1) General remarks and principles of data processing

We are pleased that you are visiting our website. The protection of your privacy and your personal information, the so-called personal data, whilst using our website is an important matter to us.
According to Art. 4 No. 1 GDPR, personal data is any information relating to an identified or identifiable natural person; This includes, for example, information such as your first name and surname, your address, your telephone number, your email address, but also your IP address.
Data that does not provide any reference to your person, such as anonymized data, does not qualify as personal data. According to Art. 4 No. 2 GDPR, processing (e.g., data collection, recording, organization, storage, sorting, retrieval, use, transmission, erasure or destruction) always requires a legal basis or your consent. Processed personal data must be deleted as soon as the purpose underlying the processing has been fulfilled and there is no longer a legal obligation to archive the data.
You can find information about how your personal data is treated when visiting our website here. We must collect personal data about you to provide the functions and services available on our website.
We also explain to you the nature and scope of the respective data processing, the purpose underlying it and the corresponding legal basis as well as the respective storage period.
This privacy policy only applies to this website. It does not apply to other websites to which we merely refer via a hyperlink. We cannot assume any liability for the confidential treatment of your personal data on the websites operated by such third parties as we do not have any influence on whether these operators comply with the requirements of data protection laws. Please find the information on the way your personal data is treated by these operators directly on these websites.
Separate privacy policies apply to project tenders and job applications which can be found on our website under the contacts link.
See below for the contact data of the applicable controllers and data protection officers.


2) Controllers

The controller who bears responsibility for processing personal data on this website is (see the imprint):

SprinD GmbH
, Markt 9
, 04109 Leipzig
Management: Ms. Alina Allritz and Mr. Rafael Laguna de la Vera
Email: INFO@SPRIND.ORG


3) Data protection officer

The data protection officer of SPRIND is available to answer any questions on data protection at our business address: SPRIND GmbH, Markt 9, 04109 Leipzig, Email: DATENSCHUTZ@SPRIND.ORG


4) Collection of general data and information

a) Nature and scope of data processing
Every time our website is called up, our web server collects a range of general data and information. This general data and information is stored in the log files of the server. The data and information that can be collected includes
the type of browser used and its version;
the operating system used by the system accessing the website;
the site from which the system accessing our website originated its request (referrer sites);
the pages of our website that the system accessing our website accesses;
the date and time of day our website is accessed;
the internet protocol address (IP address);
the internet provider of the system accessing our website;
other similar data and information that serves to defend against cyberattacks to our IT systems.

b) Purpose and legal basis
SPRIND does not draw any conclusions about the data subject when using this general data and information. Rather, this information is needed to deliver the content of our website correctly and to optimize it, to ensure the functionality of our IT systems and the technology used by our website over the long-term as well as to provide the information required by the crime office to make a prosecution in the event of a cyberattack. We therefore analyze this anonymized data and information statistically and, more importantly, with the goal of elevating the level of data protection and data security in our organization in order to ultimately ensure an optimal level of protection for the personal data we process. The anonymized data in the server logfiles is stored separately from all personal data provided by the data subject.
The legal basis for this processing is provided by Art. 6 (1) lit. f) GDPR. The processing of the data referred to above is necessary to provide the website and therefore the legitimate interests pursued by our organization.

c) Duration of storage
As soon as the personal data referred to above is no longer needed to present the website, it is deleted. The collection of the data needed to present the website and the storage of the data in logfiles is essential for the operation of the website. Consequently, users of the website do not have any right of refusal in this regard. It is also possible that the data may be stored beyond the above parameters if this is required by law.


5) Cookies and web analytics using Matomo

The websites of SPRIND use cookies. Cookies are text files that are filed and stored on a computer system via an internet browser.
Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters by which websites and servers can be allocated to the specific internet browser where the cookie is stored. This allows the websites and servers that are visited by the user to distinguish the individual browser of the data subject from other internet browsers which contain different cookies. A particular internet browser can be recognized and identified by the unique cookie ID.
The use of cookies allows us to provide more user-friendly services on our website which would not be possible without setting a cookie.
As stated above, cookies enable us to recognize a user returning to our website. The purpose of this recognition of returning visitors is to facilitate the use of our website for the users. For example, the user of a website that uses cookies does not have to reenter his or her registration data each time as this action is performed by the website and the cookie stored on the computer system of the user. Another example is the cookie used for the shopping basket of an online shop. The online shop records the articles that the customer has placed in their virtual shopping basket using a cookie.
You may prevent cookies being set by our website via the corresponding settings of your internet browser which allows you to permanently refuse cookies being set. Moreover, you can delete any cookies that have already been set by your internet browser or other applications. This is possible in all customary internet browsers. If you deactivate cookies, it is possible that not all functions of our website will be available for you to use in some circumstances.
We use “Matamo” open source web analytics software on our website to analyze visits to our website. We operate our own Matamo system because we wanted to refrain from using the customary external analysis by Google Analytics. Using Matamo, we analyze where visitors come from, which content is relevant to them, and where there may be any problems on our website. We do not conduct any specific monitoring of users as identifiable persons. All data, including the IP address is automatically anonymized before being stored.
Matamo uses so-called cookies, text files that are saved on your computer and that enable an analysis of website use. The information generated by the cookie is stored solely on servers in Germany. You can prevent the installation of cookies by adjusting your browser settings; please note, however, that in this case some functions of this website may not be available for use to their full extent.
Due to the purpose described above, the legal basis for the processing of your personal data using cookies is provided by Art. 6 (1) lit. f) GDPR. If you provide your consent to the use of cookies via a cookie banner set by us on the website, the legal basis is also provided by Art. 6 (1) lit. a) GDPR.
You can also revoke any possible prior and express consent you may have already given to the use of cookies. If you wish to decide against the use of cookies, click the following link to place the deactivation cookie on your browser:

As soon as data transmitted to us by the cookie for the purpose described above is no longer needed, it is deleted from our server. It is also possible that the data may be stored beyond the above parameters if this is required by law.


6) Data transfer to third parties

We only transfer your personal data to third parties if:
you have provided your express consent pursuant to Art. 6 (1) lit. a) GDPR;
it is permitted by law and it is necessary to perform a contract with you or to take steps prior to entering into a contract pursuant to Art. 6 (1) lit. b) GDPR;
the transfer is necessary for compliance with a legal obligation pursuant to Art. 6 (1) lit. c) GDPR;
we are obliged to transfer the data to public authorities;
the transfer pursuant to Art. 6 (1) lit. f) GDPR is necessary to protect a legitimate business interest, insofar as this is necessary to establish, exercise or defend against legal claims and there is no reason to assume that you have an overriding interest in the data not being transferred;
we rely on third-party service providers (contract processors) in keeping with Art. 28 GDPR who are obliged to handle your data with due care.

In the event that we process your data in a third country (i.e., a country outside of the European Union (EU) or the European Economic Area (EEA)) or this occurs within the framework of using the services of a service provider or when disclosing or transferring your data to third parties, such processing will only be performed to fulfill our (pre-)contractual duties, on the basis of your consent, due to a legal obligation or in the pursuit of our legitimate interests. Subject to applicable legal or contractual permissions, we only process data or have it processed in a third country if the criteria of Art. 44 et seq. GDPR are met. This means that processing is only performed on the basis of a specific guarantee to the effect that the same level of data protection afforded by the EU is met (e.g., by means of the “Privacy Shield” in the USA) or officially recognized contractual obligations apply (“standard contractual clauses”).


7) Advertising and market research

Your personal data is stored for the sole purposes listed above. Your data is not used, analyzed or transferred to others for other purposes. We do not use your data for the purposes of advertising or market research. Transfer of your personal data is ruled out (with the exception of the purposes listed under 6).


8) Your rights

You have the right at all times
to revoke any consent you may have given pursuant to Art. 7 (3) GDPR. As a consequence, any processing of your data based on your consent may no longer be continued;
to obtain information about your personal data in accordance with Art. 15 GDPR. In particular, you have the right to obtain information about the purposes of the processing, the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing, the right to lodge a complaint with a supervisory authority, where the personal data are not collected from the data subject, any available information as to their source, the existence of automated decision-making, including profiling and details thereon;
to rectify or complete inaccurate personal data stored by the controller in accordance with Art. 16 GDPR without undue delay;
to obtain from the controller the erasure of personal data in accordance with Art. 17 GDPR, provided that the processing of your personal data is not required for the exercise of the freedom of expression and information, to meet a legal obligation, reasons of public interest or to establish, exercise or defend against legal claims;
to obtain from the controller a restriction of the processing of personal data pursuant to Art. 18 GDPR, provided you contest the accuracy of your personal data, the processing is unlawful but you oppose the erasure of the personal data and request the restriction of their use instead and the controller no longer needs the personal data but you require the data to establish, exercise or defend against legal claims or you object to processing pursuant to Article 21(1);
pursuant to Art. 20 GPDR to receive the personal data which you provided in a structured, commonly used and machine-readable format and to transmit those data to another controller, and
to lodge a complaint with a supervisory authority pursuant to Art. 77 GPDR. Generally, you can contact the supervisory authority of your habitual residence or workplace or to the jurisdiction in which we have our registered office.


9) Erasure of data

The data we process are erased in keeping with Art. 17 GPDR or their processing is restricted in accordance with Art. 18 GPDR. Unless stated expressly otherwise elsewhere in this privacy policy the data we have stored is deleted as soon as it is no longer needed for the stated purpose and there is no legal archiving duty requiring otherwise. If the data are not deleted because they are needed for another legally permitted purpose, their processing is restricted accordingly. This means the data are blocked and not used for other purposes. This applies, for example, to data that needs to be stored under the terms of the applicable commercial code or tax legislation.
The provisions of Sec. 257 (1) HGB [“Handelsgesetzbuch”: German Commercial Code] specify that documents (commercial business records, inventories, opening balance sheets, financial statements, business correspondence, journal vouchers, etc.) must be archived for 6 years and Sec. 147 (1) AO [“Abgabenordnung”: German Tax Code] specifies a retention period of 10 years (bookkeeping, records, management reports, journal vouchers, business correspondence, documents relevant for tax purposes, etc.).


10) Right to object

You have the right to object to the processing of your personal data at any time in the future in accordance with the terms of Art. 21 GPDR. In particular, the right to object can be asserted against the processing of personal data for advertising purposes.
Simply send an email to Datenschutz@Sprind.org to exercise your right to object.