The following notes provide a simple overview of what happens to your personal data when you visit this website. Personal data is any data with which you can be personally identified. For detailed information on data protection, please refer to our privacy policy listed below this text.
Data processing on this website is carried out by the website operator. You can find their contact details in the „Notice Regarding the Controller“ section of this privacy policy.
Your data is collected, in part, by you providing it to us. This can include, for example, data that you enter into a contact form.
Other data is automatically collected by our IT systems or with your consent when you visit the website. This primarily includes technical data (e.g., internet browser, operating system, or time of page access). The collection of this data occurs automatically as soon as you access this website.
Some data is collected to ensure the flawless operation of the website. Other data may be used to analyze your user behavior.
You have the right to receive information free of charge at any time about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent for data processing, you can revoke this consent at any time with future effect. Furthermore, you have the right to request the restriction of the processing of your personal data under certain circumstances. You also have the right to lodge a complaint with the competent supervisory authority.
Please feel free to contact us at any time regarding this matter or any other questions you may have about data protection.
When you visit this website, your browsing behavior may be analyzed for statistical purposes. This is primarily done using so-called analytics tools.
You can find detailed information about these analytics programs in the following privacy policy.
We host our website's content with the following provider:
This website is hosted externally. The personal data collected on this website is stored on the servers of the hoster(s). This may include, in particular, IP addresses, contact requests, meta and communication data, contract data, contact data, names, website accesses, and other data generated via a website.
External hosting is carried out for the purpose of fulfilling contracts with our potential and existing customers (Art. 6(1)(b) GDPR) and in the interest of providing our online services securely, quickly, and efficiently through a professional provider (Art. 6(1)(f) GDPR). If corresponding consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as consent includes the storage of cookies or access to information on the user's terminal device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
Our host will process your data only to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.
We use the following host(s):
BYTS Tech GmbH
Stadtbadstraße 5
D-85368 Moosburg
We have entered into a Data Processing Agreement (DPA) for the use of the service mentioned above. This is a legally required data protection contract that ensures it will only process the personal data of our website visitors according to our instructions and in compliance with the GDPR.
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
By using this website, various personal data are collected. Personal data is data that can be used to personally identify you. This privacy policy explains what data we collect and how we use it. It also explains how and for what purpose this happens.
We would like to point out that data transmission on the internet (e.g., in email communication) may be subject to security vulnerabilities. It is not possible to guarantee complete protection of data against access by third parties.
Gründau Municipality
Municipal executive
At the Civic Center 1
63584 Gründau
Email: gemeinde@gruendau.de
Website: www.gruendau.info
(hereinafter referred to as „Gründau“, „we“ or „us“)
The data protection officer of the controller is:
Ceterion AG
Frankfurter Street 63-69
65760 Eschborn
Germany
Email: Datenschutz@gruendau.de
If you have any questions about data protection, you can contact our Data Protection Officer directly at any time.
Unless a more specific storage period is mentioned within this privacy policy, your personal data will remain with us until the purpose for data processing ceases to apply. If you assert a legitimate request for deletion or revoke consent for data processing, your data will be deleted, provided we have no other legally permissible reasons for storing your personal data (e.g., tax or commercial retention periods); in the latter case, deletion will occur after these reasons no longer apply.
If you have consented to data processing, we will process your personal data on the basis of Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR, if special categories of data are processed according to Art. 9(1) GDPR. In the event of express consent to the transfer of personal data to third countries, data processing will also be carried out on the basis of Art. 49(1)(a) GDPR. If you have consented to the storage of cookies or to accessing information on your terminal device (e.g., via device fingerprinting), data processing will additionally be carried out on the basis of § 25(1) TDDDG. The consent can be revoked at any time. If your data is required for the performance of a contract or for the implementation of pre-contractual measures, we will process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, we will process your data if it is required for the fulfillment of a legal obligation on the basis of Art. 6(1)(c) GDPR. Data processing may also be carried out on the basis of our legitimate interest according to Art. 6(1)(f) GDPR. The specific legal bases applicable in each individual case are explained in the following paragraphs of this data protection declaration.
As part of our business operations, we collaborate with various external entities. This sometimes requires the transfer of personal data to these external entities. We only disclose personal data to external entities when it is necessary for the performance of a contract, when we are legally obligated to do so (e.g., disclosure of data to tax authorities), when we have a legitimate interest in disclosure pursuant to Art. 6 para. 1 lit. f GDPR, or when another legal basis permits the data transfer. When using order processors, we only transfer our customers' personal data on the basis of a valid order processing agreement. In the case of joint processing, a joint processing agreement is concluded.
Many data processing operations are only possible with your explicit consent. You may withdraw any consent you have already given at any time. The lawfulness of the data processing carried out prior to the withdrawal remains unaffected by the withdrawal.
IF DATA PROCESSING IS BASED ON ART. 6(1)( E OR F OF THE GDPR, YOU HAVE THE RIGHT AT ANY TIME, FOR REASONS RELATED TO YOUR SPECIFIC SITUATION, to object to the processing of your personal data; this also applies to profiling based on these provisions. THE SPECIFIC LEGAL BASIS ON WHICH PROCESSING IS BASED CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA, UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING THAT OUTWEIGH YOUR INTERESTS, RIGHTS, AND FREEDOMS, OR THE PROCESSING IS NECESSARY FOR THE ESTABLISHMENT, EXERCISE, OR DEFENSE OF LEGAL CLAIMS (OBJECTION PURSUANT TO ART. 21(1) OF THE GDPR).
IF YOUR PERSONAL DATA IS PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR SUCH MARKETING, INCLUDING PROFILING, INSOFAR AS IT IS RELATED TO SUCH DIRECT MARKETING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE PROCESSED FOR DIRECT MARKETING PURPOSES (OBJECTION PURSUANT TO ART. 21 (2) GDPR).
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work, or the location of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedies.
You have the right to have data that we process automatically—based on your consent or in fulfillment of a contract—provided to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of the data to another data controller, this will be done only to the extent that it is technically feasible.
You have the right at any time to free access to your stored personal data, its origin and recipients, and the purpose of data processing, and if applicable, a right to correction or deletion of this data, in accordance with applicable legal provisions. You can contact us at any time for this and for further questions on the subject of personal data.
You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restrict processing exists in the following cases:
If you have restricted the processing of your personal data, these data may – apart from their storage – only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the European Union or of a Member State.
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this page uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the browser's address bar changes from „http://“ to „https://“ and by the padlock symbol in your browser bar.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
Our websites use so-called „cookies.“ Cookies are small data packets and do not cause any damage to your terminal device. They are either temporarily stored on your terminal device for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your terminal device until you delete them yourself or your web browser automatically deletes them.
Cookies can originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g., cookies for processing payment services).
Cookies have various functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g., the shopping cart function or the display of videos). Other cookies can be used to analyze user behavior or for advertising purposes.
Cookies that are necessary for the electronic communication process, for providing certain functions you wish for (e.g., for the shopping cart function), or for optimizing the website (e.g., cookies for measuring the web audience) (necessary cookies) are stored based on Art. 6(1)(f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically flawless and optimized provision of its services. If consent for the storage of cookies and comparable recognition technologies has been requested, processing will be carried out exclusively on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG); consent can be revoked at any time.
You can configure your browser to inform you about the setting of cookies and to allow cookies only in individual cases, to exclude the acceptance of cookies for specific cases or generally, and to activate the automatic deletion of cookies when closing the browser. The functionality of this website may be restricted when cookies are deactivated.
You can find out which cookies and services are used on this website in this privacy policy.
When you visit, we set the cookie `townhall_vid` with a random identifier (UUID). This is used to technically limit requests to our content API (abuse prevention, stability). The identifier is transmitted to Cosmema GmbH as the header X-Gemeinde-Visitor-Id. No user association with names or accounts takes place. Legal basis: [legitimate interest according to Art. 6(1)(f) GDPR / consent according to Art. 6(1)(a) GDPR].
Our website uses Borlabs Cookie's consent technology to obtain your consent for the storage of certain cookies in your browser or for the use of certain technologies and to document this in compliance with data protection regulations. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg (hereinafter referred to as Borlabs).
When you visit our website, a Borlabs cookie is stored in your browser, which saves your consent or revocation of consent. This data is not passed on to the provider of Borlabs Cookie.
The data collected will be stored until you request its deletion, delete the Borlabs cookie yourself, or the purpose for data storage ceases to apply. Mandatory legal retention periods remain unaffected. Details on data processing by Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
Borlabs Cookie Consent technology is used to obtain legally required consents for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c GDPR.
If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We will not pass on this data without your consent.
This data processing is carried out on the basis of Art. 6(1)(b) GDPR, provided that your request relates to the fulfillment of a contract or is necessary for the performance of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if it has been requested; consent can be revoked at any time.
The data you enter in the contact form will remain with us until you ask us to delete it, revoke your consent to its storage, or the purpose for data storage no longer applies (e.g., after your request has been processed). Mandatory legal provisions, especially retention periods, remain unaffected.
If you contact us by email, telephone, or fax, your request, including all personal data arising from it (name, request), will be stored and processed by us for the purpose of handling your request. We will not disclose this data without your consent.
This data processing is carried out on the basis of Art. 6(1)(b) GDPR, provided that your request relates to the fulfillment of a contract or is necessary for the performance of pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if it has been requested; consent can be revoked at any time.
The data you send us via contact requests will remain with us until you request its deletion, revoke your consent to storage, or the purpose for data storage ceases to apply (e.g., after your request has been fully processed). Mandatory legal provisions, particularly statutory retention periods, remain unaffected.
We use chatbots to communicate with you. Chatbots are capable of responding to your questions and other input without human assistance. To do this, chatbots analyze your input along with other data to provide suitable responses (e.g., names, email addresses, and other contact details, customer numbers, and other identifiers, orders, and chat histories). Furthermore, your IP address, log files, location information, and other metadata can be collected via the chatbot. This data is stored on the servers of the chatbot provider.
Based on the captured data, user profiles can be created. Furthermore, the data can be used to serve interest-based advertising, provided the other legal requirements (especially consent) are met. For this purpose, the chatbots can be linked with analysis and advertising tools.
The captured data can also be used to improve our chatbots and their response behavior (machine learning).
The data you enter during communication will remain with us or the chatbot operator until you request its deletion, revoke your consent for storage, or the purpose for data storage ceases to apply (e.g., after your request has been fully processed). Mandatory legal provisions – particularly retention periods – remain unaffected.
The legal basis for using chatbots is Article 6(1)(b) of the GDPR, provided the chatbot is used for contract initiation or in the context of contract fulfillment. If appropriate consent has been obtained, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the German Telemedia Act (TDDDG), insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time. In all other cases, usage is based on our legitimate interest in the most effective customer communication possible (Article 6(1)(f) of the GDPR).
This website uses functions of the web analytics service Google Analytics. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
Google Analytics enables website operators to analyze the behavior of website visitors. In doing so, the website operator receives various usage data, such as page views, duration of stay, operating systems used, and the user's origin. This data is assigned to the respective end device of the user. An assignment to a user ID does not occur.
Furthermore, with Google Analytics, we can record your mouse and scroll movements and clicks, among other things. Google Analytics also uses various modeling approaches to supplement the collected datasets and employs machine learning technologies for data analysis.
Google Analytics uses technologies that enable user recognition for the purpose of analyzing user behavior (e.g., cookies or device fingerprinting). Information collected by Google about the use of this website is typically transferred to and stored on a Google server in the USA.
Use of this service is based on your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TTDSG. Your consent can be revoked at any time.
Data transfers to the US are based on the standard contractual clauses of the EU Commission. Find details here: https://privacy.google.com/businesses/controllerterms/mccs/.
The company is certified under the „EU-US Data Privacy Framework“ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards for data processing in the US. Any company certified under the DPF commits to adhering to these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.
Google Analytics IP anonymization is enabled. This means your IP address will be truncated by Google within member states of the European Union or other parties to the Agreement on the European Economic Area before being transmitted to the United States. Only in exceptional cases will the full IP address be sent to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services related to website usage and internet usage to the website operator. The IP address sent by your browser as part of Google Analytics will not be merged with other Google data.
You can prevent Google from collecting and processing your data by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
You can find more information on how user data is handled by Google Analytics in Google's Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de.
We have entered into a data processing agreement with Google and are fully implementing the strict requirements of the German data protection authorities when using Google Analytics.
This website embeds videos from the website YouTube. The operator of the website is Google Ireland Limited („Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit one of these websites that embeds YouTube, a connection is made to YouTube servers. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account.
We use YouTube in the enhanced privacy mode. According to YouTube, videos played in enhanced privacy mode are not used to personalize browsing on YouTube. Ads displayed in enhanced privacy mode are also not personalized. No cookies are set in enhanced privacy mode. However, what are called local storage elements are stored in the user's browser, which, similar to cookies, contain personal data and can be used for recognition. You can find details about enhanced privacy mode here: https://support.google.com/youtube/answer/171780.
If applicable, further data processing operations may be triggered after the activation of a YouTube video, over which we have no influence.
The use of YouTube is in the interest of an appealing presentation of our online services. This represents a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR. If appropriate consent has been requested, processing will be carried out exclusively on the basis of Art. 6 (1) lit. a GDPR and § 25 (1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
You can find more information about data protection on YouTube in their privacy policy at: https://policies.google.com/privacy?hl=de.
The company is certified under the „EU-US Data Privacy Framework“ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards for data processing in the US. Any company certified under the DPF commits to adhering to these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.
This page uses so-called Google Fonts, which are provided by Google, for a uniform display of fonts. The Google Fonts are installed locally. No connection to Google servers is made.
More information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy: https://policies.google.com/privacy?hl=de.
This site uses the Google Maps map service. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland. With the help of this service, we can embed map material on our website.
To use the features of Google Maps, it is necessary to store your IP address. This information is generally transmitted to a Google server in the USA and stored there. The provider of this site has no influence over this data transfer. If Google Maps is activated, Google may use Google Fonts for the purpose of a uniform display of fonts. When calling up Google Maps, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
We use Google Maps to ensure that our online offerings are presented in an appealing manner and to make it easy for users to locate the places listed on our website. This constitutes a legitimate interest within the meaning of Article 6(1)(f) of the GDPR. If consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent may be revoked at any time.
Data transfers to the US are based on the standard contractual clauses of the EU Commission. Find details here: https://privacy.google.com/businesses/gdprcontrollerterms/ and https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.
You can find more information about how user data is handled in Google's Privacy Policy: https://policies.google.com/privacy?hl=de.
The company is certified under the „EU-US Data Privacy Framework“ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards for data processing in the US. Any company certified under the DPF commits to adhering to these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.
We use the map service from OpenStreetMap (OSM).
We embed the map material from OpenStreetMap on the server of the OpenStreetMap Foundation, St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom. The United Kingdom is considered a data-secure third country. This means that the United Kingdom has a level of data protection equivalent to that of the European Union. When using OpenStreetMap maps, a connection is established to the servers of the OpenStreetMap Foundation. This may forward your IP address and other information about your behavior on this website to the OSMF, among other things. OpenStreetMap may store cookies in your browser or use comparable recognition technologies for this purpose.
The use of OpenStreetMap serves the purpose of attractively presenting our online offerings and making the locations specified on the website easily discoverable. This represents a legitimate interest within the meaning of Art. 6(1)(f) GDPR. If appropriate consent has been requested, processing will be carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
We use „Google reCAPTCHA“ (hereinafter „reCAPTCHA“) on this website. The provider is Google Ireland Limited („Google“), Gordon House, Barrow Street, Dublin 4, Ireland.
reCAPTCHA is used to verify whether data input on this website (e.g., in a contact form) is done by a human or an automated program. To do this, reCAPTCHA analyzes the website visitor's behavior based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various pieces of information (e.g., IP address, the website visitor's time spent on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.
The reCAPTCHA analyses run entirely in the background. Website visitors are not notified that an analysis is taking place.
The storage and analysis of the data are based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated surveillance and from spam. If consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent may be revoked at any time.
For further information about Google reCAPTCHA, please refer to the Google Privacy Policy and Google Terms of Service at the following links: https://policies.google.com/privacy?hl=de and https://policies.google.com/terms?hl=de.
The company is certified under the „EU-US Data Privacy Framework“ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards for data processing in the US. Any company certified under the DPF commits to adhering to these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/5780.
We use hCaptcha (hereinafter „hCaptcha“) on this website. The provider is Intuition Machines, Inc., 2211 Selig Drive, Los Angeles, CA 90026, USA (hereinafter „IMI“).
hCaptcha is used to verify whether data input on this website (e.g., in a contact form) is being done by a human or an automated program. To do this, hCaptcha analyzes the website visitor's behavior based on various characteristics.
This analysis begins automatically as soon as the website visitor enters a website with hCaptcha enabled. For analysis, hCaptcha evaluates various information (e.g., IP address, the website visitor's time spent on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to IMI. If hCaptcha is used in „invisible mode,“ the analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.
The storage and analysis of the data are based on Article 6(1)(f) of the GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated surveillance and from spam. If consent has been requested, processing is carried out exclusively on the basis of Article 6(1)(a) of the GDPR and Section 25(1) of the TDDDG, insofar as the consent covers the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent may be revoked at any time.
The data processing is based on standard contractual clauses contained in IMI's Data Processing Addendum to its General Terms and Conditions or in data processing agreements.
Further information about hCaptcha can be found in the privacy policy and terms of service at the following links: https://www.hcaptcha.com/privacy and https://hcaptcha.com/terms.
The company is certified under the „EU-US Data Privacy Framework“ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards for data processing in the US. Any company certified under the DPF commits to adhering to these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/6388.
We have integrated SolidWP into this website. The provider is iThemes Media LLC, 1720 South Kelly Avenue Edmond, OK 73013, USA (hereinafter „SolidWP“).
SolidWP is used to protect our website from unwanted access or malicious cyberattacks. To this end, SolidWP collects, among other things, your IP address, the time and source of login attempts, and log data (e.g., the browser used). SolidWP is installed locally on our servers.
SolidWP transmits IP addresses of recurring attackers to a central SolidWP database in the USA (Network Brute Force Protection) to prevent such attacks in the future.
The use of SolidWP is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most effective protection of their website against cyberattacks. If corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's terminal device (e.g., device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
We manage this website with the help of the ManageWP tool. The provider is GoDaddy.com WP Europe, Trg republike 5, 11000 Belgrade, Serbia (hereinafter referred to as ManageWP).
With ManageWP, we can monitor the security and performance of our website, create automatic backups, and more. ManageWP therefore has access to all website content, including our databases. ManageWP is hosted on the provider's servers.
The use of ManageWP is based on Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the most effective and secure operation of their website(s). If appropriate consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information on the user's end device (e.g., device fingerprinting) within the meaning of the TDDDG. The consent can be revoked at any time.
The company is certified under the „EU-US Data Privacy Framework“ (DPF). The DPF is an agreement between the European Union and the United States designed to ensure compliance with European data protection standards for data processing in the US. Any company certified under the DPF commits to adhering to these data protection standards. Further information on this can be obtained from the provider at the following link: https://www.dataprivacyframework.gov/participant/4957.
We have entered into a Data Processing Agreement (DPA) for the use of the service mentioned above. This is a legally required data protection contract that ensures it will only process the personal data of our website visitors according to our instructions and in compliance with the GDPR.
We offer you the opportunity to apply to us (e.g. by email, post, or via online application form). The following informs you about the scope, purpose, and use of your personal data collected during the application process. We assure you that the collection, processing, and use of your data will be carried out in accordance with applicable data protection law and all other legal provisions, and that your data will be treated with strict confidentiality.
If you submit an application to us, we will process your associated personal data (e.g., contact and communication data, application documents, notes from interviews, etc.) to the extent necessary to make a decision about establishing an employment relationship. The legal basis for this is § 26 BDSG under German law (initiation of an employment relationship), Art. 6(1)(b) GDPR (general contract pre-negotiation), and – if you have given consent – Art. 6(1)(a) GDPR. Consent can be withdrawn at any time. Your personal data will be shared within our company exclusively with individuals involved in processing your application.
If your application is successful, the data you submit will be stored in our data processing systems for the purpose of implementing the employment relationship, in accordance with Section 26 of the BDSG (Federal Data Protection Act) and Article 6(1)(b) of the GDPR.
If we cannot make you a job offer, you reject a job offer, or withdraw your application, we reserve the right to retain the data you have submitted based on our legitimate interests (Art. 6(1)(f) GDPR) for up to 6 months after the termination of the application process (rejection or withdrawal of the application). Thereafter, the data will be deleted and physical application documents will be destroyed. The retention serves in particular for proof purposes in the event of legal disputes. If it is apparent that the data will be required after the expiry of the 6-month period (e.g., due to an imminent or pending legal dispute), deletion will only take place when the purpose for further retention ceases to apply.
Longer storage can also take place if you have given your consent (Art. 6(1)(a) GDPR) or if statutory retention obligations preclude deletion.
If we do not make you a job offer, it may be possible to include you in our applicant pool. If you are included, all documents and information from your application will be transferred to the applicant pool in order to contact you in the event of suitable vacancies.
Inclusion in the applicant pool is exclusively based on your explicit consent (Article 6 (1) (a) GDPR). Giving consent is voluntary and is not related to the ongoing application process. The data subject may withdraw their consent at any time. In this case, the data from the applicant pool will be irrevocably deleted, unless there are legal retention periods.
The data from the applicant pool will be irrevocably deleted at the latest two years after consent is given.
The security of your personal data and the protection of your privacy when using our websites are our top priorities.
Therefore, we would like to inform you about the collection, processing, and use of personal data. Should you have any further questions about data protection regarding the use of our website, you can contact us directly at any time.
1. RESPONSIBLE PARTY
1.1 Responsible
Gründau Municipality
Municipal executive
At the Civic Center 1
63584 Gründau
Email: gemeinde@gruendau.de
Website: www.gruendau.info
(hereinafter referred to as „Gründau“, „we“ or „us“)
1.2 Data Protection Officer
The data protection officer of the controller is:
Ceterion AG
Frankfurter Street 63-69
65760 Eschborn
Germany
Email: Datenschutz@gruendau.de
If you have any questions about data protection, you can contact our Data Protection Officer directly at any time.
2. USER RIGHTS
You have the right at any time, - partly under certain conditions,
Request information about the processing of your data
Correct your data
Delete or block your data
To receive your data in a portable format and transmit it to a third party
Your consent to the processing of your data for the future can be revoked. The lawfulness of processing your personal data until revocation will not be affected by the revocation. Likewise, further processing of this data on another legal basis, for example, for the fulfillment of legal obligations, will not be affected.
For this, please refer to the contact details provided above under number 1.
Furthermore, you have the right to lodge a complaint with a supervisory authority pursuant to Article 77 of the GDPR. The competent supervisory authority for Gründau is:
The Hessian Commissioner for Data Protection and Freedom of Information
P.O. Box 3163
65021 Wiesbaden
Phone: +49 611 1408 – 0
Telefax: +49 611 1408 – 611
3. STORAGE DURATION/ DELETION
We delete your IP address and the name of your Internet Service Provider, which we store solely for security reasons, after seven days.
Furthermore, your personal data will be deleted as soon as it is no longer required for the stated purposes. In this context, personal data may be retained for the period during which claims can be asserted against us (statutory limitation period of three to thirty years). In addition, personal data will be stored to the extent and for as long as we are legally obliged to do so. Corresponding proof and retention obligations arise, among others, from the German Commercial Code (Handelsgesetzbuch), the German Fiscal Code (Abgabenordnung) and the German Anti-Money Laundering Act (Geldwäschegesetz). The retention periods are thereby up to ten years.
4. CATEGORIES OF DATA RECIPIENTS
We use order processors in the scope of processing your data. An order processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Processing operations carried out by such processors include, for example, hosting, maintenance, and support of IT systems, or the destruction of files and data carriers. Processors do not use the data for their own purposes but carry out data processing exclusively for the controller and are contractually obligated to ensure appropriate technical and organizational data protection measures.
Furthermore, we may transmit your personal data to bodies such as postal and delivery services, payment and credit reporting agencies, your bank, tax advisors, or the tax authorities. Other recipients may arise from the following information.
5. DATA TRANSFER TO THIRD COUNTRIES
The processing of data fundamentally takes place in Germany or in states of the European Union. Where processing takes place in third countries in exceptional cases, processing will only occur if the adequacy of the data protection level in the third country has been established by the EU Commission according to Article 45 GDPR, based on the EU Standard Contractual Clauses, or if an adequate level of data protection is otherwise guaranteed by the data recipient.
6. SSL/TLS ENCRYPTION
This page uses SSL or TLS encryption for security and to protect the transmission of confidential content, such as feedback or inquiries you send to us as the site operator.
You can recognize an encrypted connection by the fact that the browser's address bar changes from „http://“ to „https://“ and by the lock symbol in your browser bar. If SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
7. SCOPE, PURPOSE AND LEGAL BASIS OF THE PROCESSING OF PERSONAL DATA
7.1 General Information on Data Processing
We treat your personal data confidentially and in accordance with the relevant data protection regulations, taking into account the principles of data economy and data avoidance.
We implement organizational, contractual, and technical security measures in accordance with the state of the art to ensure compliance with the provisions of relevant data protection regulations and to protect the data processed by us against accidental or intentional manipulation, loss, destruction, or unauthorized access.
We would like to point out that data transmission over the internet (e.g., in email communications) may be subject to security vulnerabilities. It is not possible to protect data completely from third-party access. For this reason, you are free to transmit personal data to us through alternative means, such as by mail or telephone.
7.2 Data Processing in the Context of Using Our Website
7.2.1 Log Files
With every access to our website, usage data is transmitted by your internet browser and stored in log data (server log files). This data includes:
IP Address
Timestamp (Date and time of query)
Type of query
Client Information (Client Type, Client Version)
User's operating system (device, device OS version)
The legal basis for the processing is Article 6(1)(f) GDPR, our legitimate interest in ensuring uninterrupted operation, the stability of our systems, and IT security. It is not possible to attribute this data to a specific person. The data collected will be deleted after a maximum of 7 days.
7.2.2 Cookies
Our website uses cookies. Cookies are used to make our website more user-friendly, effective, and secure. Cookies do not harm your computer and do not contain viruses.
Cookies are small text files that are placed on your computer and stored by your browser. You can set your browser to inform you about the placement of cookies and only allow cookies on a case-by-case basis, exclude the acceptance of cookies for specific cases or in general, and activate the automatic deletion of cookies when closing the browser. Some functions of our websites cannot be offered without the use of cookies, which is why the functionality of this website may be restricted when cookies are disabled.
The legal basis for processing is Art. 6 para. 1 sentence 1 lit. f) GDPR, our legitimate interest in ensuring the trouble-free and stable operation of our website.
Under the following links, you can find out how to manage (and deactivate) cookies in the most popular browsers:
Chrome Browser https://support.google.com/accounts/answer/61416?hl=de
Internet Explorer https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-erlauben-und-ablehnen
Safari: https://support.apple.com/de-de/guide/safari/manage-cookies-and-website-data-sfri11471/mac-
Opera help.opera.com/Windows/10.20/en/cookies.html
We use the following cookies individually:
Cookie during website use (session cookie)
Through so-called session cookies, requests for pages, images, or other content are assigned to a user or their end device in the content management system and stored on the Gründau municipality's system for the duration of the website visit (session), with a cookie being set on the user's computer. The session cookie stores the anonymized IP address, date and time, URL of the visited page, web server status code, amount of data transferred in bytes, the URL of the last visited website (referrer), and the web browser used (user agent). You can find this in your browser's cookie settings under the name „gruendau.info“.
30 minutes after leaving the site or due to user inactivity, this cookie will be automatically deleted.
7.2.3 Using Forms
On our website, for example in the „Town Hall & Citizen Services/ Forms & Online Services“ section, you have the option to request services from the municipality of Gründau via online forms or specialized applications. For these services, personal data is collected that is necessary for the execution of the service and that you must enter yourself via a form. The respective special legal regulations apply to the collection and use of this data: for example, the Hessian Registration Act (HMG), the Social Code Book (SGB), the Aliens Act (AuslG), and the HDSIG. Your personal data will only be stored for as long as is necessary for the use of the respective service or for as long as statutory retention periods apply. Your data will not be transferred to third parties unless we are legally obligated to do so. The transmission of data for these services is generally SSL-encrypted.
Personal data (e.g., first and last name and email address) is collected by us when you voluntarily enter your data yourself via a contact form to get in touch with us. We use the personal data transmitted to us in this way exclusively for the purpose for which you provide us with this data when contacting us.
The provision of this information is explicitly voluntary, and therefore with your consent in accordance with Art. 6(1)(a) GDPR. If this information includes communication channels (e.g., email address, phone number), you also consent to us contacting you via this communication channel, if necessary, to respond to your request. The data will not be used or stored further, nor will it be transmitted to third parties.
7.2.4 Contact Form
On our website, in the „Contact & Legal Notice“ section, you have the opportunity to contact us. This involves collecting the following personal data in the contact form integrated on the website:
Name
Company (voluntary)
Street (optional)
Postal Code (optional)
City (optional)
Email address
Phone (optional)
My personal message (content of the request)
Additionally, the IP address of the calling computer is collected.
The data collected will not be passed on to third parties in the course of contact.
We use the data to clarify your request as quickly as possible and to contact you. IP addresses are collected to protect against misuse of the contact form. The collected IP addresses are anonymized.
By sending your message, you consent to the processing of the transmitted data. The processing will be carried out on the basis of Art. 6(1) Sentence 1(a) GDPR with your consent. You can revoke your consent at any time by notifying us, without affecting the lawfulness of the processing carried out on the basis of the consent until revocation. Your personal data will then be deleted. In the event of revocation, please contact the contact details provided above under number 1.
When using the contact form, we collect personal data only to the extent you provide it. We will only use your email address to process your request. Your data will then be deleted unless you have consented to further processing and use.
7.2.5 Collection and Processing When Using Association Registration
On our website, under the „Clubs & Associations“ section, you have the opportunity to contact us and register as a club. To do this, the following data will be collected in the master data sheet integrated into the website:
1. General information about the association (no personal data needs to be provided here)
2. Training/ Samples (no personal data needs to be provided here)
3. Chairperson or contact person
First and last name
Additional name (voluntary)
Street, Postal Code, City
Contact Information: Telephone number, fax and mobile number (voluntary), email address (voluntary)
4. Detailed information about your association (no personal data needs to be provided here)
5. Add club logo and images (no personal data needs to be provided here)
6. Access credentials for your club listing
7. Consent to the storage of personal data in accordance with the EU General Data Protection Regulation (GDPR) – (no personal data needs to be provided here)
The data collected will not be shared with third parties.
We use the data to present your club on our homepage under „Clubs & Associations“ and to give the citizens of our community the opportunity to inform themselves about club life and, if necessary, to contact your club.
By submitting your registration, you consent to the processing of the data provided. The processing is carried out on the basis of Art. 6 (1) sentence 1 a) GDPR with your consent. You can revoke your consent at any time by notifying us, without this affecting the lawfulness of the processing carried out on the basis of the consent until the revocation. Your personal data will then be deleted.
7.2.6 Google Maps
We use the Google Maps function (API) on our website to embed Google Maps maps from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland („Google“).
The function enables the visual representation of geographical information and interactive maps. We use this service to offer you the possibility of determining the locations of the Wi-Fi hotspots in the municipality of Gründau.
When you visit a page that embeds Google Maps, Google also collects, processes, and uses data about the visitors of the page. For more information on how Google collects and uses your data, please refer to Google's privacy policy at:
https://www.google.com/privacypolicy.html
There, in the Data Protection Center, you also have the option to change your settings to manage and protect the data processed by Google. If you use the search function for hotspots, your data may also be transmitted to the USA. Please also read our information above under item 5 for more details.
To protect your data, Gründau informs you before displaying external content from Google and transferring data. You can then agree to the data transfer and display the content by clicking (so-called „two-click solution“). Furthermore, you can permanently give your consent to display external content from a provider; to do this, a cookie will be created on your computer on which this setting is stored.
7.2.7 Other Providers' Offers
Our online offering also includes content and functionalities from other providers/networks (e.g., YouTube). Gründau uses these services from other providers to offer you content in the best possible form.
When using Gründau's online services, your IP address and other technically necessary device-related information such as screen resolution, browser used, and operating system used will be recorded on servers. The provider of the plugin or code also receives this data. The provider can generally not draw any conclusions about your identity from this data, but it does know, for example, where you are located (geographically). In addition, providers can place so-called cookies on your device, which they can use to log your browsing behavior and recognize the device you use when browsing. If you are logged in to a provider while accessing a Gründau online service, the provider can also associate your browsing behavior with your profile stored there. Gründau itself receives no information about how you use the plugins and which content you share or comment on. In this case, the data exchange takes place solely between you and the providers.
To protect your data, Gründau informs you before displaying external third-party content and transferring data. You can then agree to the data transfer and display the content by clicking (so-called „two-click solution“). Furthermore, you can permanently grant your consent to display external content from a provider; for this purpose, a cookie will be created on your computer to store this setting.
Details on individual providers:
Under the following links, you can learn about the respective privacy notices of the providers, how they collect your data, and how they handle your data.
For the YouTube privacy policy, please click here.
For the privacy policy of the service Branchenverzeichnis Gründau, please click here.
For the KIP Municipal Real Estate Platform service's privacy policy, please click here.
8. PRIVACY POLICY FOR OUR SOCIAL MEDIA PROFILES
8.1 General – Data Processing by Social Media Platforms
We operate publicly accessible profiles on social networks („social media platforms“). You can find the specific social media platforms we use below.
Social media platforms like Instagram, Facebook, Pinterest, etc. can generally analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g., like buttons or ad banners). Visiting our social media presences triggers numerous data protection-relevant processing operations.
In detail:
If you are logged into your social media profile and visit our social media presence, the operator of the social media platform can attribute this visit to your user account. However, your personal data may also be collected under certain circumstances if you are not logged in or do not have an account with the respective social media platform. In this case, data is collected, for example, via cookies that are stored on your end device or by capturing your IP address.
With the help of the data collected in this way, social media platform operators can create user profiles that store your preferences and interests. This allows interest-based advertising to be displayed to you both on and off the respective social media platform. If you have an account with the respective social network, interest-based advertising can be displayed on all devices on which you are logged in or have been logged in.
Please also note that we cannot fully understand all processing operations on social media platforms. Depending on the provider, further processing operations may therefore be carried out by the operators of the social media platforms. For details, please refer to the terms of use and data protection regulations of the respective social media platforms.
8.2 Legal Basis
The operation of our social media profiles, including the processing of users' personal data, is based on our legitimate interest in providing a modern and supportive information and interaction platform for and with our users and visitors, in accordance with Art. 6(1) sentence 1(f) GDPR. The analysis processes initiated by the social networks may be based on different legal grounds, which are to be provided by the operators of the social networks (e.g., consent within the meaning of Art. 6(1) sentence 1(a) GDPR).
8.3 Responsible Party and Assertion of Rights
When you visit one of our social media profiles (e.g., Instagram), we are jointly responsible with the operator of the social media platform for the data processing operations triggered by this visit. You can generally assert your rights (access, rectification, erasure, restriction of processing, data portability, and complaint) both towards us (see also section 1 above) and towards the operator of the respective social media platform (e.g., Instagram).
Please note that despite our joint responsibility with the social media platform operators, we do not have full influence over the data processing operations of the social media platform. Only the operator of the respective social media platform has full access to and oversight of user data.
8.4 Storage Duration
The data we collect directly through our social media presence will be deleted from our systems as soon as the purpose for its storage ceases to apply, you request its deletion, you withdraw your consent for storage, or the purpose for data storage ceases to apply. Stored cookies remain on your end device until you delete them. Legal provisions/retention periods remain unaffected – see also paragraph 3 above.
We have no influence on the storage duration of your data, which is stored by the social network operators for their own purposes. For details on this, please refer directly to the social network operators (e.g., in their privacy policy, see above).
8.5 Individual Social Media Platforms
The following social media platforms are used by us:
We use the Facebook service. The provider is Meta Platforms Ireland Ltd. 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland.
You can adjust your Facebook privacy settings yourself within your user account. To do this, click on the following link and log in:
https://www.facebook.com/settings?tab=privacy
9. UNSOLICITED ADVERTISING
The use of contact details published as part of the imprint obligation by third parties for sending unsolicited advertising and information material is hereby expressly objected to. The operator of the site expressly reserves the right to take legal action in the event of unsolicited sending of advertising information, for example through SPAM emails.
STATUS OF THE PRIVACY POLICY
As of: 03/31/2025
