In the following, we inform you about the processing of your personal data by us and the claims and rights to which you are entitled according to the data protection regulations. Which data is processed in detail and how it is used depends in particular on the business relationship between you and the German Bible Society. This data protection notice was created, adapted and supplemented with our own information using the data protection generator from eRecht24 Version 1.8 of 12.02.2020.
Who is responsible for data processing and whom can I contact?
The responsible body within the meaning of the DSG-EKD is:
German Bible Society
Balinger Street 31 A
Telephone: +49 711/7181 - 0
Data protection officer required by law
We have appointed a local data protection officer for our responsible office. You can reach the local data protection officer at the following
e-mail address: firstname.lastname@example.org
If you have any questions about data protection, please get in touch with the contact person at the German Bible Society:
Telephone: +49 711 7181 - 230
What sources and data do we use?
We process personal data that we receive from you in the course of your business relationship or other relationship with the German Bible Society. Relevant personal data are personal details (name, address and other contact details, date and place of birth), order data (e.g. purchases, donations, account details), data from the fulfilment of our contractual obligations (e.g. from sales contracts and other contracts).
Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter our website. In addition, this may also be data about your use of the telemedia offered by us as well as other data comparable to the aforementioned categories (e.g. time of calling up our websites, apps or newsletters, pages clicked on by us or entries). We analyse this data on an anonymous basis to improve our offerings.
What do we process your data for and on what legal basis?
We process personal data in accordance with the provisions of the Data Protection Act of the Evangelical Church in Germany (DSG-EKD).
Who receives my data?
Within the German Bible Society, access to your data is given to those offices that need it to fulfil our contractual and legal obligations. Service providers employed by us may also receive data for these purposes. These include companies in the areas of IT services, postal services, financial services, printing services, telecommunications, advice and consulting, and public relations.
How long will my data be stored?
As far as necessary, we process and store your personal data for the duration of our business relationship. If the data is no longer required for the fulfilment of contractual or legal obligations, it is regularly deleted, unless its further processing is necessary for the following purposes:
To comply with various storage and documentation obligations, which result from the German Commercial Code (HGB) and the German Fiscal Code (AO), among others. The periods specified there for storage or documentation are two to ten years.
For the preservation of evidence according to the statutory limitation periods, which, for example, according to §§ 195 ff. of the German Civil Code (BGB), are usually three years, but in certain cases can be up to thirty years.
What data protection rights do I have?
You have the right to receive information free of charge at any time about the origin, recipient and purpose of your stored personal data. You also have the right to demand the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for this purpose and for further questions on the subject of data protection. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Supervision of compliance with data protection regulations in the ecclesiastical sector is the responsibility of the EKD Data Protection Commissioner. Responsible for our area is:
Commissioner for Data Protection of the EKD
Mr. Michael Jacob
Lange Laube 20, 30159 Hanover
Telephone: +49 (0)511 768128-0
Fax: +49 (0)511 768128-20
Right to data portability
You have the right to have data that we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible party, this will only be done insofar as it is technically feasible.
Is there an obligation to provide data?
You only have to provide the personal data that is required for the establishment, implementation and termination of a business relationship or that we are legally obliged to collect. Without this data, we will generally not be able to enter into a business relationship.
Information about your right to object
according to §25 DSG-EKD
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of § 6 DSG-EKD number 1, 3, 4 or 8.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Your personal data will be processed in individual cases in order to carry out direct advertising (e.g. sending our newsletter). You have the right to object at any time to the processing of personal data concerning you for the purpose of such advertising.
The objection can be made form-free and should preferably be addressed to:
Balinger Straße 31 A
Telefon: +49 711 7181 – 230
When visiting this website, your surfing behaviour may be statistically analysed. This is done primarily with cookies and with so-called analysis programs.
Detailed information on these analysis programmes can be found in the following data protection information.
This website is hosted by an external service provider (hoster). Personal data collected on this website is stored on the hoster's servers. This may include, but is not limited to, IP addresses, meta and communication data, contact details, names, web page accesses and other data generated via a website.
The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (legal basis is § 6 No. 5 DSG-EKD) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (legal basis is § 6 No. 4 and No. 8 DSG-EKD).
Our hoster will only process your data insofar as this is necessary for the fulfilment of its service obligations and will follow our instructions with regard to this data.
Conclusion of a contract on commissioned processing
In order to ensure data protection-compliant processing, we have concluded a contract on commissioned processing with our hoster.
This site uses so-called web fonts, which are provided by MyFonts Inc, for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into its browser cache in order to display texts and fonts correctly.
For this purpose, the browser you use must establish a connection to the MyFonts servers. This informs MyFonts that our website has been accessed via your IP address. The use of MyFonts Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of § 6 No. 4 DSG-EKD.
If your browser does not support web fonts, a standard font will be used by your computer.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or enquiries that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, data cannot be read by third parties.
Encrypted payment transactions on this website
If, after the conclusion of a contract with costs, there is an obligation to transmit your payment data to us (e.g. account number in the case of direct debit authorisation), this data is required for payment processing. Payment transactions via the common means of payment (Visa/MasterCard, direct debit) are made exclusively via an encrypted SSL or TLS connection of the payment provider TeleCash. You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.
With encrypted communication, the payment data you transmit to us cannot be read by third parties.
Our Internet pages use so-called "cookies". Cookies are small text files and do not cause any damage to your end device. They are stored either temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your end device. Session cookies are automatically deleted at the end of your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.
In some cases, cookies from third-party companies may also be stored on your terminal device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).
Cookies have various functions. Many cookies are technically necessary, as certain website
website functions would not work without them (e.g. the shopping basket function or the display of videos). Other cookies are used to evaluate user behaviour or display advertising. Cookies that are necessary to carry out the electronic communication process (necessary cookies) or to provide certain functions desired by you (functional cookies, e.g. for the shopping basket function) or to optimise the website are stored on the basis of § 6 no. 4 and no. 8 DSG-EKD, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimised provision of its services.
Insofar as consent to the storage of cookies has been requested, the storage of the cookies in question is based exclusively on this consent (the legal basis is § 6 no. 2 DSG-EKD and your consent; consent can be revoked at any time.
You can set your browser in such a way that you are informed about the setting of cookies and
allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or generally and activate the automatic deletion of cookies when closing the browser. If you deactivate cookies, the functionality of this website may be limited.
If cookies are used by third-party companies or for analysis purposes, we will inform you about this separately within the scope of this data protection notice and, if necessary, request your consent.
Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
browser type and browser version
Operating system used
Referrer URL (previously visited website)
Host name of the accessing computer
Time of the server request
This data is not merged with other data sources.
The collection of this data is based on § 6 No. 4 and No. 8 DSG-EKD. The website operator has a legitimate interest in the technically error-free presentation and optimisation of its website - for this purpose, the server log files must be collected.
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We do not pass on this data without your consent.
The processing of this data is based on § 6 No. 5 DSG-EKD, insofar as your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective handling of the enquiries addressed to us (§ 6 No. 4 and No. 8 DSG-EKD) or on your consent (§ 6 No. 2 DSG-EKD) if this has been requested.
The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your enquiry). Mandatory legal provisions - in particular retention periods - remain unaffected.
Enquiry by e-mail, telephone or fax
If you contact us by e-mail, telephone or fax, your enquiry including all personal data resulting from it (name, enquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.
The processing of this data is based on § 6 DSG-EKD No. 5, insofar as your request is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on your consent (Section 6 No. 2 DSG-EKD) and/or on our legitimate interests (Section 6 No. 4 and No. 8 DSG-EKD), as we have a legitimate interest in effectively processing the enquiries addressed to us.
The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions - in particular legal retention periods - remain unaffected.
If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. No further data is collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered in the newsletter registration form is based exclusively on your consent § 6 No. 2 DSG-EKD. You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via the "unsubscribe" link in the newsletter. The legality of the data processing procedures already carried out remains unaffected by the revocation.
The data you provide for the purpose of receiving the newsletter will be stored by us in the newsletter distribution list until you unsubscribe from the newsletter.
After you have unsubscribed from the newsletter distribution list, your e-mail address will be stored by us or the newsletter service provider in a black list.
newsletter service provider in a blacklist in order to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements for sending newsletters (legitimate interest within the meaning of § 6 no. 4 and no. 8 DSG-EKD). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
Data stored by us for other purposes remains unaffected by this.
This website uses Inxmail to send newsletters. The provider is Inxmail GmbH Wenzingerstrasse 17, D-79106 FreiburgRastede. Inxmail is a service with which the newsletter dispatch can be organised and analysed. The data you enter for the purpose of receiving newsletters (e.g. email address) is stored on Inxmail's servers in Germany.
Our newsletters sent with Inxmail enable us to analyse the behaviour of the newsletter recipients. Among other things, we can analyse how many recipients have opened the newsletter message and how often which link in the newsletter was clicked on. With the help of so-called conversion tracking, it can also be analysed whether a predefined action (e.g. purchase of a product on our website) has taken place after clicking on the link in the newsletter.
The data processing is based on your consent (§ 6 No. 2 DSG-EKD). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations already carried out remains unaffected by the revocation.
If you do not want Inxmail to analyse your data, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in each newsletter message. Furthermore, you can also unsubscribe directly on the website.
We have concluded an order data processing contract with Inxmail.
Processing of data (customer and contract data)
We collect, process and use personal data only to the extent that it is necessary for the establishment, content or amendment of the legal relationship,
the legal relationship (inventory data). This is done on the basis of § 6 No. 5 DSG-EKD. which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data about the use of this website (usage data) only insofar as this is necessary to enable the user to use the service or to bill the user.
The collected customer data will be deleted after completion of the order or termination of the business relationship.
business relationship. Statutory retention periods remain unaffected.
Data transfer upon conclusion of a contract for online shops, dealers and goods dispatch
We transmit personal data to third parties only if this is necessary within the scope of the
We only transmit personal data to third parties if this is necessary for the processing of the contract, for example to the companies entrusted with the delivery of the goods or to the credit institution entrusted with the processing of payments. Further transmission of data does not take place or only if you have expressly consented to the transmission. Your data will not be passed on to third parties without your express consent, for example for advertising purposes. The basis for data processing is § 6 No. 5 DSG-EKD, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
On this website we offer, among other things, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). If you select payment via PayPal, the payment data you enter will be transmitted to PayPal. The transfer of your data to PayPal is based on § 6 No. 2 DSG-EKD (consent) and § 6 No. 5 DSG-EKD (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations.
We use the tool "Zoom" to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: "online meetings"). For this purpose, we have concluded a contract with Connect4Video GmbH from Germany, which ensures that the image and sound data of the online meetings are processed in Germany. We have concluded an order processing contract with Connect4Video GmbH in accordance with § 30 DSG-EKD.
"Zoom" is a product of Zoom Video Communications, Inc. which is based in the USA.
The data controller for data processing directly related to the conduct of online meetings is the German Bible Society.
Note: If you call up the "Zoom" website, the provider of "Zoom" is responsible for data processing. However, accessing the website is only necessary to use "Zoom" in order to download the software for using "Zoom".
You can also use "Zoom" if you enter the respective meeting ID and, if applicable, further access data for the meeting directly in the "Zoom" app. If you do not want to or cannot use the "Zoom" app, the basic functions can also be used via a browser version, which you can also find on the "Zoom" website.
What data is processed?
Various types of data are processed when using "Zoom". The scope of the data also depends on the data you provide before or during participation in an "online meeting".
The following personal data are subject to processing:
User details: first name, last name, telephone (optional), e-mail address, password (if "single sign-on" is not used), profile picture (optional),
Meeting metadata: Topic, description (optional), participant IP addresses, device/hardware information.
For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.
For dial-in with the telephone: information on the incoming and outgoing call number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be stored.
Text, audio and video data: You may have the opportunity to use the chat, question or survey functions in an "online meeting". To this extent, the text entries you make are processed in order to display them in the "online meeting" and, if necessary, to record them. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed accordingly during the meeting. You can switch off or mute the camera or microphone yourself at any time via the "Zoom" applications.
In order to participate in an "online meeting", you must at least provide details of your name in order to enter the "meeting room".
Scope of processing
We use "Zoom" to conduct online meetings. If we want to record online meetings, we will transparently tell you in advance and - where necessary - ask for consent. The fact of the recording will also be displayed to you in the "Zoom" app.
If it is necessary for the purposes of logging the results of an online meeting, we will log the chat content. However, this will not usually be the case.
In the case of webinars, we may also process questions asked by webinar participants for the purposes of recording and following up webinars.
If you are registered as a user with "Zoom", then reports of online meetings (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars) can be stored for up to one month at "Zoom".
The possibility of software-based "attention monitoring" ("attention tracking") existing in "online meeting" tools such as "Zoom" is deactivated.
Legal basis for data processing
For employees of the German Bible Society, § 49 DSG-EKD is the legal basis for data processing. If data is not required for data processing in connection with the use of "Zoom", but is nevertheless an elementary component of the use of "Zoom", then § 6 No. 4 DSG-EKD is the legal basis for data processing. In these cases, our interest is in the effective implementation of "online meetings".
For other participants in "online meetings" - insofar as the meetings are held within the framework of contractual relationships - § 6 No. 5 is the legal basis for data processing.
If there is no contractual relationship, the legal basis is § 6 No. 4 DSG-EKD. Here, too, our interest is in the effective conduct of "online meetings".
Recipients / passing on of data
Personal data processed in connection with participation in "online meetings" will not be passed on to third parties as a matter of principle, unless it is specifically intended to be passed on. Please note that the content of "online meetings", as well as personal meetings, is often used to communicate information with customers, interested parties or third parties and is therefore intended to be passed on.
Other recipients: The provider of "Zoom" necessarily receives knowledge of the above-mentioned data insofar as this is provided for in the context of our order processing agreement with "Zoom".
Data processing outside the European Union
"Zoom" is a service provided by a provider from the USA. A processing of personal data therefore also takes place in a third country. We have concluded an order processing agreement with the provider of "Zoom" which meets the requirements of §3 0 in conjunction with §1 0 DSG-EKD.
An appropriate level of data protection is guaranteed on the one hand by the "Privacy Shield" certification of Zoom Video Communications, Inc. and on the other hand by the conclusion of the so-called EU standard contractual clauses.
Data processing through social networks
We maintain publicly accessible profiles on social networks. The social networks used by us in detail can be found below.
Social networks such as Facebook, Twitter etc. can generally comprehensively analyse your user behaviour when you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). By visiting our social media presences, numerous data protection-relevant processing operations are triggered.
Our social media presences are intended to ensure the most comprehensive possible presence on the Internet. This is a legitimate interest within the meaning of § 6 no. 4 DSG-EKD. The analysis processes initiated by the social networks may be based on different legal bases, which are to be stated by the operators of the social networks (e.g. consent within the meaning of § 6 no. 2 DSG-EKD).
Responsible party and assertion of rights
If you visit one of our social media sites (e.g. Facebook), we are jointly responsible with the operator of the social media platform for the data processing operations triggered during this visit. In principle, you can assert your rights (information, correction, deletion, restriction of processing, data portability and complaint) both vis-à-vis us and vis-à-vis the operator of the respective social media portal (e.g. vis-à-vis Facebook). Please note that despite the joint processing with the social media portal operators, we do not have full influence on the data processing procedures of the social media portals. Our options are largely determined by the corporate policy of the respective provider.
Social networks in detail
We have a profile on Facebook. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, the data collected is also transferred to the USA and other third countries.
We have concluded a joint processing agreement (Controller Addendum) with Facebook.
concluded. This agreement sets out the data processing operations for which we, or Facebook, are responsible.
Facebook is responsible for when you visit our Facebook page. You can view this agreement at the following link:
You can adjust your advertising settings yourself in your user account. To do so, click on the following link and log in:
We use the short message service Twitter. The provider is Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. Twitter has been certified in accordance with the EU-US Privacy Shield.
You can independently adjust your Twitter privacy settings in your user account. To do so, click on the following link and log in:
Matomo (formerly Piwik).
This website uses the open source web analytics service Matomo. Matomo uses so-called "cookies". These are text files that are stored on your computer and enable an analysis of your use of the website. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymised before storage.
Matomo cookies remain on your terminal device until you delete them.
The storage of Matomo cookies and the use of this analysis tool are based on § 6 No. 4 DSG-EKD. The website operator has a legitimate interest in the anonymised analysis of user behaviour in order to optimise both its website and its advertising.
If a corresponding consent has been requested (e.g. consent to store cookies), the processing is carried out exclusively on the basis of § 6 No. 2 DSG-EKD; the consent can be revoked at any time.
If you do not agree to the storage and use of your data, you can deactivate the storage and use here: