Data Protection Policy

1. Responsibility

The responsibility for the gathering, processing and use of your personal data as defined by art. 4, num. 7 DSGVO is the Römerregion Chiemsee legally represented by the participating municipalities of Aschau im Chiemgau, Bad Endorf, Bergen, Bernau, Breitbrunn, Chieming, Grabenstätt, Grassau, Pittenhart, Prien, and Seeon-Seebruck.

In accordance with the said data protection regulations, you have the right to object to our gathering, processing, or use of your personal data, either in particular or in general. If you wish to do so, please lodge your complaint under the address listed in the site page.This data protection policy may be filed and printed at any time.

2. General processing guidelines

We gather and use the following personal data in order to ensure the functioning of the website:
• inventory data (e.g. names, addresses),
• contact data (e.g. e-mail addresses, telephone numbers),
• content data (e.g. text input),
• usage data (e.g. websites visited, content, times of access),
• metadata/technical information (e.g. type of device, IP address),

We process and use the data gathered for the following purposes:
• to control and improve the function and content of our online services ,
• for the processing of contact inquiries
• for security measures.

3. Specific guidelines

3.1 Legal basis

In compliance with the German DSGVO, art. 13, we provide users with the legal basis for our data processing. Wherever this data protection policy does not expressly refer to its legal basis, the following guideline applies: The legal basis for obtaining consent is provided by DSGVO, art. 6 par. 1 lit. a and art. 7; the legal basis for the processing of data in order to provide our services, perform contracts and respond to requests is DSGVO, art. 6 par. 1 lit. b; the legal basis for data processing in accordance with our legal obligations is DSGVO, art. 6 par. 1 lit. c; and the legal basis for data processing in order to protect our legitimate interests is DSGVO, art. 6 par. 1 lit f. In the event that data processing is necessary to protect the vital interests of the data subject or of another natural person, the legal basis for this is DSGVO, art. 6 par. 1 lit d.

3.2 Server-Log-Files

The hosting provider automatically gathers and stores information transmitted from your browser in so-called Server-Log-Files. This information includes:
• the name of the viewed website
• type and version of the browser used
• system software used
• referrer URL
• host name of the inquiring computer
• time of the inquiry
• record of successful file retrieval.
These data are not personalised and will not be cross-referenced with data from other sources. However, we reserve the right to analyse them in the case of well-founded suspicions of illegal activity.
Log-file data may be stored for security purposes (for example, to investigate cases of misuse or fraud) for up to seven days, after which they must be erased. Data saved as evidence in legal investigations is exempted from this storage restriction until the investigation has been finally closed.

3.3 Cookies

We use „Session Cookies“ to optimise our website. These are small text files which your computer receives from the server when you visit a website and temporarily saves on the hard disc. Each file contains a so-called “Session-Id.” allowing us to correlate various inquiries made from your browser during the same session. Other cookies remain stored on your computer until you delete them. These cookies make it possible for us to identify your browser the next time you visit our website. You can configure your browser to inform you when cookies are being set, to regulate their use either allowing them in singular instances or only in given cases, or disallowing them altogether, and to delete them automatically after the browser has been closed. Deactivating cookies may limit the functionality of this website.

3.4 Use of personal data

We process your personal data only when you use the contact form on our website (art. 6 par. 1 lit a DSGVO) and when we have a legitimate interest in doing so (art. 6 par. 1 lit. f DSGVO), such as in order to respond to your e-mail. If not otherwise specified, we store personal data only as long as is required to fulfil the given purpose. In some cases, government legislation demands the storage of some personal information, for example for tax or customs purposes. In these instances, we retain the data only in accordance with the legal requirements without any further processing and erase them on expiry of the legally required storage period.

4. Regular erasures and blocking of personal data

We store and process the personal information of data subjects only for the period of time required to fulfil the above mentioned purposes and legal requirements and as determined by the German general data protection legislation and the national and institutional regulations applicable to Römerregion Chiemsee. Thereafter, personal data will be routinely erased or blocked for further processing in accordance with the legal requirements.

5. Rights of data subjects

You have the legal right to be informed at any time about which data the website Römerregion Chiemsee is storing over you, where it came from, who is receiving it, and to what purpose it is being processed. Furthermore, you have the right to demand that your personal data be corrected or erased, or that their processing be restricted. Insofar as the processing of your data occurs on the basis of your consent, you have the right to revoke this consent or to object to the practice. You have the right to data portability.

If you have questions regarding the content of our privacy policy or the topic of personal data, please do not hesitate to contact us.

Last update: 19.02.2020