Privacy Policy
1. General information on data protection and data security
The city of Oberhausen takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
Whenever you use this website, a variety of personal information will be collected. Personal data comprises data that can be used to personally identify you. This Data Protection Declaration explains which data we collect as well as the purposes we use this data for. It also explains how, and for which purpose the information is collected.
But please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third parties cannot be entirely guaranteed.
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses an SSL or. TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
2. Responsible party
The data processing controller on this website is:
LUDWIGGALERIE Oberhausen Castle
Dr. Christine Vogt
Konrad-Adenauer-Allee 46
46049 Oberhausen
Tel: (+0208) 41249 28 XNUMX
Fax: (+0208) 41249 13 XNUMX
Email: ludwiggalerie@oberhausen.de
The responsible body is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
3. Data Protection Officer
You can contact the official data protection officer as follows:
City of Oberhausen
The official data protection officer
Schwartzstrasse 72
46045 Oberhausen
Phone: 0208 825 1
Email: datenschutz@oberhausen.de
4. Rights of the persons concerned
If your personal data is processed, you are a data subject within the meaning of the EU General Data Protection Regulation (GDPR) and you have the following rights vis-à-vis the controller:
right to information
You may ask the person in charge to confirm if personal data concerning you is processed by us.
If such processing takes place, you can request information about the data and data processing from the controller in accordance with Art. 15 GDPR.
Right to rectification
You have a right to rectification and / or completion to the controller, provided the personal data you process is incorrect or incomplete. The responsible person must make the correction without delay.
Right to demand processing restrictions
In accordance with Art. 18 GDPR, you can request that the processing of personal data concerning you be restricted.
Right to delete
According to Art. 17 GDPR, you have the right to have personal data concerning you erased.
Right to information
If you have asserted your right to rectification, erasure or restriction of processing vis-à-vis the responsible party, this party is obliged to inform any recipients in accordance with Art. 19 GDPR. You have the right to be informed by the responsible party about these recipients.
Right to data portability
In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you that you have made available to the controller in a structured, common and machine-readable format.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest or in the exercise of official authority delegated to the controller.
Right of objection
In accordance with Art. 21 GDPR, you have the right to object at any time to the processing of personal data concerning you which is carried out on the basis of Art. 6 (1) (e) or (f) GDPR, for reasons arising from your particular situation.
Right to revoke the data protection consent declaration
You have the right to revoke your data protection consent declaration at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
Automated decision in individual cases
In accordance with Art. 22 GDPR, you have the right not to be subjected to a decision based solely on automated processing – including profiling – that produces legal effects concerning you or significantly affects you in a similar way.
Right to complain to a supervisory authority
In the event of violations of data protection law, you have the right to lodge a complaint with the responsible supervisory authority. The responsible supervisory authority for the city of Oberhausen in data protection matters is the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia.
Cavalry Street 2-4
40213 Düsseldorf
Telephone 0211 / 38424-0
Fax 0211 / 38424-10
Email poststelle@ldi.nrw.de
Internet www.ldi.nrw.de
5. General information on data processing
Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) as legal basis.
In the processing of personal data necessary for the performance of a contract of which the data subject is a party, Art. 6 para. 1 lit. b DSGVO as legal basis. This also applies to processing operations required to carry out pre-contractual actions.
To the extent that the processing of personal data is necessary to fulfill a legal obligation to which the city of Oberhausen is subject, Art. 6 (1) (c) GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
To the extent that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the City of Oberhausen, Art. 6 (1) (e) GDPR serves as the legal basis.
If processing is necessary to protect a legitimate interest of the City of Oberhausen or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) (f) GDPR serves as the legal basis for processing.
Data erasure and storage duration
The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.
6. Data collection on our website
Cookies
Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
Cookies that are required to carry out the electronic communication process or to provide certain functions you want (e.g. shopping cart function) are stored on the basis of Article 6 Paragraph 1 Letter f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behaviour) are stored, these are treated separately in this data protection declaration.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- The type and version of browser used
- The used operating system
- Referrer URL
- The hostname of the accessing computer
- The time of the server inquiry
- The IP address
This data is not merged with other data sources.
The basis for data processing is Art. 6 Para. 1 lit. f GDPR.
The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. To do this, the user's IP address must be kept for the duration of the session.
Storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
For these purposes our legitimate interest in the processing of data according to Art. 6 para. 1 lit. f DSGVO.
The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of collecting the data for providing the website, this is the case when the respective session is completed.
In the case of storing the data in log files, this is the case after no more than seven days. An additional storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. There is consequently no contradiction on the part of the user.
contact / registration and other forms
If you send us inquiries using the form, your details from the form, including the contact details and other data you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.
The data entered into the form is therefore processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send us an informal email. The legality of the data processing operations carried out up to the time of revocation remains unaffected by the revocation.
The data you enter in the form will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for storing the data no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.
7. Plug-ins and Tools
YouTube
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information on handling user data can be found in YouTube's data protection declaration at: https://www.google.de/intl/de/policies/privacy.
Vimeo
Our website uses plugins from the video portal Vimeo. The provider is Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
If you visit one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers will be established. The Vimeo server is informed which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account.
For more information on how to handle user data, see Vimeo's privacy policy at: https://vimeo.com/privacy.
Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly.
For this purpose, the browser you are using must connect to the Google servers. This gives Google knowledge that our website was accessed via your IP address. Google Web Fonts are used in the interest of a uniform and appealing presentation of our online offering. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.
If your browser does not support web fonts, a standard font will be used by your computer.
Further information about handling user data, can be found at https://developers.google.com/fonts/faq and in Google's privacy policy at https://www.google.com/policies/privacy/.
Google Maps
This site uses the Google Maps map service via an API. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use Google Maps, it is necessary to save your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
The use of Google Maps is in the interest of making our website appealing and to facilitate the location of places specified by us on the website. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
For more information on the handling of user data, please review Google’s Data Privacy Declaration under: https://www.google.de/intl/de/policies/privacy/.