Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
We are very delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of the Free State of Saxony State Chancellery of Saxony. The use of the Internet pages of the Free State of Saxony State Chancellery of Saxony is possible without any indication of personal data; however, if a data subject wants to use special enterprise services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.
The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR), and in accordance with the country-specific data protection regulations applicable to the Free State of Saxony State Chancellery of Saxony. By means of this data protection declaration, our enterprise would like to inform the general public of the nature, scope, and purpose of the personal data we collect, use and process.
In order to improve the quality of our websites, we store data about the individual access to our pages for statistical purposes. This record consists of
- the page from which the file was requested,
- the name of the file,
- the date and time of the query,
- the transferred amount of data,
- the access status (file transfer, file not found),
- the description of the type of web browser used,
- the IP address of the requesting computer is shortened by the last three digits.
These data are stored anonymously in accordance with the Telemedia Act (TMG). The creation of personal user profiles is thus excluded.
Data transmission to third parties
We do not transfer your personal data to third parties.
Protection of minors
Children and persons under the age of 18 should not submit any personal data to us without the consent of their parents or guardians.
Like many other websites, we also use so-called “cookies”. Cookies are text files that are stored in a computer system via an Internet browser.
Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a character string through which Internet pages and servers can be assigned to the specific Internet browser in which the cookie was stored. This allows visited Internet sites and servers to differentiate the individual browser of the dats subject from other Internet browsers that contain other cookies. A specific Internet browser can be recognized and identified using the unique cookie ID.
The data subject may, at any time, prevent the setting of cookies through our website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, already set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If the data subject deactivates the setting of cookies in the Internet browser used, not all functions of our website may be entirely usable.
To protect the security of your data during transmission, we use state-of-the-art encryption techniques (such as SSL) over HTTPS.
If you have questions of any kind contact us by e-mail or contact form, give us your consent for the purpose of establishing contact. This requires the specification of a valid e-mail address. This serves for the assignment of the request and the subsequent answering of the same. The specification of further data is optional. The information you provide will be stored for the purpose of processing the request and for possible follow-up questions. After completing the request you will automatically delete personal data.
Collection of general data and information
The website of the Free State of Saxony State Chancellery of Saxony collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. If you would like to view our website, we collect the following data which is technologically required to display our website to you and assure its stability and security (the legal grounds for this are provided in GDPR art. 6(1)(f)):
- IP address
- Date and time of request
- Time difference to Greenwich Mean Time (GMT)
- Content of the request (specific site)
- Access status/HTTP status code
- Volume of data transmitted each time
- Website from which the request is coming
- Operating system and its interface
- Browser software language and version
When using these general data and information, the Free State of Saxony State Chancellery of Saxony does not draw any conclusions about the data subject. Rather, this information is needed to
- deliver the content of our website correctly
- optimize the content of our website as well as its advertisement
- ensure the long-term viability of our information technology systems and website technology
- provide law enforcement authorities with the information necessary for criminal prosecution in case of a cyber-attack.
The anonymous data of the server log files are stored separately from all personal data provided by an affected person.
Rights of the data subject
- Right of confirmation
- Right of access
- Right to rectification
- Right to erasure (Right to be forgotten)
- Right of restriction of processing
- Right to data portability
- Right to object
- Automated individual decision-making, including profiling
- Right to withdraw data protection consent
Routine erasure and blocking of personal data
The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to.
If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements.
On our website there are references (links) to external social networks such as: Facebook (“Social Plugins”). The functions assigned to the links, in particular the transmission of information and user data, are not activated by visiting our websites, but by clicking on the links. After clicking on these links, the plugins of the corresponding networks are activated and your browser establishes a direct connection to their servers.
Use of Facebook remarketing (‘Facebook button’)
Our website contains the ‘Custom Audiences’ remarketing function provided by Facebook Inc. (‘Facebook’). This function is used to present interest-based advertising (‘Facebook ads’) to visitors of this website when they visit the Facebook social network. To enable this function, the Facebook remarketing tag has been implemented on this website. This tag establishes a direct connection to Facebook’s servers when you visit this website. Data concerning your visit of this website is transferred to Facebook’s servers over the connection and Facebook then matches this information with your personal Facebook account. You can find more information about data collection and use by Facebook and your rights and options for guarding your privacy by reading Facebook’s Data Policy at https://www.facebook.com/about/privacy/. Alternatively, you can deactivate the ‘Custom Audiences’ remarketing function at https://www.facebook.com/settings/?tab=ads#_=_. You must be logged on to Facebook to deactivate the function.
Data protection provisions about the application and use of Google
Google does not keep the IP address transmitted from your browser through the Google Analytics service with other data.
You can prevent cookies from being stored by activating the corresponding settings in your browser software, though be aware that you may not be able to use the complete functionality of this website in this case. Furthermore, you can prevent the data that is generated by the cookie and that relates to your use of the website (including your IP address) from being stored and processed by Google by downloading and installing the browser plug-in available over the following link: http://tools.google.com/dlpage/gaoptout?hl=en.
This website uses Google Analytics with the ‘_anonymizeIp()’ extension. This means that IP addresses are abbreviated before they are further processed, thereby ruling out the ability to be drawn back to a specific person. Therefore if the data collected from you has any personal references, it will be immediately blocked and the personal data promptly deleted.
We use Google Analytics to analyse the use of our website and to be able to regularly improve it. Using the acquired statistics, we can improve our offering and make it more appealing for you as a user. For exceptional cases where personal data is transferred to the United States, be advised that Google is subject to the EU-US Privacy Shield framework, https://www.privacyshield.gov/EU-US-Framework. The legal grounds for our use of Google Analytics are provided in GDPR art. 6(1)(f).2
Use of the Google ‘+1’ button
Use of Instagram function
Functionality for the Instagram service is integrated into our website. These functions are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, United States. If you are logged in to your Instagram account, you can link the content on our website with your Instagram profile by clicking on the Instagram button. Instagram will be able to match your visit of our website with your user account as a result. We would like to point out that we as the website provider have no knowledge of the content of transferred data nor the way in which Instagram uses it.
Use of a ‘Pin it’ button from Pinterest
Use of Twitter functionality
Our website also contains functions provided by Twitter Inc., 795 Folsom Street, Suite 600, San Francisco, CA 94107, United States. If you use Twitter and the ‘retweet’ function in particular, Twitter matches your Twitter account with the websites that you frequently visit. These will be shown to other users on Twitter, including your followers. Accordingly, data is also transferred to Twitter in this manner. Twitter does not inform us, the provider of our website, about the content or use of the data transferred. You can find more information via the link below: http://twitter.com/privacy. However, please note that you have the option of changing your privacy settings for Twitter in your account settings for the network at http://twitter.com/account/settings.
Use of a YouTube plug-in
Legal basis for the processing
Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1) lit. b GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. Is our company subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR. In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1) lit. d GDPR. Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).
Third party access
The data processing is carried out only by us and, if necessary, by service providers commissioned by us, as well as by other third parties in the case of your consent or in the context of contractual relationships and in the case of pseudonymised data also by companies of the Oetker Group with which we are affiliated. Incidentally, we will process your personal data only in the case of official or legal obligation.
Duration of data processing
Your personal data will only be processed as long as the purposes stated for the respective processing i.S.d. Art. 6 para. 1 GDPR and / or until expiry of the limitation periods of any claims and statutory retention requirements.
When it comes to us and our processing of personal data concerning you, you have the following rights:
- Right to information and access
- Right to rectification or erasure
- Right to restriction of processing
- Right to data portability
- Right to object to processing
- According to GDPR art. 15, you have the right to request access to and information about the personal data concerning you that we process. In particular, you can request information about the purposes for processing, category of personal data, categories of recipients to whom your data was/is disclosed, planned retention period, existence of rights to rectification, erasure, restriction of processing or objection, existence of a right to complain, origin of the data if it was not collected by us and existence of automated decision-making, including profiling and in that case meaningful information about those specific processes.
- According to GDPR art. 16, you have the right to request prompt rectification of your incorrect or incomplete personal data that is stored by us. According to GDPR art. 17, you have the right to request erasure of your personal data that is stored by us if its processing is not necessary for exercising the right of freedom of expression and information, compliance with a legal obligation, reasons of public interest or the establishment, exercise or defence of legal claims.
- According to GDPR art. 18, you have the right to request restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful, you oppose its erasure and we no longer need the data, you require it for the establishment, exercise or defence of legal claims; or you have objected to processing pursuant to GDPR art. 21.
- According to GDPR art. 20, you have the right to obtain your personal data that you have provided to us in a structured, commonly used and machine-readable format or to transmit that data to another controller.
- In accordance with GDPR art. 7(3), you have the right at any time to withdraw the consent you have previously given to us. This will mean that we will in the future not be permitted to continue processing the data for which the consent was granted.
- If your personal data is processed on the basis of legitimate interests as defined in GDPR art. 6(1)(f), GDPR art. 21 provides you the right to object to the processing of your personal data if your particular situation gives you the grounds to do so or if you are objecting to direct marketing. In the latter case, you have a general right to object with which we will comply without you needing to provide a description of any special situation. If you would like to utilise your right to withdraw consent or to object, an email to the following address will be sufficient email@example.com)
Additionally, GDPR art. 77 gives you the right to lodge a complaint about our processing of your personal data with an authority supervising data protection compliance. Generally you can contact the supervisory authority with jurisdiction over your habitual residence or place of work or over our company’s registered office.