Diese Seite wurde automatisch übersetzt. Es kann daher zu Abweichungen oder Ungenauigkeiten im Text kommen. Verbindlich ist ausschließlich die Originalfassung. Rechtsansprüche aus Inhalten der übersetzten Version sind ausgeschlossen.
Data protection
Data protection is an important concern for the town of Kitzingen. We therefore also attach great importance to data-saving and citizen-friendly data processing when processing personal data in connection with the fulfilment of our tasks.
This data protection declaration also refers to the processing of personal data and information within the meaning of § 25 TDDDG in the context of this website, including the services offered there, as well as the website of the tourist information centre of the town of Kitzingen, including the services offered there.
1. name and address of the person responsible
The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:
3.1 Purposes and legal bases for the processing of personal data
The purpose of the processing is to fulfil the public tasks assigned to us by law.
Unless otherwise stated, the legal basis for the processing of your data is Article 4(1) of the Bavarian Data Protection Act (BayDSG) in conjunction with Article 6( 1)(e) of the General Data Protection Regulation (GDPR). Accordingly, we are permitted to process the data necessary to fulfil a task incumbent upon us.
If you have consented to processing, the data processing is based on Art. 6 (1) (a) GDPR.
3.2 Recipients of personal data
Insofar as your data is processed electronically, the technical operation of our data processing systems is carried out by
Bavarian Municipal Data Processing Agency (AKDB) Head Office Hansastraße 12–16 80686 Munich
BayernportalBavarian State Ministry for Digital AffairsOskar-von-Miller-Ring 3580333 MunichEmail : bayernportal@stmd.bayern.de
my. booking&moreferatel media technologies AG Maria-Theresien-Straße 8 6020 Innsbruck Email: info@feratel.at
If necessary, your data will be transmitted to the responsible supervisory and auditing authorities to exercise the respective control rights.
Log data can be forwarded to the State Office for Information Security on the basis of Art. 44 BayDiG-E in order to prevent threats to information security (for more details, see "Logging").
3.3 Duration of storage of personal data
We store your data for as long as this is necessary for the fulfilment of the task, for documentation obligations or due to statutory retention periods.
3.4 Your rights
If we process your personal data, you have the following rights as a data subject:
You may request information as to whether we process any of your personal data. If this is the case, you have the right to access this data and to receive further information relating to its processing (Art. 15 GDPR). Please note that this right of access may be restricted or excluded in certain cases (see, in particular, Art. 10 of the Bavarian Data Protection Act – BayDSG).
If incorrect personal data is processed, you have the right to rectification (Art. 16 GDPR).
If the legal requirements are met, you may request the erasure or restriction of processing (Articles 17 and 18 of the GDPR). However, the right to erasure under Article 17(1) and (2) of the GDPR does not apply where the processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority (Article 17(3)(b) of the GDPR).
If you have consented to the processing and the processing is based on that consent, you may withdraw your consent at any time with effect for the future. The lawfulness of the data processing carried out on the basis of your consent up until its withdrawal remains unaffected.
You have the right to object to the processing of your data at any time for reasons arising from your particular situation (Art. 21 GDPR). If the legal requirements are met, we will then no longer process your personal data.
Further restrictions, modifications and, where applicable, exclusions of the aforementioned rights may result from the General Data Protection Regulation or national legislation.
You can also obtain more detailed information on these rights from our data protection officer.
3.5 Right to lodge a complaint with the supervisory authority
You also have the right to lodge a complaint with the Bavarian State Commissioner for Data Protection. You can reach him under the following contact details:
Postal address: PO Box 22 12 19, 80502 Munich Address: Wagmüllerstraße 18, 80538 Munich Telephone: 089 212672-0 Fax: 089 212672-50
Our web server is operated by Chamaeleon AG, Robert-Bosch-Straße 12 / Haus IV, 56410 Montabaur. The personal data transmitted by you when you visit our website is therefore processed by Chamaeleon AG on our behalf.
When you access this or other Internet pages, you transmit data to our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your Internet browser and our web server:
Date and time of the request
Name of the requested file
Page from which the file was requested
Access status (file transferred, file not found, etc.)
Web browser and operating system used
Complete IP address of the requesting computer
amount of data transferred.
We store this data for reasons of technical security, in particular to defend against attempted attacks on our web server. After seven days at the latest, the data is anonymised by shortening the IP address at domain level so that it is no longer possible to establish a reference to individual users.
This data is forwarded to the State Office for Information Security on the basis of Art. 44 BayDiG-E in order to prevent threats to information security.
4.1 Secure data transmission
By accessing this information service, we offer a connection encrypted with HTTPS and Perfect Forward Secrecy, which is secured with at least the TLS 1.2 encryption protocol, so that your data is protected against unauthorised access by third parties during data transmission. We recommend that you keep your internet browser up to date in order to use this option.
5. use of cookies
We use cookies to ensure the correct technical and functional provision of this information service. Cookies are small text files that are stored on the device you are using.
The legal basis for the storage of information and the processing of personal data by means of technically necessary cookies is § 25 para. 2 TDDDG and Art. 6 para. 1 lit. e GDPR in conjunction with Art. 4 BayDSG. Art. 4 BayDSG
Technically necessary cookies are only valid for the current session and are automatically deleted as soon as you close your browser.
Name
Provider
Purpose
session
ionas
Saves the information for the current authentication (login).
JSESSIONID
ionas
Tomcat – session cookie set by the server. Stores session-specific data. This could include, for example, the last search term or items in the shopping basket.
menu-slide-in
ionas
ionas LoginThe cookie is set and checked immediately. This verifies whether cookies are enabled in the browser.
FORM_TOKEN
ionas
Forms : Used when forms are submitted and stores the CSRF token for forms.
hide_cn
ionas
Cookie banner / Consent : When the cookie disclaimer is accepted, this stores the information that technical cookies are permitted.
highContrast
ionas
Contrast SwitchUsed with the integrated "Contrast Switcher" module and stores information on whether the contrast switch is active or inactive.
hasClickedIOSBanner
ionas
addToHome Widget : Stores whether the "add to home" widget should be hidden / has been clicked.
The use of functional cookies is voluntary. If these cookies are blocked, the provision of certain functions may not be fully possible.
The legal basis for the use of technically unnecessary cookies is the user's consent in accordance with § 25 para. 1 TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR. Art. 6 para. 1 lit. a GDPR
When you access this website, we store cookies (small files) on your device. These have a validity of:
Cookie storage duration
cookieConsent: one year
analytics-disable-all: Year 2099
ga-disable-*: Year 2099 (but is no longer written by the current code, only read)
noPopup: is not a persistent cookie, so it expires when the browser is closed
desktop: one hour
highContrast: Year 9999
socialSharePrivacy: one year
Some cookies are technically essential and help us to improve this website, whilst other cookies are placed by third parties to enable you to use their services. We use Google Analytics to analyse traffic to our website (i.e. personal data relating to usage behaviour is transmitted to Google. See also section 9 of our privacy policy.). By clicking the “Accept cookies” button, you give us your consent to process the resulting data. “Use only necessary cookies” means that you only accept the necessary cookies. You may withdraw your consent at any time with future effect. When using Google Maps and YouTube, Google Fonts are loaded.
6.1 Description and scope of data processing
A contact form for event registrations is available on our website, which can be used for event registration. If you use this option, the data entered in the input mask will be transmitted to us and stored. These data are
Appointment name*
Description*
Category*
Keywords
Image*
Alternative text for the image
Copyright for the image
Website*
Period
Start date*
Start time*
End date*
End time*
Location (name)*
Street and house number*
POSTCODE*
Place*
Name*
Telephone
E-mail*
Website
Street and house number
POSTCODE
Location
First name
Surname
Telephone
e-mail
Advance booking offices
Price type
Ticket URL
Your e-mail, not published*
*Mandatory field
There is a contact form on our website for reporting changes to clubs, which can be used to report changes to clubs. If you use this option, the data entered in the input mask will be transmitted to us and stored. These data are
Name*
Description of the
Picture
Alternative text for the image
Copyright for the image
Telephone
e-mail
Website
Name affix
Founding year
Target group
Your consent is obtained for the processing of the data as part of the sending process and reference is made to this privacy policy.
Alternatively, you can contact us via the e-mail address provided. In this case, your personal data transmitted with the e-mail will be stored. No data will be passed on to third parties in this context.
The data is used exclusively for processing the conversation.
6.2 Legal basis for data processing
The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a GDPR if the user has given consent.
The legal basis for the processing of your personal data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. e GDPR in conjunction with Art. 4 BayDSG. Art. 4 BayDSG. If the contact by e-mail is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.
6.3 Purpose of data processing
The processing of your personal data from the input mask serves us solely to process the contact.
The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.
6.4 Duration of storage
Your personal data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with you has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.
6.5 Possibility of objection and removal
You have the option at any time to object to the future processing of your personal data when contacting us via the contact form or by email. In such a case, the conversation between you and us cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.
7. electronic mail
Information that you send to us unencrypted by electronic mail (e-mail) may be read by third parties during transmission. As a rule, we are also unable to verify your identity and do not know who is behind an e-mail address. Legally secure communication by simple e-mail is therefore not guaranteed. Like many e-mail providers, we use filters against unwanted advertising ("SPAM filters"), which in rare cases automatically categorise normal e-mails as unwanted advertising and delete them. E-mails containing harmful programmes ("viruses") are automatically deleted by us in all cases.
If you have concerns about the transmission of personal data or other sensitive data, please agree suitable encryption with the recipient (our employees) before transmission, or use letter post.
8. active components
Active components such as Javascript, Java applets or Active-X controls are used in the information provided. You can switch off this function by changing the settings in your Internet browser.
9. web analysis through Google Analytics - Analytics
9.1 Scope of the processing of personal data
This website uses Google Analytics, the web analysis service of Google Inc. (hereinafter "Google"), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
We use Google Analytics to analyse the surfing behaviour of our users. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyse how users use the site.
The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Since we have activated IP anonymisation on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. By using the code "anonymizeIp", we enable the anonymised collection of IP addresses (so-called IP masking). The software runs exclusively on the servers of our website. Users' personal data is only stored there. The data is not passed on to third parties.
The software is set so that the IP addresses are not saved in full, but two bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer.
On behalf of the operator of this website, Google Analytics will use the information to analyse your use of the website, to compile reports on website activity and to provide the website operator with other services relating to website activity and internet usage. We would like to learn from these statistics how we can offer you an even better user experience, but we will not identify you ourselves.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the available browser plug-in.
9.2 Legal basis for the processing of personal data
The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a GDPR.
9.3 Purpose of data processing
The processing of your personal data enables us to analyse your surfing behaviour. By analysing the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. By anonymising the IP address, your interest in the protection of personal data is adequately taken into account.
9.4 Duration of storage
Your personal data will be deleted as soon as it is no longer required for our recording purposes.
9.5 Objection and cancellation options
Cookies are stored on your computer and transmitted from it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.
Users of this website who do not want their data to be collected by Google Analytics can install the browser add-on to deactivate Google Analytics. This add-on instructs the Google Analytics JavaScript (ga.js, analytics.js and dc.js) running on websites not to allow information to be sent to Google Analytics.
If you wish to disable Google Analytics, visit this page and install the Google Analytics opt-out add-on for your browser. You can find detailed information on installing and uninstalling the add-on in the relevant help resources for your browser. Browser and operating system updates may cause the opt-out add-on to stop working as intended. Further information on managing add-ons for Chrome can be found here: https://support.google.com/chrome_webstore/answer/2664769?hl=de. If you do not use Chrome, please check directly with your browser’s manufacturer to see whether add-ons work correctly in the version of your browser that you are using. The latest versions of Internet Explorer occasionally load the add-on to deactivate Google Analytics after data has been sent to Google Analytics. If you use Internet Explorer, the add-on will therefore install cookies on your computer. These cookies ensure that any data collected is immediately deleted from the server that collected it. Please ensure that third-party cookies are not disabled for Internet Explorer. If you clear your cookies, these cookies will be reset by the add-on shortly afterwards to ensure that your Google Analytics browser add-on continues to work without restriction.
This site uses the map service Open Street Map via an API. The provider is FOSSIGS e.V., Bundesallee 23, 10717 Berlin, Germany.
To use the functions of Open Street Map, it is necessary to save the following information:
Browser type and browser version
Operating system used
Referrer URL
IP address of the accessing computer
Date and time of the server request
This data cannot be assigned to specific persons. The provider of this site has no influence on this data transmission.
The use of Open Street Map is in the interest of an appealing presentation of our online offers and to make it easy to find the places we have indicated on the website.
Open Street Map is only used on the basis of consent in accordance with Art. 6 para. 1 lit. a GDPR
You can find more information on the handling of user data in Open Street Map's privacy policy:
This website may use Google Web Fonts for the standardised display of fonts. When using these fonts, your browser downloads the required fonts from our website system. These are then temporarily stored in the browser cache in order to display the fonts correctly. Your browser does not establish a connection to Google's servers. This ensures that Google does not gain any knowledge of your visit or your IP address.
12. use of YouTube videos
Videos from the external video platform YouTube are embedded on our website. By default, only deactivated images from the YouTube channel are embedded, which do not establish an automated connection with the YouTube servers. This means that the operator does not receive any data from the user when the web pages are accessed.
You can decide for yourself whether the YouTube videos should be activated. Only when you authorise playback of the videos by clicking on "Permanent activation" do you give your consent for the necessary data (including the Internet address of the current page and the user's IP address) to be transmitted to the operator.
In order to save the setting requested by the user, we set a cookie that saves the parameters. When these cookies are set, however, we do not store any personal data; they only contain anonymised data for browser customisation. The videos are then active and can be played by the user. If you would like to deactivate the automatic loading of YouTube videos again, you can uncheck the consent box under the data protection symbol. This will also update the cookie settings.
YouTube is a service provided by YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, a subsidiary of Google Inc, 1600 Amphitheater Parkway, Mountainview, California 94043, USA. Further information on the purpose and scope of data processing (also outside the European Union and outside the USA) as well as information on setting options to protect your privacy can be found in the privacy policy:
Google processes your personal data in the USA, among other places.
13th ReadSpeaker
Our website uses the "ReadSpeaker" service from ReadSpeaker GmbH, based at Am Sommerfeld 7 in 86825 Bad Wörishofen, to provide a read-aloud function on the website.
Log data is collected by the service and transmitted to ReadSpeaker. This log data is deleted after 30 days.
Anonymised statistical logs are also collected. These contain a customer ID, timestamp and which voice was used. This data is required for billing purposes and is subsequently deleted.
ReadSpeaker uses cookies. The data will not be passed on to third parties.
The legal basis for processing by ReadSpeaker is Art. 6 para. 1 lit. c GDPR.
You can find more information on the handling of user data in ReadSpeaker's privacy policy:
On our website, we use the Google Tag Manager of Google LLC. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google") on our website.
If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller responsible for your data. Google Ireland Limited is therefore the company affiliated with Google that is responsible for the processing of your data and compliance with the applicable data protection laws.
This application is used to manage JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. Data processing serves the purpose of designing and optimising our website in line with requirements.
The Google Tag Manager itself neither stores cookies nor does it process personal data. However, it enables the triggering of other tags that can collect and process personal data.
The legal basis for the processing of personal data by Google Tag Manager is consent pursuant to Art. 6 para. 1 lit. a GDPR.
We use the Outdooractive service on our website. This is an offer from Outdooractive AG, Missener Straße 18, 87509 Immenstadt.
Outdooractive provides electronic databases which you as our users can utilise in the form of an electronic information portal in the digital tourism sector. This includes, for example, map and route planning.
Outdooractive receives the following data, which is necessary for Outdooractive to display the electronic databases to you and to ensure stability and security:
IP address
Date and time of the enquiry
Time zone difference to Greenwich Mean Time (GMT)
Content of the request (specific page)
Access status/HTTP status code
Amount of data transferred in each case
Website from which the request comes
Browser
Location of the user
Operating system and its interface
Language and version of the browser software.
Outdooractive uses cookies that are stored on your browser for the analysis.
The IP address transmitted by your browser will not be merged with other data collected by us.
Outdooractive continues to use your GPS data when you use the electronic databases.
The log files are automatically and completely deleted from Outdooractive after 14 days. The data within a user account will only be deleted immediately and completely after the account has been cancelled.
Outdooractive stores the data collected about you as user profiles and uses these for the purposes of market research and/or customised design of the electronic databases. You have the right to object to the creation of these user profiles.
The legal basis for the processing of personal data by Outdooractive is the consent of the user pursuant to Art. 6 para. 1 lit. a GDPR
Further information on the purpose and scope of data collection and its processing by Outdooractive can be found in the privacy policy below.
Unless otherwise regulated, the use of all information we have about you is subject to this privacy policy.
The controller reserves the right to continuously adapt this privacy policy to the necessary security measures in line with technological developments and will announce any changes here.
Status: December 2024
17 Further information
17.1 Technical and organisational measures
The controller has taken technical and organisational measures to protect your data from loss, destruction or unauthorised access.
In addition, both the employees of the controller and any service providers are obliged to maintain confidentiality and to comply with data protection regulations.
17.2 SSL or TLS encryption
For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognise an encrypted connection by the "https://" address line of your browser and the lock symbol in the browser line.
18. information on initial data collection
When personal data is collected for the first time, there is a duty to inform the data subject. We fulfil this duty through the information sheets provided here.
19. privacy policy Facebook Fanpage
The use of this Facebook page may involve the processing of personal data due to the use of Facebook Page Insights. To make this processing comprehensible for you, we would like to provide you with an overview with the following information. In order to ensure fair processing, we would also like to inform you below about your rights under the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
19.1 General data protection information on Facebook
The moment you access our fan page, your browser establishes a connection with Facebook and transmits information. This data is transmitted, among other things:
19.1.1 For visitors who are not logged in or registered on Facebook:
IP address: When a fan page is accessed, Facebook automatically determines the user’s IP address.
Cookies:When you visit our fan page, cookies are automatically set. According to Facebook, the so-called “datr cookie”is used to identify the web browser establishing the connection with the Facebook page and plays a key role in protecting the social network from “malicious activity”. The “datr cookie” is valid for two years, but can be deleted via your browser settings. The retention period for the “datr cookie” is two years.
19.1.2 For visitors who are registered and logged in to Facebook:
IP address: Facebook also collects the user’s IP address, even for logged-in visitors (see above)
Cookies: In this case, too, a “datr cookie” is set (see above). If you are a Facebook member and are logged into your Facebook profile whilst visiting our “Fanpage”, the c_user cookie is also activated. Facebook links your visit to the “Fanpage” to your personal user account. This enables Facebook to track your user behaviour. The c_user cookie is stored for 30 days.
19.2 Names and contact details of those responsible for data processing on the fan page
The controllers within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations are
Town of KitzingenKaiserstraße 13/1597318 KitzingenTelephone: +49 9321 20-0Email: rathaus@stadt-kitzingen.de
and
Meta Platforms Ireland Limited , Merrion Road
Dublin 4
D04 X2K5, Ireland
19.3 Name and address of the data protection officer
Please contact our data protection officer directly with all questions relating to data protection and data security:
Search results are loaded
No employees found.
19.4 Use of Facebook Page Insights
19.4.1 Description and scope of data processing
Facebook provides every fan page operator with page insights on their page. Page Insights is summarised data that allows the fan page operator to gain insight into how people interact with their page. Page Insights may be based on personal data collected in connection with a visit or interaction of people on or with our page and its content.
In order to fulfil the requirements of Art. 26 GDPR regarding the joint responsibility of us and Meta Platforms Ireland, we have concluded a Page Insights Addendum with Facebook. In this agreement, Facebook undertakes to assume primary responsibility under the GDPR for the processing of Insights data and to fulfil all obligations under the GDPR with regard to the processing of Insights data (including Art. 12 and 13 GDPR, Art. 15 to 22 GDPR and Art. 32 to 34 GDPR). Only Meta Platforms Ireland can make and implement decisions regarding the processing of Insights Data. Meta Platforms Ireland will decide at its sole discretion how to fulfil its obligations under this Page Insights Addendum.
As the fan page operator, we ourselves do not make any decisions regarding the processing of Insights data and all other information resulting from Art. 13 GDPR, including the legal basis, identity of the controller and storage duration of cookies on user end devices.
Meta Platforms Ireland provides data subjects with the key details of the Page Insights supplement. Information from Facebook regarding the use of Page Insights and the personal data processed in this context can be found at the following link: https://www.facebook.com/legal/terms/information_about_page_insights_data.
19.4.2 Purpose and legal basis of data processing
The legal basis for the placement of Page Insights is your consent in accordance with Art. 6 para. 1 lit. a) GDPR, which results from the use of the Facebook platform. We use this to record and evaluate user movements on the fan page in order to optimise our own social media presence. This enables us to optimally tailor our fan page to the page visitors and to compile statistics on user behaviour.
19.4.3 Transfer to third countries
The use of Page Insights may result in data being transferred to a non-EU third country (USA). Meta is certified in accordance with the EU-U.S. Data Privacy Framework, which is equivalent to an adequacy decision by the European Commission for third country transfers to the USA.
19.4.4 Storage period
According to Facebook, it retains data until it is no longer needed to provide its services and products, or until the user’s account is deleted, whichever occurs first. According to Facebook, this depends on the circumstances of each individual case, in particular the type of data, the reasons for its collection and processing, and the relevant legal or operational storage requirements. Further information on data storage can be found at: https://de-de.facebook.com/privacy/policy?section_id=0-WhatIsThePrivacy
19.5 Your rights as a data subject
19.5.1 Right to information*
You have the right to request confirmation from us as to whether and which of your personal data is being processed.
19.5.2 Correction/deletion/restriction of processing*
Furthermore, you have the right to demand that we
inaccurate personal data concerning you are rectified immediately (right to rectification);
personal data concerning you are erased immediately (right to erasure), provided that this does not conflict with any statutory retention period, and
the processing is restricted (right to restriction of processing).
19.5.3 Right to data portability*
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
19.5.4 Right of cancellation*
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
19.5.5 Right of objection*
If the processing of personal data concerning you is necessary for the performance of a task carried out in the public interest (Art. 6 para. 1 lit. e) GDPR) or to safeguard our legitimate interests (Art. 6 para. 1 lit. f) GDPR), you have the right to object.
19.6 Automated decision-making in individual cases including profiling*
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
is necessary for the conclusion or fulfilment of a contract between you and us
is authorised by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
with your express consent.
This results from Art. 22 para. 1, 2 GDPR.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
In the cases referred to in (1) and (3), we will take appropriate measures to safeguard your rights and freedoms as well as your legitimate interests, including, at a minimum, the right to request that the controller involve a person, to state your point of view, and to challenge the decision. (Article 21(3) and (4) of the GDPR)
19.7 Right of appeal
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, without prejudice to any other legal remedies. You can reach the supervisory authority responsible for us using the following contact details
The Bavarian State Commissioner for Data Protection
*You can assert your rights using the contact details provided above. We would like to point out that all requests from data subjects regarding Facebook Insights are processed by Meta Platforms Ireland. If you contact us directly with an enquiry, we will forward it to Meta Platforms Ireland.
19.8 Note on the privacy policy
Unless otherwise regulated, the use of all information we have about you is subject to this privacy policy.
The controller reserves the right to continuously adapt this privacy policy to the necessary security measures in line with technological developments and will announce any changes here.
Status: March 2026
20. privacy policy Instagram fan page
The use of this Instagram page may involve the processing of personal data due to the use of Instagram Insights. To make this processing comprehensible for you, we would like to provide you with an overview with the following information. In order to ensure fair processing, we would also like to inform you below about your rights under the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
20.1 General data protection information on Instagram
The moment you access our fan page, your browser establishes a connection with Instagram and transmits information. This data is transmitted, among other things:
20.1.1 For visitors who are not logged in or registered on Instagram:
IP address: When a fan page is accessed, Instagram automatically detects the user’s IP address.
Cookies:When you visit our fan page, cookies are automatically set. According to Instagram, the so-called ‘datr cookie’is used to identify the web browser establishing the connection to the Instagram page and plays a key role in protecting the social network from ‘malicious activity’. The “datr cookie” is valid for two years, but can be deleted via your browser settings. The retention period for the “datr cookie” is two years.
20.1.2 For visitors who are registered and logged in to Instagram:
IP address: Instagram also collects the user’s IP address, even for logged-in visitors (see above)
Cookies: In this case too, a “datr cookie” is set (see above). If you are an Instagram user and are logged into your Instagram account whilst visiting our “fan page”, the c_user cookie is also activated. Instagram links your visit to the “fan page” with your personal user account. This enables Instagram to track your user behaviour. The c_user cookie is stored for 30 days.
20.2 Names and contact details of those responsible for data processing on the fan page
The controllers within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations are
Town of KitzingenKaiserstraße 13/1597318 KitzingenTelephone: +49 9321 20-0Email: rathaus@stadt-kitzingen.de
and
Meta Platforms Ireland Limited , Merrion Road
Dublin 4
D04 X2K5, Ireland
20.3 Name and address of the data protection officer
Please contact our data protection officer directly with all questions relating to data protection and data security:
Search results are loaded
No employees found.
20.4 Use of Instagram Insights
20.4.1 Description and scope of data processing
Instagram provides every fan page operator with Insights on their page. Insights are summarised data that can provide the fan page operator with information about how people interact with their page. Page Insights may be based on personal data collected in connection with a visit or interaction of people on or with our page and its content.
In order to fulfil the requirements of Art. 26 GDPR regarding the joint responsibility of us and Meta Platforms Ireland, we have concluded an Insights addendum with Instagram. In this agreement, Instagram undertakes to assume primary responsibility under the GDPR for the processing of Insights data and to fulfil all obligations under the GDPR with regard to the processing of Insights data (including Art. 12 and 13 GDPR, Art. 15 to 22 GDPR and Art. 32 to 34 GDPR). Only Meta Platforms Ireland can make and implement decisions regarding the processing of Insights Data. Meta Platforms Ireland decides at its sole discretion how to fulfil its obligations under this Page Insights Addendum.
As the fan page operator, we ourselves do not make any decisions regarding the processing of Insights data and all other information resulting from Art. 13 GDPR, including the legal basis, identity of the controller and storage duration of cookies on user end devices.
Meta Platforms Ireland provides data subjects with the key details of the Page Insights supplement. Information from Instagram regarding the use of Page Insights and the personal data processed in this context can be found at the following link: https://www.facebook.com/help/instagram/788388387972460/.
20.4.2 Purpose and legal basis of data processing
The legal basis for the placement of Instagram Insights is your consent in accordance with Art. 6 para. 1 lit. a) GDPR, which results from the use of the Instagram platform. We use this to track and evaluate user movements on the fan page to optimise our own social media presence. This enables us to optimally tailor our fan page to the site visitors and to compile statistics on user behaviour.
20.4.3 Transfer to third countries
The use of Instagram Insights may result in data being transferred to a non-EU third country (USA). Meta is certified in accordance with the EU-U.S. Data Privacy Framework, which is equivalent to an adequacy decision by the European Commission for third country transfers to the USA.
20.4.4 Storage period
According to Instagram, it retains data until it is no longer needed to provide its services and products, or until the user’s account is deleted, whichever occurs first. According to Instagram, this depends on the circumstances of each individual case, in particular the type of data, the reasons for its collection and processing, and the relevant legal or operational storage requirements. Further information on data storage can be found at: https://de-de.facebook.com/privacy/policy?section_id=0-WhatIsThePrivacy
20.5 Your rights as a data subject
20.5.1 Right to information*
You have the right to request confirmation from us as to whether and which of your personal data is being processed.
20.5.2 Correction/deletion/restriction of processing*
Furthermore, you have the right to demand that we
inaccurate personal data concerning you are rectified immediately (right to rectification);
personal data concerning you are erased immediately (right to erasure), provided that this does not conflict with any statutory retention period, and
the processing is restricted (right to restriction of processing).
20.5.3 Right to data portability*
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
20.5.4 Right of cancellation*
You have the right to withdraw your consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
20.5.5 Right of objection*
If the processing of personal data concerning you is necessary for the performance of a task carried out in the public interest (Art. 6 para. 1 lit. e) GDPR) or to safeguard our legitimate interests (Art. 6 para. 1 lit. f) GDPR), you have the right to object.
20.5.6 Automated decision-making in individual cases including profiling*
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision
is necessary for the conclusion or fulfilment of a contract between you and us
is authorised by Union or Member State law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or
with your express consent.
This results from Art. 22 para. 1, 2 GDPR.
However, these decisions may not be based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests.
In the cases referred to in (1) and (3), we will take appropriate measures to safeguard your rights and freedoms and your legitimate interests, including, at a minimum, the right to request that the controller involve a person, to present your point of view and to contest the decision. (Article 21(3) and (4) of the EU GDPR)
20.5.7 Right of appeal
If you believe that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with a supervisory authority, without prejudice to any other legal remedies. You can reach the supervisory authority responsible for us using the following contact details
The Bavarian State Commissioner for Data Protection
*You can assert your rights using the contact details provided above. We would like to point out that all requests from data subjects regarding Instagram Insights are processed by Meta Platforms Ireland. If you contact us directly with an enquiry, we will forward it to Meta Platforms Ireland.
20.5.8 Note on the privacy policy
Unless otherwise regulated, the use of all information we have about you is subject to this privacy policy.
The controller reserves the right to continuously adapt this privacy policy to the necessary security measures in line with technological developments and will announce any changes here.
Status: December 2024
21st SUMM AI web plug-in
We offer you the option of translating our website content into plain language, simple language or foreign languages at the click of a mouse. We use the service of SUMM AI GmbH, Tal 44, 80331 Munich ("SUMM AI") for this purpose. The plug-in is integrated when the page is accessed via a script that SUMM AI provides on servers in the EU (EU hosting).
What personal data is processed?
When the script and icons are called up, SUMM AI only receives technical connection data, such as your IP address and the date and time of access. This information appears in log files that are used to investigate errors and attacks and are deleted after 180 days at the latest.
Purposes and legal basis
We use this service to make our content comprehensible and accessible to all visitors. Your choice of language is only stored in the local memory of your browser (e.g. localStorage) in order to implement the selected display. There is no cross-device storage or analysis. The legal basis is our legitimate interest in a user-friendly, easy-to-understand and multilingual presentation in accordance with Art. 6 para. 1 lit. f GDPR.
Recipients and order processing
SUMM AI acts on our behalf; there is a contract for order processing in accordance with Art. 28 GDPR. Data is not transferred to third countries.
22. use of chat functions
Depending on availability, we use chat functions on our website. If you use these, we process data about your use of the chat functions in this context (usage and connection data such as duration of the chat, time of access, browser type). We also process the content exchanged via the chat functions. The processing of your data takes place for customer counselling as well as for error analysis, quality assurance and performance measurement of the chat functions, insofar as
this is necessary for the fulfilment of a contract with you or for the implementation of pre-contractual measures taken at your request (Art. 6 para. 1 sentence 1 lit. b GDPR);
this is necessary for the fulfilment of a legal obligation (Art. 6 para. 1 sentence 1 lit. c GDPR). Data processing is required in particular to fulfil our legal obligations in the area of data security;
this is necessary to safeguard our legitimate interests or those of a third party (Art. 6 para. 1 sentence 1 lit. f GDPR). Data processing is necessary in particular to ensure system security and a consistently high quality of customer advice.
The data that we process as part of the chat functions will be deleted after one year at the latest.
