information on the handling of data can be found on the pages of DeepL:
https://www.deepl.com/pro-data-security

Rights of data subjects

Right to information Art. 15 EU GDPR

You have the right to request confirmation from us as to whether we are processing personal data concerning you. To do so, please simply send an e-mail to datenschutz@rastatt.de.

Right to rectification Art. 16 EU GDPR

You have the right to have incorrect personal data concerning you rectified without delay (right to rectification). To do so, please simply send an e-mail to datenschutz@rastatt.de.

Right to erasure Art. 17 EU GDPR

You have the right to have personal data concerning you deleted immediately (right to erasure). To do so, please simply send an e-mail to datenschutz@rastatt.de.

Right to restriction Art. 18 EU GDPR

You have the right to have the processing of your personal data restricted (right to restriction of processing). To do so, please simply send an e-mail to datenschutz@rastatt.de.

Right to portability Art. 20 EU GDPR

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller. To do so, please simply send an email to datenschutz@rastatt.de.

Withdrawal of consent Art. 7 para. 3 EU GDPR

You have the right to withdraw your consent at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
Please send an email to datenschutz@rastatt.de.

Right to object Art. 21 EU GDPR

If the processing of personal data concerning you is necessary for the performance of a task carried out in the public interest (Art. 6 para. 1 lit. e) EU GDPR) or to safeguard our legitimate interests (Art. 6 para. 1 lit. f) EU GDPR), you have the right to object. To do so, please simply send an email to datenschutz@rastatt.de.

Right to lodge a complaint Art. 77 EU GDPR

If you believe that the processing of your personal data violates the EU GDPR, you have the right to lodge a complaint with a supervisory authority, without prejudice to any other legal remedies.

The State Commissioner for Data Protection and Freedom of Information Baden-Württemberg
Home address: Lautenschlagerstr. 20, D-70173 Stuttgart
Postal address: Postfach 10 29 32, 70025 Stuttgart
Switchboard: +49 711/61 55 41-0
E-Mail: poststelle@lfdi.bwl.de

Contact details of the data protection officer

Information on data protection can be obtained from the Data Protection Coordination Office, Herrenstr. 15, Tel. 07222 972-1026, E-Mail: datenschutz@rastatt.de. If you wish to contact the data protection officer directly, you can do so by sending an e-mail to datenschutzbeauftragter@rastatt.de .

Security

We use the latest Internet technologies to ensure the security of your data. During the online enquiry process, your details are secured with SSL encryption. To ensure the secure storage of your data, our systems are protected by firewalls that prevent unauthorized access from outside.

Information on general correspondence

General correspondence

We store and process your data for the processing of applications, requests, submissions, etc., as well as for invitations to municipal events. Different retention/deletion periods apply depending on the application, request or submission. Information on the retention/deletion periods is available on request at the following e-mail address datenschutz@rastatt.de. The legal basis for the processing of your personal data results from Art. 6 I a) GDPR, if you have given your consent, Art. 6 I c) GDPR, if there is a legal obligation, Art. 6 I e) GDPR, if the agreement is made to fulfill a contract incumbent on us and Art. 6 I f) GDPR, if we have a special interest in data processing that outweighs your interest.

Contact us

If you contact us, we will store your data on the basis of Art. 6 (1) (b) GDPR for the purpose of processing your request and in the event that further correspondence should take place.

Duration of storage

We store your data for as long as is necessary for the final processing of your request. This does not apply to data for which there are statutory or otherwise prescribed retention obligations; this data is stored for the duration of the respective retention period and then routinely deleted.

Rights of data subjects

Right to information: You have the right to request confirmation from us as to whether and which personal data concerning you is being processed; to do so, please simply send an e-mail to datenschutz@rastatt.de.

Correction/deletion/restriction of processing

Furthermore, you have the right to demand that we

  • Inaccurate personal data concerning you are rectified immediately (right to rectification);
  • Personal data concerning you are erased immediately (right to erasure)
  • Note: With regard to invitations to municipal events, you can declare at any time that you wish to be removed from the invitation list
  • the processing is restricted (right to restriction of processing).

Simply send an e-mail to datenschutz@rastatt.de

Right of withdrawal

You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. To do so, please simply send an e-mail to datenschutz@rastatt.de

Right of objection

If the processing of personal data concerning you is necessary for the performance of a task carried out in the public interest (Art. 6 para. 1 letter e) GDPR) or to safeguard our legitimate interests (Art. 6 para. 1 letter f) GDPR), you have the right to object by simply sending an e-mail to datenschutz@rastatt.de

Right of appeal

If you believe that the processing of your personal data violates the GDPR, you also have the right to lodge a complaint with the competent supervisory authority, which you can contact as follows, without prejudice to any other legal remedies: Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg, Lautenschlagerstraße 20, 70173 Stuttgart, e-mail: poststelle@lfdi.bwl.de. This does not preclude you from appealing to another supervisory authority.

If your request falls within the scope of the German Fiscal Code (Section 32h (1) AO), the competent supervisory authority is Federal Commissioner for Data Protection and Freedom of Information, Husarenstraße 30, 53117 Bonn, e-mail: poststelle@bfdi.bund.de. This does not exclude the possibility of appealing to another supervisory authority.

Our data protection officer

Information on data protection can be obtained from the Data Protection Coordination Office, Herrenstr. 15, Tel. 07222 972-1026, E-Mail: datenschutz@rastatt.de. If you wish to contact the data protection officer directly, you can do so by sending an e-mail to datenschutzbeauftragter@rastatt.de .