Privacy and cookie policy

We collect and process personal data when you visit this website, in compliance with all applicable data protection regulations.

With this data protection declaration we would like to explain to you which data we collect on our website for which purposes and on what legal basis this is done. In addition, we will inform you about your rights and who you can contact if you have any questions about data protection or complaints

1 Contact details of responsible data collector

Responsible for the collection, processing and use of your personal data within the meaning of Art. 4 No. 7 DSGVO is

IAPA International Au Pair Association
Office address:
Oetztalerstr. 1
81373 Munich
phone: +49 (0)89 20189550
e-Mail: info@iapa.org

Address of incorporation:
Nygade 5
1164 Copenhagen
Denmark

Non profit organisation registered at CVR Kopenhagen, Denmark

CVR Number: 29342199

If you wish to object to the collection, processing or use of your data by us in accordance with these data protection regulations as a whole or for individual measures, you can address your objection to the person responsible Patricia Brunner patricia.brunner@iapa.org 

2 General reasons to process data

We may use personal data to run our website and for the execution of statutory services and obligations

3 What data do we collect and why?

3.1  Data for provision of our statutory duties and services

We process personal information and the data of visitors of this website  in accordance with Art. 6 Para. 1 lit. b. GDPR,  to run this website. In all other respects, we process the data of subjects in accordance with Art. 6 para. 1 lit. f. DSGVO on the basis of our legitimate interests, e.g. when administrative tasks are involved.

3.2 Hosting

The hosting services we use help us to provide the following services: Infrastructure and platform services, computing capacity, security services and technical maintenance services that we use to operate the website.

We or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta- and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in an efficient and secure provision of our website in accordance with Art. 6 Para. 1 S. 1 f) GDPR in conjunction with. Art. 28 GDPR.

3.3 Access data

We collect information about you when you use this website. We automatically collect information about your usage behavior and interaction with us and record data about your computer or mobile device. We collect, store and use data about every access to our website (so-called server log files). Access data includes:

  • Name and URL of the retrieved file
  • Date and time of retrieval
  • transferred data volume
  • Message about successful retrieval (HTTP response code)
  • Browser type and browser version
  • operating system
  • Websites accessed by the user’s system through our website
  • Internet service provider of the user
  • IP address and the requesting provider

We use this log data without allocation to your person or other profiling for statistical evaluations for the purpose of operating, security and optimization of our website, but also for anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services. Based on this information, we can provide relevant content, analyze traffic, troubleshoot and correct errors, and improve our services.

This is also our legitimate interest pursuant to Art 6 para. 1 sentence 1 f) GDPR.

We reserve the right to check the log data subsequently if there is a justified suspicion of illegal use based on concrete evidence. We store IP addresses in the log files for a limited period of time if this is necessary for security. We also store IP addresses if we have a concrete suspicion of a criminal offence in connection with the use of our website. In addition, we store the date of your last visit as part of your account (e.g. when registering, logging in, clicking on links, etc.).See also point 3.5   Webtracking/Matomo

3.4 Cookies

A “cookie” is a small text file that is created when you visit our website and is stored on your computer. Cookies help us to know whether you have visited our website before. A cookie can only contain information that we ourselves send to your computer – private data cannot be read out with it. If you accept the cookies on our pages, we do not have access to your personal information, but with the help of cookies we can identify your computer.

Cookies in use

We use “session cookies” and “persistent cookies”. A “session cookie” is a cookie that is automatically deleted when you close your browser. A “persistent cookie”, on the other hand, remains stored on your terminal until a defined expiry date of the cookie.

Session cookies in use: 

PHPSESSID: With the help of this cookie the preferred settings of the user are stored in order to be able to make them available immediately the next time the page is visited. These can be, for example, the language settings or another preference. It also makes it easier to fill in forms. The cookie is deleted at the end of the browser session.

Legal basis of this data collection and use: 

Art. 6 para. 1 lit. a GDPR (via cookie banner), alternatively Art. 6 para. 1 lit. f GDPR

How to object to session cookies:

You can change your browser settings so that cookies are either completely blocked or you are informed as soon as a cookie is set. This allows you to decide immediately whether you want to block cookies. However, by rejecting all cookies, the use of certain functions on our website may be restricted. You can usually change your browser settings on your computer or mobile device to block cookies in the ‘options’ or ‘preferences’ menu of your browser.

3.5 Webtracking / MATOMO

This site uses Matomo (www.matomo.org) to analyze traffic and help us to improve your user experience.  Matomo is a web analysis service software, a service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, on the basis of our legitimate interest in statistical analysis of user behavior for optimization and marketing purposes pursuant to Art. 6 Para. 1 letter f GDPR. The software places a cookie on the user’s computer (see above for cookies). If individual pages of our website are accessed, the following data is stored:

(1) Two bytes of the IP address of the user’s calling system

(2) The accessed website

(3) The website from which the user has accessed the accessed website (referrer)

(4) The sub-pages accessed from the accessed website

(5) The time spent on the website

(6) The frequency with which the website is accessed

The software runs exclusively on the servers of our website in the Netherlands. The personal data of users is only stored there. The data will not be passed on to third parties. By anonymizing the IP address, users’ interest in protecting their personal data is sufficiently taken into account.

The data will be deleted as soon as they are no longer needed for our recording purposes.

More information about the privacy settings of the Matomo software can be found under the following link: https://matomo.org/docs/privacy/

3.6 Communication 

E-Mail Contact

If you contact us (e.g. via contact form or e-mail), we will process your details to reply to your enquiry and in the event that follow-up questions arise. We will only process further personal data if you give your consent (Art. 6 para. 1 sentence 1 a) GDPR) or if we have a legitimate interest in processing your data (Art. 6 para. 1 sentence 1 f) GDPR). For example, there is a legitimate interest in replying to your e-mail.

If you wish to contact us by e-mail, we would like to point out that the confidentiality of the transmitted information is not guaranteed. The content of e-mails can be viewed by third parties. We therefore recommend that you only send us confidential information by post.

3.7 CRM system from salesforce

We use the CRM system of the provider salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, in order to process and administrate enquiries and membership data faster and more efficiently (legitimate interest according to art. 6 par. 1 lit. f. GDPRO ).

salesforce is certified under the Privacy Shield Agreement and thus offers an additional guarantee to comply with European data protection law if data is processed in the USA (https://www.privacyshield.gov/participant?id=a2zt0000000KzLyAAK&status=Active)

salesforce uses the user data only for technical processing of inquiries and does not pass them on to third parties. To use salesforce, at least a correct email address is required. Pseudonymous use is possible. During the processing of service requests, it may be necessary to collect further data (name, address).

If users disagree with data collection and storage in salesforce’s external system, we offer alternative contacts for submitting service requests by e-mail, telephone or mail.

Find more information in salesforce’s privacy policy: https://www.salesforce.com/de/company/privacy/.

3.8 Social Media Buttons

Our Website uses Social Media Buttons of the following Social media providers:

  • facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA
  • Instagram Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland

 

These social media buttons only provide links to the respective providers. As long as these buttons are not clicked, no transfer to these providers takes place.

If you click on these buttons, you will be redirected to the website of the respective social media service. Depending on whether you were registered with the respective provider at the time of clicking, your data will be processed in accordance with the data use guidelines of these organizations and, if necessary, used to create a profile, which is not our area of responsibility.

Further information on the data use guidelines of the individual social media services can be found under the following links:

If you do not want these companies to collect information about you, you should not click these buttons. 

3.9 You Tube

We integrate videos of the platform “YouTube” of the provider  Google Ireland Limited
Gordon House, Barrow Street, Dublin 4,Irland. Privacy policy: https://www.youtube.com/yt/about/policies

Please note that YouTube may use Google Analytics and refer to the privacy policy https://www.google.com/policies/privacyand opt-out options for Google Analytics http://tools.google.com/dlpage/gaoptout?hl=en  or Google’s settings for data use for marketing purposes https://adssettings.google.com/

If you do not want this company to collect information about you, you should not start the videos on this website. 

4 Who has access to data? 

Your information may be shared internally. This includes the Managing Director, members of the Executive Board and IT staff if access to the data is necessary for the performance of their roles.

However, we will not share your data with third parties without your consent.

5 How does IAPA International Au Pair Association protect data?

We take the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees/Board members in the proper performance of their duties. Your data is stored in a secure operating environment that is not accessible.

All information you provide to us is stored on our secure servers in the EU.

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA“). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Unfortunately, the transmission of information via internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

6 For how long does IAPA International Au Pair Association keep data?

We delete data that is no longer required for the performance of our statutory and contractual services. This is determined according to the respective tasks and contractual relationships. In the case of business processing, we store the data for as long as it can be relevant for business transactions as well as with regards to any warranty or liability obligations. The necessity of data storage is reviewed every three years; in all other respects, the legal storage obligations  (e.g. for invoices and receipts) apply.

7 Your rights 

According to the European  General Data Protection Regulation (GDPR), you have a number of rights. You can:

  • access and obtain a copy of your data on request at no cost;
  • require the association to change incorrect or incomplete data;
  • require the association to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
  • object to the processing of your data where IAPA International Au Pair Association is relying on its legitimate interests as the legal ground for processing.

If you would like to exercise any of these rights, please contact Patricia Brunner at patricia.brunner@iapa.org
If you believe that the association has not complied with your data protection rights, you can complain to the Bavarian data protection authority.

Contact details of the Bavarian data protection authority: 

Bayerisches Landesamt fĂŒr Datenschutzaufsicht

Postanschrift

Postfach 606

91511 Ansbach

Deutschland

Telefon: +49 (0) 981 53 1300

Telefax: +49 (0) 981 53 98 1300

E-Mail:poststelle@lda.bayern.de

8 Links to other websites

The International Au Pair Day website contains links to other websites  (www.iapa.org)as well as Facebook, Instagram and YouTube. This Policy only applies to the International Au Pair Day Website. Please read their own privacy policies when linking to their websites.

9 Changes to this Policy

We keep this policy under regular review and will post any updates on this webpage. This policy was last updated 13. June 2019.