Visiting the mygix.org website involves the processing of personal data. Although no information about personal data is required in principle when simply calling up the site, since certain functions of the website and possibly associated services may cause a processing operation, all visitors should be informed at this point about the body responsible for the processing, the purpose and scope of the processing and, of course, about their rights as data subjects. All data processing operations on this website are carried out in accordance with the legal provisions under data protection law, in particular the General Data Protection Regulation (DSGVO) and the Federal Data Protection Act (BDSG). Consent for processing is therefore obtained from the data subjects if there is no legal basis for the individual processing operation.
There is an area on the website for which prior registration is required and additional conditions apply as a result. The additional conditions can be found under the heading "MyGIX Community" below.
The responsible party within the meaning of the DSGVO and the BDSG is:
ConAct – Coordination Center German-Israeli Youth Exchange
Altes Rathaus – Markt 26
06886 Lutherstadt Wittenberg
Statistics, representation, co-operation with authorities
In order to compile access statistics, for the correct display of content and for the best possible cooperation with law enforcement authorities in the event of a cyberattack, the following data is collected when visiting this website:
- IP address
- URL of the page accessed
- Referer (the previous page from which the accessed page was referred to)
- Pages accessed via this website
- Date and time of access
- Duration of the access
- Information about the internet service provider, the operating system and the browser used.
This data collected during a visit to the website is stored separately from other data that may be entered during the use of the website and is only used internally for the purposes stated and is not passed on to third parties unless there is a legal obligation to do so. An assignment of this data to a specific person is not possible.
Contacting via email
It is possible to send personal data to the person responsible by email. You determine the scope and nature of the data transmitted in this way by the content of the email. It is pointed out here that the sending of an email is considered as consent to data processing. The data can be used for pre-contractual measures and for the fulfillment of the contract.
On this website there is the possibility to create an account for a closed community area by registration (MyGIX Community). If this possibility is used, personal data will be collected, processed and used in this context. The extent of the so collected data results from the additional conditions under the heading "MyGIX Community" (see below).
The log files are deleted after six months at the latest.
A plugin from Vimeo is used on this website. Vimeo is a service of Vimeo, Inc. 555 West 18th Street, New York, New York 10011 (Vimeo). Vimeo is an internet video portal on which users provide videos free of charge and for a fee, and other users can view, rate and comment on them, usually free of charge, although rating and commenting requires registration on the portal.
Storage period and deletion
The data processed on this website will be deleted after the purpose intended by the processing in each case has been achieved, but not before the expiry of a statutory retention period. Insofar as the data is required for the conclusion of a contract, the fulfillment of the contract and/or the termination of the contract, it will be stored for the time necessary for this in each case and deleted after termination of the contractual relationship, unless there are contractual and/or legal obligations to store the data.
The legal basis for the processing of data is Art. 6 (1) a) DSGVO, if the data is processed according to the consent of the data subject. As a rule, however, data processing will be necessary for the performance of a contract (Art. 6 (1) (b) DSGVO) or for the protection of legitimate interests (Art. 6 (1) (f) DSGVO). The legitimate interest of the processing here is the provision and maintenance of the online offer for the information of (potential) customers and (potential) business partners as well as other parties interested in the internet presence. In exceptional cases, the legal basis is also another reason listed in Art. 6 (1) c) - e) DSGVO.
According to the GDPR and the BDSG, those affected by data processing have the following rights:
Right of access: Data subjects may request confirmation from the controller as to whether their personal data are being processed, this includes information about the purpose of the processing, the categories of data, the recipients or categories of recipients to whom the data have been or will be disclosed, where possible the planned duration or the criteria for determining the duration, the existence of a right to erasure or rectification or to restriction of processing, the existence of a right of appeal to the supervisory authority, information about the origin of the data if it is not collected from the data subject, the existence of automated decision-making, including profiling, and in these cases the logic involved and the scope and intended effects, information about the transfer of data to third countries or to an international organization in these cases. Data subjects also have the right to be provided with a copy of the data processed.
If the right to rectification, erasure or restriction of processing is exercised, the data subject may request to be informed of the recipients of the data concerning him or her, if it has been disclosed to them.
Right to complain to a supervisory authority: Data subjects have the right to lodge a complaint with a supervisory authority if they consider that the processing of their data infringes the GDPR.
Right to rectification: Data subjects may request that inaccurate personal data concerning them be corrected. A rectification may also consist in the completion of the data.
Right to erasure ("being forgotten"): Data subjects may request the immediate erasure of personal data if the data is no longer necessary for the purpose for which it was collected, if the legal basis for the processing was the consent of the data subject, this consent has been revoked and no other legal basis for the processing exists, the data subject has objected to the processing pursuant to Art. 21 para. 1 GDPR against the processing and there are no overriding legitimate grounds or the data subject has objected under Article 21 (2) GDPR, the data were processed unlawfully, erasure is necessary for the controller to comply with a legal obligation under Union or Member State law, or the data were collected in relation to information society services offered under Article 8 (1) GDPR. The obligation to erasure for the controller does not exist if the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation which requires processing under Union or Member State law for the controller, or for the performance of a task carried out in the public interest or in the exercise of official authority by the controller, for reasons of public interest in the field of public health, for archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes pursuant to Art. 89 (1) DSGVO, insofar as the right to erasure is likely to render impossible or seriously prejudice the achievement of the purposes of such processing, or is necessary for the establishment, exercise or defense of legal claims.
Right to restriction of processing: Data subjects may request the controller to restrict processing if the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data, the processing is unlawful and the data subject objects to the erasure of the personal data and instead requests the restriction of the use of the personal data, the controller no longer needs the personal data for the purposes of the processing, but the data subject needs it for the assertion, exercise or defense of legal claims, or the data subject objects to the processing pursuant to Art. 21 para.1 DSGVO, as long as it has not yet been determined whether the legitimate grounds of the controller outweigh those of the data subject. In the event of a request for restriction of processing, the data may be processed only with the consent of the data subject or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or a Member State. Before the restriction is lifted, the data subject shall be informed of this intention.
Right to data portability: Data subjects may request that personal data concerning them which has been provided to a controller be received in a structured, commonly used and machine-readable format and have the right to have this data transferred to another controller without hindrance if the processing is based on consent or for the purpose of fulfilling a contract and the processing is carried out with the aid of automated procedures. Direct transfer to another controller may be requested, insofar as this is technically feasible.
Right to object: Data subjects may object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them where the processing is necessary for the performance of a task carried out in the public interest or required in the exercise of official authority by the controller, or where the processing is necessary for the purposes of safeguarding the legitimate interests of the controller or of a third party and where the interests or fundamental rights and freedoms of the data subject relating to the protection of personal data are not overridden. This also applies to profiling based on this data. Processing shall then cease unless compelling legitimate grounds for the processing are demonstrated which override the interests, rights and freedoms of the data subject, or unless the processing serves the purpose of asserting, exercising or defending legal claims.
Data subjects may object at any time if processing is carried out for the purpose of direct marketing. This also applies to profiling (for more information, see below), insofar as it is related to such direct marketing. Further processing is then to be refrained from.
The right to object may be exercised by means of automated procedures using technical specifications, notwithstanding Directive 2002/58/EC. The data subject may object to processing carried out for scientific or historical research purposes or for statistical purposes pursuant to Article 89(1) of the GDPR only if the processing is not necessary for the performance of a task carried out in the public interest.
Automated decisions on a case-by-case basis, including profiling: Data subjects may request not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them, unless necessary for the conclusion or performance of a contract, unless permitted by Union or Member State law applicable to the controller, and unless such law provides for adequate measures to safeguard the rights and freedoms and legitimate interests of the data subject, or with the explicit consent of the data subject. If necessary for the conclusion or performance of a contract and if the data subject has given his or her consent, the controller shall implement measures to safeguard the data subject's rights and freedoms, which shall include, at least, the right to obtain the intervention of a person on the part of the controller, to express his or her point of view and to contest the decision.
Right of withdrawal: It is possible to withdraw consent to the processing of personal data at any time and without giving reasons. A revocation must only be declared to the controller or an authorized representative of the controller.
Responsible for the MyGIX community offer in terms of the DSGVO and the BDSG is also:
ConAct – Coordination Center German-Israeli Youth Exchange
Altes Rathaus – Markt 26
06886 Lutherstadt Wittenberg
MyGIX Community is an internet platform for the exchange of information and news between members. The service is not publicly accessible, so that only registered members can access it. The creation of an account for membership is connected with the collection, storage and processing of personal data. Before a data collection/storage/processing procedure begins, a potential member is informed in this way about all circumstances relevant to data protection and must agree to these procedures in advance.
With the creation of an account for the MyGIX community platform a contract between us and the member about the use of the platform comes into being. So that we can fulfill our obligations from the contract towards the member, the collection, storage and processing of data is necessary. The legal basis in this respect is Art. 6 para. 1 lit. c) DSGVO.
Only the personal data that the member provides when or after creating an account on the platform is collected. These are in particular, but not conclusively:
- Email address
- Date of birth
- information about personal preferences and interests
- IP address, date and time of registration.
Since all information, with the exception of the email address, is provided voluntarily, we understand the registration as consent to the use of the data provided. The consent can be revoked at any time and without compliance with a specific form.
There is also a storage of the member's activities on the platform (posts, comments, pictures, calendar events, etc.) and a connection with the account.
The member itself thus decides which personal data is stored and processed by us. The only requirement for creating an account is a valid email address.
A passing on of data to third parties by us does not take place – with exception of the data collected for statistical purposes (see in addition the appropriate regulations under the headings "Cookies" and "Statistics, representation, co-operation with authorities") and the necessary visualization of the data and/or contents made available by the member for the MyGIX Community.
With the creation of an account the member declares to have read and understood these supplementary data protection regulations and to agree with the extent of the collection, storage and processing of his personal data described therein. In this respect, by creating the account, the member declares his consent within the meaning of Art. 6 para. 1 lit. a) DSGVO. This consent also applies to data that is not required for the fulfillment of the contract by ConAct.
On the pages of the MyGIX Community there is the possibility of integration of contents of external websites or providers. These are only displayed to other members if the respective member explicitly agrees to this in the individual case by selecting the button. By such a consent, the collection, processing and forwarding of personal data to these third-party providers is sometimes agreed. We point out that a combination with other data stored about the member by these third-party providers may occur. In this respect, the additional conditions on data protection of the respective third-party provider must be observed.
The personal data of the member will be stored for the duration of the existence of the account. If the member makes use of the option to delete the account, the data will be deleted in its entirety. Only the contributions (posts) published by the member will remain, but will then be displayed as contributions of a "Deleted User". If the member also wishes the deletion of all posts published within the MyGIX Community, we ask for notification of the posts to be deleted, stating the information necessary for identification, so that these can also be deleted.
If the member uses MyGIX Community via the tixxt app, an offer of mixxt GmbH, the data protection regulations for the tixxt app apply additionally, which the member has to accept when installing the app.
According to the DSGVO or the BDSG, the persons affected by the data processing have a right to information (Art.15 DSGVO) about the data collected from them, can demand a confirmation about the data processing and a provision of a copy of the data as well as a right to complain to the competent supervisory authority (Art. 77 DSGVO). You have a right to rectification (Art. 16 DSGVO), which may also lie in the completion of the data. You have a right to erasure ("being forgotten") (Art. Art. 17 DSGVO) and a right to restriction of processing (Art. 18 DSGVO) as well as a right to data portability (Art. 20 DSGVO). Data subjects have a right to object (Art. 21 DSGVO) to future processing of data and the restrictions on automated decisions in individual cases, including profiling (Art. 22 DSGVO) apply. If you have consented to the data processing and the data is processed on this basis, you have the right to withdraw this consent at any time.