menu svgrepo com (2)

Privacy Policy

Last updated: 13 August 2025

Table of Contents

  1. Data Protection at a Glance
  2. Information About the Controller
  3. Hosting and Content Delivery Network (CDN)
  4. General Notes on Legal Bases
  5. Transfers to Third Countries & EU–US DPF
  6. Recipients of Personal Data
  7. Your Rights
  8. Retention Period
  9. SSL/TLS Encryption
  10. Data Collected on This Website
    1. Cookies, Local Storage & Consent Management (Complianz)
    2. Server Log Files
    3. Contacting Us by Email
    4. Newsletter (if used)
  11. Web Analytics (self-hosted)
  12. Plugins & Third-Party Content
    1. Google Maps
    2. YouTube (Consent & Enhanced Privacy Mode)
    3. Google Fonts (local), Font Awesome (local)
    4. Wordfence
  13. Data Processing Agreement
  14. Changes to This Policy
  15. Contact Information

1. Data Protection at a Glance

General Information

This information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any data that can be used to personally identify you. Detailed information on data protection can be found in the full Privacy Policy below.

Data Collection on This Website

Who is responsible for data collection on this website? Data processing on this website is carried out by the website operator, the RIAS Berlin Commission. How do we collect your data? Some data is collected when you provide it to us, for example by sending us an email. Other data is collected automatically or after you have given your consent when you visit the website (e.g., browser type, operating system, time of access, IP address—shortened or anonymized where possible). This data is collected automatically as soon as you enter our website. What do we use your data for? Part of the data is collected to ensure the error-free provision of the website. Other data may be used for statistical analysis of usage. If the website is used to initiate contractual inquiries, transmitted data may be processed to handle such requests.

Analytics and Third-Party Tools

When visiting this website, your browsing behavior can be statistically evaluated. This is primarily done with a self-hosted, independent analytics tool without disclosure to third parties. See “Web Analytics (self-hosted)” for details.

2. Information About the Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) is:
RIAS Berlin Commission Funkhaus am Hans-Rosenthal-Platz 10825 Berlin GermanyPhone: +49-(0)30-8503-6981 Email: info@riasberlin.org
The controller is the natural or legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data.

3. Hosting and Content Delivery Network (CDN)

External Hosting

This website is hosted by an external service provider. Personal data collected on this website is stored on the servers of the hosting provider. Such data includes IP addresses, contact requests, metadata and communication data, contract data, contact details, names, page views, and other data generated via a website. External hosting is carried out for the purpose of fulfilling contracts with potential and existing inquirers (Article 6(1)(b) GDPR) and in the interest of a secure, fast, and efficient provision of our online offering by a professional provider (Article 6(1)(f) GDPR). Where consent is requested, processing is based exclusively on Article 6(1)(a) GDPR and Section 25(1) of the German Telecommunications Digital Services Data Protection Act (TDDDG), insofar as consent includes the storage of cookies or access to information on the user’s device. Consent can be withdrawn at any time. Hosting provider used: HOSTINGER operations, UAB, Švitrigailos g. 34, 03230 Vilnius, Lithuania.

Content Delivery Network (CDN) – Hostinger

To optimize delivery and reduce loading times, we use a Content Delivery Network (CDN) provided by our hosting provider. Content is delivered via distributed server locations, which technically requires transmitting your IP address to the respective CDN nodes. The use of the CDN is based on our legitimate interest in a secure and efficient provision of our online offering pursuant to Article 6(1)(f) GDPR.
Note: We have concluded a Data Processing Agreement (Article 28 GDPR) with our hosting provider. Processing takes place solely in accordance with our instructions and in compliance with the GDPR.

5. Transfers to Third Countries & EU–US Data Privacy Framework (DPF)

We may use tools from companies located in countries that are not considered to offer an adequate level of data protection as defined by the EU, as well as US services whose providers may not be certified under the EU–US Data Privacy Framework (DPF). If such tools are active, personal data may be transferred to these countries and processed there. In countries without an EU-equivalent data protection level, adequate protection of your data cannot be guaranteed. The United States is considered a secure third country for transfers where the recipient is DPF-certified. In that case, transfers to the US are permitted. Information on certifications can be found on the official DPF list. If no DPF certification exists, we rely—where necessary—on Standard Contractual Clauses or other appropriate safeguards.

6. Recipients of Personal Data

In the course of our business activities, we work with various external parties. Personal data is only transferred to such parties when necessary for contractual purposes, where a legal obligation exists, where we have a legitimate interest pursuant to Article 6(1)(f) GDPR, or where another legal basis allows such transfers. Where processors are used, transfers take place solely on the basis of a valid Data Processing Agreement; in cases of joint controllership, we conclude a joint controllership agreement.

7. Your Rights

Right to Withdraw Consent

Many data processing operations are only possible with your explicit consent. You may withdraw any consent you have already given at any time with effect for the future. The lawfulness of processing carried out before the withdrawal remains unaffected.

Right to Object to Processing (including Direct Marketing) – Article 21 GDPR

Where processing is based on Article 6(1)(e) or (f) GDPR, you have the right to object at any time, on grounds relating to your particular situation; this also applies to profiling based on those provisions. Where personal data is processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing; this also applies to profiling to the extent it is related to such direct marketing.

Right to Lodge a Complaint with a Supervisory Authority

If you believe that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or the place of the alleged infringement.

Right to Data Portability

You have the right to receive data that we process on the basis of your consent or in performance of a contract in a commonly used, machine-readable format, or to have it transmitted to another controller where technically feasible.

Right of Access, Rectification, Erasure & Restriction of Processing

You have the right at any time—within the framework of applicable law—to obtain free information about your stored personal data, its origin and recipients, and the purpose of the processing. You may also have the right to rectification, erasure, or restriction of processing.

8. Retention Period

Unless a more specific retention period is stated in this policy, personal data will remain with us until the purpose for processing no longer applies. If you validly request erasure or withdraw consent, your data will be deleted unless we have other legally permissible reasons for retaining it (e.g., tax or commercial law retention periods); in the latter case, deletion occurs after those reasons no longer apply.

9. SSL/TLS Encryption

For security reasons and to protect the transmission of confidential content, this site uses SSL or TLS encryption.

10. Data Collected on This Website

Cookies, Local Storage & Consent Management (Complianz)

Our website uses cookies and similar technologies (e.g., Local Storage). Cookies are small data packets that do not harm your device. Cookies can be stored for the duration of a session (session cookies) or permanently (persistent cookies). Session cookies are deleted automatically after your visit; persistent cookies remain stored until you delete them or your browser removes them automatically. Cookies may be set by us (first-party) or by third-party providers (third-party cookies). Necessary cookies are required for the technical operation of the website. Storage of necessary cookies is based on our legitimate interest pursuant to Article 6(1)(f) GDPR. Where we obtain your consent for optional cookies or similar recognition technologies, processing is based on Article 6(1)(a) GDPR and Section 25(1) TDDDG; you may withdraw consent at any time.

Consent Management with Complianz

We use the consent management tool Complianz to obtain, manage, and document your consents. The provider is Complianz B.V., Atoomweg 6B, 9743 AK Groningen, Netherlands. Complianz sets technically necessary cookies or equivalent technologies to store your choices (e.g., consent/denial). Legal bases: Article 6(1)(c) GDPR in conjunction with Article 7 GDPR (compliance with legal obligations to document consent) and our legitimate interest in compliant and user-friendly consent management (Article 6(1)(f) GDPR). Further information can be found in the provider’s legal notices.

Server Log Files

The provider of these pages automatically collects and stores information in server log files that your browser automatically transmits. These include browser type and version, operating system, referrer URL, host name of the accessing computer, time of the server request, and the IP address (shortened where technically possible). This data will not be combined with other data sources. Processing is based on our legitimate interest (Article 6(1)(f) GDPR) in the technical security and stability of the website.

Contacting Us by Email

If you contact us by email, the information you provide (including contact details) will be stored by us for the purpose of processing your inquiry and in case of follow-up questions. We do not pass this data on without your consent. Legal bases are Article 6(1)(b) GDPR (pre-contractual steps/performance of a contract) or our legitimate interest in processing your request (Article 6(1)(f) GDPR).

Newsletter (if used)

If we offer a newsletter and you subscribe, we require an email address and information allowing us to verify that you are the owner of the email address and that you agree to receive the newsletter. Processing is based solely on your consent (Article 6(1)(a) GDPR). You may withdraw your consent at any time, e.g., via the unsubscribe link in the newsletter.

11. Web Analytics (self-hosted)

For reach measurement and statistical evaluation of usage, we use a self-hosted, independent web analytics tool on our server. Data is not shared with third parties. We process only pseudonymized or anonymized usage data (e.g., pages viewed, referrers, timestamps, truncated IP address, device type and browser). No user profiles with personal identifiers are created, and no data is merged with other sources. Where technically necessary, short-lived, strictly necessary cookies may be used. Processing is based on our legitimate interest (Article 6(1)(f) GDPR) in analyzing usage to improve our offering. You may object at any time on grounds relating to your particular situation (Article 21 GDPR). Where consent is required in individual cases (e.g., optional cookies), we rely on Article 6(1)(a) GDPR and Section 25(1) TDDDG; consent may be withdrawn at any time.

12. Plugins & Third-Party Content

Google Maps

This website integrates map material from Google Maps. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. To use the functions of Google Maps, your IP address must be processed. This information is usually transmitted to Google servers and stored there; this may involve transfers to the United States. Embedding takes place only after your consent via our consent management (Article 6(1)(a) GDPR and Section 25(1) TDDDG). You can withdraw your consent at any time. Further details are available in Google’s privacy policy.

YouTube (Consent & Enhanced Privacy Mode)

This website may embed videos from the YouTube platform. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Embedding YouTube videos occurs only after your explicit consent via our consent management tool Complianz. Before consent is given, no connection is made to YouTube servers and no cookies or comparable technologies from YouTube are set. After your consent, the video is loaded in the so-called enhanced privacy mode using the URL youtube-nocookie.com. According to YouTube, in this mode no cookies for personalized browsing are set before you start the video. Only when playing the video may personal data be processed (e.g., IP address, interactions with the video). Such data may be transferred to Google servers in the USA. The use of YouTube is based on your consent pursuant to Article 6(1)(a) GDPR and Section 25(1) TDDDG. You can withdraw your consent at any time with future effect by adjusting your cookie settings. For more information, see Google’s Privacy Policy.

Google Fonts (local) & Font Awesome (local)

For uniform font display, we use locally hosted Google Fonts. No connection to Google servers is established. Font Awesome is also embedded locally. No data is transmitted to the respective providers.

Wordfence

We use the Wordfence security software to protect the website against unwanted access or malicious cyberattacks. Provider: Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA. For this purpose, our website connects to Wordfence servers to compare accesses with security databases and block them where necessary. Legal basis: Article 6(1)(f) GDPR (legitimate interest in effective protection of the website). Where required, transfers to the USA are based on Standard Contractual Clauses and additional safeguards.

13. Data Processing Agreement

We have concluded a Data Processing Agreement (Article 28 GDPR) with our hosting provider. This ensures that personal data of visitors to this website is processed only in accordance with our instructions and in compliance with the GDPR. This also covers the use of the Content Delivery Network.

14. Changes to This Policy

We reserve the right to adapt this Privacy Policy so that it always complies with current legal requirements or to reflect changes to our services. The new policy will then apply to your next visit.

15. Contact Information

RIAS Berlin Commission Funkhaus am Hans-Rosenthal-Platz 10825 Berlin GermanyPhone: +49-(0)30-8503-6981 Email: info@riasberlin.org Website: www.riasberlin.org
For further information on data protection, please refer to this Privacy Policy. Our legal notice (imprint) is available on the respective page.
Source: https://www.e-recht24.de
en_USEnglish
de_DEGerman en_USEnglish