Objective and responsible party
This privacy statement provides guidance on the nature, extent and purpose of the collection and use of data within the websites and online services of the Association of German Banks, Burgstraße 28, 10178 Berlin as the responsible party under data protection law (referred to in the following as “we” or “us”). This statement covers the following websites and associated subdomains: https://bankenverband.de/, http://www.edb-banken.de/, http://einlagensicherung.de/, https://einlagensicherungsfonds.de/, http://schulbanker.de/, http://bw.bankenverband.de/, http://by.bankenverband.de/, http://hb.bankenverband.de/, http://hh.bankenverband.de/, http://he.bankenverband.de/, http://ni.bankenverband.de/, http://nw.bankenverband.de/, http://rp.bankenverband.de/, http://sl.bankenverband.de/, http://www.jugendundwirtschaft.de/, http://www.bankenombudsmann.de and http://sh.bankenverband.de/.
- We collect, process and use users’ personal data solely in compliance with the relevant data protection legislation. This means that we only use users’ data where we are legally permitted to do so or where the user has consented to its use.
- We make organisational, contractual and technical arrangements to ensure that data protection legislation is complied with and the data managed by us is thus protected against any accidental or deliberate manipulation, loss and destruction or against any access by unauthorised persons.
Collection, processing and use of personal data
Users’ personal data is used for the following purposes:
- Delivering services to the public and our members and ensuring efficient customer service and/or technical support.
- Whenever we are contacted, personal data (contact form data may be converted into an email) is stored in order to process the inquiry and in case any further questions arise. The purpose of storage follows from each inquiry. Emails are generally stored at the Association for a period of ten years.
- If contact data is collected at an event, it is stored for future contact in connection with events.
- Sending technical information about our websites and online services.
- Sending newsletters or other informational material, provided we have the user’s consent.
- We forward the data to third parties where this is necessary to fulfil our contractual obligations (e.g. to conduct banking transactions, mail invoices).
Collection of access data
- We collect data on all server access to our websites (so-called ‘server log files’). The data includes the name of the web page requested, file, request date/time, volume of data transferred, ‘successful request’ report, type of browser plus version, the user’s operating system, referrer URL (the page previously visited), IP address and the requesting provider.
- We use the log file data, without associating it with the person of the user or any other profile, solely for statistical analysis for the purpose of operating, securing and optimising our websites. At the same time, we reserve the right to subsequently check the log file data if there is concrete evidence allowing justified suspicion of illegal use.
- We collect data through a continuous online survey. This survey is designed solely to check/improve the quality of our websites. Users’ responses are recorded, stored and processed completely anonymously by us so that it is not possible to identify users. The data is never made available to unauthorised third parties.
For the survey, we use ‘http cookies’. These are small text files that are stored on your computer via the browser. A cookie stores, for a period of not more than twelve months, information on whether and when another invitation to take part in the survey will be made. Storing and reading this information serve solely to prevent you being invited to take part in the survey against your wishes or too frequently. Our online survey also uses ‘session cookies’ to ensure its technical management. These are automatically deleted once the browser is closed.
We don’t use any of the cookies mentioned to store information that users have provided in the survey. Nor do we use the information in cookies to compile movement or usage profiles.
Inclusion of third-party services and content
- Our websites may include third-party content, e.g. YouTube videos, Google Maps material, RSS feeds, SlideShare presentations, Flickr photos, Yumpu embeds or charts/diagrams from other websites.
- This always presupposes that the providers of such content (referred to in the following as “third-party providers”) use the user’s IP address, since no content can be sent to the user’s browser without the IP address.
- We endeavour to only include content of third-party providers that use IP addresses solely for delivering content. We have no control, however, over whether third-party providers store IP addresses for statistical purposes, for example. Where we are aware of this, we advise users accordingly in the following sections.
- Cookies can be deactivated in browser settings. Our web pages can also be viewed without cookies. Cookies that have already been stored can be deleted in browser settings. Blocking cookies may, however, result in reduced website functionality.
Please note: many online company ad cookies can be managed via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/uk/your-ad-choices/.
Shariff social media buttons for more data privacy
- We are pleased whenever our readers recommend and discuss content of the https://bankenverband.de website on Twitter, Facebook and Google+. For this purpose, we use social media buttons, i.e. the buttons provided by c’t Shariff.
- c’t Shariff ensures that social networks can only request data from users once these click on the appropriate button. Shariff replaces social networks’ customary “Share” buttons and protects your surfing behaviour from prying eyes. A single click on the button is enough to share information with others. You don’t have to do anything else – the webmaster has already taken care of everything. Customary social media buttons transmit user data every time a page is visited and give the social networks full details of your surfing behaviour (user tracking). For this, you don’t have be logged in or a network member. A Shariff button, on the other hand, only establishes direct contact between a social network and a visitor when the latter actively clicks on the share button. For further information, please see heise.de.
- Before being transmitted to Google, users’ IP addresses are shortened and thus anonymised. Only in exceptional cases is the full IP address transmitted to a Google server in the US and shortened there.
- Cookies can – as already explained – generally be deactivated through appropriate browser settings. Users can, in addition, prevent the capture of cookie data (including their IP address) and its transmission to Google by downloading and installing the browser plugin available from the following link: http://tools.google.com/dlpage/gaoptout?hl=de).
- As an alternative to the browser add-on or within browsers on mobile devices, please click on this link to prevent the capture of data by Google Analytics within this website in future. When you do so, an opt-out cookie will be placed on your device. If you delete your cookies in this browser, you will have to click on this link again.
- The IP address is anonymised immediately after processing and before it is stored.
- Users may, as already explained, deactivate cookies through appropriate browser settings.
Facebook social plugins
- Social plugins (“plugins”) provided by the facebook.com social network, which is run by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”), are used on the websites operated by the Association. The plugins are identified by one of the Facebook logos (white “f” on a blue tab or a “thumbs up” sign) or labelled “Facebook social plugin”. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
- The plugin content is transmitted by Facebook directly to the user’s browser and integrated into the website by the browser. We therefore have no control over the amount of data that Facebook collects via this plugin. As far as we know, by integrating the plugins Facebook obtains information that a user has visited a certain web page. If the user has logged in to Facebook, Facebook can match the visit to his/her Facebook account. If users interact with plugins, e.g. click on the “Like” button or make a comment, the relevant information is transmitted directly from your browser to Facebook and stored there. If a user is not a Facebook member, Facebook may nevertheless store his/her IP address. According to Facebook, only an anonymised IP address is stored in Germany.
- If a user is a Facebook member and doesn’t want Facebook to collect data about him/her in this way and link it with his/her member data stored with Facebook, he/she must log out of Facebook and delete Facebook cookies before visiting our websites. In addition, Facebook social plugins can be blocked by browser add-ons such as the “Facebook blocker”.
Google+ +1 button
- Buttons provided by the Google+ social network (e.g. “+1” button), which is run by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), are used on the websites operated by the Association.
- The button content is transmitted by Google directly to the browser and integrated by it into the website. We therefore have no control over the amount of data that Google collects via the buttons.
If a user is a Google+ member and doesn’t want Google to collect data about him/her in this way and link it with his/her member data stored with Google, he/she must log out of Google Plus and delete Google cookies in his/her browser before visiting our websites.
- Twitter buttons are used on the websites operated by the Association. These buttons (e.g. “Tweet” or “Follow”) are provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.
- The “Recommend” button provided by the “LinkedIn” social network, which is run by the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, is used on the websites operated by the Association.
- Whenever you, as a LinkedIn user, visit web pages with integrated plugins, a direct connection can be established between your browser and the LinkedIn server. As a result, LinkedIn receives personalised information, including your IP address.
- When you click on the “Recommend” button and are at the same time registered with LinkedIn, you can disclose the content of these web pages on your LinkedIn profile. This information is, as a rule, public or can at any rate be accessed by your own LinkedIn “Contacts”. Data is also transmitted to LinkedIn in the process.
- The SlideShare platform of SlideShare Inc., 1 Montgomery St., Suite 1300, San Francisco, CA 94104, USA is used on the websites operated by the Association to, among other things, publish the Association’s own publications.
- Please note that we don’t use any SlideShare plugins on our websites.
- We use the Flickr platform provided by Yahoo! Inc., 701 First Avenue, Sunnyvale, CA 94089, USA to publish our own photos.
- Please note that we don’t use any Flickr plugins on our websites.
Web kiosk with Yumpu
- Yumpu is a service of i-Magazine AG, which provides a digital platform for publishing magazines, brochures or catalogues. Yumpu embeds are used on the websites operated by the Association to display publications.
- At least one plugin provided by YouTube (Google Inc., based in San Bruno/California, USA) is used on the websites operated by the Association.
- As soon as you visit any of our web pages containing a YouTube plugin, a connection to a YouTube server is established. The YouTube server is informed about which specific web pages you visited.
- Should you be logged in to your YouTube account at the same time, you would enable YouTube to match your surfing behaviour directly to your personal profile.
- You can prevent such matching by logging out of your account beforehand.
- Plugins provided by the SoundCloud social network (SoundCloud Limited, 33 St James Square, London SW1Y 4JS, UK) can be integrated into our websites. The SoundCloud plugins are identified by the SoundCloud logo on the web pages concerned.
- Whenever you visit our web pages, a direct connection between your browser and the SoundCloud server is established once the plugin is activated. As a result, SoundCloud is informed that you visited our web pages using your IP address.
- If you click on the “Like” button or “Share” button while you are logged in to your SoundCloud account, you can link the content of our web pages with your SoundCloud profile and/or share it. This enables SoundCloud to match your visits to our web pages to your user account. Please note that, as the provider of the web pages, we don’t obtain any knowledge of the content of the transmitted data or of its use by SoundCloud.
- If you don’t want SoundCloud to match your visits to our web pages to your SoundCloud user account, please log out of your SoundCloud user account before you activate the SoundCloud plugin content.
Revocation, changes, corrections and updates
- Users are entitled to receive, on request, information free of charge about their personal data stored by us. Please see the site notice for our contact details.
- In addition, users are entitled to have incorrect information corrected, to revoke consent and to have their personal data blocked or deleted provided this is not precluded by any statutory retention requirement.
- Users are therefore advised to check its contents regularly.