Privacy Policy
We appreciate your interest in our website. The protection of your privacy is very important to us. Below we inform you in detail about the handling of your data.
Declaration on data protection
1. General information
We have written this privacy statement (version 13.07.2020) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679, what information we collect, how we use data and what decision-making options you have as a visitor to this website. For detailed information on the subject of data protection, please refer to our listed privacy policy.
If you have any further questions about data protection in connection with our website or the services offered on it, please feel free to contact our data protection officer:
E-mail: datenschutz@dlh.de
Note on the responsible office
help alliance gGmbH
c/o Deutsche Lufthansa AG
FRA I/H
Lufthansa Aviation Center
60546 Frankfurt
E-mail address: helpalliance@dlh.de
Telephone: (069) 696 – 696 70
2. Automatic data storage, hosting and creation of log files
When you visit websites, certain information is automatically created and stored, including on this website. When you visit our website, our web server automatically stores data and transmits it to our hosting provider TRILOS new media as part of an order processing. This data could include:
- the address (URL) of the accessed website
- browser and browser version
- the operating system used
- the address (URL) of the previously visited page (referrer URL)
- the host name and IP address of the device from which access is made
- the date and time
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
As a rule, web server log files are stored for two weeks and then automatically deleted. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or anonymized, so that an assignment of the calling client is no longer possible.
3. Cookies
Cookies are pieces of information that are transmitted from our web server or web servers of third parties to the web browsers of the users and stored there for later retrieval. Cookies contain a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again. When calling up our website, the user is informed about the use of cookies for analysis and marketing purposes and his consent to the processing of personal data used in this context is obtained. You will be informed about the use of cookies within the scope of this privacy policy.
If you do not want cookies to be stored on your computer, you have the option of accepting or rejecting individual cookies via our cookie setting. In addition, you can deactivate the corresponding option in the system settings of your browser. If necessary, please refer to the program help for the browser you are using to see how the corresponding setting can be made. However, we would like to point out that in this case you may not be able to use all functions of our website to their full extent.
Change cookie settings
Web analysis through Matomo
Our website uses “Matomo” (formerly “Piwik”), a web analytics service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand. Matomo stores cookies on your terminal device that enable an analysis of your use of our website. The information collected in this way is stored exclusively on our server. Matomo does not transmit data to servers outside of our control.
Matomo uses cookies. These text files are stored on your computer and make it possible for us to analyze the use of our website. For this purpose, the information about usage obtained by the cookie is transmitted to our server and stored so that usage behavior can be evaluated. Your IP address is immediately anonymized; thus you remain anonymous as a user. The information generated by the cookie about your use of this website will not be disclosed to third parties. The setting of Matomo cookies is based on Art. 6 para. 1 lit. f DSGVO.
If individual pages of our website are called up, the following data is stored:
- i Bytes of the IP address of the calling system of the user
- The website called up
- The website from which the user accessed the accessed website (referrer)
- The subpages accessed from the accessed web page
- The time spent on the website
- The frequency with which the website is accessed
The software runs exclusively on the servers of our website. A storage of the personal data of the users only takes place there. The IP address transmitted by your browser via Matomo is not merged with other data collected by us. The data is not passed on to third parties.
For more information, please see the Matomo privacy policy at: https://matomo.org/privacy/.
You can decide whether a unique web analytics cookie may be placed in your browser to enable the collection and analysis of various statistical data from our website. If you wish to opt out, you can change your cookie settings here.
You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.
Matomo Tag Manager
We use the Matomo Tag Manager on our website. Matomo Tag Manager is an extension of the open source Matomo web analysis solution. It is used to integrate tracking events and control the integration of third-party code. The Matomo Tag Manager makes it possible to integrate and manage the code of third-party providers into the website. This code can include various functions, such as the integration of widgets and analysis tools. The Tag Manager itself (which implements the tags) does not process any personal user data. The legal basis for data processing is Art. 6 para. 1 lit. f) GDPR. The data is deleted as soon as the purpose of its collection has been fulfilled.
YouTube
This website embeds videos from the website YouTube. The operator of the website is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
When you visit our website, a connection to the YouTube servers is established. This tells the YouTube server which pages you have visited.
Furthermore, YouTube can store various cookies on your terminal device. With the help of these cookies, YouTube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts. Cookies remain on your terminal device until you delete them.
If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used in the interest of an appealing presentation of our online offers as well as transparent communication about our work. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. If a corresponding consent has been requested (e.g. consent to the storage of cookies), the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO; the consent can be revoked at any time.
For further information on the handling of user data, setting and objection options, please refer to YouTube’s privacy policy at: https://policies.google.com/privacy?hl=de.
Altruja
Our website uses the fundraising tool of the third-party provider Altruja GmbH, Augustenstraße 62, 80333 Munich. The protection of donor data is a basic requirement for Altuja GmbH. When you access the donation page, your IP address is processed by Altruja’s servers in order to load the donation form. The legal basis for this is Art. 6 para. 1 lit. f DSGVO.
If you would like to donate online, whether with a one-time donation or a regular sponsorship contribution, you can do so via our donation form. To ensure the legitimacy of the payment process, we need at least the following information from you:
- Salutation and full name
- E-mail address
We process the following data for donation processing:
- Personal master data
- Communication data (e.g. telephone, e-mail)
- Contract master data (contractual relationship, product or contractual interest) Customer history
- Contract billing and payment data
- Bank data (account number, bank code or IBAN)
As part of an order data processing, we commission Altruja with the processing of donations that are instructed via the donation form. The personal data entered in the donation form is transmitted to Altruja and its technical service providers via an encrypted connection. Further recipients of your data are the commissioned credit institution and, if applicable, logistics companies commissioned with the delivery of proofs or our auditing company, to whom we may be obligated to account.
Personal data collected in the form will be used for the purpose of accounting for donations with the donor and payment service providers, for carrying out and promoting fundraising activities, for communicating with donors and for creating and sending proof of donations. This includes processing payments, sending an email confirming the donation request and, if applicable, creating and sending a donation receipt. Altruja is used in the interest of transparent donor communication and efficient donor support and donation processing. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO. The processing of data for these purposes can be objected to without giving reasons.
Furthermore, we process personal data, for interest-based donor selection, e.g. for postal or electronic donation mailings or calls. This serves the promotion of our activities and represents a legitimate interest iSd Art. 6 para. 1 lit. f DSGVO vis-à-vis data subjects who have already supported us with a donation. The processing of data for these purposes can be objected to without giving reasons.
Deletion of donor data: There is an agreement Altruja GmbH for the automatic deletion of all personal data on 30.06. and 31.12. of each year. The deletion is controlled by help alliance. The deletion protocol is transmitted to help alliance. Donor data older than 10 years will be deleted.
For more information on the handling of user data, setting and objection options, please refer to Altruja’s privacy policy at: https://www.altruja.de/datenschutz.html.
Google Ad Grants
Google Ads Conversion Pixel/Google Ad Grants
Use of Google Grants
We use the Google Ad Grants service from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA on our website. The controller for users in the European Economic Area and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (‘Google’).
We use Google Grants to receive free advertising for charitable purposes. Google Grants is a Google programme that offers non-profit organisations the opportunity to place free advertisements on Google search results pages.
The Google Ad Grants offer for NGOs enables us to optimise our ads and information campaigns on external websites. This enables us to determine the success of individual adverts, display them in a targeted manner and thus place interest-based adverts.
Processing of personal data
By using Google Grants, data about the interactions of users with the adverts on our website can be collected and processed. This includes, for example, information about clicks on adverts, interactions with our website in connection with the adverts and possibly also device-specific information. If you are logged in to Google with your data, this data can be assigned to your account. Even if you are not logged into a Google account, it is possible that Google will save your IP address. Google stores the conversion tracking data for 30 days.
We ourselves do not collect, process or receive any personal data in this context. The data provided by Google are merely statistics on the individual measures that do not enable us to identify you personally.
Legal basis for processing
The components are used on the basis of your consent in accordance with Art. 6 (1) a GDPR.
Further information on Google’s data protection provisions can be found here: https://policies.google.com/privacy?hl=de-IT&fg=1. Google LLC is certified to protect your data in accordance with the EU-US Data Privacy Framework. Link to the certification: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?id=a2zt000000001L5AAI&status=Active
4. SSL or TLS encryption
Our website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as contact requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
5. embedded social media elements
We maintain web presences within social networks and platforms. These are linked to our website and are accessible to all visitors. When calling up the respective networks and platforms, the terms and conditions and privacy statements of the respective networks and platforms apply. The processing of personal data on our part is based on legitimate interest pursuant to Art. 6. para. 1 lit. f) DS-GVO.
We would like to point out that Instagram or Facebook may process visitors’ data outside the European Union. This may result in risks that may make it more difficult to enforce data subject rights. Networks and platforms in the USA that are certified under the Privacy Shield undertake to comply with EU data protection guidelines.
Instagram: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland,
For more information on the handling of user data, setting and objection options, please refer to Instagram’s privacy policy at: https://help.instagram.com/519522125107875?helpref=page_content
Facebook: Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland,
For further information on the handling of user data, setting and objection options, please refer to the Facebook privacy policy at: https://www.facebook.com/privacy/explanation
6 Newsletter
If you would like to receive the newsletter offered on our website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.
The processing of the data entered in the newsletter registration form is based exclusively on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
The newsletter is sent via MailPoet. The provider of MailPoet is Wysija SARL, 6 rue Dieudé, 13006 Marseille, France. (hereinafter “Wysija”).
MailPoet is used to send and expand the reach of our newsletter. For this purpose, email addresses and, where applicable, other data required by MailPoet for the provision of the newsletter are processed on our behalf. The use of Mailpoet is in the interest of transparent communication, a user-friendly and secure newsletter system, as well as the optimization of our website a legitimate interest iSd Art. 6 para. 1 lit. f DSGVO. The data is stored by MailPoet on a server in Europe. The processing of data for these purposes can be objected to without giving reasons.
For more information on the handling of user data, setting and objection options, please refer to MailPoet’s privacy policy at: https://www.mailpoet.com/privacy-notice/
7. payment provider
If you would like to donate online, whether with a one-time donation or a regular sponsorship contribution, you can do so via our donation form. To ensure the legitimacy of the payment process, we need at least the following information from you:
- Salutation and full name
- E-mail address
We will transmit your data for donation processing to: Altruja, Augustenstraße 62, 80333 Munich. The following data will be transmitted:
- Personal master data
- Communication data (e.g. telephone, e-mail)
- Contract master data (contractual relationship, product or contractual interest) Customer history
- Contract billing and payment data
- Bank data (account number, bank code or IBAN)
To protect the security of your data during transmission, Altruja uses state-of-the-art encryption methods (e.g. SSL) via HTTPS. For information on data processing in accordance with Art. 13 DSGVO by Altruja, please visit: https://www.altruja.de/datenschutz.html
Depending on the selected payment method, your data will also be forwarded to the corresponding financial service provider:
- In case of direct debit payment to our house bank the Frankfurter Sparkasse, Neue Mainzer Str. 47-53, 60311 Frankfurt am Main, Germany.
- When paying via PayPal to Paypal Europe, S. à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxemburg
- For payments via Sofortüberweisung to Sofort GmbH, Theresienhöhe 12, 80339 Munich, Germany
- For payments by credit card or online direct debit to Micropayment GmbH, Scharnweberstraße 69, Germany
The general terms and conditions and data protection information of the respective payment providers apply.
8. What rights do you have regarding your data?
According to the provisions of the DSGVO, you are generally entitled to the following rights:
Right to rectification (Article 16 DSGVO): with this right, a data subject may request the immediate rectification of incorrect or incomplete data processed about him or her. This claim is always directed against one or more controllers of personal data. The right to rectification is linked to the principle of accuracy from Article 5(1)(d) of the GDPR, according to which personal data must be factually correct and, where necessary, kept up to date.
Right to erasure (“right to be forgotten”) (Article 17 GDPR): the data subject has the right to require the controller to erase personal data concerning him or her without undue delay, and the controller is obliged to erase personal data without undue delay.
Right to restriction of processing (Article 18 GDPR): the data subject has the right to require the controller to restrict processing if one of the following conditions is met:
- the accuracy of the data is unclear or disputed by the data subject
- the processing was unlawful and the data subject requests the restriction of processing instead of erasure
- the data controller no longer requires the data for processing, but the data subject still needs it for the exercise, assertion or defense of his or her legal rights
- the data subject has objected to the processing pursuant to Article 21 (1) of the GDPR.
Right to notification – obligation to notify in connection with the correction or deletion of personal data or the restriction of processing (Article 19 DSGVO): According to all data protection regulations, the data subject has a right to receive information about what personal data is stored about him or her. The scope of the information also includes the purpose for which the data was collected, where it came from and to which bodies it was transmitted.
Right to data portability (Article 20 GDPR): data subjects have the right:
- To receive their personal data in an appropriate format (e.g. via a USB stick, CD, private cloud or else a barcode),
- have their personal data transferred to another provider, or
- to have their personal data transferred from one provider to another provider.
Right to object (Article 21 GDPR): the data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her carried out on the basis of Article 6(1)(e) or (f); this also applies to profiling based on these provisions. The controller may thus no longer process the personal data.
The data subject has the right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR) – which produces legal effects concerning him or her or similarly significantly affects him or her.
If you believe that the processing of your data violates data protection law or your data protection rights have otherwise been violated in any way, you can contact the State Data Protection Commissioner of Hesse E-mail: poststelle@datenschutz.hessen.de for data protection and freedom of information.
Right to information
Pursuant to Article 15 (1) of the GDPR, data subjects have the right to request confirmation from data controllers as to whether personal data concerning them are being processed. If this is the case, data subjects have a right to information about this data and further information about its processing.
Accordingly, the right of access is divided into two stages. First, data subjects can request confirmation from the controller as to whether personal data about them are being processed at all. If no personal data of an applicant is processed, the applicant must be informed of this. If personal data of an applicant are processed, the applicant has in principle a right to information about these data. In addition, according to Article 15 (1) of the GDPR, the controller must also provide the following information:
- Purposes of processing
- Categories of personal data that are processed
- Recipients or categories of recipients who have already received this data or will receive it in the future
- planned storage period if possible, otherwise the criteria for determining the storage period
- rights to rectification, erasure or restriction of processing
- right to object to such processing
- right of complaint for the data subject to the supervisory authority
- Origin of the data, insofar as it has not been collected from the data subject himself/herself
- The existence of automated decision-making, including profiling, with meaningful information about the logic involved and the scope and intended effects of such procedures.
In addition, if personal data are transferred to third countries, data subjects have the right under Article 15(2) of the GDPR to be informed of the appropriate safeguards that have been put in place in connection with the data transfer in accordance with Article 46 of the GDPR.
Group Privacy Officer of the Lufthansa Group
E-mail: datenschutz@dlh.de
9. Right of objection
We observe your rights of objection unless we are obliged to process the data for legal reasons. Storage may therefore take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject.
Your personal data will be deleted or blocked as soon as the purpose of the storage no longer applies. Data will also be blocked or deleted if a storage period prescribed by the above-mentioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.
10 Liability for links
We hereby expressly declare that at the time the links were created, no illegal content was identifiable on the respective linked pages. The help alliance gGmbH has no influence on the current and future design, content or authorship of the linked pages. Therefore, we hereby expressly distance ourselves from all content on linked pages that has been changed after the link was created. This statement applies to all links and references set within our own Internet offer. For illegal, incorrect or incomplete contents and especially for damages resulting from the use or non-use of such information, only the provider of the linked site is liable, not the one who has linked to the respective publication.
11. Notice for parents or guardians
Parents or guardians are responsible for protecting the privacy of their children. We ask you to talk to their children about the safe and responsible use of their own personal data on the Internet.
12. Changes to the data protection declaration
We reserve the right to change the data protection declaration in order to adapt it to changed legal situations, or in the event of changes to the service as well as data processing. However, this only applies with regard to declarations on data processing. Insofar as user consents are required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users. We always post changes to our privacy policy at this location and recommend that you read this statement occasionally.
Change cookie settings