Data protection

1. Responsible Body and Data Protection Officer

Thank you for your interest in our information.

Your privacy as a data subject and your right to “informational self-determination” are very important to us. We process your personal data in accordance with the EU General Data Protection Regulation (EU-DS-GVO) and the Federal Data Protection Act (BDSG).

The responsible body within the meaning of the GDPR is:
Kriegerbund Sigfaðir
c/o Marcus Pfeiffer
Noidach 1
83735 Bayrischzell
E-mail: warriors@sigfadir.de

Data Protection Officer:
Please send all requests for information, inquiries, or objections to data processing to this address:

PrioDesign
Noidach 1
83735 Bayrischzell
Phone 0049 176 609 333 90
Email: info@priodesign.de
www.priodesign.de

We take the protection of your personal data very seriously. Personal data is all information relating to an identified or identifiable natural person (hereinafter “data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

2. Legal basis for the processing of your personal data

We process your personal data in accordance with specific purposes in connection with your expression of interest in our offers, to initiate contractual or quasi-contractual business relationships, to offer products and services, to maintain business contacts, and to comply with processing regulations under tax and commercial law and other relevant laws and regulations.

In this sense, we also pursue changes to purposes if necessary – e.g. B. in the context of advertising activities (direct marketing) – as long as these do not contradict your right to informational self-determination or you do not revoke your consent to this processing of your personal data.

The legal basis for the processing of your personal data arises in particular from Art. 6 EU GDPR.

Personal data is largely collected and processed directly from the data subjects via our website – especially when you actively use the online forms yourself. This happens, for example, when you use the contact form or when you subscribe to the online newsletter.

Processing of special categories of personal data within the meaning of For example, when registering for events, applying for jobs, or attending training events, processing of personal data only occurs if this is required based on your consent or legal regulations and there is no reason to believe that your legitimate interest in excluding processing outweighs it, Art. 88 Para. 1 GDPR.

3. Your rights as a data subject

The EU GDPR provides you, as the data subject, with relevant rights regarding the processing of your personal data by the controller, in particular:

Right to information (Art. 15 EU GDPR)
You have the right, in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected from us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information on its details;

Right to rectification (Art. 16 EU GDPR)
You have the right, in accordance with Art. 16 GDPR, to immediately request the rectification of inaccurate personal data stored by us or the completion of your personal data stored by us;

Right to erasure (Art. 17 EU GDPR)
You have the right, in accordance with Art. 17 GDPR, to request the erasure of your personal data stored by us. unless processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;

Right to restriction of data processing (Art. 18 EU GDPR)
You have the right, pursuant to Art. 18 GDPR, to request the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have objected to the processing pursuant to Art. 21 GDPR;

Right to data portability (Art. 20 EU GDPR)
You have the right, pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us have, in a structured, common and machine-readable format or to request that it be transmitted to another controller;

Right to revoke your consent once given
You have the right to revoke your consent at any time in accordance with Art. 7 (3) GDPR. This means that we may no longer continue the data processing based on this consent in the future.

Right to lodge a complaint with a data protection supervisory authority
You have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our headquarters, the Bavarian State Commissioner for Data Protection.

Right to object to data processing (Art. 21 EU GDPR)
If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) (f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided there are reasons for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.
If you wish to exercise your right of withdrawal or objection, simply send an email to the company data protection officer: info@priodesign.de.

4. On data protection in individual areas

Data security of the web platform

During your visit to our website, we use the widespread SSL (Secure Socket Layer) method in conjunction with the highest level of encryption supported by your browser. This is usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is being transmitted encrypted by the closed key or lock symbol in your browser’s status bar.

We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously being improved in line with technological developments.

Our website at https://battleofbavaria.com is intended to make it easier for you to access our information and services.

We reserve the right to make changes or additions to the information provided at any time. When creating our pages, we carefully ensure that the information provided is correct, up-to-date, complete, understandable, and always available. The service provider pursuant to Section 13 of the Telemedia Act (TMG) and the responsible body pursuant to Art. 4 No. 7 GDPR is Sigfadir IG, c/o Marcus Pfeiffer, Ginsham 32, 83052 Bruckmühl.

Collection and storage of personal data as well as the type and purpose of their use:

a) When visiting the website
When you use our website, the browser used on your device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status/HTTP status code
• Amount of data transferred in each case
• Website from which the request originates
• Browser
• Operating system and its interface
• Language and version of the browser software.

The above data is processed by us for the following purposes:

• Ensuring a smooth connection establishment of the Website,
• Ensuring comfortable use of our website,
• Evaluating system security and stability, and
• for other administrative purposes.

The legal basis for data processing is Art. 6 (1) (f) GDPR. Our legitimate interest arises from the purposes for data collection listed above. Under no circumstances will we use the collected data to draw conclusions about you personally.
In addition, we use cookies when you visit our website. You will find more information about this in the separate section “Cookies” below.

b) Contact form
For questions of any kind, we offer you the opportunity to contact us using a form provided on the website. You must provide your name and a valid email address so that we know who sent the request and can answer it. Further information can be provided voluntarily.
Data processing for the purpose of contacting us is carried out in accordance with Art. 6 (1) (a) GDPR on the basis of your voluntarily granted consent.

c) Registration for events
If you would like to register for one of our events, we offer you the opportunity to register using a form provided on the website. You must provide your name, a valid email address, and your postal address so that we know who the registration came from and can process it. Further information can be provided voluntarily.
Data processing for the purpose of registering for an event with us is carried out in accordance with Art. 6 (1) (b) GDPR. We will delete your personal data after the contract has been processed and any retention periods under tax and commercial law have expired.

Disclosure of data:

Personal data is generally disclosed exclusively for the purpose of order processing by external service providers, in particular for the purpose of sending the Lebenshilfe newspaper, the specialist journal Teilhabe, and the legal service to the respective customers or subscribers.
Your personal data will not be disclosed to third parties for purposes other than those listed.
We will only disclose your personal data to third parties if:

• You have given your express consent to this in accordance with Art. 6 (1) (a) GDPR,
• Disclosure in accordance with Art. 6 (1) (f) GDPR GDPR is necessary to assert, exercise, or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
• in the event that there is a legal obligation to disclose data pursuant to Art. 6 (1) (c) GDPR, and
• this is legally permissible and necessary for the processing of contractual relationships with you pursuant to Art. 6 (1) (b) GDPR.

5. Technical background to the processing of personal data

a) Use of cookies:

Furthermore, cookies are stored on your computer when you use the website. Cookies are small text files stored on your hard disk and associated with the browser you use. They allow certain information to be sent to the location that placed the cookies (in this case, us). Cookies cannot run programs or transmit viruses to your computer. They are designed to make the internet more user-friendly and effective. We use cookies to identify you for subsequent visits if you have an account with us. Otherwise, you would have to log in again for each visit.
This website uses cookies to the following extent:

• Transient cookies (temporary use)
• Persistent cookies (time-limited use)
• Third-party cookies (from third-party providers)
• Flash cookies (permanent use; cannot be excluded from third-party providers).

Transient cookies are automatically deleted when you close your browser. This includes, in particular, session cookies. These store a so-called session ID, which allows various requests from your browser to be assigned to the shared session. This allows your computer to be recognized when you return to the website. Session cookies are deleted when you log out or close your browser.

Persistent cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete cookies at any time in your browser’s security settings. You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. However, please note that you may then not be able to use all functions of this website.

The Flash cookies used are not recorded by your browser, but by your Flash plug-in. These store the necessary data regardless of the browser you use and do not have an automatic expiration date. If you do not wish to process Flash cookies, you must install a corresponding add-on, e.g., “Better Privacy” for Mozilla Firefox or Adobe Flash Killer Cookie for Google Chrome.
This stored information is stored separately from any other data you may have provided to us. In particular, the cookie data is not linked to your other data.

b) Use of Google Products:

The legal basis for the processing of users’ personal data is generally the user’s consent in accordance with Art. 6 (1) (a) GDPR.
With the tracking measures we use, we want to ensure a needs-based design and the continuous optimization of our website. We also use tracking measures to statistically record the use of our website and evaluate it for the purpose of optimizing our offering for you. The respective data processing purposes and data categories can be found in the corresponding tracking tools.

• Google Fonts
• Google reCAPTCHA
• Integration of Google Maps

1. Google Fonts:

Our website uses so-called web fonts provided by Google for the uniform display of fonts. Google Fonts is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). For this purpose, the browser you use must establish a connection to Google’s servers. This allows Google to know that our website was accessed via your IP address. The IP address of the browser on the device of the visitor to this website is also stored by Google. If your browser does not support web fonts, a standard font from your computer will be used.

Further information about Google Fonts can be found at developers.google.com/fonts/faq and in Google’s privacy policy: policies.google.com/privacy.

2. Google reCAPTCHA:

We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on this website. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

reCAPTCHA is designed to verify whether data entry on this website (e.g., in a contact form) is being carried out by a human or by an automated program. To do this, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the website visitor enters the website. For the analysis, reCAPTCHA evaluates various information (e.g., IP address, length of time the website visitor spends on the website, or mouse movements made by the user). The data collected during the analysis is forwarded to Google.

The reCAPTCHA analyses run entirely in the background. Website visitors are not informed that an analysis is taking place.

The storage and analysis of the data is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from SPAM. If consent has been requested, processing will be carried out exclusively on the basis of Art. 6 (1) (a) GDPR and Section 25 (1) TTDSG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) within the meaning of the TTDSG. Consent can be revoked at any time.

Further information about Google reCAPTCHA can be found in the Google Privacy Policy and the Google Terms of Use at the following links:
https://policies.google.com/privacy?hl=de and
https://policies.google.com/terms?hl=de.

3. Integration of Google Maps:

We have integrated content from Google Maps on this website. By visiting the website, Google Maps receives the information that you have visited the corresponding subpage of our website as well as the data mentioned in paragraph 1. Google Maps uses an autofill function, which automatically completes your address data to make it easier for you to enter data. Furthermore, the information regarding Google Analytics also applies to the transmission of data to Google Maps. Furthermore, the additional terms of use for Google Maps apply at https://www.google.com/intl/de_de/help/terms_maps.html. You can deactivate the Google Maps service at any time and thus prevent data transfer to Google by deactivating JavaScript in your browser. However, please note that if you do this, you will not be able to use the map display.

Data transfer to the USA is based on the EU Commission’s standard contractual clauses. Details can be found here:

• Framework conditions for data transfer: https://policies.google.com/privacy/frameworks
• EU Standard Contractual Clauses: https://privacy.google.com/businesses/controllerterms/mccs/

c) Transfer to third countries

The use of cookies may result in data transfers to third countries – in particular the USA – for which there is no adequacy decision pursuant to Art. 45 (3) GDPR and no appropriate safeguards pursuant to Art. 46 GDPR. We would like to point out that data transfer without an adequacy decision and without appropriate safeguards entails certain risks, which we would like to draw your attention to below:

US intelligence services use certain online identifiers (such as IP addresses or unique identification numbers) as a starting point for monitoring individuals. In particular, it cannot be ruled out that these intelligence services have already collected information about you that could be used to trace the data transmitted here back to you.

Providers of electronic communications services headquartered in the USA are subject to surveillance by US intelligence agencies pursuant to Section 50 U.S. Code § 1881a (“FISA 702”). Accordingly, providers of electronic communications services headquartered in the USA are obligated to provide personal data to US authorities pursuant to Section 50 U.S. Code § 1881a, without any potential legal recourse. Even encryption of data in the data centers of the electronic communications service provider cannot provide adequate protection, as an electronic communications service provider has a direct obligation to grant access to or to release imported data that is in its possession, custody, or control. This obligation can also explicitly extend to the cryptographic keys, without which the data is unreadable.

The fact that this is not merely a “theoretical risk” is demonstrated by the ECJ ruling of July 16, 2020, C-311/18.

The legal basis for the transfer of users’ personal data to a third country is the user’s consent pursuant to Art. 49 (1) (a) GDPR.

6. Social Media

We use various networks for our corporate presence. When using some networks, personal data may be transferred to servers in the USA. To ensure appropriate safeguards for the protection of the transmission and processing of personal data outside the EU, data transmission to and processing by the following providers is carried out on the basis of appropriate safeguards in accordance with Art. 46 et seq. GDPR, in particular through the conclusion of so-called standard data protection clauses in accordance with Art. 46 (2) (c) GDPR.

Facebook

The operating company of Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, USA. If a data subject lives outside the USA or Canada, the controller is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.

With each visit to one of the individual pages of this website, which is operated by the controller and on which a Facebook component (Facebook plug-in) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding Facebook component from Facebook through the respective Facebook component. A complete overview of all Facebook plug-ins can be found at https://developers.facebook.com/docs/plugins/?locale=de_DE. As part of this technical process, Facebook receives information about which specific subpage of our website the data subject visits.

If the data subject is logged in to Facebook at the same time, Facebook recognizes which specific subpage of our website the data subject visits with each visit to our website by the data subject and for the entire duration of their stay on our website. This information is collected by the Facebook component and assigned by Facebook to the respective Facebook account of the data subject. If the data subject clicks one of the Facebook buttons integrated on our website, e.g. the “Like” button, or if the data subject makes a comment, Facebook assigns this information to the personal Facebook user account of the data subject and stores this personal data.

Facebook always receives information via the Facebook component that the data subject has visited our website, provided that the data subject is logged in to Facebook at the time of accessing our website; this occurs regardless of whether the data subject clicks on the Facebook component or not. If the data subject does not want this information to be transmitted to Facebook, they can prevent it by logging out of their Facebook account before accessing our website.

The data policy published by Facebook, which is available at https://de-de.facebook.com/about/privacy/, provides information about the collection, processing, and use of personal data by Facebook. It also explains which settings options Facebook offers to protect the privacy of the data subject. In addition, various applications are available that allow the suppression of data transmission to Facebook. Such applications can be used by the data subject to prevent data from being transmitted to Facebook.

YouTube

YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, United States

Our website uses plug-ins from the YouTube site operated by Google. The site is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plug-in, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited. If you are logged into your YouTube account, you allow YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

On our YouTube company page, we provide information and offer YouTube users the opportunity to communicate. If you perform an action on our YouTube company page (e.g., comments, posts, likes, etc.), you may thereby make personal data (e.g., your real name or photo from your user profile) public. However, since we generally have no influence on the processing of your personal data by YouTube, which is jointly responsible for this data, we cannot provide any binding information regarding the purpose and scope of the processing of your data.

Our company page on social networks is used for communication and information exchange with (potential) customers. Publications about the company’s website may contain the following content:

• Information about products
• Information about services
• Contests
• Advertising
• Customer contact

Every user is free to publish personal data through activities.
The legal basis for data processing is Art. 6 (1) (a) GDPR.

The data generated by the company’s presence is not stored in our own systems.

You can object to the processing of your personal data, which we collect as part of your use of our YouTube company presence, at any time and assert your rights as a data subject. To do so, send us an informal email. You can find further information about the processing of your personal data by YouTube and the corresponding options for objecting here:

YouTube:https://policies.google.com/privacy?gl=DE&hl=de

7. Currentness and Changes to This Privacy Policy

This Privacy Policy is currently valid and is dated October 2022.

Due to the further development of our website and the offers on it or due to changes in legal or official requirements, it may become necessary to change this Privacy Policy. You can access and print the current privacy policy at any time on the website via this link.