Freimaurerei in Deutschland | Freemasonry | VGLvD

Information on data protection 
 

We would like to inform you below about the nature and scope of the processing of personal data in the context of your registration for our triennial Congress of the United Grand Lodges of Germany 2024 and the associated festive events in accordance with Article 13 of the General Data Protection Regulation (GDPR).

Details of the controller
 

United Grand Lodges of Germany 
Brotherhood of Freemasons e.V. 
Peter-Lenné-Straße 1-3 
14195 Berlin 
Phone: +49 (0) 30 – 8614796 
Fax: +49 (0) 30 – 862 1164 
E-mail: info@freimaurer.org 

Details of the data protection officer
 

Mr Arndt Halbach from GINDAT GmbH 
Wetterauer Str. 6, 42897 Remscheid 
Mail: datenschutz@freimaurer.org 
Tel. 02191 / 909 430 

3. information on the processing of personal data, purposes and recipients of personal data 

a. Information on the processing of personal data 

Registration via an online form is required for personal registration for the congress and the festive events on offer. We require various personal data from you, such as your name, mobile phone number and e-mail address, Grand Lodge and rank. If you wish to travel with your partner, we also require their name, e-mail address and telephone number. In addition, we require data on the invoice recipient in order to determine the invoice address 

Purposes and legal basis of data processing
 

Your data will be stored by us and used exclusively to organise the congress and to book the events you have requested for yourself and, if applicable, your companion.  
In addition, in order to be able to invoice you correctly for booked events. 
The legal basis is Article 6 (1) b) GDPR, if applicable in conjunction with the respective legal and statutory provisions of the VGLvD. 
 
Recipients of personal data 

To the extent necessary, your registration data will be passed on to the following service providers  

  • Rapidmail GmbH, Wenzingerstr. 21, 79106 Freiburg im Breisgau – For the purpose of participant confirmation and further information in the context of the event 
  • Jotform Ltd, 6 Albert Mews, Albert Road, London, United Kingdom, N4 3RD – San Francisco Jotform Inc. San Francisco Jotform Inc. 4 Embarcadero Centre, Suite 780, San Francisco CA 94111- for the purpose of registration via the form generator 
  • Stripe Stripe Payments Europe, Limited (SPEL), m1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland – For the purpose of providing the payment infrastructure 
  • Make.com – Celonis, Inc, One World Trade Center, 87th Floor, New York, NY, 10007, USA – for the purpose of process automation and linking. 
     

Our service providers are contract data processors with whom a contract processing agreement has been concluded in accordance with the principles of Article 28 GDPR to ensure the data protection and security of your data. 
If necessary, we will pass on your data to third-party providers, e.g. tour operators, hotels. 

Data transfer to third countries  

As part of the processing of your data, it is possible that it will also be transferred to the USA. For the USA, there is an adequacy decision by the European Commission for data processing by US companies that fall under the EU-U.S. Data Privacy Framework (DPF) with appropriate certification. Processing by our service providers is carried out on the basis of this certification under the EU-U.S. Data Privacy Framework and the EU standard contractual clauses that have also been concluded. 

Your rights

In accordance with Articles 15-21 GDPR, you can assert the following rights with regard to the personal data processed by us if the conditions described therein are met. 

You can request information about your personal data processed by us in accordance with Art. 15 GDPR.

If incorrect personal data is processed, you have the right to rectification in accordance with Art. 16 GDPR.

If the legal requirements are met, you can request the erasure or restriction of processing (Art. 17, 18 GDPR).
 

You have the right to withdraw your declaration of consent under data protection law at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
 

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Article 6(1) GDPR, including profiling based on those provisions (Article 21 GDPR).

Duration of the storage of your data

Your data will only be stored for as long as is necessary for the organisation of our congress and the associated events and for as long as there are no legal, contractual or statutory retention obligations. 
Different periods apply to the retention of personal data, for example, data with tax law relevance must be retained by us for 10 years in accordance with Section 147 of the German Fiscal Code (AO). 
Your data with our service providers will generally be deleted shortly after the end of the congress. 

Right to lodge a complaint with a supervisory authority  

According to Art 77 GDPR, every data subject has the right to lodge a complaint with a supervisory authority if they consider that the processing of personal data relating to them infringes the GDPR. The competent supervisory authority for data protection issues is the state data protection officer of the federal state in which our company is based. 

The Berlin Commissioner for Data Protection and Freedom of Information 
Alt-Moabit 59-61 
10555 Berlin 
Phone: +49 30 13889 – 0 
E-mail: mailbox@datenschutz-berlin.de