1. Name and contact details of who is responsible for processing your data
The responsible party
IMAI - Inter Media Art Institute
A nonprofit foundation under German civil law
Phone + 49 211—54 23 09 90
Rajiv Strauß, Prof. Dr. Reiner Nachtwey
2. Collection and storage of personal data and how it is used
(a) When visiting the website
When you visit our website—www.stiftung-imai.de—the browser you use on your device automatically sends data to our website’s server. This data is temporarily stored in what is known as a log file.
The following data is collected and stored, without any action on your part, until it is automatically deleted:
- IP address of the computer requesting access;
- date and time of the access;
- name and URL of the accessed files;
- website from which access was requested (referrer URL);
- the browser used and, if applicable, your device’s operating system and the name of your access provider.
The aforementioned data is processed by us for the following purposes:
- ensuring the trouble-free setup of a connection to the website;
- ensuring the ease of use of our website;
- evaluation of the system security and stability, and;
- other administrative purposes.
The legal basis for this data processing is GDPR Article 6, Paragraph 1, Section 1, lit. (f). Our legitimate interest follows from the data collection purposes listed above. In any case, we don’t use the collected data for the purpose of drawing any conclusions about who you are as an individual.
(b) Contact via email, phone, and fax
If you contact us via the email address, telephone number, or fax number we provided, the information and personal data you provide will be processed exclusively for the purposes of handling your respective request.
Depending on each individual case, we may use the data you provide via our email address firstname.lastname@example.org or via telephone at +49 211—54 23 09 90 for correspondence:
- and for handling your general request,
- and for initiating and justifying a cooperation with you,
- and for clarifying the facts of your case,
- and for considering your personal and economic circumstances,
- and for the further enforcement and exercise of legal claims,
- and/or in the case of an (unsolicited) application via submitted documents for application, for the decision about establishing a working/employment relationship.
c) IMAI Play
If you use our IMAI Play offerings, we will collect additional personal data. To the extent you use the offerings only passively without creating a user account, the information stated above under a) applies. If you register as a user of IMAI Play, however, in order to create playlists and make comments, you must create a user account.
For that, we collect your first and last names, your email address, and your username. We need these data to verify your registration and to prevent abuse of the functions of IMAI Play or to enable us to pursue our claims if laws are violated.
The legal basis for this data processing is GDPR Article 6, Paragraph 1, Section 1, lit. (a).
After you have deleted your account, we will keep the data until statutory period of limitation for the pursuit of claims has run out. As a rule, that takes three years.
3. Data retention
We adhere to the principles of data avoidance and data minimization. Therefore we only save your personal data for as long as is necessary to achieve the purposes stated herein or as stipulated by the various retention periods as provided for by law. After the cessation of the respective purpose or expiration of the retention period, the corresponding data will be routinely locked or deleted pursuant to the law.
4. Data transfer
Your personal data will not be transferred to third parties for purposes other than those listed below.
We will only transfer your personal data to third parties if:
- You have given your express consent to this pursuant to GDPR Article 6, Paragraph 1, Section 1, lit. f);
- Data transfer is necessary for the enforcement, exercise or defense of legal claims pursuant to GDPR Article 6, Paragraph 1, Section 1, lit. f) and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data;
- In the event that there is a legal obligation for disclosure pursuant to GDPR Article 6, Paragraph 1, Section 1, lit. c), and;
- This is legally permissible and necessary for processing of a contractual relationship with you pursuant to GDPR Article 6, Paragraph 1, Section 1, lit. b).
Data is stored in the cookie that is related to the specific device used for access. However, this does not mean that we gain direct knowledge of your identity through their use.
Furthermore, we use session cookies when you log in to our website, i.e., when subpages are only intended for certain users or when an offering containing special information is accessed.
In addition, we also use temporary cookies to optimize user-friendliness. These temporary cookies are stored on your device for a certain specified period of time. If you visit our site again to use our services, it automatically recognizes that you have previously visited our site and recognizes which entries and settings you made so that you don’t have to reenter them. This is not to be confused with you deliberately storing data for forms and passwords by using your browser’s functionality for such.
The data processed by cookies is necessary for the aforementioned purposes to protect our legitimate interests and those of third parties pursuant to GDPR Article 6, Paragraph 1, Section 1, lit. (f).
You can set your browser so that you are informed about the placing of cookies and only allow cookies in individual cases, exclude the placing of cookies generally or for certain cases, and activate the automatic deletion of cookies when quitting the browser. The functionality of this website may be limited if cookies are deactivated.
6. Social media plugins
We currently use the social media plugins from YouTube and Vimeo inasmuch as we integrate videos into our internet page by means of these platforms. Since we do not know which data these social media plugins handle and in which form they do so, we hereby refer to the pertinent indications with regard to privacy protection:
We request that you take into account that with social media plugins, there is the possibility that the personal data gathered by the providers of these platforms could be processed in countries outside the European Union.
We have designed our internet page in such a way that the social media plugins are initially deactivated and must be activated by users by means of the consent-management tool of Usercentrics. You receive a corresponding message, for example, when you attempt to play a video. If you activate the respective plugin, we process the data in conformance with the EU’s GDPR (General Data Protection Regulation) via Matomo. Moreover, the plug-in providers process your data as is indicated in their respective privacy-protection provisions.
7. Your rights
You have the right:
- pursuant to GDPR Article 15 to request information about how we process your personal data. Specifically, you can request information about the processing purposes, about the category of personal data, about the categories of recipients to whom your data has been or will be disclosed, about the planned retention period, about the existence of a right to rectification, erasure, restriction of processing or opposition to such processing, about the existence of a right of complaint, about the origin of your data if it we didn’t collect it, as well as about the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
- pursuant to GDPR Article 16 to demand the correction of inaccurate or incomplete personal data we store without undue delay;
- pursuant to GDPR Article 17 to request the erasure of your personal data we store inasmuch as the processing isn’t necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the enforcement, exercise or defense of legal claims;
- pursuant to GDPR Article 18 to request the restriction of the processing of your personal data inasmuch as you dispute the accuracy of the data, the processing is unlawful, but you object to its erasure and we no longer need the data, but you need it for the enforcement, exercise or defense of legal claims or you have objected to the processing in accordance with GDPR Article 21;
- pursuant to GDPR Article 20 to receive the personal data that you have provided to us in a structured, accessible and machine-readable format or to request that it be transferred to another responsible party;
- pursuant to GDPR Article 7, Paragraph 3 to revoke the consent you gave to us at any time. The consequence of this is that we may no longer continue the data processing based on this consent in the future, and;
- pursuant to GDPR Article 77 you may file a complaint with a supervisory authority. As a rule, you may contact for this purpose the supervisory authority of your normal place of residence or workplace, or our agency headquarters.
8. Right to object
If your personal data is processed on the basis of legitimate interests pursuant to GDPR Article 6, Paragraph 1, Section 1, lit. (f), you have the right to object to the processing of your personal data pursuant to GDPR Article 21 provided that there are grounds for doing so that arise from your particular situation or the objection is against direct advertising.
In the latter case, you have a general right to object that will be effectuated by us without the specification a particular situation.
If you would like to exercise your right of revocation or objection, an email stating such sent to email@example.com will suffice.
9. Data security
For visits to our website we use the widespread Secure Socket Layer (SSL) system in combination with the highest level of encryption supported by your browser. This is usually 256-bit encryption.
If your browser doesn’t support 256-bit encryption, we instead use 128-bit v3 technology. You can tell whether an individual page of our website is encrypted by the closed key or lock symbol appearing in your browser’s status bar.
We also utilize appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, and against unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
11. Objection to advertising mails
We hereby object to the use of contact data published as part of the legally required publication details for the sending of advertising and information materials that have not been expressly requested by us. The website owners expressly reserve the right to take legal action in the case of receiving unsolicited advertisement, including but not limited to spam emails.
We use the newsletter software Clever Elements (http://cleverelements.com). Your data is transmitted to Clever Elements GmbH for newsletter services. Clever Elements is prohibited from selling your data or using it for purposes other than sending newsletters. Clever Elements is a German company and certified provider that was selected according to the requirements of Germany’s Data Protection Regulations and the Germany’s Federal Data Protection Act.