Protection of Privacy
It is important to us to inform you about what personal data we use from you as a visitor to our website and for what purpose. For this reason, we describe the type, scope and purpose of the personal data we process in the following privacy policy.
Controller for data processing:
Ntare Louisenlund Community Benefit Company
Nyamata
Bugesera
Iburasirazuba
RWANDA
admissions@ntare-louisenlund.org
1. Legal basis and purposes of processing
We process your personal data only with regard to the fulfillment of our contractual business relationship with you (pursuant to Art. 6 para. 1 lit. b GDPR), or insofar as this is necessary to provide the service you have requested. In addition, we process your personal data if you have given us your consent to do so (Art. 6 para. 1 lit. a GDPR).
If necessary, we also process your data (in accordance with Art. 6 para. 1 lit. f GDPR) beyond the actual fulfillment of the contract to protect our legitimate interests or those of third parties (e.g. for advertising and analysis, provided you have not objected to the use of your data; to assert legal claims and defense in legal disputes; to ensure IT security and IT operations; prevention and investigation of criminal offenses; measures for business management and further development of our offers or inquiries on our website and to offer the website with your content).
Any processing of personal data is only carried out in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
2. Processing of personal data as well as type and purpose of use
a.) Duration of data storage
In principle, we only store your personal data for as long as is necessary to provide the service you have requested or to fulfill our business relationship with you, unless statutory retention obligations provide otherwise and, in the case of the IP address, for 7 days to ensure IT security.
b.) Web server
Like many other companies, we operate our web server with an external service provider in Germany, which is:
Mittwald CM Service GmbH & Co. KG
This ensures that the web server is always kept up to date and that security gaps can be closed promptly. Our web server requires some information from you so that you can call up our website and it is also displayed in a reasonable manner. This includes
The browser you are using to surf our pages.
- IP address
- Directory protection user
- Date and time
- Pages accessed
- Logs
- status code
- Amount of data
- Referrer
- user agent
- Called host name
The IP addresses are stored anonymously. For this purpose, the last one to three digits are removed, i.e. "127.0.0.1" becomes "127.0.0.0". IPv6 addresses are also anonymized. The anonymized IP addresses are stored for 60 days. Details of the directory protection user used are anonymized after one day. The data is stored for this period of time in order to be able to trace who originated the attack or where it came from in the event of unauthorized access to our web server.
The legal basis for this data processing is Art. 6 para. 1 sentence 1 lit. f GDPR. Our legitimate interest follows from the purposes for data collection listed above.
c.) Online application
Your personal data is regularly deleted immediately after completion of the application process, unless a contract has been concluded. It will be deleted after a maximum of 18 months if you have consented to your data being stored for longer. The legal basis for the processing of your applicant data is Section 26 (1) sentence 1 BDSG and, in the case of longer storage, Art. 6 (1) a) GDPR.
3) Your rights
Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) GDPR (data processing on the basis of a balance of interests). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing serves the establishment, exercise or defense of legal claims.
a.) Further rights
You have the right of access under Art. 15 GDPR, the right to rectification under Art. 16 GDPR, the right to erasure under Art. 17 GDPR, the right to restriction of processing under Art. 18 GDPR and the right to data portability under Art. 20 GDPR. The restrictions under Sections 34 and 35 BDSG apply to the right of access and the right to erasure. In addition, you have the right to lodge a complaint with a data protection supervisory authority (Art. 77 GDPR in conjunction with Section 19 BDSG) and to withdraw your consent to us at any time in accordance with Art. 7 (3) GDPR.
Please send a corresponding request to our above address (or by e-mail to: admissions@ntare-louisenlund.org).
4) Up-to-dateness and amendment of this privacy policy
This privacy policy is currently valid and is dated March 8, 2024.
Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration.