Privacy policy

  • Service
  • Privacy policy

Privacy Policy – Foundation for Family Businesses

We are committed to protecting your personal data. Since protecting your privacy and your business data is of particular importance to us, we will comply with the data privacy regulations applicable in Germany.

This policy aims to inform you in detail about which data are collected when you visit our website and use what we offer on it and how they are subsequently processed or used by us, as well as which accompanying protective measures we have also taken in technical and organisational terms.

1. Controller / service provider

The Foundation for Family Businesses is the controller within the meaning of the EU General Data Protection Regulation (GDPR) and also the service provider within the meaning of the German Telemedia Act (TMG); please also refer to the publication details.

If you have questions or comments about this Privacy Policy or on data protection in general, please send them to the following e-mail address: info@familienunternehmen.de.

If you wish to exercise your rights in connection with this Privacy Policy, please contact:

Foundation for Family Businesses
Jahnstraße 53
70597 Stuttgart
Germany

Alternatively, you can send an e-mail to us at: info@familienunternehmen.de.

2. Collection and processing of non-personal data

(1) We do not collect any personal data when you merely visit the website. However, each server automatically stores information on access to Internet pages. Temporary storage of the IP address by the system is necessary so that the website can be delivered to the user’s computer system. To enable that, the user’s IP address must be stored for the duration of the session. For the purpose of system security, our web server temporarily records the IP address of the computer system calling the site, the browser you use, the operating system used, the date and time of access, the Internet pages you visit, the Uniform Resource Locator (URL) requested on our Internet pages, and the website you previously visited (referrer URL). This information is stored anonymously and is not linked to your personal data. It cannot be used to identify you or draw any conclusions about your individual behaviour. The legal basis for temporary storage of the data and log files is Article 6 (1) point (f) GDPR.

(2) We store data related to your computer system in order to record trends and compile statistics. These stored data are also used for the purpose of identification and tracking of unauthorised attempts to access our servers. We compile profile information on the use of our own Internet pages exclusively in anonymised form and only in order to improve the user guidance and tailor our offering to users’ interests as best possible. No personal surfing profiles or the like are created or processed using the data.

(3) The website uses cookies at various places. They are small text files that are placed on your computer system and stored by your browser. Cookies help make our offering more user-friendly, more efficient and more secure. These purposes also constitute our legitimate interests in processing personal data in accordance with Article 6 (1) point (f) GDPR. Most of the cookies we use on this website are session cookies, which are automatically deleted after your visit to the website.
The following data may be transmitted using them: search terms you entered, the frequency of page views, and the use of website functions.
The user data collected in this way are pseudonymised using technical precautions. That means the data can no longer be used to identify the user calling the website. The data are not stored together with other personal data of users. When users call our website, an info banner notifies them that cookies are used for analysis purposes and refers them to this Privacy Policy. Users are also informed in this connection that they can prevent storage of cookies in their browser settings.
You yourself can choose whether cookies are to be set and called by means of your browser settings. For example, you can completely disable storage of cookies in your browser, confine storage of them to certain Internet pages or configure your browser so that it automatically notifies you as soon as a cookie is to be placed and asks how you wish to respond. For technical reasons, however, it is necessary to permit these session cookies so that the full functionality of our Internet presence can be used.
We do not collect or store personal data in cookies in this connection. We also do not use technologies that link information generated by cookies with user data.
The legal basis for processing personal data using cookies is Article 6 (1) point (f) GDPR.

(4) The data are erased as soon as they are no longer required for achieving the purpose for which they were collected. As regards data recorded to deliver the website, this is the case when the session in question is over. In general, IP addresses are erased no later than seven days after they are collected. The data may be stored above and beyond that. In that case, the IP addresses of users are erased or anonymised so that the client calling the website can no longer be identified.

(5) Recording of data in order to deliver the website and storage of the data in log files are absolutely necessary for operating the website. Consequently, users do not have the possibility of objecting and opting out.

3. Google Analytics

We use Google Analytics 4 for this website, which is integrated within Tag Manager. It is a web analytics service from Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA (“Google”). Google Analytics uses cookies that are stored on your computer and enable analysis of how you use the website. The information on your use of this website generated using the cookie (including your IP address in anonymised form) is transferred to and stored on a server operated by Google Inc. in the USA. Google will use this information to analyse your use of the website, to compile reports on website activities for the website operators, and to provide other services relating to use of the website and Internet. Google may also transfer this information to third parties if this is prescribed by law or if third parties process these data on behalf of Google. Google never combines your IP address with other data of Google. However, if IP anonymisation is activated on this website, your IP address will be truncated by Google beforehand within Member States of the European Union or in other countries that are party to the Agreement on the European Economic Area. The complete IP address is transferred to a Google server in the USA and truncated there only in exceptional cases.
You can prevent installation of the cookies by making the appropriate setting in your browser software; we point out here that if you do so, you might not be able to use all the functions of this website in full.
Moreover, you can prevent recording of the data generated by the cookie and relating to your use of the website (including your IP address) and processing of these data by Google by downloading and installing the browser plug-in available under the following link (https://tools.google.com/dlpage/gaoptout?hl=en-GB).

You can find more details on the length of time for which Google retains data at https://support.google.com/analytics/answer/7667196?hl=en and general information on Google Analytics and data privacy at https://support.google.com/analytics/answer/6004245?hl=en and https://policies.google.com/privacy?hl=en-GB. We point out that Google Analytics has been extended on this website by the code “gat._anonymizeIp();” in order to ensure anonymised recording of IP addresses (termed IP masking).

4. Matomo analytics service

Our website uses Matomo for the purpose of web analytics. This is known as a web analytics service. Matomo also uses so-called cookies, which are text files that are stored on your computer and enable us to analyse the use of the website. For this purpose, the usage information generated by the cookie (including your truncated IP address) is transferred to our server and stored for usage analysis purposes, which helps us to optimise the website. Your IP address is immediately anonymised during this process so that you as a user remain anonymous to us. The information on your use of this website generated by the cookie is not passed on to third parties. You can prevent use of the cookies by making the appropriate setting in your browser software, but it may mean that you might not be able to use all the functions of this website in full.
If you do not agree to the data from your visit being stored and analysed, you can object to its storage and use at any time by clicking below. In this case, a so-called opt-out cookie is stored in your browser, which means that Matomo does not collect any session data.
N.B.: If you delete your cookies, the opt-out cookie will also be deleted and you may have to enable it anew. You can decide here whether an explicit web analytics cookie may be stored in your browser to enable the operator of the website to record and analyse various statistical data.
Your visit to this website is currently being recorded by Matomo web analytics. Click here for your visit to no longer be recorded.
You can decide here whether an explicit web analytics cookie may be stored in your browser to enable the operator of the website to record and analyse various statistical data.
If you decide against it, click the following link to store the Matomo opt-out cookie in your browser.

Opt Out

5. Collection and use of personal data

(1) We collect, store and process the personal data you actively transmit insofar as that is necessary to deal with requests or fulfil our contractual obligations. Personal data are usually collected and used only subject to the user’s prior consent. An exception to that is when such prior consent cannot be obtained for factual reasons and we are permitted by law to process the data.
If we obtain consent from data subjects to process their personal data, the legal basis for processing personal data is Article 6 (1) point (a) GDPR.
The legal basis for processing personal data required in order to perform a contract to which the data subject is a party is Article 6 (1) point (b) GDPR. That also applies to processing activities required as part of steps prior to entering into a contract.
If processing of personal data is necessary for compliance with a legal obligation on the part of our company, the legal basis for that is Article 6 (1) point (c) GDPR.

If processing is necessary to safeguard legitimate interests of our company or a third party and the data subject’s interests, fundamental rights and freedoms do not override the interests of our company or the third party, the legal basis for that is Article 6 (1) point (f) GDPR.

(2) Your registered data are always transmitted to our systems in encrypted form. This protects communication between you and our server and prevents data being misused. We deploy a recognised and widely used system for encryption that is regarded as secure in its latest version.

(3) Users may also contact us under the e-mail address provided. In this case, the user’s personal data sent with the e-mail are stored.
The data are not passed on to third parties in this connection. The data are used exclusively to process the conversation.
The legal basis for processing the data is Article 6 (1) point (a) GDPR if the user has given consent.
The legal basis for processing data sent with an e-mail is Article 6 (1) point (f) GDPR. If the purpose of the e-mail contact is to conclude a contract, the additional legal basis for processing of the data is Article 6 (1) point (b) GDPR.
We process personal data from the input screen solely for handling contacts. This also constitutes the necessary legitimate interest in processing the data.

(4) You can also subscribe to our newsletter on our website. If the user makes use of this option, the data entered in the input mask will be transmitted to us and thus the CRM system Vewa of the GRÜN Group, Aachen, Germany, and stored there; the GRÜN Group is subject to the GDPR. These data are: title, first name, last name, e-mail address.
The following data are also collected during the subscription process: the IP address of the computer system calling the site, and the date and time the newsletter was subscribed to.
Your consent to processing of the data is obtained and your attention is drawn to this Privacy Policy during the subscription process.
No data are passed on to third parties in connection with the processing of data needed to send newsletters. Instead, the mailings are sent locally via a mail server of our own.
The data are used solely for sending the newsletter.
The legal basis for processing the data after the user has subscribed to the newsletter is Article 6 (1) point (a) GDPR if the user has given consent.
The user’s e-mail address is collected so that the newsletter can be delivered.
The data are erased as soon as they are no longer required for achieving the purpose for which they were collected. Accordingly, the user’s e-mail address is stored for as long as the newsletter subscription is active.
Users can cancel their subscription to the newsletter at any time. Every newsletter contains a link allowing them to do that. Cancelling the subscription also withdraws your consent to storage of your personal data collected during the subscription process.

(5) The data subject’s personal data are erased or blocked as soon as the purpose for which they have been stored no longer applies. As regards personal data from the contact form’s input screen and personal data sent by e-mail, this is the case when the particular conversation with the user is over. The conversation is over when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The personal data additionally collected when a message is sent are erased after no later than seven days.
If users contact us by e-mail, they can object to their personal data being stored at any time. That then means the conversation cannot be continued.
The data can also be stored if this is envisaged by European or national legislators in EU regulations, laws or other provisions to which we are subject. The data will also be blocked or erased when a period of time prescribed for their storage under the above legal provisions expires, unless it is necessary for the data to still be stored so that a contract can be concluded or performed.

6. Right to access and obtain information

You can demand confirmation from us as to whether personal data concerning you are processed by us.
If they are processed, you can demand the following information from us:
(1) the purposes for which the personal data are processed;
(2) the categories of personal data processed;
(3) the recipients or categories of recipients to whom the personal data concerning you have been or are to be disclosed;
(4) the planned length of time for which the personal data concerning you will be stored or, if concrete details of that are not possible, the criteria used to determine that length of time;
(5) the existence of a right to request from us rectification or erasure of personal data or restriction of processing of personal data concerning you or to object to such processing;
(6) the existence of a right to lodge a complaint with a supervisory authority;
(7) all available information on the origin of the data if the personal data have not been collected from you;
(8) the existence of automated decision-making, including profiling, referred to in Article 22 (1) and (4) GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you;
You have the right to demand information on whether the personal data concerning you are transferred to a third country or an international organisation. You can demand to be informed about the appropriate safeguards in accordance with Article 46 GDPR that have been provided in connection with such transfer of your data.

7. Right to rectification

You have a right to demand that we correct and/or supplement processed personal data concerning you if they are incorrect or incomplete. We will rectify the data immediately.

8. Right to restriction of processing

You can demand that processing of personal data concerning you be restricted subject to the following conditions:
(1) if you contest the accuracy of the personal data concerning you, processing of the data will be restricted for a period enabling us to verify the accuracy of the personal data;
(2) if the processing is unlawful and you oppose the erasure of the personal data and request restriction of their use instead;
(3) if we no longer need the personal data for the purposes of processing, but they are required by you for the establishment, exercise or defence of legal claims; or
(4) if you have objected to processing pursuant to Article 21 (1) GDPR and it has yet to be verified whether our legitimate grounds override your grounds.
Where processing of personal data concerning you has been restricted, the data will, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.
If processing of data has been restricted pursuant to the above circumstances, you will be informed by us before the restriction is lifted.

9. Right to erasure

a) Obligation to erase data

You can demand that we erase the personal data concerning you without undue delay where one of the following grounds applies:

(1) the personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed;
(2) you withdraw your consent on which the processing was based in accordance with Article 6 (1) point (a) or Article 9 (2) point (a) GDPR, and where there is no other legal ground for the processing;
(3) you object to the processing pursuant to Article 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21 (2) GDPR;
(4) the personal data concerning you have been unlawfully processed;
(5) the personal data concerning you must be erased to ensure compliance with a legal obligation under Union or Member State law to which we are subject;
(6) the personal data concerning you have been collected in relation to the offer of information society services referred to in Article 8 (1) GDPR.

b) Notification of third parties

Where we have made the personal data concerning you public and are obliged pursuant to Article 17 (1) GDPR to erase them, we will – taking account of available technology and the cost of implementation – undertake reasonable steps, including technical measures, to inform controllers which are processing the personal data that you as the data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

c) Exceptions

You do not have a right to demand erasure of your data if processing of them is necessary
(1) for exercising the right of freedom of expression and information;
(2) for compliance with a legal obligation which requires processing under Union or Member State law to which we are subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
(3) for reasons of public interest in the area of public health in accordance with Article 9 (2) points (h) and (i) and Article 9 (3) GDPR;
(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89 (1) GDPR insofar as the right referred to in a) above is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(5) for the establishment, exercise or defence of legal claims.

10. Right to notification

If you have asserted your right to demand that we rectify, erase or restrict processing of data, we must communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data concerning you have been disclosed, unless this proves impossible or involves disproportionate effort.
You have the right to demand that we inform you who these recipients are.

11. Right to data portability

You have the right to receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from us provided that
(1) processing of the data is based on consent in accordance with Article 6 (1) point (a) GDPR or Article 9 (2) point (a) GDPR or on a contract in accordance with Article 6 (1) point (b) GDPR and
(2) the processing is carried out by automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from us to another controller, where technically feasible. This must not adversely affect the rights and freedoms of others.
The right to data portability does not apply to processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

12. Right to withdraw consent and right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 (1) point (e) or (f) GDPR, including profiling based on those provisions.
We will then no longer process the personal data concerning you unless we are able to demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Where personal data concerning you are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing.
If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for such purposes.
In the context of the use of information society services, and notwithstanding Directive 2002/58/EC, you may exercise your right to object by automated means using technical specifications.
Right to withdraw the declaration of consent under data protection law
You have the right to withdraw your declaration of consent under data protection law at any time. Withdrawal of consent does not affect the lawfulness of any processing conducted on the basis of the consent up to the point of its withdrawal.

13. Right to lodge a complaint with a supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, your place of work or place of the alleged infringement, if you consider that the processing of personal data concerning you infringes the General Data Protection Regulation (GDPR).
The supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.

14. Confidentiality

(1) We will maintain confidentiality on all information that has to be treated confidentially and of which we have gained knowledge as part of the contractual relationship and will use it vis-à-vis third parties – for whatever purpose – only with the prior consent of the respective other contractual partner. Information that must be treated as confidential includes information explicitly designated as confidential by the party providing it and information that from the circumstances of its disclosure must obviously be kept confidential. In particular, your personal data and the data used must be treated confidentially by us if we gain knowledge of them.

(2) The obligations under (1) do not apply to information or parts thereof for which we prove that they

  • were already known to us or generally available before the date they were received;
  • were already public domain or generally available before the date they were received;
  • became public domain or generally available after the date they were received through no fault of ours.

(3) Public declarations by the parties about cooperation between them will only be issued subject to prior mutual consent.

(4) The obligations under (1) will remain in force beyond the end of the contract for an indefinite period of time, namely for as long as an exception under (2) is not proven.

15. Scope

This Privacy Policy applies to the services of the Foundation for Family Businesses on the website https://www.familienunternehmen.de/en/.

16. How to obtain the Privacy Policy

You can call and print out this Privacy Policy from any page on the website https://www.familienunternehmen.de/en/ under the link “Privacy policy”.

17. Up-to-dateness of this Privacy Policy

This Privacy Policy is currently valid in its version dated 18 January 2024.
If circumstances require a new Privacy Policy to be drawn up, the updated Privacy Policy will be published here and will apply from the date of its publication.

Cookie settings

Just like other websites, we use cookies to improve and personalize your experience. We collect standard Internet log information and aggregated data to analyse our traffic. Our preference and marketing cookies allow us to adapt our content and ads to our audience interests.