Privacy Policy

This data protection statement is intended to inform you about the manner, scope, and purpose of personal data processing on our website. Personal data refers to any data that has a personal reference to you, such as your name, address, or email address or information about your user behaviour.

Party responsible for data processing

Kulturamt der Stadt Kempten (Allgäu)
Martin Fink, MA (chief officer)
Memminger Str. 5
87439 Kempten (Allgäu)
Germany
Email: martin.fink@kempten.de
www.kempten.de

Contact data for the data protection officer

Stadt Kempten (Allgäu)
Datenschutzbeauftragter
Rathausplatz 22
87435 Kempten (Allgäu)

Tel.: 0831/2525 – 1085
Fax: 0831/2525 – 1015
Email: datenschutz@kempten.de

Web hosting

To maintain our online presence, we make use of an internet service provider (ISP) whose server hosts the website and makes it accessible on the internet. The ISP processes a range of data on our behalf: contact data, content data, contract data, usage data, inventory data, metadata, and communication data.

Name and address of the ISP

1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. The company’s data protection regulations (in German) can be viewed here: https://hosting.1und1.de/terms-gtc/terms-privacy/

Legal basis

The legal basis for the aforementioned data processing is our legitimate interest in making our online presentation efficient and secure, Art. 6(1f) GDPR in conjunction with Art. 28 GDPR (“Processor”).

Should you only use our website for information purposes, our ISP only collects the personal data transmitted to the server by the browser you are using. The following data is collected:

• IP address
• The date and time our website was accessed
• Time zone difference to Greenwich Mean Time (GMT)
• Access status (HTTP status)
• The volume of transmitted data
• The ISP of the accessing system
• The type and version of the browser you are using
• The operating system you are using
• The website from which you accessed our website (if relevant)
• The pages or sub-pages that you visit on our website.

The above data is stored on our ISP’s servers in the form of log files. This is necessary in order to display the website on the end device you are using and to ensure stability and security. Our legitimate interest in data processing is based on the purposes described above.

Legal basis

The legal basis is Art. 6(1f) GDPR.

Duration

The above data necessary for the provision of our website is stored for a period of 7 days and then deleted.

Objection

As processing of the above data is absolutely necessary for the provision of our internet presence, no right of objection exists.

Cookies

Our website uses cookies. Cookies are small text files consisting of a series of numbers and letters that are filed and stored on the device you are using. Cookies do not transmit viruses, nor can they execute programs. Rather, their primary purpose is to exchange information between the device you are using and our website. A distinction must be made between temporary (transient) cookies and persistent cookies. One of the main types of transient cookies are session cookies. These store what is known as a “session ID”, which enables various requests from your browser to be assigned to the joint session. This enables our website to recognise your computer when you return to our website. Session cookies are deleted when you log out or close your browser. Persistent cookies are automatically deleted after a set period of time, which may vary depending on the cookie. You have the option to delete these cookies at any time in the security settings of your browser.

The purpose of cookies is to make our website more user-friendly. Some elements of our website require that the browser seeking to establish a connection can be identified even after changing pages. Information on language settings or log-in details may be stored in these cookies.

Additionally, on our website we also use cookies that allow us to analyse your visit to our web pages. Information regarding the search terms you enter, page view frequency, and the use of website functions may be stored in these cookies. These cookies enable us to track how often and in what manner the website and its functions are used. They therefore serve to improve the overall quality and user-friendliness of our website, and its content and functions in particular. This enables us to continuously optimise our offering. Technical precautions are taken to anonymise your data, thus ensuring that it is impossible to assign the data to your person. The data is not stored together with other personal data.

Our legitimate interest in data processing is based on the purposes described above. The legal basis for this is Art. 6(1f) GDPR.

As the cookies are stored on your computer, you also have full control over how cookies are used. You may use your browser’s security settings to determine whether cookies are stored at all. For example, you can choose not to accept cookies from the outset, accept them only on request, or specify that they are to be deleted each time you close your browser. If cookies are deactivated for our website, it may not be possible to use all our website’s functions to their full extent.

Storage period/erasure

We erase or block your personal data as soon as the purpose for storing it has been achieved or no longer applies. Any storage beyond this period will only be undertaken if we are required to do so by German or European regulations. In this case, the data will be blocked or erased when the storage period mandated by the regulations in question has expired, unless we require your data to fulfil a contract concluded between us or it is necessary to assert, exercise, or defend legal claims.

Contact via contact form, email, social media, or telephone

Scope

Should you use the contact form offered on our website or contact us by email, telephone, or social media and provide us with your personal data, this data will be stored automatically and processed by our institution in order to deal with your enquiry. This data is only processed for the purposes of communicating with you. The data is transmitted via an encrypted SSL connection. Your data will not be transferred to third parties.

Purpose

We require your name in order to address you in our response. We require your email address in order to reply to your enquiry. We require your telephone number to be able to respond to your call-back request.

Legal basis

The legal basis is Art. 6(1a) GDPR.

Deletion

The personal data we collect will be deleted once it is no longer necessary. Every two years we review whether it is necessary to keep your data. You also have the option at any time to withdraw your consent to our processing of your data.

Objection

You can prevent the storing and processing of your personal data by avoiding the use of our contact formula.

Your rights as a user of our website as per the GDPR

In accordance with the GDPR, you are entitled to the rights described below. You may assert these rights at any time with the responsible party named in section 1 of this privacy policy:

1. Right of access
   Pursuant to Art. 15 GDPR, you may request confirmation as to whether we process your personal data and what data is involved. In addition, you can request information from us free of charge concerning the purposes for which the data is processed, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, and the existence of a right to rectify or erase your data, to limit the processing of it, or to withdraw your consent to this, and the existence of a right to file a complaint. You may also request information about where your data originated from if it was not collected by us. Furthermore, you have the right to be informed whether your personal data has been transferred to a third country or to an international organisation. Should this be the case, you have the right to obtain information about the appropriate safeguards relating to the transfer.
2. Right to rectification
   Pursuant to Art. 16 GDPR, you can request that personal data stored by us be corrected if it is inaccurate or completed if incomplete.
3. Right to erasure
   Pursuant to Art. 17 GDPR, you have the right to demand the erasure of personal data stored by us as long as it is unnecessary for us to process this data for the following purposes: to comply with a legal obligation; to assert, exercise, or defend legal claims; to exercise the right to freedom of expression and information; or for reasons of public interest as stipulated in Art. 17(3c,d) GDPR.
4. Right to restriction of processing
   Pursuant to Art. 18 GDPR, you have the right to demand the restriction of how your personal data is processed if:
   • you contest the accuracy of data for a period of time that allows us to verify its accuracy;
   • he processing of your data is unlawful, but you prefer not to have it erased and request instead that use of the data be restricted,
   • e no longer require the personal data for processing purposes, but you require the data in order to assert, exercise, or defend legal claims;
   • pursuant to Art. 21 GDPR, you have objected to the processing of your data, but it has not yet been determined whether your rights are outweighed by the legitimate grounds that entitle us to continue processing said data despite your objection.
5. Right to information
   If you have exercised the right to rectification, erasure, or restriction of processing, we are obliged to inform all those to whom your personal data has been disclosed of the rectification or erasure of said data or your request that the processing of said data be restricted, unless this proves impossible or involves a disproportionate effort. You have the right to be informed by us about the parties involved.
6. Right to data portability
   Pursuant to Art. 20 GDPR, you may ask to receive the personal data that you have provided to us in a structured, commonly used, and machine-readable format or request that we transfer it to another responsible party.
7. Right to lodge a complaint
   Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. If you are of the opinion that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the supervisory authority without prejudice to other legal remedies.
   You can reach this authority using the following contact details:
   Landesbeauftragter für den Datenschutz in Bayern
   Postfach 22 12 19
   80502 Munich
   Telephone: 089/212672-0
   Fax: 089/212672-50
   poststelle@datenschutz-bayern.de
8. Right of withdrawal
   Pursuant to Art. 7(3) GDPR, you have the right to withdraw your consent to the processing of your data at any time. Your declared withdrawal does not affect the lawfulness of any processing of your personal data that took place before the withdrawal request was made.
9. Right to object
   You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data which is carried out on the basis of a weighing of interests, as per Article 6(1f) GDPR. This is particularly the case if said data processing is not required for the fulfilment of a contract. If you exercise your right of objection, we ask you to explain your reasons for doing so. We will then no longer process your personal data unless we can prove to you that there are compelling reasons for said data processing that merit protection and outweigh your interests and rights.

Irrespective of the above, you have the right to object to the processing of your personal data for the purposes of advertising and data analysis at any time.

Please send any objections to the contact address of the responsible party named above.

Use of Google Maps components

On our website we use components of “Google Maps”, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).

Scope

Google Maps visually displays geographical information. In doing so, Google collects and processes the visitor’s IP address. This is transmitted to Google regardless of whether Google Maps is actually used or you are logged into your Google account. Your IP address will be assigned to your Google account if you are logged into this account when you visit our website. This data is transferred to external Google servers in the USA. Google is a participant in the Privacy Shield agreement and is certified to process data in accordance with European standards. Google may pass on data collected via this technical procedure to third parties.

Purpose

The integration of Google Maps serves to simplify visualisation and navigation when visiting our site. Google processes data for the purposes of advertising, market research, website design, and the provision of targeted advertising.

Legal basis

The legal basis for the aforementioned usage of data is Art. 6(1f) GDPR.

Objection

You can prevent the allocation of data by avoiding the use of Google Maps on our website and logging out of your Google account before you visit. Additionally, you can deactivate JavaScript in your browser to prevent the map from being displayed. Here we also refer to Google’s data protection regulations, which can be found at the following link: https://www.google.com/intl/en_en/help/terms_maps/

Information on the third-party provider

Headquarters within the EU: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

Data protection regulations

https://www.google.com/intl/en_en/help/terms_maps/

Use of social media plug-ins

Our website uses what are known as social media plug-ins in the form of “social media buttons” from the providers listed below. You can recognise which plug-in belongs to which provider by the respective logo with which the plug-in is marked.

To ensure that data is not automatically transmitted to the plug-in provider when you visit our pages, we use the “Shariff solution”. Collection of information and its transmission to the provider is triggered only when you click on the respective “social media button”. Data can be sent to the associated provider by clicking the button even if you do not have an account with the respective social network or are not logged into your account.

The provider may store and analyse the data it collects in order to create a user profile of you for the purpose of advertising and market research. You have a right to object to the creation of such user profiles. To exercise this right, you must contact the plug-in provider.

You can find out the purpose and extent of data collection by the provider in their respective data protection statements, which are provided below.

We ourselves do not collect any personal data via social media plug-ins or log data on how they are used. We have no influence on what data an activated plug-in collects and how the provider uses this data.

We use social media plug-ins from the following companies on our website:

Google Plus

Google Plus is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Headquarters in the EU: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001
Link to data protection statement: https://policies.google.com/privacy?hl=en

Instagram

Instagram is a service of Instagram LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA
Link to data protection statement: https://help.instagram.com/155833707900388

Facebook

Facebook is a service of Meta, 1601 S. California Ave, Palo Alto, CA 94304, USA
Headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Link to data protection statement: https://www.facebook.com/about/privacy/

Use of the Matomo Analytics analysis tool

On our website we use Matomo Analytics, a web analysis service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand (“Matomo”).

Scope

Matomo Analytics collects, among other things, data about the website from which you accessed our website (“referrers”), which subpages of the website you accessed, how often and for how long a subpage was viewed, and which interactions you performed. Mamoto Analytics uses “cookies” for this purpose. These are small text files that are stored by the web server on the user’s computer when a website is visited. These files store data about the user’s behaviour. Such data is stored exclusively on our own servers in Germany. There is no transmission of data to third parties. We use the AnonymizeIP function to anonymise your IP address. The IP address is shortened and can no longer be matched to your visit to our website. Mamoto does not assign or link any other transmitted information to the anonymised IP address. The use of Mamoto enables us to evaluate the information obtained and create statistical reports on the type and extent of website usage. These statistics enable us to constantly improve our website, to perform cost-benefit analysis of our internet marketing, and to make our website more interesting and user-friendly for you as a user.

Purpose

The purpose of our use of Mamoto Analytics is the abovementioned interest in the evaluation of user data.

Legal basis

The legal basis for the data usage described above is Art. 6(1f) GDPR.

Erasure

The data that we collect and transmit in this manner is automatically erased as soon as it has fulfilled its purpose. Further information regarding Mamoto’s terms of use and data protection are available at https://matomo.org/privacy-policy/.

Objection

You can prevent cookies from being stored by setting an “opt-out cookie”, which prevents the future collection of your data on our website. If you wish to do so, please click on the box at the bottom of the page. Please note that if you do so, you may no longer be able to use all the functions of our website to their full extent. To ensure that data is no longer transferred, the opt-out cookie must be installed on each of the systems you use. You can also prevent the storage of cookies in your browser settings.

Information on the third-party provider

Data protection statement: https://matomo.org/privacy/

Security measures

In addition, we carry out technical and organisational security measures in accordance with the most up-to-date technologies in order to comply with the provisions of data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or against unauthorised access by third parties.

Current validity and changes to this data protection statement

This data protection statement is currently valid as of April 2023. This data protection statement may need adjusting in response to future changes to the legal or regulatory stipulations.

This data protection statement was generated with the aid of the SOS Recht data protection statement generator. SOS Recht is a service of MMR Müller Müller Rößner Rechtsanwälte Partnerschaft located in Berlin.

Copyright

The content and works created on these pages by the website operators are subject to German copyright law. Reproduction, processing, distribution, and any kind of usage beyond the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this website are only permitted for private, non-commercial use. Insofar as the content on this website was not created by the operator, the copyrights of third parties are respected. Third-party content is identified as such. Please inform us should you become aware of any copyright infringement, notwithstanding our every effort to avoid this. If we are made aware of any such infringements, we will remove any such content immediately.

Our presence on social media

We maintain an online presence on social media and, as part of this presence, we process user data in order to communicate with users who are active on these networks or to present information about us.

• Our presence on Instagram: https://www.instagram.com/apc.kempten
• Our presence on Facebook: https://www.facebook.com/apc.kempten.offiziell

We would like to point out that user data may be processed outside the European Union. This may result in risks for users because this may make it more difficult for the rights of the users to be enforced.

Additionally, user data on social media is generally processed for the purposes of market research and advertising. For example, usage profiles can be created based on user behaviour and the interests this behaviour reveals. These usage profiles can be used, for example, to place advertisements that are presumed to correspond to the users’ interests both within and outside the networks. To achieve this, cookies recording user behaviour and their interests are usually stored on the users’ computers. User data may also be stored in usage profiles that are independent of the devices they use (especially if the users are members of the respective platforms and are logged into them).

For a detailed overview of the individual forms of processing and options for objecting (opt-outs), we refer you to the respective networks’ data protection statements and information provided by the operators.

Should you decide to request information and assert data subject rights, we would like to point out that these can be asserted most effectively in direct communication with the providers. Only these providers have access to user data and can take appropriate measures and provide information directly. Please contact us if you require further assistance.

Types of data processed

Contact data (e.g. email, telephone numbers); content data (e.g. online form entries); usage data (e.g. websites visited, interest in content, access times); metadata / communication data (e.g. device information, IP addresses)

Affected individuals

Users (e.g. website visitors or users of online services)

Processing purposes

Contact requests and communication; feedback (e.g. collecting feedback via an online form); marketing

Legal basis

Legitimate interests as per Art. 6(1f) GDPR

Additional information regarding processing operations, procedures, and services

Instagram

Social media, service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; website: https://www.instagram.com; Data protection statement: https://instagram.com/about/legal/privacy

Facebook Pages

Profiles on Facebook social media: Together with Meta Platforms Ireland Limited, we are jointly responsible for the collection (but not the further processing) of data from visitors to our Facebook page (“fan page”). This data includes information about the types of content users view or interact with and the actions they perform (see “Your activity and information you provide” in the Facebook Privacy Policy: https://www.facebook.com/policy), as well as information about the devices used by users (e.g. IP addresses, operating system, browser type, language settings, cookie data; see “App, browser and device information” in the Facebook Privacy Policy: https://www.facebook.com/policy). As explained in the Facebook Privacy Policy under “How do we use your information?”, Facebook also collects and uses information to provide analytics services, known as “Page Insights”, to website operators: this gives them information about how people interact with their websites and with their associated content. We have entered into a special agreement with Facebook (“Information about Page Insights”, https://www.facebook.com/legal/terms/page_controller_addendum), which regulates the security measures Facebook must observe; in the agreement Facebook undertakes to observe data subject rights (i.e. users can, for example, send information or erasure requests directly to Facebook). Users’ rights (especially their rights to information and erasure and their right to object or complain to the relevant supervisory authority) are not restricted by these agreements with Facebook. Additional information can be found under “Information about Page Insights” (https://www.facebook.com/legal/terms/page_controller_addendum); service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; Website: https://www.facebook.com; Privacy Policy: https://www.facebook.com/about/privacy; standard contractual clauses (covering the transfer of data to third countries): https://www.facebook.com/legal/EU_data_transfer_addendum; additional information: joint responsibility agreement: https://www.facebook.com/legal/terms/information_about_page_insights_data