1.0 Who We are
Our website address is: https://ygca-ev.org/
2.0 What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
After approval of your comment, your profile picture is visible to the public in the context of your comment.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included.
Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
4.0 Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
5.0 How long we retain your data
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
6.0 What rights you have over your data
If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Data Privacy is a very important issue for us and we hold the protection of your personal data in very high esteem.
We only ask for personal data when we really need it in order to provide a service to you. We collect that data by fair and lawful means, and with your knowledge and consent.
We comply with the provisions of the German Federal Data Protection Act and the German Tele Media Act as well as with the EU General Data Protection Regulation.
This also applies to websites to which we refer by means of a link, which might be placed on our website, and we recommend that you obtain information on the respective website on how your personal data is collected and processed.
This version is effective from 1st January 2021
The information provided in this section provides general information, which applies to all services and processes unless specified otherwise within the specific sections.
Responsible for the collection and processing of your data in accordance with Art. 4 para 7 GDPR is:
MACHWERK c/o Young Global Citizens Assembly e.V. – Am Krögel 2, 10179 Berlin, Germany
(“Young Global Citizens Assembly e.V. ”, “we”, “us” or “our”)
You can contact our Data Protection Officer as follows:
Depending on your use of our services different sets of data may be processed or stored, as is described in detail further below.
Our volunteers and contractors have access to the data based on our access control policies and are contractually bound to keep the information confidential.
Young Global Citizens Assembly e.V. uses service providers in order to operate and maintain Young Global Citizens Assembly e.V. ’s website and to be able to offer certain services related thereto, which may receive and process personal data of the users. Any service providers engaged by Young Global Citizens Assembly e.V. are obliged to comply with the applicable data protection regulations and will process data exclusively in accordance with the instructions of Young Global Citizens Assembly e.V. .
Young Global Citizens Assembly e.V. and its service providers commit to take reasonable technical and organizational precautions in order to protect the data of the users.
Your data will not be transferred to any third parties unless:
Any third party processor, which handles data on Young Global Citizens Assembly e.V. ’s behalf is required to do so in accordance with contractual terms which require that the data is kept secure, is processed in accordance with applicable data protection laws, and used only as we have instructed and not for that Third Party Processor’s own purposes (unless you have explicitly consented to them doing so).
If our use of a Third Party Processor involves the transfer of personal data to a location outside of the European Economic Area, we apply European Commission-approved standard contractual clauses to ensure that the personal data is adequately protected in that location.
The main Young Global Citizens Assembly e.V. servers and data storages are hosted at GoDaddy.com
We have concluded a data processing agreement with GoDaddy. Using GoDaddy personal data may be transferred to the USA. In order to ensure an adequate level of data protection in accordance with the provisions of the GDPR, we have concluded standard contractual clauses with the provider in accordance with Art. 46 Para. 2 lit. c GDPR.
Contact: GoDaddy Corporate Headquarters 14455 N. Hayden Rd., Ste. 226 Scottsdale, AZ 85260 USA.
Cookies have various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g. language settings). Other cookies are used to evaluate user behavior or display advertising.
Technically necessary cookies are stored on the basis of Art. 6 para. 1 s. 1 lit. (f) GDPR. We have a legitimate interest in the storage of cookies for the technically error-free and optimized presentation of our services. Other cookies are only stored with your consent on the basis of Art. 6 para. 1 s. 1 lit. (a) GDPR. This consent can be withdrawn at any time for the future. The legal basis may also result from Art. 6 para. 1 s. 1 lit. (b) GDPR if the processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the request of the data subject.
You can set your browser to:
■ Be informed about the setting of cookies.
■ Only allow cookies in individual cases,
■ Exclude the acceptance of cookies for certain cases or generally,
■ Activate the automatic deletion of cookies when the browser is closed.
The cookie settings can be managed under the following links for each browser:
You can also manage cookies of many companies and functions used for advertising individually. To do this, use the appropriate user tools, available at https://www.aboutads.info/choices/ or http://www.youronlinechoices.com/uk/your-ad-choices.
Most browsers also offer a so-called “do-not-track function”. When this feature is enabled, the browser tells ad networks, websites, and applications that you do not want to be “tracked” for behavioral advertising and the like.
For information and instructions on how to edit this feature, please refer to the links below, depending on your browser provider:
Additionally, you can prevent the loading of so-called scripts by default. “No Script” allows the execution of Java Scripts, Java and other plug-ins only at trusted domains of your choice. Information and instructions on how to edit this function can be obtained from the provider of your browser (e.g. for Mozilla Firefox at: https://addons.mozilla.org/de/firefox/addon/noscript/).
In case of non-acceptance of cookies, the functionality of the YGCA platform may be limited.
We use Google Analytics, a web analysis service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“). In this context, pseudonymised user profiles are created and cookies (see Section 3) are used. The information generated by the cookie about your use of this website such as
■ Browser type/version
■ Operating system used
■ Referrer URL (the previously visited page)
■ Host name of the accessing computer (IP address)
■ Time of the server request
are transferred to a Google server in the USA and stored there. The information is used to evaluate the use of the website, to compile reports about the website activities and to provide further services associated with website use and Internet use for the purposes of market research and demand-oriented design of these websites. This information may also be transferred to third parties if this is required by law or if third parties process this data on behalf of the company. Under no circumstances will your IP address be merged with other data from Google. The IP addresses are anonymized using the Google Analytics extension “anonymizeIp()”, so that an assignment is not possible (IP masking).
Google will act for us as a processor within the meaning of Article 28 GDPR.
You can also prevent the collection of data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing a browser add-on.
As an alternative to the browser add-on, especially for browsers on mobile devices, you can also prevent Google Analytics from collecting data by clicking on this link. An opt-out cookie is set which prevents future collection of your data when you visit this website. The opt-out cookie is only valid in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you must set the opt-out cookie again.
Information on data protection in connection with Google Analytics can be found in the
Google Analytics Help.
We may use a number of other external services embedded in our website to better display certain content or deliver additional services. Below is a list of services and their respective privacy policies
This site uses web fonts provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”) to uniformly display fonts. Google Web Fonts allows us to use external fonts, so-called Google Fonts. When you visit our website, the required Google Font is loaded from your web browser into your browser cache to display texts and fonts correctly. This is necessary so that your browser can also show an optically improved representation of our texts. If your browser does not support this feature, your computer will use a standard font for display. These web fonts are integrated by a server call, usually a Google server in the USA. This transfers to the server which page of our website you have visited. Google also stores the IP address of the browser of the visitor’s terminal device.
We use Google Web Fonts for optimization purposes, in particular to improve the use of our Internet presence for you and to make its design more user-friendly. This is also our legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR.
Further information on data protection can be found in Google’s data protection declaration: http://www.google.de/intl/de/policies/privacy
For more information about Google Web Fonts, visit http://www.google.com/webfonts/ , https://developers.google.com/fonts/faq?hl=en-GB&csw=1https://www.google.com/fonts#AboutPlace:about.
We process the data you enter in the donation input mask on the website in order to process the payment of donations by you via the donation platform betterplace.org. embedded in the website. The platform is operated by gut.org gemeinnützige Aktiengesellschaft, Schlesische Straße 26, 10997 Berlin, Germany. The information you enter in the donaion input mask is transmitted to betterplace.org by clicking on the “Donate Now!” button and is processed to complete your donation using the chosen payment method and to issue a donation receipt.
The legal basis for the above mentioned processing is Art. 6 para. 1 lit. b GDPR.
We use “Google reCAPTCHA” (in the following referred to as “reCAPTCHA”) within the donation input mask. This service is provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). reCAPTCHA controls whether data entries on our website (e.g. in a contact form) are made by humans or automated programs. For this purpose, reCAPTCHA analyses the user behavior on the website based on several characteristics. The analysis starts automatically as soon as the user visits the website. reCAPTCHA evaluates several information, e.g.
■ IP address
■ Length the user stays on the website
■ Mouse movements
The data recorded for the analysis are transferred to Google.
The reCAPTCHA analysis runs in the background. Website visitors are not informed about the analysis. The processing is pursuant to Art. 6 para. 1 s. 1 lit. (f) GDPR. We have a legitimate interest in protecting our website from abusive spying out of data and unwanted, automated mailings (spam).
Social networks (Instagram, Facebook and Twitter) are only integrated on our website as links to the corresponding services. After clicking on the integrated text/image link you will be redirected to the page of the respective provider. Only after forwarding is user information transmitted to the respective provider. For information on the handling of your personal data when using these websites, please refer to the respective data protection regulations of the providers you use.
If you have any questions or remarks, we offer you the opportunity to contact us by email or per post at the contacts indicated. firstname.lastname@example.org
When you contact us we may collect and process personal information from you, including but not limited to:
■ Contact information, such as address, telephone number, and email address
■ Any other information you voluntarily provide contacting us
We process your personal information you have transmitted on the basis of Article 6 para. 1 s. 1 lit. (f) GDPR. Our legitimate interest is to answer your questions and inquiries.
Your personal information will be stored in accordance with applicable laws and kept as long as needed to carry out the purposes described in this section, or as otherwise required by applicable law. Generally this means your personal information will be kept for the duration of the inquiry process plus a reasonable period of time on a case by case basis.
We will not transfer your personal data to any external third party, except for the purpose of managing our correspondence with you, where we may work with a specialized provider contracted by us.
Via our website you can also register for our Newsletter. In this case, you will have to confirm your consent to receiving a newsletter with information about YGCA.
We collect your email address so that we can deliver the requested periodical email newsletter from YGCA to you. No other data is collected for the purpose of sending the newsletter. We use the so-called double opt-in procedure for sending the newsletter. This means that we will not send you our newsletter by email until you have expressly confirmed that you agree to the dispatch of newsletters. In the first step, you will receive an email with a link to confirm that you, as the owner of the corresponding email address, would like to receive the newsletter in the future. With the confirmation you give us your consent according to Art. 6 para. 1 s.1 lit. (a) GDPR that we may use your personal data for the purpose of the desired newsletter dispatch.
When registering for the newsletter, in addition to the email address required for sending the newsletter, we store the IP address via which you have registered for the newsletter as well as the date and time of registration and confirmation so that we can trace any possible misuse at a later point in time.
You can, of course, unsubscribe from the newsletter at any time via email email@example.com, or better, by following the instructions provided at the bottom of each newsletter. After unsubscribing, your email address will be immediately removed from the system handling the newsletter.
Your email address will be stored on YGCA’s secured server. Within YGCA, only those departments will have access to your data that need it to carry out the mailing of the Newsletter.
Our email newsletters are sent via a technical service provider to whom we pass on the data you provide when you register for the newsletter. This forwarding is carried out in accordance with Art. 6 para. 1 s. 1 lit. (f) GDPR and serves our legitimate interest in the use of an effective, secure and user-friendly newsletter system. The data you enter to subscribe to the newsletter (e.g. email address) will be stored on servers located in the EU.
The service provider uses this information for the dispatch and statistical evaluation of the newsletter on our behalf. For evaluation purposes, the emails sent contain so-called web beacons or tracking pixels, which are one-pixel image files stored on our website. In this way it can be determined whether a newsletter message was opened and which links were clicked on, if applicable.
Conversion tracking can also be used to analyze whether a predefined action (e.g. purchase of a product on our website) was carried out after clicking on the link in the newsletter. Technical information is also collected (e.g. time of access, IP address, browser type and operating system).
The data is only collected pseudonymously and is not linked to your other personal data, a direct personal reference is excluded. This data is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients.
If you wish to object to the data analysis for statistical evaluation purposes, you must unsubscribe from the newsletter.
We have concluded an order processing contract with our email service provider in which we oblige him to protect our customers’ data and not to pass it on to third parties.
■ Email service provider:
■ Service provider: Mailjet
■ Address: Mailjet SAS,13-13 bis, rue de l’Aubrac, 75012 Paris, France
Privacy Shield: The US-based provider is certified for the US-European data protection agreement “Privacy Shield”, which guarantees compliance with the data protection level applicable in the EU.
A transfer to other third parties may only take place with your consent (Art. 6 para. 1 s. 1 lit. (a) GDPR) or if we are legally obliged to do so in individual cases (Art. 6 para. 1 s. 1 lit. (c) GDPR).
You can apply for one of the open positions at YGCA through our website by sending us an email as indicated here.
This section describes how YGCA handles your personal information when you apply for a job, an internship, a volunteer role or another position with us (“Position”) and the rights you have in connection with that information. The term “Candidates” is used in this section to refer to anyone who applies for any Position specified in our Career web page, or who otherwise seeks to work with or for us (whether on a permanent or non-permanent basis).
When you apply for a Position at YGCA, we may collect certain information automatically, from you personally, or from third party sources.
We only process such data that are related to your application. This can be general personal data (name, address, contact details, etc.), information on your professional qualifications and schooling, information on further professional training and, if applicable, other data that you provide us with in connection with your application.
As a general rule, during the recruitment process, we try not to collect or process any Special Categories of Personal Data (as defined in Art. 9 para. 1 GDPR) unless authorized by law or where necessary to comply with applicable laws.
However, in some circumstances, we may need to collect, or request on a voluntary disclosure basis, some Special Categories of Personal Data for legitimate recruiting-related purposes. For example, information about your physical or mental condition may be collected in order to consider accommodations we need to make for the recruitment process and/or subsequent job role.
You may provide, on a voluntary basis, other information including Special Categories of Personal Data during the recruiting process.
We may collect some or all of the following personal information from other sources (in each case where permissible and in accordance with applicable law) when you apply for a role with YGCA:
■ References provided by referees;
■ Other background information provided or confirmed by academic institutions and training or certification providers;
■ Criminal records data obtained through criminal records checks;
■ Information provided by background checking agencies and other external database holders (for example credit reference agencies and professional / other sanctions registries);
■ Information provided by recruiting or executive search agencies; and
■ Information collected from publicly available sources, including any social media platforms you use or other information available online.
We process your personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG), insofar as this is necessary for the decision on the establishment of a volunteer relationship with us. The legal basis is Art. 88 GDPR in conjunction with Art. 26 BDSG for the purposes of the volunteer relationship, if this is necessary for the decision on the establishment of a volunteer relationship.
Furthermore, we may process your personal data if this is necessary to fulfil legal obligations (Art. 6 para. 1 s. 1 lit. (c) GDPR) or to defend or assert legal claims. The legal basis for this is Art. 6 para. 1 s. 1 lit. (f) GDPR. The legitimate interest is, for example, a duty of proof in proceedings under the General Equal Treatment Act (AGG).
If you give us express consent to process personal data for specific purposes, the lawfulness of this processing is based on your consent pursuant to Art. 6 para. 1 s. 1 lit. (a) GDPR. Any consent granted can be revoked at any time with effect for the future
If a volunteer relationship arises between you and us, we may, in accordance with Art. 88 GDPR in conjunction with Art. 26 BDSG, further process the personal data already received from you for the purposes of the volunteer relationship, insofar as this is necessary for the implementation or termination of the volunteer relationship or for the exercise or fulfilment of the rights and obligations of volunteer representation arising from a law or a collective agreement, works or service agreement (collective agreement).
In case you are selected for a position at YGCA, the information collected during the recruiting process will be processed in accordance with applicable law, including any privacy notice for volunteers, a copy of which will be provided when you are on-boarded as a volunteer, intern, or volunteer, as applicable.
If you are not successful, we will keep your application for a maximum period of six months, after which your personal information will be deleted or anonymized. We might keep it for a longer period, in which case we will ask for your consent first.
YGCA will provide specific offers based on the country or city you are currently located in. YGCA needs to know in which country you are currently located in order to offer these services. Additionally, you may provide your current city in order to further allow for tailoring of services.
We make use of the Google Location API, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”), when you enter your location on our website to be able to serve you better based on your location and in accordance with Art. 6 para. 1 s. 1 lit. (f) GDPR.
YGCA may keep in contact with you or send you updated information via email or other messaging services for which the respective contact details are used.
These services include:
■ WhatsApp Ireland Ltd., 4 Grand Canal Square, Dublin 2, Ireland: For certain services we may also ask you to communicate through WhatsApp Messenger service. Therefore your name and telephone number will be required. You will be asked for your specific consent to communicate via WhatsApp.
More information: https://www.whatsapp.com/legal/#privacy-policy
■ Google Hangouts, a service by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”): This service may be used for phone conversations with Students and video calls within YGCA-organized group tutorial sessions. To use this, you must be logged in to your Google Account. This allows Google to store your activity data. You can view and manage this information in your Google Account. During the call, you will be in a real-time audio/video call thata will not be recorded or transmitted by us to anyone else.
More information: https://www.google.com/+/policy/call-phones-terms.html
■ Facebook Groups: May be used for recruiting purposes and for the organisation of student events.
More information: https://www.facebook.com/policy.php
■ Telegram: May be used to create and coordinate Student groups and communicate with group members.
More information: https://telegram.org/privacy
■ MessageBird: May be used to deliver SMS messages to Students.
More information: /www.messagebird.com/en/privacy
■ Google Meets: This service may be used for phone conversations with Students and video calls within YGCA-organized group tutorial sessions. To use this, you must be logged in to your Google Account. This allows Google to store your activity data. You can view and manage this information in your Google Account. During the call, you will be in a real-time audio/video call that will not be recorded or transmitted by us to anyone else.
More information: https://www.google.com/+/policy/call-phones-terms.html
■ ZOOM: This service may be used for phone conversations with Students and video calls within YGCA-organized group tutorial sessions. During the call, you will be in a real-time audio/video call that will not be recorded or transmitted by us to anyone else.
More information: /www.zoom.us/privacy
Other than in the aforementioned cases YGCA will not transmit your personal data to any third parties, unless we are obliged to do so because of German legal regulations (e.g. disclosure to courts or law enforcement authorities), you have given us your explicit consent, or the disclosure is permitted by law. A disclosure may for example be permitted when such disclosure is required for us to be able to render our services to the user on the YGCA platform.
You have the right to be informed about your personal data stored in connection with the YGCA platform free of charge. Below you will find information on the rights the applicable data protection law grants you with regard to the processing of your personal data.
1- The right to request information about your personal data processed by us pursuant to Art. 15 GDPR. In particular, you can request information on the purpose of processing, the category of personal data being processed, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification or erasure of personal data, or restriction of processing of your data, the right to lodge a complaint, what the source of the data is, if it wasn’t collected by us, and if any automated decision-making, including profiling exists and, where appropriate, meaningful information about their details.
2- The right, in accordance with Art. 16 GDPR, to demand the correction of incorrect or completion of incomplete personal data stored by us without delay.
3- The right to demand the deletion of your personal data stored with us, according to Art. 17 GDPR, as far as the processing is not required for the right of freedom of expression and information, the compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims.
4- The right to demand the restriction of the processing of your personal data, in accordance with Art. 18 GDPR, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you oppose the erasure and we no longer need the data, but they are required by you for the establishment, exercise or defense of legal claims or you have lodged an objection against the processing pursuant to Art. 21 GDPR
5- The right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of the federal state of our above named seat or, if applicable, your usual place of residence or work place.
6- Right to withdraw granted consent pursuant to Art. 7 para. 3 GDPR: You have the right to withdraw the previously given consent in the processing of data at any time with effect for the future. In the case of withdrawal, we will delete the data concerned immediately, as far as further processing cannot be based on a legal basis where consent is not required for processing. The withdrawal of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation;
If your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 para. 1 s. 1 lit. (f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, insofar as this is for reasons that arise from your particular situation. If you object to the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement of specifying a particular situation.
If we process your personal data on the basis of your consent according to Article 6 para. 1 lit. (a) GDPR, you have the right according to Article 7 para. 3 GDPR to withdraw your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future.
This is version 1.0 of this policy, effective as of 1st January 2021.