Data protection
1. Privacy at a glance
General information
The following notes provide a simple overview of what happens to your personal data when you visit our website. Personal data is all data with which you can be personally identified. Detailed information on the subject of data protection can be found in our data protection declaration listed under this text.
Data collection on our website
Who is responsible for data collection on this website?
The data processing on this website is carried out by the website operator. You can find their contact details in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected when you communicate it to us. This can, for example, be data that you enter in a contact form.
Other data is automatically recorded by our IT systems when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure that the website is provided without errors. Other data can be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to request the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint if you have any further questions on the subject of data protection. You also have the right to lodge a complaint with the competent supervisory authority.
You also have the right, under certain circumstances, to request that the processing of your personal data be restricted. Details can be found in the data protection declaration under "Right to restriction of processing".
Analysis tools and third-party tools
When you visit our website, your surfing behavior can be statistically evaluated. This is mainly done with cookies and so-called analysis programs. The analysis of your surfing behavior is usually anonymous; surfing behavior cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. You will find detailed information on this in the following data protection declaration.
You can object to this analysis. We will inform you about the possibilities of objection in this data protection declaration.
2. General information and mandatory information
data protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
If you use this website, various personal data will be collected. Personal data is data with which you can be personally identified. This data protection declaration explains what data we collect and what we use it for. It also explains how and for what purpose this happens.
We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.
Note on the responsible body
The responsible body for data processing on this website is:
Black Female Business
Mariam Guede & Lioba Jarju
Volkmannstrasse 6,
22083 Hamburg
Telephone: +49 17687367151
Email: info@blackfemalebusiness.de
The responsible body is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your express consent. You can revoke consent that you have already given at any time. An informal message by e-mail to us is sufficient. The legality of the data processing that took place up until the revocation remains unaffected by the revocation.
Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)
If the data is processed on the basis of Article 6 Paragraph 1 Letter e or f GDPR, you have the right at any time to object to the processing of your personal data for reasons that arise from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this data protection declaration. If you object, we will no longer process your affected personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims ( Objection according to Art. 21 Para. 1 GDPR).
If your personal data is processed in order to operate direct advertising, you have the right to object at any time to the processing of your personal data for the purpose of such advertising; this also applies to profiling insofar as it is associated with such direct advertising. If you object, your personal data will then no longer be used for direct advertising purposes (objection according to Art. 21 Para. 2 GDPR).
Right of appeal to the competent supervisory authority
In the event of violations of the GDPR, those affected have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint is without prejudice to any other administrative or judicial remedy.
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another person responsible, this will only be done to the extent that it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the site operator, this site uses an SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If, after the conclusion of a fee-based contract, there is an obligation to send us your payment data (e.g. account number for direct debit authorization), this data is required for payment processing.
Payment transactions using the usual means of payment (Visa/MasterCard, direct debit) are carried out exclusively via an encrypted SSL or TLS connection. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
With encrypted communication, your payment data that you transmit to us cannot be read by third parties.
Information, blocking, deletion and correction
Within the framework of the applicable legal provisions, you have the right to free information about your stored personal data, its origin and recipient and the purpose of the data processing and, if necessary, a right to correction, blocking or deletion of this data at any time. You can contact us at any time at the address given in the imprint if you have any further questions on the subject of personal data.
Right to restriction of processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time at the address given in the imprint. The right to restriction of processing exists in the following cases:
-
If you dispute the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the examination, you have the right to request that the processing of your personal data be restricted.
-
If the processing of your personal data happened/is happening unlawfully, you can request the restriction of data processing instead of deletion.
-
If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to demand that the processing of your personal data be restricted instead of being deleted.
-
If you have lodged an objection in accordance with Art. 21 (1) GDPR, your interests and ours must be weighed up. As long as it has not yet been determined whose interests prevail, you have the right to demand that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, this data - apart from its storage - may only be used with your consent or to assert, exercise or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State are processed.
Objecting to Promotional Emails
We hereby object to the use of contact data published as part of the imprint obligation to send unsolicited advertising and information material. The site operators expressly reserve the right to take legal action in the event of unsolicited advertising being sent, such as spam e-mails.
3. Data Protection Officer
Legally required data protection officer
We have appointed a data protection officer for our company.
Black Female Business
Mariam Guede & Lioba Jarju
- Data Protection Officer -
Volkmannstrasse 6,
22083 Hamburg
Telephone: +49 17687367151
Email: info@blackfemalebusiness.de
4. Data collection on our website
cookies
Some of the websites use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your end device until you delete them. These cookies enable us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted.
Cookies that are required to carry out the electronic communication process or to provide certain functions you want (e.g. shopping cart function) are stored on the basis of Article 6 Paragraph 1 Letter f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies for analyzing your surfing behaviour) are stored, these are treated separately in this data protection declaration.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
-
Browser type and browser version
-
operating system used
-
Referrer URL
-
Host name of the accessing computer
-
Time of server request
-
IP address
This data is not merged with other data sources.
This data is collected on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website - the server log files must be recorded for this purpose.
contact form
If you would like to use the contact form offered on the website to get in touch with us, we need the data requested in the form to answer your request.
Some data is only collected on a voluntary basis. We use this data exclusively to process your request and do not pass it on to third parties.
The data entered in the contact form is processed exclusively on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO).
You can revoke your consent to the storage of the data at any time. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you have stored with us for the purpose of contacting us will be stored by us until you request us to delete it or until legal deadlines allow or demand that we delete it.
Processing of data (customer and contract data)
We collect, process and use personal data only insofar as they are necessary for the establishment, content or change of the legal relationship (inventory data). This is based on Article 6 Paragraph 1 Letter b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures. We collect, process and use personal data about the use of our website (usage data) only to the extent necessary to enable the user to use the service or to bill the user.
The collected customer data will be deleted after completion of the order or termination of the business relationship. Statutory retention periods remain unaffected.
Data transmission upon conclusion of contract for services and digital content
We only transmit personal data to third parties if this is necessary within the framework of contract processing, for example to the bank responsible for processing payments.
Any further transmission of the data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes.
The basis for data processing is Art. 6 Paragraph 1 lit. b GDPR, which allows the processing of data to fulfill a contract or pre-contractual measures.
5. Social Media
Instagram plugin
Functions of the Instagram service are integrated on our website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.
If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our site with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or how it is used by Instagram.
The Instagram plugin is used on the basis of Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in the widest possible visibility in social media.
For more information, see Instagram's privacy policy: https://instagram.com/about/legal/privacy/.
6. Analysis Tools and Advertising
7. Newsletters
newsletter data
If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter . Further data is not collected or only collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered in the newsletter registration form takes place exclusively on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted after you have canceled the newsletter. Data stored by us for other purposes remain unaffected.
MailChimp
This website uses the services of MailChimp to send newsletters. The provider is Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA.
MailChimp is a service with which, among other things, the sending of newsletters can be organized and analyzed. If you enter data for the purpose of subscribing to the newsletter (e.g. e-mail address), this will be stored on the MailChimp servers in the USA.
MailChimp is certified according to the "EU-US Privacy Shield". The "Privacy Shield" is an agreement between the European Union (EU) and the USA, which is intended to ensure compliance with European data protection standards in the USA.
With the help of MailChimp we can analyze our newsletter campaigns. When you open an email sent with MailChimp, a file contained in the email (so-called web beacon) connects to the MailChimp servers in the USA. In this way it can be determined whether a newsletter message has been opened and which links have been clicked on. Technical information is also recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. They are used exclusively for the statistical analysis of newsletter campaigns. The results of these analyzes can be used to better adapt future newsletters to the interests of the recipients.
If you do not want an analysis by MailChimp, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. You can also unsubscribe from the newsletter directly on the website.
The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted both from our servers and from the servers of MailChimp after you have canceled the newsletter. Data stored by us for other purposes remain unaffected.
For more information, see MailChimp's privacy policy at: https://mailchimp.com/legal/terms/.
Conclusion of a data processing agreement
We have concluded a so-called "Data Processing Agreement" with MailChimp, in which we oblige MailChimp to protect our customers' data and not to pass it on to third parties. This contract can be viewed at the following link: https://mailchimp.com/legal/forms/data-processing-agreement/sample-agreement/.
8. Plugins and Tools
Google Maps
This site uses the Google Maps map service via an API. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
In order to use the functions of Google Maps, it is necessary to save your IP address. This information is usually transmitted to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
Google Maps is used in the interest of an attractive presentation of our online offers and to make it easier to find the places we have indicated on the website. This represents a legitimate interest within the meaning of Article 6 (1) (f) GDPR.
You can find more information on handling user data in Google's data protection declaration: https://policies.google.com/privacy?hl=en.
Google's privacy policy can be found in the following links: https://policies.google.com/privacy?hl=de
9. Payment Providers and Resellers
Instant bank transfer
On our website we offer, among other things, payment by means of “Sofortüberweisung”. The provider of this payment service is Sofort GmbH, Theresienhöhe 12, 80339 Munich (hereinafter “Sofort GmbH”).
With the help of the "Sofortüberweisung" procedure, we receive a payment confirmation from Sofort GmbH in real time and can immediately start fulfilling our obligations.
If you have decided to use the “Sofortüberweisung” payment method, send the PIN and a valid TAN to Sofort GmbH, which they can use to log into your online banking account. Sofort GmbH automatically checks your account balance after logging in and carries out the transfer to us using the TAN you sent. It then immediately sends us a transaction confirmation. After logging in, your sales, the credit limit of the overdraft facility and the existence of other accounts and their balances are automatically checked.
In addition to the PIN and the TAN, the payment data you enter as well as personal data are transmitted to Sofort GmbH. Your personal data includes first and last name, address, telephone number(s), email address, IP address and any other data required for payment processing. The transmission of this data is necessary to establish your identity beyond doubt and to prevent attempts at fraud.
Your data is transmitted to Sofort GmbH on the basis of Art. 6 Para. 1 lit. a GDPR (consent) and Art. 6 Para. 1 lit. b GDPR (processing to fulfill a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the effectiveness of past data processing operations.
Details on payment with immediate transfer can be found in the following links: https://www.sofort.de/datenschutz.html and https://www.klarna.com/sofort/.
Eventbrite
This website uses the Eventbrite ticket booking and registration platform to manage online registrations for events and the online purchase of tickets. Eventbrite uses so-called "cookies". These are text files that are stored on your computer and that enable an analysis of your use of Eventbrite. Eventbrite collects your personal data (your name, address, email address and other data) if you provide such information as part of a registration for one of our events and then transmits this data to us as the organiser.
Eventbrite Inc. is a Delaware registered company with principal offices at 155 5th Street, Floor 7, San Francisco, CA 94103, Reg. 4742147, United States. For users located in the European Economic Area ("EEA") or Switzerland, Eventbrite Inc. acts as a controller of the personal information collected through the Services. Eventbrite's representative for the purpose of European data protection legislation is Eventbrite NL BV with registered office at Silodam 402, 1013AW, Amsterdam, The Netherlands.
Eventbrite Inc. has im Data Processing Addendum (“DVN”) sets out the terms relating to the protection, privacy and security of personal information in connection with the Services that Eventbrite provides to Organizers under the Agreement.
We have partnered with Eventbrite Inc. die Standard Contractual Clauses for Transfers of Personal Data to Processors agreed by the European Commission.
For Eventbrite's privacy policy see here.
Our social media appearances
Data processing by social networks
We maintain publicly accessible profiles on social networks. The social networks we use in detail can be found below.
Social networks such as Facebook, Twitter, Instagram, etc. can usually analyze your user behavior comprehensively when you visit their website or a website with integrated social media content (e.g. Like buttons or advertising banners). Visiting our social media presence triggers numerous data protection-related processing operations. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, however, your personal data can also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, this data is collected, for example, via cookies that are stored on your end device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which your preferences and interests are stored. In this way, interest-based advertising can be displayed to you both inside and outside of the respective social media presence. If you have an account with the respective social network, interest-based advertising can be displayed on all devices on which you are logged in or were logged in.
Please also note that we cannot trace all processing operations on the social media portals. Depending on the provider, additional processing operations may therefore be carried out by the operators of the social media portals. Details can be found in the terms of use and data protection regulations of the respective social media portals.
legal basis
Our social media appearances should ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Article 6 (1) (f) GDPR. The analysis processes initiated by the social networks may be based on different legal bases, which must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 Para. 1 lit. a GDPR).
Controller and assertion of rights
If you visit one of our social media presences (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can exercise your rights (information, correction, deletion, restriction of processing, data transferability and complaints) both against us as well as the operator of the respective social media portal (e.g. against Facebook).
Please note that despite the joint responsibility with the social media portal operators, we do not have full influence on the data processing operations of the social media portals. Our options are largely based on the corporate policy of the respective provider.
storage duration
The data collected directly by us via the social media presence will be deleted from our systems as soon as the purpose for storing it no longer applies, you request us to delete it, revoke your consent to storage or the purpose for storing the data no longer applies. Saved cookies remain on your end device until you delete them. Mandatory legal provisions - especially retention periods - remain unaffected.
We have no influence on the storage period of your data, which is stored by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their privacy policy, see below).
Social networks in detail
We have a profile on Facebook. The provider is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook is certified under the EU-US Privacy Shield.
You can adjust your advertising settings independently in your user account. To do this, click on the following link and log in:
https://www.facebook.com/settings?tab=ads
Details can be found in Facebook's privacy policy:
https://www.facebook.com/about/privacy/
We use the short message service Twitter. The provider is Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Twitter is certified under the EU-US Privacy Shield.
You can adjust your Twitter data protection settings independently in your user account. To do this, click on the following link and log in:
https://twitter.com/personalization
Details can be found in Twitter's privacy policy:
https://twitter.com/de/privacy
We have a profile on Instagram. The provider is Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. Details on how they handle your personal data can be found in Instagram's data protection declaration:
https://help.instagram.com/519522125107875