Status: February 2020
We attach great importance to the protection of your personal data and its security. Via the School Child Care Platform Lörrach (SKIB), holiday care offers for school children in the school district of the city of Lörrach can be requested and arranged with participating care facilities. A separate agreement with the responsible body of the childcare facility is required for the provision of the childcare itself. In the following, we inform you in accordance with the applicable data protection regulations about the type and scope of the personal data which we collect within the scope of
- of your visit to our website,
- the use of the School Child Care Platform (SKIB),
- the associated communication with us and the associated care facilities,
(hereinafter collectively referred to as "website"), we collect information about the purposes for which we use this data and how we use it to optimise our services for you. In addition, the general data protection declaration of the city of Lörrachhttps://www.loerrach.de/datenschutz applies.
We distinguish between the following areas
- A. General information
- B. Specific provision on data processing within the framework of the Schuldkind Betreuungsplattform
- C. Data processing by third parties
- D. Rights of data subjects
- E. Final provisions
1. Controller and data protection officer
Luisenstr. 16, 79539 Lörrach
Phone 07621 415-0
hereinafter referred to as "City of Lörrach", "we" or "us". You can find further information about the provider in the Imprint.
You can contact the data protection officer of the City of Lörrach at the above-mentioned postal address with the addition "z.Hd. Datenschutzbeauftragter" or by e-mail email@example.com.
2. Types of data processed, categories of data subjects
2.1 Nature of the data processed
- Contact information (e.g., last name, first name, department, e-mail, telephone numbers)
- Content data (e.g., text entries, photographs, videos)
- Usage data (e.g., websites visited, interest in content, access times)
- Meta/communication data (e.g., device information, IP addresses)
2.2 Categories of data subjects
- Visitors and users of the Website and SKIB
- Responsible for the maintenance of the website
- Contact person on the part of the city of Lörrach, whose data is processed on the website
(In the following, we refer to the persons concerned collectively as "users").
3. Purpose of the processing
We use your personal data
- in the provision of the website and the online offer, its functions and contents.
- in answering contact requests and communicating with users.
- for security measures.
4. Provision of the website and log files
(1) If you use the website for informational purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser automatically transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security (legal basis is Art. 6 para. 1 sentence 1 lit. f) DSGVO)
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (concrete page)
- Access status/HTTP status code
- Amount of data transmitted in each case
- Website from which the request comes
- Operating system and its interface
- Language and version of the browser software
(2) The IP addresses of the users will be deleted or made anonymous after the end of use. In the case of anonymisation, the IP addresses are changed in such a way that the individual details of personal or factual circumstances can no longer be assigned to a specific or identifiable natural person, or can only be assigned to a specific or identifiable natural person with a disproportionate expenditure of time, cost and labour.
(1) In addition to the log files data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files that are assigned and stored on your hard disk to the browser you are using and through which certain information flows to the site that sets the cookie (here by us). Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet offer as a whole more user-friendly and effective.
a) This website uses the following types of cookies, the scope and function of which are explained below:
- Session cookies (in addition b)
- Persistent cookies (see c).
b) Session cookies store a so-called session ID, with which various requests from your browser can be assigned to the common session. The session cookies are deleted when you log out or close the browser. If you restart your browser and go back to the website, the website will not recognize you. You will have to log in again (if a login is required) or you will have to reset templates and preferences if the website offers these features. A new session cookie will then be generated, which stores your information and remains active until you leave the site and close your browser.
c) Persistent cookies are automatically deleted after a preset period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
Technically necessary cookies
Technically necessary cookies enable the use of our website by enabling basic functions such as page navigation and access to secure areas of the website. Visiting our website cannot function properly without these cookies.
|Session cookies - are deleted when the browser is closed.|
Performance (e.g. user's browser), presentation and preferences
When using our website, cookies are used (e.g. to recognize the browser) to improve performance (e.g. faster loading of content). When you visit our website, the country and language selection determined or chosen by you is stored in cookies to save you having to make a new selection on subsequent visits. In advance, we check whether your browser supports cookies and this information is stored in another cookie. Subsequently, you will be shown contact information localized by country and language, which will also be saved. The legal basis for this is Art. 6 para. 1 S.1 lit. f) DSGVO.
Session cookies - are deleted when the browser is closed.
(4) Control over cookies
You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
6. E-mail contact
(1) Contact can be established via the e-mail addresses provided on the website. In this case the personal data of the user transmitted with the e-mail will be stored. The data will be used exclusively for the processing of the inquiry. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 sentence 1 lit. f) DSGVO. If the e-mail contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b) DSGVO.
(2) The data shall be deleted as soon as they are no longer necessary for the purpose of their collection. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is terminated when it can be concluded from the circumstances that the matter in question has been finally clarified.
(3) Notwithstanding paragraph 2, the following shall apply: Contact enquiries from users which relate to a specific business transaction shall be stored as long as this is necessary for the initiation, implementation and handling of the contract (Art. 6 paragraph 1 letter b DSGVO) or due to statutory storage obligations (Art. 6 paragraph 1 letter c) DSGVO).
7. Disclosure to third parties
As part of the hosting of our website and the cloud services, your data processed by us will be processed by third parties on our behalf on the basis of a contract for the processing of orders. The processing takes place exclusively in the European Union. There are corresponding agreements with the service providers for order processing according to Art. 28 DSGVO. We use external mail providers to handle e-mail communication with us and to provide the services.
8. Storage period
We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations. We delete your personal data as soon as they are no longer required for the above-mentioned purposes. Personal data may be retained for the period during which claims against our companies can be asserted (statutory limitation periods of three or up to thirty years). We also store your personal data to the extent that we are legally obliged to do so. Corresponding obligations to provide evidence and to retain data result from commercial, tax and social security regulations.
9. Automated decision making, profiling
As a matter of principle, we do not use a fully automated Entscheidungsﬁndung according to article 22 DSGVO. We do not operate profiling.
Special provisions for data processing within the framework of the Schuldkind Betreuungsplattform (SKIB)
The following terms and conditions apply in addition and with priority when using the school child care platform:
10. Types of data processed, categories of data subjects
10.1 Nature of the data processed
- Personal master data of the person with custody
- personal master data of the children cared for and, if applicable, siblings
- Communication data (e.g. telephone, e-mail) and emergency numbers
- Information about the family
- Special categories of personal data, in particular health data, such as food intolerances, allergies or other childhood illnesses to be taken into account in the context of care, insofar as these are voluntarily communicated in the context of the registration
- Data concerning the care of the child: half or full day care, period, institution
- Relevant data in the context of the supervision, especially permission to participate in excursions, permission to go home alone, sun protection and sun cream, consent to take and publish photos
- Information on income (self-assessment)
- Account information
- Reports and evaluations of the requested and used care services
10.2 Categories of data subjects
- Parents and guardians
- other persons responsible for the care of the child and persons authorised to collect it
- School children in care
- Emergency contacts
- Staff of the institution (as registered users)
- Carers of the institution
11. Purposes of the processing, legal basis
The legal basis for the processing of the data by us is Art. 28 DSGVO. As platform operator, we process the personal data, unless otherwise described below, on behalf of the responsible institution to which we forward support requests. The legal basis for the processing of the data by the responsible party is Art. 6 para. 1 lit. b) DSGVO for the initiation, implementation and handling of a contract for the care of school children during holiday periods. This concerns master data. Information on the child being cared for and on siblings, carers and emergency contacts, data on the care of the child such as information on income and account information. If, in addition, special categories of personal data are processed, this is done on the basis of the consent given. The legal basis is Art. 9 para. 2 lit. a) DSGVO. The processing of data for the preparation and publication of photographs of children is based on Art. 6 para. 1 lit. a) DSGVO: Processing beyond this is carried out on the basis of Art. 6 para. 1 lit. f) DPA to safeguard legitimate interests. This applies in particular to information on the family, health precautions such as sunscreen or reports and evaluations. There are legitimate interests on the part of both the implementing agencies and the participating municipalities. The executing agency receives evaluations of the services requested and provided. The municipality receives aggregated reports and information on place of residence, school and family situation to improve demand planning.
12. Disclosure to third parties
Personal data entered and processed via the platform are forwarded to the addressed carrier for further processing and generically to us, i.e. aggregated as status feedback to the municipality. As platform operator we are concerned with the storage and administration of the data as well as the organisation of the communication between the participants. For the data processing by the care facility, the responsible body is the owner of the care facility.
Data processing by third party providers
Matomo Analystics: More information at the end of this page
Rights of data subjects
14. Your rights
If personal data is processed by you, you are a data subject within the meaning of the DSGVO and you are entitled to the following rights against us as the person responsible.
a) Rights according to Art. 15 ff. DSGVO
(1) The data subject has the right to obtain confirmation from the controller as to whether personal data relating to him/her are being processed; if this is the case, he/she has the right to be informed of such personal data and to receive the information specified in Art. 15 DPA. Under certain legal conditions, you have the right of rectification under Article 16 DSGVO, the right to restrict processing under Article 18 DSGVO and the right of deletion ("right to be forgotten") under Article 17 DSGVO. Sections 34 and 35 of the BDSG apply additionally to the right of information and deletion. You also have the right to have the data you have provided released in a structured, common and machine-readable format (right to data transferability) in accordance with Article 20 DSGVO, provided that the processing is carried out using automated procedures and is based on consent in accordance with Article 6 Paragraph 1 lit. a) or Article 9 Paragraph 2 lit. a) or on a contract in accordance with Article 6 Paragraph 1 lit. b) DSGVO.
b) Revocation of a consent pursuant to Art. 7 para. 3 DSGVO
If the processing is based on consent, you can revoke your consent to the processing of personal data at any time. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected.
c) Right of complaint
You have the opportunity to lodge a complaint with us or with a data protection supervisory authority (Article 77 DSGVO). In Baden Württemberg is the competent supervisory authority: The State Commissioner for Data Protection and Freedom of Information, P.O. Box 10 29 32, 70025 Stuttgart, Tel.: 0711/615541-0, FAX: 0711/615541-15, E-Mail: firstname.lastname@example.org.
d) Right of objection according to Article 21 DSGVO
In addition to the above rights, you have the right to object as follows:
Individual right of objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 paragraph 1 sentence 1 letter e) DPA (data processing in the public interest) and Article 6 paragraph 1 sentence 1 letter f) DPA (data processing based on a balancing of interests); this also applies to an Proﬁling based on this provision in the sense of Article 4 No. 4 DPA.
If you lodge an objection, we will no longer process your personal data unless we can prove compelling reasons for processing that are worthy of protection and outweigh your interests, rights and freedoms or the processing serves to assert, exercise or defend legal claims.
(1) We have taken technical and organisational security measures in accordance with Art. 24, 32 DSGVO to protect your personal data from loss, destruction, manipulation and unauthorised access. All our employees and all third parties involved in data processing are obliged to comply with the requirements of the DSGVO and to handle personal data confidentially.
(2) SSL or TLS encryption: This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If the SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
We reserve the right to change our security and data protection measures if this becomes necessary due to technical development, the expansion of our services or legal changes. In these cases we will also adapt our data protection declaration accordingly. Therefore, please note the current version of our data protection declaration.