Privacy Policy
I. Name and address of the controller
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:
German-Baltic Chamber of Commerce in Estonia, Latvia, Lithuania e. V. (AHK Baltic States)
Wide street 29 10178 Berlin
Germany
Tel.: 00371 6732 0718
Email: info (at) ahk-balt.org
Website: www.ahk-balt.org
II. General information on data processing
1. Scope of processing of personal data
In principle, we only process personal data of our users insofar as this is necessary to provide a functional website as well as our content and services. The processing of personal data of our users takes place regularly only with the consent of the user. An exception applies in cases where prior consent is not possible for actual reasons and the processing of the data is permitted by statutory provisions.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for processing operations of personal data, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data. In the processing of personal data, which is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations necessary to carry out pre-contractual measures. If the processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first interest, Art. 6 (1) lit. f GDPR serves as the legal basis for the processing.
3. Data deletion and storage period
The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other regulations to which the controller is subject. Blocking or deletion of the data also takes place if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for contract conclusion or contract fulfilment.
III. Provision of the website and creation of log files
1. Description and scope of data processing
Every time you visit our website, our system automatically collects data and information from the computer system of the calling computer. The following data is collected:
(1) Information about the browser type and version used
(2) The user’s operating system
(3) The Internet service provider of the user
(4) The IP address of the user
(5) Date and time of access
(6) websites accessed by the user’s system via our website
2. Legal basis for data processing
The legal basis for temporary storage of data and logfiles is Art. 6 para. 1 lit. f GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session.
Storage in log files takes place to ensure the functionality of the website. In addition, the data serves us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of collecting the data to provide the website, this is the case when the respective session has ended.
In the case of storage of the data in log files, this is the case after seven days at the latest. Additional storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible.
5. Possibility of objection and removal
The collection of data for the provision of the website and the storage of data in log files is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
IV. Use of cookies
a) Description and scope of data processing
We use cookies to make our website more user-friendly. Some elements of our website require that the calling browser can be identified even after a page change. No personal data is collected.
The cookies store and transmit the following data:
(1) Fonts = Standard Cookie Variable which is used by us to reload the fonts in the browser during an update.
(2) fullcss = Standard Cookie Variable which is used by us to reload the CSS file in the browser during an update.
Maximum lifetime of cookies: 730 days
We also use cookies on our website that enable an analysis of users’ surfing behaviour.
In this way, the following data can be transmitted:
_ GA = One-time identifier from Google Analytics for identifying a user (composed of client_id + timestamp) | Standard expiry time 2 years _ gat = parameter which makes Google Analytics reduce the query rate
_ gid = unique identifier from Google Analytics for identifying a user (composed of client_id + timestamp) | Standard expiry time 24 hours The data collected in this way is pseudonymized by technical precautions.
Therefore, an assignment of the data to the calling user is no longer possible. The data will not be stored together with other personal data of the users.
When accessing our website, users are informed by an info banner about the use of cookies for analysis purposes and referred to this data protection declaration. In this context, there is also an indication of how the storage of cookies in the browser settings can be prevented.
If you do not want tracking, you can deactivate it under the Google Analytics section of this privacy policy.
B) Legal basis for data processing
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 (1) (f) GDPR.
The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 para. 1 lit. a GDPR in the presence of the user’s consent in this regard.
C) Purpose of data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.
We need cookies for the following applications:
(1) Fonts = Standard Cookie Variable which is used by us to reload the fonts in the browser during an update.
(2) fullcss = Standard Cookie Variable which is used by us to reload the CSS file in the browser during an update.
Maximum cookie lifetime: 730 days
The user data collected by technically necessary cookies are not used to create user profiles.
The use of the analysis cookies is carried out for the purpose of improving the quality of our website and its contents. Through the analysis cookies, we learn how the website is used and can thus continuously optimize our offer.
In this way, the following data can be transmitted:
_ GA = unique identifier from Google Analytics for identifying a user (composed of client_id + timestamp) | Standard expiry time 2 years
_ gat = parameters which make Google Analytics reduce the query rate
_ gid = unique identifier from Google Analytics for identifying a user (composed of client_id + timestamp) | Standard expiry time 24 hours
e) Duration of storage, possibility of objection and removal
Cookies are stored on the user’s computer and transmitted by the user to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to make full use of all functions of the website.
V. Newsletter
1. Description and scope of data processing
On our website there is the possibility to subscribe to a free newsletter. When registering for the newsletter, the data from an input mask entered with iFrame is transmitted to the service provider commissioned by us for e-mail marketing software providers.
The following data is collected:
• Title
• First name
• Last name
• Email address
In addition, the following data is collected during registration:
• Date and time of registration
For the processing of the data, your consent will be obtained during the registration process and referred to this data protection declaration. No transfer of the data to third parties takes place in connection with the data processing for the dispatch of newsletters, except the provider of the e-mail marketing software. The data will be used exclusively for sending the newsletter.
2. Legal basis for data processing
The legal basis for the processing of the data after registration for the newsletter by the user is Art. 6 (1) (a) GDPR if the user has given his consent.
If it concerns the sending of newsletters in the context of membership of the data of our database registered with us, the legal basis is Art. 6 (1) (b) GDPR.
3. Purpose of data processing
The collection of the user’s e-mail address serves to send the newsletter.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. The user’s e-mail address is therefore stored as long as the subscription to the newsletter is active.
5. Newsletter tracking
We use personalized newsletter tracking to optimize our newsletter offering. In addition to the e-mail address, we also record the activities associated with sending the newsletter (click behaviour). See also point VI. subpoint 6. Shipping service provider MailChimp.
6. Possibility of objection and removal
The subscription to the newsletter can be cancelled at any time by the user concerned. For this purpose, you will find a corresponding link in each newsletter. Alternatively, you can also write us an e-mail to insert e-mail address.
VI. Registration
(Application for membership, event registration, order of publication, contact)
1. Description and scope of data processing
On our website, we offer users the opportunity to register by providing personal data. The data is entered into an input mask and transmitted to us and stored. The data will not be passed on to third parties.
The following data is collected as part of the registration process:
• Company/Organization
• VAT identification number
• Registration number
• Street and house number
• Postal code
• Location
• Telephone
• Website
• Managing Director of the company
• NACE code
• Industry
• Short profile of the company
• Number of employees
• Contact person for membership
• Position in the company
• E-mail of the contact person
• Telephone number of the contact person
• Invoice address
At the time of registration, the following data will also be stored:
• Date and time of registration
• Browser used
• Operating system
As part of the registration process, the user’s consent to the processing of this data is obtained.
2. Legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given his consent. If the registration serves the fulfilment of a contract to which the user is a party or the implementation of pre-contractual measures, additional legal basis for the processing of the data is Art. 6 para. 1 lit. b GDPR.
3. Purpose of data processing
Registration of the user is necessary for the performance of a contract with the user or for the implementation of pre-contractual measures. Your registration can be an application for membership or registration for an event.
Further information can be found in our information requirements:
Information obligation for member applications
Information obligation for event registration
Information obligation for contact form
Information obligation for newsletter registration
Information obligation for seminar registration
Information obligation for publication orders
4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case for those during the registration process for the performance of a contract or for the implementation of pre-contractual measures when the data is no longer necessary for the execution of the contract. Even after the conclusion of the contract, there may be a need to store personal data of the contracting party in order to comply with contractual or legal obligations.
5. Possibility of objection and removal
As a user, you have the possibility to dissolve the registration at any time. You can change the data stored about you at any time. To modify or delete your information, contact: constantin.cragg@ahk-balt.org
If the data are necessary to fulfil a contract or to carry out pre-contractual measures, an early deletion of the data is only possible, unless contractual or legal obligations preclude deletion.
VII. Contact form and e-mail contact
1. Description and scope of data processing
A contact form is available on our website, which can be used for electronic contact. If a user takes this opportunity, the data entered in the input mask is transmitted to us and stored.
At the time of sending the message, the following data is also stored:
• Date and time of registration
• Browser used
• Operating system
Your consent will be obtained for the processing of the data as part of the sending process and referred to this data protection declaration.
Alternatively, it is possible to contact us via the provided e-mail address.
In this case, the user’s personal data transmitted by e-mail will be stored. In this context, the data will not be passed on to third parties. The data will be used exclusively for the processing of the conversation.
2. Legal basis for data processing
The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given his consent. The legal basis for processing the data transmitted in the course of sending an e-mail is Art. 6 (1) lit. f GDPR.
If the e-mail contact is aimed at concluding a contract, additional legal basis for processing is Art. 6 (1) (b) GDPR.
3. Purpose of data processing
The processing of personal data from the input mask serves us solely to process the contact. In the event of contacting us by e-mail, this also entails the necessary legitimate interest in the processing of the data. The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those that have been sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the facts concerned have been finally clarified. The additional personal data collected during the sending process will be deleted at the latest after a period of three months.
5. Possibility of objection and removal
The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot continue. You can inform us of the revocation of consent and the objection to storage in writing by e-mail to insert e-mail address All personal data stored in the course of contacting us will be deleted in this case.
VIII. Transfer of personal data to third parties
1. Website operator
Within the scope of order processing, personal data is passed on to the agency tasked with operating the website and the technical service provider. The order agreement is governed by a corresponding agreement with the service provider.
2. Social media sharing button
General information: Social media plugins usually result in each visitor to a page being immediately recorded by these services with their IP address and their further browsing behaviour being logged. This can be done even if you do not press the button. To prevent this, we use the Shariff method. Our social media buttons only establish direct contact between the social network and you when you click on the respective share button. If you are already logged in to a social network, this is done on Facebook and Google + without another window. A pop-up window appears on Twitter where you can still edit the text of the tweet. You can use it to publish our content on social networks without them being able to create complete surf profiles.
Our site uses plugins from the social network of Facebook Inc., 1 Hacker way, Menlo Park, California 94025, USA. Through the Shariff method, Facebook only learns about your IP address and your visit to our website when you have activated the button. If you activate the plugin while logged in to Facebook at the same time, Facebook can associate your use with your user account. We have no knowledge of and influence on the collection and use of your data by Facebook. Further information can be found in Facebook’s privacy policy under de-de.facebook.com/policy.php. In addition, we refer to our general presentation in this data protection declaration for the general handling and deactivation of cookies.
Google +
Our website uses plugins from the social network Google + of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. Through the Shariff method, however, Google only learns about your IP address and your visit to our website when you have activated the button. If you activate the plugin while logged in to Google + at the same time, Google + can associate your use with your user account.
We have no knowledge of and influence on the collection and use of your data by Google +. Further information can be found in Google’s privacy policy under www.google.de/intl/de/policies/privacy/. In addition, we refer to our general presentation in this data protection declaration for the general handling and deactivation of cookies.
Our site uses plugins from the social network of Twitter Inc., 795 Folsom Street, Suite 600, San Francisco, CA 94107, USA. However, Twitter only learns about your IP address and your visit to our website through the Shariff method when they have activated the re-tweet button.
We have no knowledge of and influence on the collection and use of your data by Twitter. For more information, please refer to Google’s privacy policy under twitter.com/privacy. In addition, we refer to our general presentation in this data protection declaration for the general handling and deactivation of cookies.
Our website uses the Xing Share plugin of the social network Xing, XING AG, Dammtorstrasse 30, 20354 Hamburg, Germany. If you press this button, your browser connects to Xing to perform the functions of the plugin. However, no personal data is stored by you through Xing, nor is your use recorded via a cookie. Further information can be found in Xing’s privacy policy under www.xing.com/privacy. In addition, we refer to our general presentation in this data protection declaration for the general handling and deactivation of cookies.
Our site uses the LinkedIn Share plugin of the social network LinkedIn LinkedIn Ireland Unlimited Company, Wilton place, Dublin 2, Ireland. If you press this button, your browser connects to LinkedIn to perform the functions of the plugin. However, no personal data is stored by you through LinkedIn, nor is your use recorded via a cookie. Further information can be found in LinkedIn’s privacy policy under www.linkedin.com/legal/privacy-policy. In addition, we refer to our general presentation in this data protection declaration for the general handling and deactivation of cookies.
3. YouTube videos
We have occasionally embedded YouTube videos on our website, which are stored on the servers of the provider YouTube and can be played from our website via an embedding. The embedding of the videos takes place with the option for extended data protection settings enabled. When you play these videos, YouTube cookies and DoubleClick cookies are stored on your computer and may transfer data to Google Inc., Amphitheater Parkway, Mountain View, CA 94043, USA, as YouTube operator.
When videos stored on YouTube are played, at least the following data is transmitted to Google Inc. as YouTube operator and operator of the DoubleClick network according to current status: IP address and cookie ID, the specific address of the page accessed by us, system date and time of the call, identification of your browser. The transfer of this data takes place regardless of whether you have a Google user account through which you are logged in or whether you do not have a user account. If you are logged in in this way, Google may associate this data directly with your account. If you do not want the assignment to your profile, you must log out of the video before activating the play button.
YouTube and Google Inc. store this data as usage profiles and may use it for the purposes of advertising, market research and/or the needs-based design of their websites. Such an evaluation takes place in particular (also for non-registered users) for the provision of demand-based advertising and to inform other users about your activities on our website. You have the right to object to the formation of these user profiles, whereby you must contact Google as the operator of YouTube in order to exercise this.
4. Google Maps
This website uses the Google Maps map software from Google Inc. By using this website, you agree to the collection, processing and use of data that may be collected automatically by Google and its representatives. Google Maps Terms of Use. Further information on the purpose & scope of data collection and its processing by Google can be found on this information page.
5. Website analysis with Google Analytics
This website uses the service “Google Analytics”, which is provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA), for the analysis of website use by users. The service uses “cookies” – text files that are stored on your terminal device. The information collected by the cookies is usually sent to a Google server in the USA and stored there. IP anonymization is used on this website. The IP address of users is shortened within the member states of the EU and the European Economic Area. This reduction eliminates the personal reference of your IP address. Within the framework of the agreement on order data, which the website operators have concluded with Google Inc., it compiles an evaluation of website use and website activity using the information collected and provides services associated with Internet use.
You have the option to prevent the storage of the cookie on your device by making appropriate settings in your browser. It is not guaranteed that you will be able to access all functions of this website without restrictions if your browser does not allow cookies.
Furthermore, a browser plug-in can prevent the information collected by cookies (including your IP address) from being sent to Google Inc. and used by Google Inc. The following link leads you to the corresponding plugin: tools.google.com/dlpage/gaoptout
You can prevent collection by Google Analytics by clicking on the following link. An opt-out cookie is set, which prevents the future collection of your data when you visit this website:
Disable Google Analytics
Here you can find more information about data usage by Google Inc.: https://support.google.com/analytics/answer/6004245?hl=de
6. Shipping service provider MailChimp
For sending mass mails and the newsletter, we use the mailing service provider MailChimp of Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
MailChimp stores first and last name, company and e-mail address on MailChimp’s servers in the USA for dispatch on our behalf. MailChimp can use this data to optimize or improve its services, a transfer to third parties or the use of the data for sending its own e-mails by MailChimp does not take place.
MailChimp is certified under the US-EU data protection agreement “Privacy Shield” and undertakes to comply with EU data protection regulations. We have concluded a data processing agreement with MailChimp with which MailChimp undertakes to protect the data of our users, to process them on our behalf in accordance with MailChimp’s data protection regulations and not to pass them on to third parties. The privacy policy of MailChimp can be found here: https://mailchimp.com/legal/privacy/. In addition, we refer to our general presentation in this data protection declaration for the general handling and deactivation of cookies.
IX. Rights of the data subject
Under the EU General Data Protection Regulation, you have the following rights: If your personal data is processed, you have the right to receive information about the data stored about you (Art. 15 GDPR).
Should incorrect personal data be processed, you have the right to rectification (Art. 16 GDPR).
If the legal requirements exist, you can request the deletion or restriction of processing as well as object to the processing (Art. 17, 18 and 21 DSGVO).
If you have consented to data processing or if there is a contract for data processing and the data processing is carried out using automated procedures, you may have a right to data portability (Art. 20 GDPR).
Should you make use of your aforementioned rights, the Baltic States Chamber of Commerce will check whether the legal requirements for this are met.
For data protection complaints, you can contact the competent supervisory authority:
Germany:
The Federal Commissioner for Data Protection and Freedom of Information
Husarenstrasse 30, D-53117 Bonn, Germany
Phone: 0228 997799 - 0
Fax: 0228 997799 - 550
E-mail: Post office (at) bfdi.bund.de
Internet: http://www.datenschutz.bund.de
Estonia:
Andmekaitse Inspectsioon Väike-Ameerika
19 10129 Tallinn
Phone: +372 5620 2341
Email: info (at) aki.ee
Internet: http://www.aki.ee/en
Latvia:
Datu hosts inspekcija Blaumaņa iela 11/13-11,
Riga, LV-1011
Phone: +371 67 22 31 31
Fax: +371 67 22 35 56
Email: info (at) dvi.gov.lv
Internet: http://www.dvi.gov.lv/lv/
Lithuania:
Valstybinė duomenų apsaugos inspekcija
A. Juozapavičiaus g. 6
Vilnius, LT-09310
Phone: +370 5 271 2804, +370 5 279 1445
Fax: +370 5 261 9494
Email: Ada (at) ada.lt
Internet: https://www.ada.lt/go.php/lit/img