We collect and process personal data when you visit this website, in compliance with all applicable data protection regulations.
With this data protection declaration we would like to explain to you which data we collect on our website for which purposes and on what legal basis this is done. In addition, we will inform you about your rights and who you can contact if you have any questions about data protection or complaints
1 Contact details of responsible data collector
Responsible for the collection, processing and use of your personal data within the meaning of Art. 4 No. 7 DSGVO is
IAPA International Au Pair Association
phone: +49 (0)89 20189550
Address of incorporation:
Non profit organisation registered at CVR Kopenhagen, Denmark
CVR Number:Â 29342199
If you wish to object to the collection, processing or use of your data by us in accordance with these data protection regulations as a whole or for individual measures, you can address your objection to the person responsible Patricia BrunnerÂ firstname.lastname@example.orgÂ
2 General reasons to process data
We may use personal data to run our website and for the execution of statutory services and obligations
3 What data do we collect and why?
3.1 Â Data for provision of our statutory duties and services
We process personal information and the data of visitors of this website Â in accordance with Art. 6 Para. 1 lit. b. GDPR, Â to run this website. In all other respects, we process the data of subjects in accordance with Art. 6 para. 1 lit. f. DSGVO on the basis of our legitimate interests, e.g. when administrative tasks are involved.
The hosting services we use help us to provide the following services: Infrastructure and platform services, computing capacity, security services and technical maintenance services that we use to operate the website.
We or our hosting provider process inventory data, contact data, content data, contract data, usage data, meta- and communication data of customers, interested parties and visitors to this website on the basis of our legitimate interests in an efficient and secure provision of our website in accordance with Art. 6 Para. 1 S. 1 f) GDPR in conjunction with. Art. 28 GDPR.
3.3 Access data
We collect information about you when you use this website. We automatically collect information about your usage behavior and interaction with us and record data about your computer or mobile device. We collect, store and use data about every access to our website (so-called server log files). Access data includes:
- Name and URL of the retrieved file
- Date and time of retrieval
- transferred data volume
- Message about successful retrieval (HTTP response code)
- Browser type and browser version
- operating system
- Websites accessed by the userâs system through our website
- Internet service provider of the user
- IP address and the requesting provider
We use this log data without allocation to your person or other profiling for statistical evaluations for the purpose of operating, security and optimization of our website, but also for anonymous recording of the number of visitors to our website (traffic) and the extent and type of use of our website and services. Based on this information, we can provide relevant content, analyze traffic, troubleshoot and correct errors, and improve our services.
This is also our legitimate interest pursuant to Art 6 para. 1 sentence 1 f) GDPR.
We reserve the right to check the log data subsequently if there is a justified suspicion of illegal use based on concrete evidence. We store IP addresses in the log files for a limited period of time if this is necessary for security. We also store IP addresses if we have a concrete suspicion of a criminal offence in connection with the use of our website. In addition, we store the date of your last visit as part of your account (e.g. when registering, logging in, clicking on links, etc.).See also point 3.5 Â Webtracking/Matomo
A âcookieâ is a small text file that is created when you visit our website and is stored on your computer. Cookies help us to know whether you have visited our website before. A cookie can only contain information that we ourselves send to your computer â private data cannot be read out with it. If you accept the cookies on our pages, we do not have access to your personal information, but with the help of cookies we can identify your computer.
Cookies in use
We use âsession cookiesâ and âpersistent cookiesâ. A âsession cookieâ is a cookie that is automatically deleted when you close your browser. A âpersistent cookieâ, on the other hand, remains stored on your terminal until a defined expiry date of the cookie.
Session cookies in use:Â
PHPSESSID: With the help of this cookie the preferred settings of the user are stored in order to be able to make them available immediately the next time the page is visited. These can be, for example, the language settings or another preference. It also makes it easier to fill in forms. The cookie is deleted at the end of the browser session.
Legal basis of this data collection and use:Â
Art. 6 para. 1 lit. a GDPR (via cookie banner), alternatively Art. 6 para. 1 lit. f GDPR
How to object to session cookies:
You can change your browser settings so that cookies are either completely blocked or you are informed as soon as a cookie is set. This allows you to decide immediately whether you want to block cookies. However, by rejecting all cookies, the use of certain functions on our website may be restricted. You can usually change your browser settings on your computer or mobile device to block cookies in the âoptionsâ or âpreferencesâ menu of your browser.
3.5 Webtracking / MATOMO
This site uses Matomo (www.matomo.org) to analyze traffic and help us to improve your user experience.Â Matomo is a web analysis service software, a service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, on the basis of our legitimate interest in statistical analysis of user behavior for optimization and marketing purposes pursuant to Art. 6 Para. 1 letter f GDPR. The software places a cookie on the userâs computer (see above for cookies). If individual pages of our website are accessed, the following data is stored:
(1) Two bytes of the IP address of the userâs calling system
(2) The accessed website
(3) The website from which the user has accessed the accessed website (referrer)
(4) The sub-pages accessed from the accessed website
(5) The time spent on the website
(6) The frequency with which the website is accessed
The software runs exclusively on the servers of our website in the Netherlands. The personal data of users is only stored there. The data will not be passed on to third parties.Â By anonymizing the IP address, usersâ interest in protecting their personal data is sufficiently taken into account.
The data will be deleted as soon as they are no longer needed for our recording purposes.
More information about the privacy settings of the Matomo software can be found under the following link:Â https://matomo.org/docs/privacy/
If you contact us (e.g. via contact form or e-mail), we will process your details to reply to your enquiry and in the event that follow-up questions arise.Â We will only process further personal data if you give your consent (Art. 6 para. 1 sentence 1 a) GDPR) or if we have a legitimate interest in processing your data (Art. 6 para. 1 sentence 1 f) GDPR). For example, there is a legitimate interest in replying to your e-mail.
If you wish to contact us by e-mail, we would like to point out that the confidentiality of the transmitted information is not guaranteed. The content of e-mails can be viewed by third parties. We therefore recommend that you only send us confidential information by post.
3.7 CRM system from salesforce
We use the CRM system of the provider salesforce.com Germany GmbH, Erika-Mann-Str. 31, 80636 Munich, in order to process and administrate enquiries and membership data faster and more efficiently (legitimate interest according to art. 6 par. 1 lit. f. GDPRO ).
salesforce is certified under the Privacy Shield Agreement and thus offers an additional guarantee to comply with European data protection law if data is processed in the USA (https://www.privacyshield.gov/participant?id=a2zt0000000KzLyAAK&status=Active)
salesforce uses the user data only for technical processing of inquiries and does not pass them on to third parties. To use salesforce, at least a correct email address is required. Pseudonymous use is possible. During the processing of service requests, it may be necessary to collect further data (name, address).
If users disagree with data collection and storage in salesforceâs external system, we offer alternative contacts for submitting service requests by e-mail, telephone or mail.
3.8 Social Media Buttons
Our Website uses Social Media Buttons of the following Social media providers:
- facebook, Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA
- Instagram Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
These social media buttons only provide links to the respective providers. As long as these buttons are not clicked, no transfer to these providers takes place.
If you click on these buttons, you will be redirected to the website of the respective social media service. Depending on whether you were registered with the respective provider at the time of clicking, your data will be processed in accordance with the data use guidelines of these organizations and, if necessary, used to create a profile, which is not our area of responsibility.
Further information on the data use guidelines of the individual social media services can be found under the following links:
- facebook:Â https://www.facebook.com/about/privacy
- Instagram https://help.instagram.com/581066165581870
If you do not want these companies to collect information about you, you should not click these buttons.Â
3.9 You Tube
We integrate videos of the platform âYouTubeâ of the provider Â Google Ireland Limited
If you do not want this company to collect information about you, you should not start the videos on this website.Â
4 Who has access to data?Â
Your information may be shared internally. This includes the Managing Director, members of the Executive Board and IT staff if access to the data is necessary for the performance of their roles.
However, we will not share your data with third parties without your consent.
5 How does IAPA International Au Pair Association protect data?
We take the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees/Board members in the proper performance of their duties. Your data is stored in a secure operating environment that is not accessible.
All information you provide to us is stored on our secure servers in the EU.
Unfortunately, the transmission of information via internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
6 For how long does IAPA International Au Pair Association keep data?
We delete data that is no longer required for the performance of our statutory and contractual services. This is determined according to the respective tasks and contractual relationships. In the case of business processing, we store the data for as long as it can be relevant for business transactions as well as with regards to any warranty or liability obligations. The necessity of data storage is reviewed every three years; in all other respects, the legal storage obligationsÂ (e.g. for invoices and receipts) apply.
7 Your rightsÂ
According to the EuropeanÂ General Data Protection Regulation (GDPR), you have a number of rights. You can:
- access and obtain a copy of your data on request at no cost;
- require the association to change incorrect or incomplete data;
- require the association to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and
- object to the processing of your data where IAPA International Au Pair Association is relying on its legitimate interests as the legal ground for processing.
If you would like to exercise any of these rights, please contactÂ Patricia Brunner at email@example.com
If you believe that the association has not complied with your data protection rights, you can complain to the Bavarian data protection authority.
Contact details of the Bavarian data protection authority:Â
Bayerisches Landesamt fĂŒr Datenschutzaufsicht
Telefon: +49 (0) 981 53 1300
Telefax: +49 (0) 981 53 98 1300
8 Links to other websites
The International Au Pair Day website contains links to other websites Â (www.iapa.org)as well as Facebook, Instagram and YouTube. This Policy only applies to the International Au Pair Day Website. Please read their own privacy policies when linking to their websites.
9 Changes to this Policy
We keep this policy under regular review and will post any updates on this webpage. This policy was last updated 13. June 2019.