Data Privacy Policy

 

Data Protection Policy

1. Preamble

We, International Baptist Church, Munich Germany, thank you for visiting our website. It is very important to us as a church that we handle your data securely. International Baptist Church, Munich Germany, is a member of the Bund Evangelisch-Freikirchlicher Gemeinden (hereafter BEFG or Bund) in Deutschland K.d.ö.R. (http://www.baptisten.de) and therefore is not subject to the EU’s GDPR but instead falls under the Bund Evangelisch-Freikirchlicher Gemeinden in Deutschland K.d.ö.R’s Data Protection Regulation (DSO-BUND: http://www.baptisten.de/dso).

Therefore, we wish to provide you with detailed information about the data controller and how your data is used during a visit to our website.

 

2. Terms used in this document

1. Personal data: all information pertaining to an identified or identifiable natural person (hereafter referred to as “data subject”); this means someone who can be identified directly or indirectly, especially by means of an allocated identifier such as a name, code, location data, online code or one or more specific attributes which define the physical, physiological, genetic, psychological, economic, cultural or social identity of this person.
2. Sensitive data: personal data relating to a natural person’s racial or ethnic origin, political opinions, religious or ideological beliefs, trade union membership, health, sexual life or orientation, or genetic or biometric data for clear identification of a natural person.
3. Processing: all processes, manual or automated, or set of processes which are performed upon personal data such as obtaining, recording, organising, storing, adapting or changing, selecting, retrieving, using, disclosing, transferring, distributing, checking, combining, restricting, deleting or destroying.
4. Recipient: a natural or legal person, authority, body or any other entity to whom data is disclosed, whether a third party or not.
5. Third country: a country which is not a member of the European Union.
6. Bund entity: a church which is a member of the Bund Evangelisch-Freikirchlicher Gemeinden, K. d. ö. R., a regional association, the Arbeitsgemeinschaft der Brüdergemeinden, a branch, an organisation or body of the Bund.
7. Data controller: a Bund entity which determines either solely or together with others the purposes and means of the processing of personal data.
8. Outsourced processor: a natural or legal person, or a Bund entity if the data controller belongs to another legal person, which processes personal data on behalf of the data controller.
9. Third party: a natural or legal person, authority, independent church or body other than the data subject, the data controller, the data processor or anyone else directly authorised by the data controller or the data processor to process data.
10. Anonymisation: is the processing of personal data in such a way that the personal data may no longer be attributed to a specific data subject or may only be attributed with a considerable amount of time, cost and effort.
11. Pseudonymisation: the processing of personal data in a such a way that the personal data may no longer be attributed to a specific data subject without the provision of additional information, provided that such additional information is stored separately and subject to technical and organisational measures which ensure that the personal data cannot be assigned to an identified or identifiable natural person.
12. File System: any structured collection of personal data accessible by specific criteria, irrespective of whether that data collection is centralised, decentralised or organised on a functional or geographical basis.
13. Supervisory Board or Data Protection Council: an independent body of the Bund which monitors compliance with data protection regulations.
14. Bund’s Data Protection Officer: the Data Protection Officer appointed by the Bund’s Executive Board.
15. Restriction of Processing: the identification of stored personal data in order to restrict its processing in the future.
16. Consent: the informed, unambiguous and freely given permission from the data subject for a specific circumstance as an expression of intent in the form of a statement or any other unambiguous affirmative act by which the data subject indicates that they are in agreement with the processing of their personal data.

 

3. Data controller

The data controller for the Data Protection Regulation (DSO-BUND) is:

International Baptist Church, Munich Germany

Innere Wiener Straße 34,

81667 München

 

International Baptist Church, Munich Germany is represented by Mr. Chris Carson.

If you have any general questions or suggestions for us on the subject of data protection, you may contact us any time by phone at +498963854415 or by e-mail at pastor@munichibc.de.

 

4. Data Collection:

International Baptist Church, Munich Germany website collects a series of general data and information with each visit to the website by a data subject or an automated system. This general data and information is stored in the server’s log files. The types of data which may be collected include:

a) browser types and versions used,

b) the operating system used by the accessing system,

c) the website from which an accessing system reaches our website (so-called referrer),

d) the sub-webpages which can be navigated to on our website via an accessing system,

e) the date and time of access to the website,

f) an internet protocol address (IP address),

g) the accessing system’s internet service provider, and

h) other similar data and information which are used for protection in the event of cyberattacks on our information technology systems.

 

In using this general data and information, International Baptist Church, Munich Germany does not have any information about the data subject. Rather, this information is needed:

a) to deliver the contents of our website correctly,

b) to optimise the content of our website as well as the advertising for it,

c) to ensure the ongoing functioning of our information technology systems and

the technology used for our website, as well as

d) to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyberattack.

 

This anonymously collected data and information is statistically evaluated by International Baptist Church, Munich Germany and is also used with the aim of increasing the privacy and data security in our church and ultimately to ensure an optimal level of protection for the personal data which we process. The anonymous data from the server log files is stored separately from all personal data provided by the data subject.

 

5.  Legal or contractual requirements for providing personal data; requirements for entering into a contract; data subject’s obligation to provide personal data; possible consequences of non-provision

In some cases, the provision of personal data is required by law (such as tax requirements) or may be needed for contractual arrangements (such as details of the contractor). Sometimes the conclusion of a contract may require that a data subject provides personal data which then has to be processed by us. For example, the data subject is required to provide us with personal data when our church enters into a contract with them. Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Prior to the provision of personal data by the data subject, the data subject must contact our data protection officer / the person responsible in our church congregation. He/she will inform the data subject on a case-by-case basis whether the provision of the personal data is required by law or is a contractual requirement or is necessary for the conclusion of a contract. He/she will also inform the data subject if there is an obligation to provide the personal data and what the consequence(s) of failure to do so would be.

 

6. Which data is collected and stored?

When visiting our website, it is not necessary to provide personal data. Personal data is specific information about the personal and factual circumstances of an identified or identifiable person (see Section 3 Paragraph 1 DSO-BUND), that is, data that allows conclusions to be drawn about a person. This data is only collected or stored by us if you voluntarily provide us with the data, for example when contacting us via the contact form.

 

By using the contact form we can collect the following data:

• Name

• E-mail address

• Phone

• Your request

• Documents submitted by you containing personal information

Voluntarily provided personal data is collected, stored and processed solely for the purpose of establishing contact. Your data is not transferred to third parties. When using your data, close attention is paid to compliance with the data protection regulations of the DSO-BUND.

 

7. Use of cookies

Our website uses cookies. A “cookie” is short textual information that is stored on your computer. It facilitates the use of websites. When using cookies, there is always the risk that your surfing behaviour within the web presence being used may be selected and user profiles created. Nevertheless, we also use “cookies” on our website, as these make the use of the website more convenient and enable the use of certain functions of the website.  Most of the cookies we use will be deleted from your hard drive after closing the browser (“session cookies”). However, the so-called “persistent cookies” remain on your computer and allow us to recognise you on your next visit.

You do still have the option to prevent the storage of cookies on your own computer by changing the appropriate settings in your browser programme. However, this may lead to limited functionality of our website.

 

8. Use of Google Analytics for website analysis 

We use Google Analytics, a web analysis service of Google Inc. (“Google”), on our website. Google Analytics uses so-called “cookies”, text files that are stored on your computer and enable an analysis of your use of the website.

The information generated by the cookie about your use of this website (including your IP address) will be transmitted to and stored by Google on a server in the USA. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services related to website activity and internet usage.

Google may also transfer this information to third parties if required by law or if third parties process this data on behalf of Google. Google will never connect your IP address with other Google data. You can prevent the installation of cookies by adjusting your browser software settings accordingly; however, please be aware that by doing this, you may not have full use of all functions of this website. By using this website, you are giving your consent to Google processing your data in the manner and for the purposes set out above.

You may object to the future collection and storage of your data at any time. We would like to point out that in view of the discussion about the use of analysis tools with complete IP addresses, we only process shortened IP addresses on this website because we use Google Analytics with the extension “_anonymizeIp ()” in order to exclude direct personal referencing.

You may prevent the collection of the data (including your IP address) generated by the cookie and related to your use of the website from Google as well as the processing of this data by Google by downloading the browser plug-in available under the following link and install: https://www.radtke-partner.de/gaoptout

You may prevent Google from collecting the data generated by the cookie and related to your use of the website (including your IP address) and from processing this data by downloading and installing the browser plug-in available in the following link: https://www.radtke-partner.de/gaoptout (select English in top right hand corner where it says ‘Deutsch’).

Note: The opt-out cookie requires a script to run before the actual Google Analytics script. You can find out how this is done technically here:

https://www.radtke-partner.de/disgatracking

Google and Google Analytic’s terms of use and data protection policies can be found at https://www.radtke-partner.de/gdenb (scroll to bottom right of this page, click on ‘Deutsch’ to change to English) or https://www.radtke-partner.de/ganb (click on ‘Analytics’ to select English).

 

9. Google Maps

Some of our pages contain embedded fonts and maps (Google Maps) from Google Inc. When you visit a page on our website with embedded Google Fonts or Google Maps, no personal data, with the exception of the IP address, is transmitted. The IP address is transmitted to Google Inc., 600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”). By using this website, you are consenting to the recording, processing and use of data by Google, one of its agents, or third parties which has been automatically collected or entered by you.

You can find the terms of use for Google Maps here: https://www.radtke-partner.de/gmaps, for English here: https://maps.google.com/help/terms_maps.html. You can find detailed information on transparency and optional settings as well as data protection regulations in Google’s data protection centre at https://www.radtke-partner.de/gdenb (scroll to bottom of page and click on ‘Deutsch’ on right hand side to change to English).

 

11. Social Media

In addition to this website, we also maintain social media presence on various platforms. If you visit such a presence, personal data may be transmitted to the provider of the social network. It is possible that in addition to the storage of the data you have actually entered in social media, other information may also be collected, processed or used by the provider of the social network.

Furthermore, the social network provider may collect, process and use the most important data from the computer system you are using to access the network – for example, your IP address, the processor type, the browser version and plug-ins used.

If you are logged in to your personal account on a social media network while you are visiting our presence, that network may assign the visit to your account. If you prefer that this does not happen, then you have to log out of your account before visiting our presence.

For the purpose and extent of data collection by the respective social network, the further processing and use of your data as well as your relevant rights, please refer to the respective terms and conditions of the respective network:

Facebook terms and conditions (https://www.radtke-partner.de/fbdatenschutz or in English https://www.facebook.com/about/privacy/

YouTube/Google+ (https://www.radtke-partner.de/gdatenschutz and scroll to the bottom of page and click on Deutsch on right hand side to change to English)

Twitter terms and conditions (https://www.radtke-partner.de/tdatenschutz and scroll to the bottom of page and click on Deutsch on right hand side to change to English)

Instagram (https://www.radtke-partner.de/instdatenschutz)

 

12. Social Media Plugins:

Our website contains applications (“Social Plug-ins”) from the social network Facebook. These are operated exclusively by Facebook Inc., based in Europe: Facebook Ireland Ltd, Hanover Reach, 5-7 Hanover Quay 2 Dublin IRELAND, and are marked on our site by the Facebook logo and / or the “Like” icon. Your browser does not create a direct connection to the Facebook server when you visit our website nor does it provide Facebook with any information. Information is only transmitted directly to Facebook and stored there when the Facebook button is clicked. If you are logged into Facebook via your personal user account during your visit to our website, Facebook may assign the website visit to your account. If you want to prevent such data transmission, please log out of your Facebook account before visiting our website. The provider currently has no influence on the type and extent of data collected by Facebook, the information provided here is based on the current information available. Even if the visitor does not use Facebook, it may be that Facebook gets and stores their IP address. According to Facebook, it only stores anonymised IP addresses in Germany.

You can find Facebook’s data protection information here: https://www.radtke-partner.de/fbdatenschutz or in English here

https://www.facebook.com/about/privacy/.

If you have any questions about the collection, processing or other use of your personal data by Facebook, please contact the Data Protection Officer Facebook Ireland https://www.radtke-partner.de/fbdatenschutzbeauftragter.

 

13. Use of Social Plugins from Facebook using the “Double Click Solution”

Our website uses Facebook’s so-called social plugins. This service is offered by the company Facebook Inc. (“Provider”).

Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). An overview of Facebook’s plug-ins and what they look like can be found here:https://www.radtke-partner.de/fbplugins

In order to increase the protection of your data when visiting our website, the plugins are integrated into the site by means of a so-called “double click solution”. This integration ensures that no connection is established with the Facebook servers when you visit a page on our website that contains these plugins. Your browser does not establish a direct connection to the Facebook servers until you activate the plugins and thus give your consent to the data transfer. The content of the respective plugin is transmitted directly to your browser and integrated into the page. By integrating the plug-ins, Facebook receives the information that your browser has accessed the corresponding page on our website, even if you do not have a profile on Facebook or are not currently logged in. This information (including your IP address) will be transmitted from your browser directly to a Facebook server in the USA and stored there. When you interact with the plug-ins, e.g. press the “Like” button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information will also be posted on Facebook and displayed there to your contacts. For the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your related rights and settings options for your privacy protection, please refer to the privacy policy of Facebook at https://www.radtke-partner.de/fbdatenschutz

(or in English: https://www.facebook.com/about/privacy/).

 

14. Links

Our website may contain links to the websites of other providers. Since we have no influence on these websites, the user is advised to inquire about privacy information that may be provided there. We assume no responsibility for the contents of the linked pages.

 

15. Newsletter

Visitors to International Baptist Church, Munich Germany website have the opportunity to subscribe to our church’s newsletter.  The personal data transmitted to the data processor can be found in the subscription form used for this purpose.

International Baptist Church, Munich Germany regularly sends a newsletter to inform its visitors, friends and members about the church’s events and services provided. The data subject may only receive the newsletter if:

1. they have a valid email address, and
2. they register to receive the newsletter.

 

For legal reasons, a confirmation e-mail will be sent to the e-mail address the first time it is entered by a data subject for the newsletter subscription, using the double-opt-in procedure. This confirmation email is used to check whether the owner of the e-mail address is the data subject who authorised the receipt of the newsletter.

When subscribing to the newsletter, we also store the IP address of the computer system used by the data subject at the time of registration as assigned by the Internet Service Provider (ISP), as well as the date and time of registration. The collection of this data is necessary in order to trace (potential) misuse of a data subject’s e-mail address at a later date and therefore serves as a legal safeguard for the data processor.

The personal data collected when subscribing to the newsletter will be used exclusively to send our newsletter. Furthermore, subscribers to the newsletter may be notified by e-mail if it is necessary for the operation of the newsletter service or to update their subscription in the event of changes to the newsletter offer or technical changes. No personal data collected as part of the newsletter service is distributed to third parties. Subscription to our newsletter may be terminated by the data subject at any time. The consent given to store the personal data provided for the newsletter subscription may be revoked at any time. Consent can be revoked by clicking on the corresponding link in each newsletter. It is also possible to unsubscribe from the newsletter at any time, directly on the data controller’s website, or by informing the data processor in another way.

 

16. Newsletter Tracking

International Baptist Church, Munich Germany newsletter contains so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in emails that are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded pixel, International Baptist Church, Munich Germany can see if and when an e-mail was opened by a data subject and which links in the e-mail were opened by the data subject.

Personal data collected via the tracking pixels in newsletters will be stored and evaluated by the data processor in order to optimise the delivery of the newsletter and to better adapt the content of future newsletters to the interests of the data subjects. This personal data will not be disclosed to third parties. Data subjects are entitled at any time to revoke the separate declaration of consent made via the double-opt-in procedure. After revocation, this personal data will be deleted by the data processor. Unsubscribing to the newsletter automatically indicates revocation to International Baptist Church, Munich Germany.

 

17. Embedded videos from external websites

Some of our pages have embedded content from YouTube or Instagram. Viewing any of these pages does not result in personal data being transmitted to the service provider, with the exception of the IP address. In the case of YouTube, the IP address will be transferred to Google Inc., 600 Amphitheater Parkway, Mountain View, CA 94043, USA and, in the case of Instagram, to Instagram Inc., 181 South Park Street Suite 2 San Francisco, California 94107, USA.

 

18. Data Security

We secure our website and other systems by using technical and organisational measures against loss, destruction, access, modification or dissemination of your data by unauthorised persons. Despite regular checks, complete protection against all risks is not possible.

The website uses industry standard SSL (Secure Sockets Layer) encryption in some places. This ensures the confidentiality of your personal information on the Internet.

 

19. Updating/Deletion of your personal data

You may at any time ask to review, change or delete any of the personal data provided to us by sending an e-mail to: pastor@munichibc.de. If you are one of our members, you may also request not to receive further information in the future.

Likewise, you have the right to withdraw your consent at any time effective going forward.

The deletion of stored personal data occurs when you revoke your consent to storage.

The data processor processes and stores the data subject’s personal data only for the length of time deemed necessary to fulfill its purpose or as determined by any European directives or regulations or by any other legislative laws or regulations which the data processor is subject to.

If the purpose of storage is no longer valid or the storage time period required by European directives and regulations or any other legislative laws expires, the personal data will be routinely blocked or deleted according to statutory regulations.

 

20. Rights of the data subject

Each data subject has the right to ask the data processor for confirmation of the processing of their personal data. If a data subject wishes to make use of this confirmation right, they may contact our data protection officer or pastor@munichibc.de at any time.

Any data subject whose personal data is being processed has the right at any time to obtain any information about their personal data from the data processor free of charge as well as a copy of that information. Furthermore, there is a right to information about the following data (Section 11 DSO-BUND):

• the processing purposes;
• the categories of personal data;
• the recipients to whom the personal data has been disclosed;
• if possible, the planned duration for which the personal data will be stored or, if that is not possible, the criteria for determining that duration;
• the right of rectification or erasure of their personal data, or the limits of processing by the data controller or the right to object to such processing;
• the existence of a right of appeal to the Data Protection Council;
• Information about the origin of the data.

 

If the data subject wishes to exercise this right to information, they may contact our data protection officer or pastor@munichibc.de of the data controller at any time.

Every data subject affected by the processing of personal data has the right to demand the immediate rectification of incorrect personal data concerning them (Section 12 DSO-BUND). Furthermore, the data subject has the right, depending on the purposes of the processing, to request the completion of incomplete personal data – also by means of a complementary declaration (Section 12 Paragraph DSO-BUND).

If the data subject wishes to exercise this right of rectification, they may contact our data protection officer or pastor@munichibc.de involved in processing the data at any time.

Any data subject affected by the processing of personal data also has the right to request that the controller deletes the personal data concerning them immediately, as long as the following reasons are applicable and that the processing is not necessary:

• The personal data has been collected or processed for such purposes that are no longer necessary.
• The data subject revokes their consent (Section 6 Paragraph 3 DSO-BUND) which the processing according to Section 6 Paragraph 1 DSO Bund or Section 8 Paragraph 2 a) DSO-BUND is based on, and there is no other legal basis for the processing.
• The data subject objects to the processing according to Section 16 Paragraph 1 DSO-Bund and there are no prior justifiable grounds for processing.
• The personal data was unlawfully processed.
• The erasure of personal data is required to fulfill a legal obligation under church law, EU law or the law of the EU member state to which the data controller is subject.

 

Insofar as one of the above-mentioned points applies and a data subject wishes to request the erasure of personal data held by International Baptist Church, Munich Germany, the data subject may contact our data protection officer at any time. The request for data erasure will be fulfilled immediately.

If International Baptist Church, Munich Germany made the personal data public and if they are responsible in accordance with Section 13 Paragraph 1 DSO-BUND for erasing personal data,International Baptist Church, Munich Germany will take appropriate measures, including those of a technical nature, depending on the technology available and the implementation costs, to inform other data processors who processed the published personal data about the request for erasure of all links to this personal data or copies or replications, insofar as the processing is not necessary. The data protection officer of International Baptist Church, Munich Germany will arrange for what is necessary to be done in each case.

Each data subject has the right according Section 14 DSO-BUND to request the data processor to restrict processing if any of the following conditions apply:

–       The accuracy of the personal data is contested by the data subject; restricted processing is necessary for a period of time that allows the data processor to verify the accuracy of the personal data.

–       The data has been unlawfully processed; the data subject refuses the erasure of personal data and instead requests the restriction of the use of personal data.

–       The data processor no longer needs the personal data for processing purposes, but the data subject requires them in order to establish, exercise or defend their legal rights.

–       The data subject has objected to the processing according Section 16 Paragraph 1 DSO-BUND; it is not yet clear whether the data processor’s legitimate grounds for processing override those of the data subject.

 

If one of the above conditions is met and the data subject wishes to request the restriction of personal data stored by International Baptist Church, Munich Germany, they may at any time contact our Data Protection Officer or another employee responsible for processing data. The necessary steps will then be taken to restrict the processing.

Any data subject has the right to receive in a structured, conventional and machine-readable format personal data relating to them which they have provided to a data processor.  They also have the right to have this data transferred to another data processor without hindrance by the data processor to whom it was initially given. The following conditions apply to this right:

– that the processing is carried out on the basis of consent pursuant to Section 5 Paragraph 1 a) DSO-BUND or Section 8 Paragraph 2 DSO-BUND or in a contract according to Section 5 Paragraph 1 b) DSO-BUND;

– that the processing is by an automated means, unless the processing is necessary for the performance of a task in the public interest or in the exercise of official authority which has been delegated to the data controller.

Any data subject has the right, at any time and for reasons arising out of their particular circumstances, to object to the processing of their personal data, pursuant to Section 5 Paragraph 2 e), f) or g) DSO-BUND. This also applies to profiling based on these conditions.

In the case of an objection, International Baptist Church, Munich Germany will stop processing personal data unless we may demonstrate compelling legitimate grounds for processing that override the interests, rights and freedoms of the data subject or which serve to process, assert, exercise or defend legal claims.

If International Baptist Church, Munich Germany processes personal data in order to conduct direct advertising, the data subject has the right to object at any time to the processing of personal data for the purpose of such advertising. This also applies to profiling, if it is associated with this direct advertising. If the data subject objects to International Baptist Church, Munich Germanyprocessing for direct marketing purposes, International Baptist Church, Munich Germany will no longer process the personal data for these purposes.

Furthermore, the data subject has the right, for reasons that arise from their particular circumstances, to object to the processing of their personal data used by International Baptist Church, Munich Germany for scientific or historical research purposes or for statistical purposes, according to  Section 13 Paragraph 3 No. 4 DSO-BUND, unless such processing is necessary to fulfill a public interest task.

In order to exercise the right to object, the data subject may contact the Data Protection Officer or another employee of International Baptist Church, Munich Germany directly.

Any data subject has the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect or in a similar manner significantly affects them, as long as the decision:

1. is not required for the signing or fulfillment of a contract between the data subject and the data controller, or
2. is permitted by the legislation of the Bund Evangelisch-Freikirchlicher Gemeinden in Deutschland K.d.ö.R., the European Union or the EU member states to which the data controller is subject, and that this legislation takes appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject, or
3. with the express consent of the data subject.

 

If the decision

a) is necessary for the signing or fulfillment of a contract between the data subject and the data controller, or

b) is with the explicit consent of the data subject,

International Baptist Church, Munich Germany will take appropriate measures to safeguard the rights, freedoms and legitimate interests of the data subject, including at least the right to obtain the intervention of a person by the data controller, to present their own position and to contest the decision.

If the data subject wishes to enforce their rights relating to automated decision-making, they may contact our Data Protection Officer or another employee at any time.

Any data subject has the right to withdraw consent to the processing of personal data at any time.

If the data subject wishes to assert their right to withdraw consent, they may contact our Data Protection Officer or another employee at any time.

 

21. Legal basis for processing

Section 5 Paragraph 2 DSO-BUND serves as a legal basis for processing operations where we obtain consent for a particular processing purpose. Processing will be based on Section 5 Paragraph 2 d) DSO-Bund if the processing of personal data is necessary to fulfill a contract of which the data subject is a party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or service in return. The same applies to processing operations that are necessary to carry out pre-contractual measures. If we are subject to a legal obligation that requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Section 5 Paragraph 2 d) DSO-BUND. In rare cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were injured and their name, age, health insurance or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be according to Section 5 Paragraph 2 e) DSO-BUND. Ultimately, processing operations could be based on Section 5 Paragraph 2 f) to h) DSO-BUND. On this legal basis, processing operations that are not covered by any of the above legal bases are required if the processing is necessary to safeguard the legitimate interest of our church or a third party, unless the interests, fundamental rights and freedoms of the data subject prevail. The same applies to processing which is necessary for the performance of a task which is in the interest of the Bund or which serves journalistic editorial purposes of the Bund.

 

22. Notice of changes

Changes to the law or changes to our internal processes may necessitate a revision of this data protection policy. Should this be the case, we will notify you of this no later than six weeks prior to it coming into effect. You are generally entitled (No. 20) to revoke your consent. Please note that (unless you make use of your right of withdrawal) the current version of the data protection policy is the valid one.

 

23. Your Contact Person

If you have any questions regarding the collection, processing or use of your personal data or if you need information, rectification, erasure or blocking of your data or the revocation of consent granted or you have an objection to a particular use of the data, please contact directly:

E-Mail: pastor@munichibc.de

 

Date: 30.01.2021