Privacy policy 

Objective and responsible party

This privacy statement provides guidance on the nature, extent and purpose of the collection and use of data within the websites and online services of the Association of German Banks, Burgstraße 28, 10178 Berlin as the responsible party under data protection law (referred to in the following as “we” or “us”). This statement covers the following websites and associated subdomains:https://bankenverband.de/, http://www.edb-banken.de/, http://einlagensicherung.de/, https://einlagensicherungsfonds.de/, http://schulbanker.de/, http://bw.bankenverband.de/, http://by.bankenverband.de/, http://hb.bankenverband.de/, http://hh.bankenverband.de/, http://he.bankenverband.de/, http://ni.bankenverband.de/, http://nw.bankenverband.de/, http://rp.bankenverband.de/, http://sl.bankenverband.de/, http://www.jugendundwirtschaft.de/, http://www.bankenombudsmann.de and http://sh.bankenverband.de/.

Basic information on data processing

  1. We collect, process and use users’ personal data solely in compliance with the relevant data protection legislation. This means that we only use users’ data where we are legally permitted to do so or where the user has consented to its use.
  2. We make organisational, contractual and technical arrangements to ensure that data protection legislation is complied with and the data managed by us is thus protected against any accidental or deliberate manipulation, loss and destruction or against any access by unauthorised persons.

Collection, processing and use of personal data

Users’ personal data is used for the following purposes:

  • Delivering services to the public and our members and ensuring efficient customer service and/or technical support.
  • Whenever we are contacted, personal data (contact form data may be converted into an email) is stored in order to process the inquiry and in case any further questions arise. The purpose of storage follows from each inquiry. Emails are generally stored at the Association for a period of ten years.
  • If contact data is collected at an event, it is stored for future contact in connection with events.
  • Sending technical information about our websites and online services.
  • Sending newsletters or other informational material, provided we have the user’s consent.
  • We forward the data to third parties where this is necessary to fulfil our contractual obligations (e.g. to conduct banking transactions, mail invoices).

Collection of access data

  1. We collect data on all server access to our websites (so-called ‘server log files’). The data includes the name of the web page requested, file, request date/time, volume of data transferred, ‘successful request’ report, type of browser plus version, the user’s operating system, referrer URL (the page previously visited), IP address and the requesting provider.
  2. We use the log file data, without associating it with the person of the user or any other profile, solely for statistical analysis for the purpose of operating, securing and optimising our websites. At the same time, we reserve the right to subsequently check the log file data if there is concrete evidence allowing justified suspicion of illegal use.
  3. We collect data through a continuous online survey. This survey is designed solely to check/improve the quality of our websites. Users’ responses are recorded, stored and processed completely anonymously by us so that it is not possible to identify users. The data is never made available to unauthorised third parties.
    For the survey, we use ‘http cookies’. These are small text files that are stored on your computer via the browser. A cookie stores, for a period of not more than twelve months, information on whether and when another invitation to take part in the survey will be made. Storing and reading this information serve solely to prevent you being invited to take part in the survey against your wishes or too frequently. Our online survey also uses ‘session cookies’ to ensure its technical management. These are automatically deleted once the browser is closed.
    We don’t use any of the cookies mentioned to store information that users have provided in the survey. Nor do we use the information in cookies to compile movement or usage profiles.
    You can prevent the use of cookies by blocking them in your browser settings. Alternatively, you can delete all the cookies in your browser.

Inclusion of third-party services and content

  1. Our websites may include third-party content, e.g. YouTube videos, Google Maps material, RSS feeds, SlideShare presentations, Flickr photos, Yumpu embeds or charts/diagrams from other websites.
  2. This always presupposes that the providers of such content (referred to in the following as “third-party providers”) use the user’s IP address, since no content can be sent to the user’s browser without the IP address.
  3. We endeavour to only include content of third-party providers that use IP addresses solely for delivering content. We have no control, however, over whether third-party providers store IP addresses for statistical purposes, for example. Where we are aware of this, we advise users accordingly in the following sections.

Cookies

  1. Cookies store information that is transmitted from our or third-party web servers to users’ browsers. We have already informed you above about how we use cookies to, for example, measure our reach (see above).
  2. Cookies can be deactivated in browser settings. Our web pages can also be viewed without cookies. Cookies that have already been stored can be deleted in browser settings. Blocking cookies may, however, result in reduced website functionality.
    Please note: many online company ad cookies can be managed via the US website http://www.aboutads.info/choices/ or the EU website http://www.youronlinechoices.com/uk/your-ad-choices/.

Shariff social media buttons for more data privacy

  1. We are pleased whenever our readers recommend and discuss content of the https://bankenverband.de website on Twitter, Facebook and Google+. For this purpose, we use social media buttons, i.e. the buttons provided by c’t Shariff.
  2. c’t Shariff ensures that social networks can only request data from users once these click on the appropriate button. Shariff replaces social networks’ customary “Share” buttons and protects your surfing behaviour from prying eyes. A single click on the button is enough to share information with others. You don’t have to do anything else – the webmaster has already taken care of everything. Customary social media buttons transmit user data every time a page is visited and give the social networks full details of your surfing behaviour (user tracking). For this, you don’t have be logged in or a network member. A Shariff button, on the other hand, only establishes direct contact between a social network and a visitor when the latter actively clicks on the share button. For further information, please see heise.de.

Google Analytics

  1. Google Analytics, a web analytics service provided by Google Inc., is used on the websites operated by the Association. Google uses cookies that are stored on users’ computers and allow an analysis of website usage. The information on website usage is usually transmitted to a Google server in the US and stored there. The IP address transmitted is not combined with other Google data.
  2. Before being transmitted to Google, users’ IP addresses are shortened and thus anonymised. Only in exceptional cases is the full IP address transmitted to a Google server in the US and shortened there.
  3. Cookies can – as already explained – generally be deactivated through appropriate browser settings. Users can, in addition, prevent the capture of cookie data (including their IP address) and its transmission to Google by downloading and installing the browser plugin available from the following link: http://tools.google.com/dlpage/gaoptout?hl=de).
  4. As an alternative to the browser add-on or within browsers on mobile devices, please click on this link please click on this link, to prevent the capture of data by Google Analytics within this website in future. When you do so, an opt-out cookie will be placed on your device. If you delete your cookies in this browser, you will have to click on this link again.

Piwik statistics

  1. We use Piwik, an open-source application that tracks online user visits for statistical analysis. Piwik also uses cookies that are stored on users’ computers and allow an analysis of usage of our websites. The information produced by the Piwik cookies on website usage is stored on our server in Germany.
  2. The IP address is anonymised immediately after processing and before it is stored.
  3. Users may, as already explained, deactivate cookies through appropriate browser settings.

Facebook social plugins

  1. Social plugins (“plugins”) provided by the facebook.com social network, which is run by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”), are used on the websites operated by the Association. The plugins are identified by one of the Facebook logos (white “f” on a blue tab or a “thumbs up” sign) or labelled “Facebook social plugin”. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
  2. The plugin content is transmitted by Facebook directly to the user’s browser and integrated into the website by the browser. We therefore have no control over the amount of data that Facebook collects via this plugin. As far as we know, by integrating the plugins Facebook obtains information that a user has visited a certain web page. If the user has logged in to Facebook, Facebook can match the visit to his/her Facebook account. If users interact with plugins, e.g. click on the “Like” button or make a comment, the relevant information is transmitted directly from your browser to Facebook and stored there. If a user is not a Facebook member, Facebook may nevertheless store his/her IP address. According to Facebook, only an anonymised IP address is stored in Germany.
  3. The purpose and extent of data collection and the further processing and use of data by Facebook, as well as the associated privacy rights and settings, are explained in Facebook’s privacy policy at https://www.facebook.com/about/privacy/.
  4. If a user is a Facebook member and doesn’t want Facebook to collect data about him/her in this way and link it with his/her member data stored with Facebook, he/she must log out of Facebook and delete Facebook cookies before visiting our websites. In addition, Facebook social plugins can be blocked by browser add-ons such as the “Facebook blocker”.

Google+ +1 button

  1. Buttons provided by the Google+ social network (e.g. “+1” button), which is run by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”), are used on the websites operated by the Association.
  2. The button content is transmitted by Google directly to the browser and integrated by it into the website. We therefore have no control over the amount of data that Google collects via the buttons.
  3. According to Google, no personal data is collected without a click on the button. Such data, including the IP address, is collected and processed only where users are logged-in members of Google+. The purpose and extent of data collection and the further processing and use of data by Facebook, as well as the associated privacy rights and settings, are explained in Google’s privacy policy on the “+1” button at http://www.google.com/intl/de/+/policy/+1button.html and in the FAQ at http://bit.ly/r3Qmer.
    If a user is a Google+ member and doesn’t want Google to collect data about him/her in this way and link it with his/her member data stored with Google, he/she must log out of Google Plus and delete Google cookies in his/her browser before visiting our websites.

Twitter buttons

  1. Twitter buttons are used on the websites operated by the Association. These buttons (e.g. “Tweet” or “Follow”) are provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.
  2. The button content is transmitted by Twitter directly to the browser and integrated by it into the website. We therefore have no control over the amount of data that Twitter collects through its buttons. As far as we know, when a button is used, only the user’s IP address and the respective web page’s URL are transmitted and used solely for button display. For further information, please see Twitter’s privacy policy at http://twitter.com/privacy.

“Recommend” button

  1. The “Recommend” button provided by the “LinkedIn” social network, which is run by the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA, is used on the websites operated by the Association.
  2. Whenever you, as a LinkedIn user, visit web pages with integrated plugins, a direct connection can be established between your browser and the LinkedIn server. As a result, LinkedIn receives personalised information, including your IP address.
  3. When you click on the “Recommend” button and are at the same time registered with LinkedIn, you can disclose the content of these web pages on your LinkedIn profile. This information is, as a rule, public or can at any rate be accessed by your own LinkedIn “Contacts”. Data is also transmitted to LinkedIn in the process.
  4. For further information, please see LinkedIn’s privacy policy at http://www.linkedin.com/static?key=privacy_policy&trk=hb_ft_priv.

SlideShare

  1. The SlideShare platform of SlideShare Inc., 1 Montgomery St., Suite 1300, San Francisco, CA 94104, USA is used on the websites operated by the Association to, among other things, publish the Association’s own publications.
  2. SlideShare provides various interaction mechanisms such as “Share” or “Comment”. Whenever you use these as a registered SlideShare user, SlideShare stores personalised information. At the same time, other SlideShare users obtain knowledge thereof. For further information, please see SlideShare’s privacy policy at http://de.slideshare.net/privacy.
  3. Please note that we don’t use any SlideShare plugins on our websites.

Flickr

  1. We use the Flickr platform provided by Yahoo! Inc., 701 First Avenue, Sunnyvale, CA 94089, USA to publish our own photos.
  2. Flickr provides various interaction mechanisms such as “Share” or “Comment”. Whenever you use these as a registered Flickr user, Flickr stores personalised information. At the same time, other Flickr users obtain knowledge thereof. For further information, please see Flickr’s privacy policy at http://info.yahoo.com/privacy/de/yahoo/flickr/
  3. Please note that we don’t use any Flickr plugins on our websites.

Web kiosk with Yumpu

  1. Yumpu is a service of i-Magazine AG, which provides a digital platform for publishing magazines, brochures or catalogues. Yumpu embeds are used on the websites operated by the Association to display publications.
  2. Several different provider trackers are used in our web kiosk. For further information on the tool used, please see the terms and conditions of business and privacy policy of Yumpu and i-Magazine AG.

YouTube

  1. At least one plugin provided by YouTube (Google Inc., based in San Bruno/California, USA) is used on the websites operated by the Association.
  2. As soon as you visit any of our web pages containing a YouTube plugin, a connection to a YouTube server is established. The YouTube server is informed about which specific web pages you visited.
  3. Should you be logged in to your YouTube account at the same time, you would enable YouTube to match your surfing behaviour directly to your personal profile.
  4. You can prevent such matching by logging out of your account beforehand.
  5. For further information on the collection and use of your data by YouTube, please see YouTube’s privacy policy.

SoundCloud

  1. Plugins provided by the SoundCloud social network (SoundCloud Limited, 33 St James Square, London SW1Y 4JS, UK) can be integrated into our websites. The SoundCloud plugins are identified by the SoundCloud logo on the web pages concerned.
  2. Whenever you visit our web pages, a direct connection between your browser and the SoundCloud server is established once the plugin is activated. As a result, SoundCloud is informed that you visited our web pages using your IP address.
  3. If you click on the “Like” button or “Share” button while you are logged in to your SoundCloud account, you can link the content of our web pages with your SoundCloud profile and/or share it. This enables SoundCloud to match your visits to our web pages to your user account. Please note that, as the provider of the web pages, we don’t obtain any knowledge of the content of the transmitted data or of its use by SoundCloud.
  4. For further information, please see the privacy policy adopted by SoundCloud.
  5. If you don’t want SoundCloud to match your visits to our web pages to your SoundCloud user account, please log out of your SoundCloud user account before you activate the SoundCloud plugin content.

Data Protection Officer

You can get in contact with the Data Protection Officer of the Association of German Banks via E-Mail.

Revocation, changes, corrections and updates

  1. Users are entitled to receive, on request, information free of charge about their personal data stored by us. Please see the site notice for our contact details.
  2. In addition, users are entitled to have incorrect information corrected, to revoke consent and to have their personal data blocked or deleted provided this is not precluded by any statutory retention requirement.

Amendment of our privacy policy

  1. We reserve the right to amend our privacy policy to adapt it to changes in the legal situation or modifications of web-based services or data processing.
  2. Users are therefore advised to check its contents regularly.
  3. Date of this privacy policy:  3 November 2015.