Privacy Policy

In this Privacy Policy, we inform you about the storage and processing of personal data in accordance with data protection laws and the General Data Protection Regulation (GDPR). If you have any questions or comments regarding this Privacy Policy, you may contact us at any time using the email address provided in section 1.

1 – Contact details of the Controller

The Controller within the meaning of the General Data Protection Regulation (GDPR) in conjunction with the Federal Data Protection Act (BDSG) is:

SOGIS
Sven-Oliver Göpfert
Stettiner Straße 20
D-30916 Isernhagen
T +49 51164662141
Fax +49 51164662142
Mail sogs@gmx.de

2 – Purpose of Data Processing, Legal Bases, and Categories of Recipients

2.1 Accessing the Website

When you access our website, information is automatically transmitted by the browser you are using to our website’s servers and temporarily stored in a log file. This does not allow us to draw any conclusions about your identity.

The following data are collected by us and our hosting provider:

  • IP address, country, request method, request URL, requested domain, first contact point of the DDoS shield, incoming and outgoing data volume, date and time, HTTP response code. Storage for 30 days: complete, IP not anonymized. Storage for one year: IP anonymized – the information of the first three blocks of the IP address remains stored together with the aforementioned data, while the last block (D block) is masked. This serves to identify malicious or attacking networks with unusual traffic volumes – it is no longer possible to draw any conclusions about the user.
  • All incoming HTTP header data (GET parameters, cookies, any POST headers for the transmission of forms or uploaded files, and other request headers transmitted by the browser). Automated processing of all data transmitted by the client is carried out to check for malicious data from common attack vectors. The data are stored for 4 hours in order to detect unusual attack patterns. Access to these data by an administrator is possible for the purpose of manual detection of attack patterns. However, an aggregated export of these data by the administrator is not possible.
  • The aforementioned data are also partially visible to the service provider commissioned by us, namely the operator of the data centers and the DDoS shield. This provider may use parts of the data (in particular the IP address) to protect the data center infrastructure and to analyze typical attack patterns. The data center is certified according to ISO 27001, including the standards ISO 27017 and ISO 27018, as well as ISO 9001, PCI DSS, and other relevant standards. The selection of this service provider was made, among other things, with particular attention to these certifications to ensure the protection of your data.
  • Please note that despite the use of an encrypted connection, certain metadata of each page access are always visible along the entire delivery chain between the user’s computer and the web server. This includes, for example, the user’s internet service provider, the data center’s internet provider, as well as the intermediate internet infrastructure. Hosting providers have no influence over this. Such metadata include, among others: the full IP address of the user, the accessed domain, and the accessed URL.

The data listed are collected and processed by us and our hosting provider to ensure a smooth connection setup and a convenient use of our website. In addition, they are used to evaluate system security and stability as well as for administrative purposes, in order to continuously improve our services. No conclusions about your identity are drawn from these data. Furthermore, we use cookies, tracking tools, and social media plug-ins on our website. The specific procedures involved and how your data are used for these purposes are explained in detail under the relevant sections below.

2.2 – Online Presence and Website Optimization

2.2.1  – Cookies

We use so-called cookies on our website on the basis of Article 6 (1) (f) GDPR. Cookies are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your end device, nor do they contain viruses, trojans, or other malware. The cookie stores information that arises in connection with the specific end device used. However, this does not mean that we directly obtain knowledge of your identity. The use of cookies serves, on the one hand, to make the use of our offering more pleasant for you. For example, we use so-called session cookies to recognize that you have already visited individual pages of our website or that you have already logged into your customer account. These are automatically deleted after you leave our site. In addition, we also use temporary cookies for the purpose of user-friendliness, which are stored on your end device for a defined period of time. If you visit our site again to use our services, it will automatically be recognized that you have already been with us and what inputs and settings you have made, so that you do not need to enter them again.

On the other hand, we use cookies to statistically record the use of our website and to evaluate it for the purpose of optimizing our offering for you, as well as to display information tailored specifically to your interests. These cookies enable us to automatically recognize, upon your return to our site, that you have already visited us. These cookies are automatically deleted after a defined period of time. Most browsers accept cookies automatically. However, you can configure your browser so that no cookies are stored on your computer or that a warning message always appears before a new cookie is created. Please note that completely disabling cookies may mean that you will not be able to use all the functions of our website. The storage period of cookies depends on their purpose and is not the same for all cookies.

2.2.2  – Google Analytics

For the purpose of demand-oriented design and continuous optimization of our pages, we use Google Analytics on the basis of Article 6 (1) (a) GDPR. Google Analytics is a web analytics service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

To disable Google Analytics, Google provides http://tools.google.com/dlpage/gaoptout?hl=de A browser plug-in is available for this purpose. Google Analytics uses cookies. These are small text files that make it possible to store specific, user-related information on the user’s end device. They enable Google to analyze the use of our website offering. The information generated by the cookie about the use of our pages (including your IP address) is generally transmitted to a Google server in the USA and stored there. We would like to point out that Google Analytics has been extended on this website by the code 'gat._anonymizeIp();' in order to ensure anonymized collection of IP addresses (so-called IP masking). When anonymization is active, Google shortens IP addresses within member states of the European Union or in other contracting states of the Agreement on the European Economic Area, so that no conclusions can be drawn about your identity. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. Google complies with the data protection provisions of the 'Privacy Shield' agreement and is registered with the Privacy Shield program of the U.S. Department of Commerce. Google uses the collected information to evaluate the use of our websites, to compile reports for us in this regard, and to provide other services related to website and internet usage. For more information, please visit: http://www.google.com/intl/de/analytics/privacyoverview.html.

The information generated by the cookie in the pseudonymous user profile is not used to personally identify visitors to this website and is not merged with personal data about the holder of the pseudonym. Please note that deleting all your cookies will also result in the deletion of the opt-out cookie, which may then need to be reactivated by you.

2.2.3 – Social-Media-Plug-ins

On the basis of Article 6 (1) (f) GDPR, we use social plug-ins from the social networks Facebook and Twitter on our website in order to increase awareness of our organization. The underlying promotional purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for ensuring data protection-compliant operation lies with the respective providers. We integrate these plug-ins using the so-called two-click method in order to provide the best possible protection for visitors to our website.

2.2.4 – YouTube-Videos

On some of our web pages, we embed YouTube videos. The operator of the corresponding plug-ins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page with the YouTube plug-in, a connection to YouTube’s servers is established. In doing so, YouTube is informed about which pages you visit. If you are logged into your YouTube account, YouTube can directly associate your browsing behavior with your personal profile. You can prevent this by logging out of your YouTube account beforehand.

When a YouTube video is started, the provider sets cookies that collect information about user behavior. Anyone who has disabled the storage of cookies for the Google Ads program will not have to expect such cookies when watching YouTube videos. However, YouTube also stores non-personal usage information in other cookies. If you wish to prevent this, you must block the storage of cookies in your browser.

For more information on data protection at YouTube, please refer to the provider’s privacy policy at: https://www.google.de/intl/de/policies/privacy/

2.2.5 – Google reCAPTCHA

We use 'Google reCAPTCHA' (hereinafter 'reCAPTCHA') on our websites. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ('Google').

"reCAPTCHA is used to check whether data entry on our websites (e.g., in a contact form) is made by a human or by an automated program. For this purpose, reCAPTCHA analyzes the behavior of the website visitor based on various characteristics. This analysis begins automatically as soon as the visitor enters the website. The analysis evaluates various information (e.g., IP address, the time spent on the website, or mouse movements made by the user). The data collected during the analysis are transmitted to Google.

The reCAPTCHA analyses take place entirely in the background. Website visitors are not informed that an analysis is taking place. Data processing is carried out on the basis of Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its web offerings from abusive automated spying and from spam. For more information about Google reCAPTCHA as well as Google’s Privacy Policy, please refer to the following links: https://www.google.com/intl/de/policies/privacy/ und https://www.google.com/recaptcha/intro/android.html.

2.3 – Contact Form

The data transmitted via the contact form are used to send informational material or to respond to inquiries and are then deleted.

Your data from application and registration forms are stored on servers managed by our hosting provider. The data from the online membership application form are stored on our own servers located at the offices of Alternative für Deutschland. Your data will remain stored until the registration or application procedures have been finally completed. To ensure the protection of your personal data when filling out the contact form and the online membership application form, transmission takes place via an encrypted connection.

2.4 – Newsletter

On the basis of your explicit consent, we will regularly send you our newsletter or comparable information by email to the address you provided.

To receive the newsletter, it is sufficient to provide your email address. When registering to receive our newsletter, the data you provide will be used exclusively for this purpose. Subscribers may also be informed by email about circumstances relevant to the service or registration (for example, changes to the newsletter offering or technical conditions).

A valid email address is required for effective registration. To verify that a registration is genuinely made by the owner of an email address, we use the 'double opt-in' procedure. For this purpose, we log the newsletter request, the dispatch of a confirmation email, and the receipt of the requested reply. No further data are collected. The data are used exclusively for sending the newsletter and will not be passed on to third parties.

You may revoke your consent to the storage of your personal data and their use for the newsletter dispatch at any time. Each newsletter contains a corresponding link for this purpose. In addition, you can unsubscribe at any time directly on this website or inform us of your request using the contact details provided at the end of this Privacy Policy.

2.5 – Children and Minors

Persons under the age of 18 should not transmit any personal data to us without the consent of their parents or legal guardians. We do not request personal data from children and minors, do not collect such data, and do not pass them on to third parties.

3 – Recipients Outside the EU

With the exception of the processing operations described in sections 2.1, 2.2, and 2.3, we do not transfer your data to recipients located outside the European Union or the European Economic Area.

4 – Rights of Data Subjects

In addition to the right to withdraw the consent you have given us, you are entitled to the following rights, provided that the respective legal requirements are met:

  • Right of access to the personal data stored by us in accordance with Art. 15 GDPR,
  • Right to rectification of inaccurate data or to completion of incomplete data in accordance with Art. 16 GDPR,
  • Right to erasure of the data stored by us in accordance with Art. 17 GDPR,
  • Right to restriction of the processing of your data in accordance with Art. 18 GDPR,
  • Right to data portability in accordance with Art. 20 GDPR.

The aforementioned general right to object applies to all processing purposes described in this Privacy Policy. Unlike the specific right to object to data processing for advertising purposes (see above section 2.2), we are only obliged under the GDPR to implement such a general objection if you provide us with reasons of overriding importance (e.g., a possible risk to life or health). In addition, you have the option to contact the supervisory authority responsible for Alternative für Deutschland or the data protection officer.

5 – Data Security

All personal data you transmit to us are transferred using the widely used and secure SSL (Secure Socket Layer) standard. SSL is a safe and proven standard, also used, for example, in online banking. You can recognize a secure SSL connection, among other things, by the appended 's' in http (i.e., https://…) in the address bar of your browser or by the lock symbol displayed in the lower area of your browser.

In addition, we employ appropriate technical and organizational security measures to protect the personal data stored with us against manipulation, partial or complete loss, and unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

6 – Changes to Our Privacy Policy

We reserve the right to amend this Privacy Policy so that it always complies with the current legal requirements or to implement changes to our services in the Privacy Policy, for example when introducing new services. The new Privacy Policy will then apply to your next visit.