Data Privacy Statement

Data Protection Information
Biodynamic Federation Demeter International e.V.

Effective date 10.06.2021

The website demeter.net is made available by Biodynamic Federation Demeter International e.V., Brandschneise 1, 64295 Darmstadt Germany, legally represented by the President Helmy Abouleish and the General Secretary Christoph Simpfendörfer (“demeter”, “BFDI”, “we” or “us”) as person responsible within the meaning of the applicable data protection law.
The following information informs you which personal data we collect when you use demter.net and how we handle this data. You can access this data protection information at any time under the “Privacy Policy” section of the website.

1 What data does Biodynamic Federation Demeter International e.V. process?

The Biodynamic Federation Demeter International is a platform of individual certification bodies for biodynamic farmers worldwide. In principle, you can visit our website without registering and actively providing us with personal data. In this case we only collect the following data:

  • Customer-Domain
  • IP-address; last two bytes are anonymized
  • Timestamp – Date and time of the request
  • Request-line
  • Status Code
  • Referrer – website or user agent

This access data is processed to ensure failure-free operation of the site. According to Art. 6 Para. 1 Clause 1 lit. f GDPR to protect our legitimate interests in the correct presentation and optimization of my website. All access data will be deleted no later than six months after the end of your visit to the site.

2 For what purposes and on what legal basis does Biodynamic Federation Demeter International e.V. process your data?

We process your data mainly to make the offer and the associated services available to you. In addition, some further processing takes place for further purposes, which we describe below together with the respective legal bases.

2.1 Provision of the portal

We process your data to make the offer and the associated services and functions available to you.

These processes are carried out on the basis of legal regulations that allow us to process personal data to the extent necessary for the use of a service or the fulfilment of a contract (Art. 6 Paragraph 1 b) GDPR), or because BFDI has a legitimate interest in making the use of the platform as easy and efficient as possible (Art. 6 Paragraph 1 f) GDPR). In some cases we also obtain your consent to data processing (Art. 6 Par. 1 a) GDPR).

2.2 Statistical evaluations and demand-oriented design (Cookies)

When using our offer, we create usage profiles using pseudonyms for the purposes of statistical evaluation and the demand-oriented design of the offer. These processes are carried out on the basis of legal regulations which allow personal data to be processed because BFDI has a legitimate interest in a needs-oriented design geared to usage habits and the statistical evaluation of our offer (Art. 6 Para. 1 f) GDPR).

For this we use so-called cookies, i.e. alphanumeric identification characters which we transmit to your computer via your web browser. They allow our systems to temporarily distinguish your browser from others. We use so-called session cookies, with the help of which you receive a session ID for the duration of a visit to our pages, which enables us to recognize you as a certain (anonymous) user. The session cookie and your session ID will be deleted at the end of your visit to our site.

If you wish to prevent this procedure, you can do so by deactivating the cookie. The help function in the menu bar of most web browsers explains how to set your browser so that it no longer accepts cookies or only accepts cookies to a limited extent. There you will also learn how to configure your browser so that it informs you when a cookie is “offered” to your computer. Unfortunately, you can only fully use and experience the functionality of our website with an activated cookie acceptance.

Matomo

We use Matomo for web analytics, a service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769, (“Matomo”) using cookie technology. The protection of your personal data is important to us, which is why we have configured Matomo so that your IP address is only recorded in shortened form. We therefore process your personal usage data anonymously. It is not possible for us to draw conclusions about your person. We are using these on the basis of our legitimate interest according to Art. 6 Abs. 1 lit. f GDPR.

For more information about Matomo’s terms of use and data protection regulations, please visit: https://matomo.org/privacy/

2.3 Share Buttons

Our website uses so-called “share buttons”, which are plug-ins from various social networks, namely Facebook, Instagram, LinkedIn and Twitter. These share buttons are not used to share information about your visit to our website with the social network operator. Only when you click the respective share button are you directed to the network operator’s page. The operator of the respective social network is responsible for the associated data collection and use. Please refer to the network operator’s privacy policy for details.

2.4 Youtube

YouTube videos, Provider is Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA are embedded on our website in order to offer you relevant, editorially selected content.

If you call up a sub-page that contains such third-party content, your IP address will be transmitted to YouTube (Google Inc.) to enable the display of the content or function. Any personal data that you enter in addition to this will be processed by YouTube (Google Inc.) for the purposes of the requested content or the processing of your input. We are using these on the basis of our legitimate interest according to Art. 6 Abs. 1 lit. f GDPR.

For more information on the purpose and scope of data processing by Google and your related settings options for protecting your privacy, see http://www.google.com/intl/de/policies/privacy.

2.5 Google Maps

For the contact or training search, we use Google Maps Provider is Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA to visually display geographical information.

When using Google Maps, Google also collects, processes, and uses data on the use of the Maps functions by visitors to the websites. You can find more information about data processing by Google in Google’s privacy policy. There you can also change your settings in the Privacy Center so that you can manage and protect your data. We are using these on the basis of our legitimate interest according to Art. 6 Abs. 1 lit. f GDPR.

For more information about the purpose and scope of data processing by Google and your related settings options for protecting your privacy, please visit http://www.google.com/intl/de/policies/privacy.

2.6 Contact form

If you contact us using the “Contact us” on our website or by email, only your first and last name, email address and country are required; all other information is voluntary. The data you provide will only be processed based on your consent (Art. 6 Para. 1 lit. a GDPR) to process your request. Contact details are processed as a pre-contractual measure to process the request. As a business letter, we store the data for six years.

2.7 Links

This website may contain links to other websites and local BFDI members. These sites are operated by the respective providers and further information and objection options can be found in the respective data protection information of the providers.

2.8 Downloads & files

We offer several downloads and files on our web pages. The downloads are located either on the server in the German data center of our service provider.

3 To which recipients do we pass on your data?

It may happen that we also pass on your data to other recipients within the scope of the purposes mentioned in paragraph 2, as they are already named in detail there. In exceptional circumstances, we may also be required by law to disclose your personal data to third parties, for example as part of government prosecution measures.

In addition, your personal data may be passed on within the BFDI, to service companies (possibly also third countries), to government authorities and to persons affected by an infringement and possibly to other companies as part of a company transaction, as explained in detail below.

3.1 Transfer within BFDI

The BFDI is based in Germany and operates internationally. Certain personal data, such as data provided by the user by contact us, may be disclosed within the BFDI for internal administrative purposes to the extent necessary.

3.2 Passing on to service providers bound by instructions

In some cases, we use service provider as processor governed by a contract according to Art. 28 GDPR Processor.

In some cases, we use service companies bound by instructions for certain data processing activities. Without exception, these are service companies that are bound by instructions and process the data on our behalf and in accordance with our instructions.

Due to the above-mentioned transfers, the service providers bound by instructions may process the data in countries outside the EU (“third countries”).

Every transfer of data to a third country takes place in compliance with the applicable data protection law. If the European Commission has not established an adequate level of protection for a third country, BFDI provides appropriate guarantees to ensure adequate protection of your data. This can be done, for example, through the conclusion of data processing contracts which contain EU standard data protection clauses and which the European Commission believes offer appropriate guarantees (available at: http://ec.europa.eu/justice/data-protection/international-transfers/transfer/index_en.htm ).

3.3 Passing on to government agencies, injured parties and for legal proceedings

If it is necessary to clarify any illegal or abusive use of BFDI or for legal prosecution, personal data will be forwarded to the law enforcement authorities and, if necessary, to injured third parties. However, this only happens if there are indications of illegal or abusive behaviour. A disclosure may also take place if this serves to enforce terms of use or other agreements. We are also legally obliged to provide information to certain public authorities upon request. These are law enforcement authorities, authorities that prosecute fined offences and the tax authorities.

4 How long do we store your data?

We delete or make your personal data anonymous as soon as they are no longer required for the purposes for which we process them in accordance with the above paragraphs. The actual storage period depends on how you use our offer.

We store your personal data for the duration of use of our offer plus a period of six months in which we keep backup copies after deletion, insofar as this data is not required for longer for criminal prosecution or to secure, assert or enforce legal claims.

In the event that you have given us your consent to the processing of your data (e.g. for the purpose of advertising use including the associated profiling), we will store your data until you revoke your consent.

If we have to store data for legal reasons, the further processing of the data concerned is restricted instead of being deleted.

5 What rights do you have as the person concerned?

As a data subject of the processing of personal data, you have the right to receive information about your stored data at any time. Upon presentation of the respective prerequisite, you may also be entitled to the following rights:

In cases where data processing is based on Art. 6 para. 1 lit. e or lit. f GDPR you have the right to object to the processing.

  • Right of access by the data subject
  • Right to rectification
  • Right to object
  • Right to erasure
  • Right to restriction of processing
  • Right to data portability

You can withdraw your permission to use your personal data at any time. Requests for information, deletion and rectification of your data and any suggestions can be send to the address given in the legal notice at any time.

You also have the right to file a complaint with a supervisory authority:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 3163
65021 Wiesbaden – Germany
Telephone: +49 611 1408 – 0
E-Mail: poststelle@datenschutz.hessen.de

6 Changes to this data protection information

The services offered by the BFDI may be changed from time to time, in particular to further improve the platform’s services and functionalities. Such changes may also affect the use of your personal data. We therefore may change this privacy information from time to time. Please inform yourself regularly about the current status of the data protection information.

Menu