Datenschutz

Privacy Policy for https://www.sonntags-club.assisto.online

This privacy policy is intended to inform you as a user about the collection of personal data on this website. We therefore place great importance on presenting all essential information about the protection of your data in a transparent manner. Should you still have any questions, ambiguities, or need for clarification, please do not hesitate to contact us.

1. Introduction and selected terminology

This privacy policy explains to the visitors and users of our website the online data processing operations in which personal data is processed. It also provides information on our processing activities that are not primarily carried out online.

  • GDPR stands for the General Data Protection Regulation of the European Union.
  • BDSG stands for the Federal Data Protection Act in its current version.
  • Personal data refers to all individual details that allow conclusions about a natural person (see Art. 4(1) GDPR). This includes, for example, names, email addresses, telephone numbers, but also data such as IP addresses or customer numbers.
  • Processing of personal data includes all operations such as collection, storage, transfer, archiving, or deletion of personal data (Art. 4(2) GDPR).
  • Data subject means any natural person whose personal data is processed.

Further definitions can be found in Article 4 of the GDPR.

2. Responsible organization

Sonntags-Club e.V.

Greifenhagener Str. 28

10437 Berlin

Telefon: +49 (0)30 449 75 90

E-Mail: info@sonntags-club.de

Full provider identification: http://www.sonntags-club.de/impressum

3. General Information

Security on our website (TLS Secure Socket Layer)
Our website is equipped with a TLS certificate that encrypts data transmissions, for example, when you send a message via a contact form. Please note, however, that 100% security in electronic data processing cannot be guaranteed and that there is always some residual risk.

Data transmitted to us
We process the data you enter on our site (e.g., via forms). The purpose of processing is determined by the type of form and is explained in this privacy policy. If you contact us via email or other means, we also process your data for the purpose of responding to your inquiry.

Automatic server log files
Our server automatically records all website accesses, including IP addresses (log files). This helps prevent attacks, analyze traffic, and ensure smooth operations.

Use of cookies
Cookies are small text files stored in your browser. They support different services and can be our own cookies or from third parties. Further details are provided below in this privacy policy.

Other data recipients
a) Processors: We use service providers (Art. 28 GDPR) for IT services, hosting, email, and printing. They process data only on our instructions.
b) Other service providers: Where necessary (e.g., to execute a contract), we share data with banks, payment services, shipping companies, tax consultants, or lawyers.
c) Legal obligations: We may be required by law (e.g., AML, tax, or commercial law) to provide data to relevant authorities.
d) Prosecution of crimes: Where necessary, we provide data to law enforcement agencies.

Deletion deadlines
We store data as long as needed for its purpose. Where required, data will be retained for the duration of the business relationship, plus legal retention periods. Data processed based on consent will be deleted once consent is withdrawn.

Third-country transfers
We aim to use only EU-based service providers. If data needs to be transferred to a third country, this happens either based on your consent and/or under Art. 28 GDPR with appropriate safeguards. In some cases, third-party tools hosted outside the EU may be used, in which case we will inform you.

4. Legal bases

The main legal bases are set out in Art. 6 GDPR:

  • Consent: Art. 6(1)(a) GDPR; can be withdrawn at any time.
  • Contract initiation & performance: Art. 6(1)(b) GDPR.
  • Legal obligations: Art. 6(1)(c) GDPR.
  • Legitimate interests: Art. 6(1)(f) GDPR, if our interests outweigh those of the data subject.

5. Your rights under the GDPR

You have the following rights under GDPR (Arts. 15–21 and 77 GDPR; §§ 34–35 BDSG):

  • Right to withdraw consent (Art. 7 GDPR)
  • Right of access (Art. 15 GDPR)
  • Right to rectification (Art. 16 GDPR)
  • Right to erasure ("right to be forgotten") (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to certain processing, especially profiling and direct marketing (Art. 21 GDPR)
  • Right to lodge a complaint with a supervisory authority (Art. 77 GDPR; § 19 BDSG)

6. External hosting

This website is hosted by an external provider (zone35 GmbH & Co. KG, Berlin). Visitor data may be stored on their servers. The hoster processes data only as required for service provision and under our instructions (Art. 28 GDPR).

7. Automatic server log files

Our server logs contain IP addresses, browser type and version, OS details, device info, referrer URLs, and accessed links. Data is processed for security and analytics. Logs are deleted after six months.

8. Use of cookies

Cookies ensure full functionality of our services:

  • Session cookies are deleted after leaving the website.
  • Persistent cookies remain stored for different durations (days to years), e.g., to save login details or for analytics purposes.
  • Cookies may originate from us (first-party) or from external providers (third-party).

Types of cookies:

  • Necessary cookies (essential for security and core functionality)
  • Analytics/statistics cookies (measure website usage, optimize services)
  • Tracking/marketing cookies (targeted ads, remarketing)
  • Functional cookies (embed external tools like maps or videos)

Legal bases: Necessary cookies are used under Art. 6(1)(f) GDPR; other cookies generally require consent (Art. 6(1)(a) GDPR).

Examples of cookies used on this website:

  • fe_typo3_user (session management, session-only)
  • cookieconsent_status (stores cookie banner preferences, 1 year)
  • staticfilecache (caching, 1 hour)
  • assisto_backend (backend login session, session-only)

9. Communication via email

When you contact us by email, we process your name, email address, date, and any additional information you provide. Data is processed to respond to your inquiry and deleted afterwards unless legally required otherwise.

10. User account registration

You can create a user account to access protected areas and forums. Data stored includes name/username, email address (optional), and encrypted password, as well as prefered language for communication and the optional entry of phone number and preferred pronouns. The data stored during registration will not be passed on to third parties unless this is necessary for the fulfillment of the contractual purpose.The legal basis is your consent (Art. 6(1)(a) GDPR). Accounts and related data can be deleted anytime upon request.

 

11. Use of specific functions

  • Webmail, video calls, chat: Data is processed based on consent (Art. 6(1)(a) GDPR). Data is not passed to unauthorized third parties and is deleted when no longer needed.