top of page

Privacy Policy

General Information
The protection of personal data is very important to us. Personal data includes all information by which you can be personally identified. We always process this data confidentially and in accordance with applicable data protection laws.
 

The following explanations provide an overview of which personal data we collect, how we use it, and your rights as a user.
 

Processing of your data takes place only if you have given consent or if there is a legal basis for it.

 

Using our website is generally possible without providing personal data. If personal data (e.g., name, address, or email addresses) is collected on our pages, this is done, wherever possible, on a voluntary basis (e.g., by filling out the contact form) and only with your consent. These data will not be passed on to third parties without your explicit consent.

Please note that data transmission over the Internet (e.g., communication via email) may have security gaps. Complete protection of data from access by third parties is not possible.

The use of contact details published in the context of the imprint obligation by third parties for sending unsolicited advertising and information material is expressly prohibited. The site operators reserve the right to take legal action in case of unsolicited sending of advertising information, such as spam emails.

 

1. Responsible Entity for Data Processing
Collection and processing of personal data on this website are carried out by the website operator. The responsible entity is the natural or legal person who alone or jointly with others decides on the purposes and means of processing such data.

The responsible entity is Unapendwa e.V. Contact details can be found in the imprint.

 

2. Hosting
Our website is hosted by Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (hereinafter “WIX”).

WIX is a platform for creating and hosting websites. When visiting our website, WIX sets cookies required for display and security. Additionally, data such as user behavior, traffic sources, and visitor numbers may be processed. These data may be stored on servers worldwide, including in the USA.

 

Data transfer to third countries is based on the EU Commission Standard Contractual Clauses according to Art. 46 GDPR and the EU-US Data Privacy Framework (DPF). The DPF is an agreement between the European Union and the USA, ensuring compliance with European data protection standards for data processing in the USA. Accordingly, every DPF-certified company is obliged to comply with these standards.

Further information can be found in:

WIX Privacy Policy: https://de.wix.com/about/privacy
WIX DPA for users: https://de.wix.com/about/privacy-dpa-users
DPF Register: https://www.dataprivacyframework.gov/participant/5626

Processing is based on Art. 6(1)(f) GDPR, as we have a legitimate interest in a reliable representation of our website. Where consent is requested, processing is additionally based on Art. 6(1)(a) GDPR and § 25(1) TTDSG (e.g., for cookies). Consent can be revoked at any time.

3. Collection, Storage, and Purpose of Data Processing
We process personal data only to the extent necessary for the operation and security of our website. This includes, in particular, your IP address, technical access data (e.g., browser type, operating system, access time), and information from contact forms or emails (e.g., name, email address, message). Processing is carried out to handle contact requests and to analyze user behavior in connection with fulfilling our statutory tasks as a non-profit association.

4. Server Log Files
When visiting our website, the provider automatically collects and stores information in so-called server log files. This includes, in particular, the IP address of the requesting computer, browser type, access time, name and URL of the requested file, as well as, if applicable, the operating system and the name of the access provider.

This data is technically necessary to ensure error-free provision of the website and is only temporarily stored. It may also be used to analyze system security and user behavior but is not merged with other data or evaluated on a personal basis.

Processing is based on Art. 6(1)(f) GDPR, based on our legitimate interest in a secure and technically flawless website.

5. Legal Basis
Processing of personal data is based on:

  • Art. 6(1)(a) GDPR (consent, e.g., newsletter subscription)

  • Art. 6(1)(b) GDPR (contract performance or pre-contractual measures)

  • Art. 6(1)(f) GDPR (legitimate interest, e.g., proper presentation of the website)
     

6. Contact Form and Other Contact
When using our contact form or making an inquiry via email or phone, the data you provide (e.g., name, email address, message) is used exclusively to process your request. Data will not be passed on to third parties without your explicit consent.

Processing is based on:

  • Art. 6(1)(b) GDPR (processing your request or pre-contractual measures)

  • Art. 6(1)(f) GDPR (legitimate interest in efficient handling of incoming requests)

  • Art. 6(1)(a) GDPR (consent, if requested)

Consent can be revoked at any time. This does not affect the legality of processing up to the time of revocation and only applies going forward. You can revoke consent in writing or by email.

 

Data transmission via email cannot be guaranteed to be secure. Please do not send confidential information unencrypted via email.

7. Data Sharing
Data will only be shared with third parties if legally required, you have consented, or it is necessary for fulfilling association tasks (e.g., hosting service providers).

8. Data Retention
Personal data is only stored as long as necessary to fulfill the respective purpose or as required by law.

 

If you exercise your right to deletion or revoke your consent, your data will be deleted unless other legal obligations (e.g., tax or commercial law requirements) mandate further storage. In such cases, deletion occurs immediately once these reasons no longer apply. Mandatory statutory retention periods remain unaffected.

9. Your Rights under the GDPR
You have the following rights regarding your personal data:

  • Access (Art. 15 GDPR): Right to free information about the origin, purpose of processing, and recipients of your stored data.
     

  • Rectification (Art. 16 GDPR): Right to immediate correction of incorrect or incomplete data.
     

  • Deletion (Art. 17 GDPR): Right to deletion of personal data unless legal retention obligations exist.
     

  • Restriction of Processing (Art. 18 GDPR): Right to limit processing, e.g., during verification of data accuracy, in case of unlawful processing, if data is needed for legal claims, or while a GDPR Art. 21 objection is being reviewed.
     

  • Objection (Art. 21 GDPR): Right to object to processing of personal data, particularly if processing is based on consent or legitimate interests.
     

  • Objection to processing under Art. 6(1)(e) or (f) GDPR: Data will no longer be processed unless there are compelling legitimate grounds or for asserting, exercising, or defending legal claims.
     

  • Right to lodge a complaint (Art. 77 GDPR): You can contact a supervisory authority. In Germany, this is the responsible state data protection authority.
     

10. Cookies and Analytics Tools
Our website uses cookies. Cookies are small text files stored in your browser. They do not cause harm and are used to make our website safer, more efficient, and user-friendly. On subsequent visits, information is automatically sent to our server without directly revealing your identity.


We use:

  • Strictly necessary cookies: Required for essential functions like security, identity verification, and network management; cannot be disabled.
     

  • Marketing cookies: Used to measure the effectiveness of advertising and tailor ads to visitors.
     

  • Functional cookies: Store user input to provide an improved, personalized experience.
     

  • Analytics cookies: Used to understand visitor interaction, detect errors, and improve analytics data.
     

Cookies can be session cookies (deleted after your visit), persistent cookies (stored until deletion or automatic removal by your browser), or third-party cookies (set by third parties such as Google Maps or analytics tools).
 

Legal basis:
Necessary cookies for electronic communication, providing desired functions, or website optimization are based on Art. 6(1)(f) GDPR.

Consent for cookies or similar technologies is based on Art. 6(1)(a) GDPR and § 25(1) TTDSG. Consent can be revoked at any time.
 

Cookie settings can be managed or disabled in your browser.
 

11. Security
We use TLS encryption (Transport Layer Security) for secure data transmission. This protects your data from unauthorized access during communication. An encrypted connection is indicated by the lock symbol in the browser bar and the “https://” in the address.
 

12. External Links and Social Media

Instagram:
A link to our Instagram profile is included on our website. Clicking the link leaves our website, and Instagram’s privacy policy applies.
 

Instagram is operated by Instagram LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA. The EU provider is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Information about the purpose and scope of data collection and about your rights can be found in Instagram’s Privacy Policy (https://help.instagram.com/519522125107875).
 

Please note that when using Instagram, data (e.g., IP address, device information such as browser data, date, time, cookies) may be transmitted to the provider and, if necessary, transferred to third countries, particularly the USA, and stored there. We have no influence on the scope, type, and purpose of Instagram’s data processing. If you are logged in, data may be associated with your personal account.
 

US companies may be required to disclose personal data to authorities without judicial recourse, which is beyond our control.
 

13. Contacting the Supervisory Authority
In case of violations of the GDPR, you can contact the competent data protection authority.
 

Under § 77 GDPR, this may be in the member state of your usual residence, workplace, or the location of the alleged violation. This right exists without prejudice to other administrative or judicial remedies.


14. Changes to this Privacy Policy
If you have questions regarding data protection, you can contact us anytime. You can find our contact details in the imprint.
 

We reserve the right to update the privacy policy to ensure compliance with current legal requirements. The current version is dated 22.12.2025.

bottom of page