Privacy Policy
Privacy Policy
We are pleased to welcome you to our website. Below, we would like to inform you about how we handle your data in accordance with Section 15 of the Church Data Protection Act (KDG).
Data Controller
The entity named in the imprint is responsible for the data processing described below.
Usage Data
When you visit our websites, so-called usage data is temporarily logged on our web server for statistical purposes to improve the quality of our websites. This data record consists of
- the name and address of the requested content,
- the date and time of the request,
- the amount of data transferred,
- the access status (content transferred, content not found),
- a description of the web browser and operating system used,
- the referral link indicating which page you came from to reach ours,
- the IP address of the requesting computer, which is truncated so that a personal reference can no longer be established.
The aforementioned log data is evaluated only in anonymized form.
The legal basis for the processing of usage data is § 6 (1) (g) KDG. Processing is carried out in the legitimate interest of providing the website’s content and ensuring a display optimized for devices and browsers.
Storage of IP Addresses for Security Purposes
In addition, we store the full IP address transmitted by your web browser strictly for the specific purpose of detecting, containing, and eliminating attacks on our websites for a period of seven days. After this period expires, we delete or anonymize the IP address. The legal basis for this processing is § 6 (1) (g) of the KDG.
Data Security
We implement technical and organizational measures to protect your data from unauthorized access as comprehensively as possible. We use an encryption method on our websites. Your information is transmitted from your computer to our server and vice versa via the Internet using TLS encryption. You can usually recognize this by the fact that the lock icon in your browser’s status bar is closed and the address bar begins with https://.
Essential Cookies
We use cookies on our websites that are necessary for you to use our websites.
Cookies are small text files that are stored on your device and can be read. There are two types of cookies: session cookies, which are deleted as soon as you close your browser, and persistent cookies, which remain stored beyond the individual session.
We do not use these necessary cookies for analysis, tracking, or advertising purposes.
In some cases, these cookies contain only information about specific settings and are not personally identifiable. They may also be necessary to enable user navigation, security, and the functionality of the site.
We use these cookies based on our legitimate interest pursuant to § 6 (1) (g) of the Church Data Protection Act (KDG).
You can configure your browser to notify you when cookies are placed. You can also delete them at any time via the appropriate browser settings and prevent new cookies from being set. Please note that our websites may then not be displayed in full, and some functions may no longer be technically available.
Consent Banner
We use a consent management platform (consent or cookie banner) on our websites. The processing related to the use of the consent management platform and the logging of the settings you have made is based on § 6 (1) (g) of the Church Data Protection Act (KDG), in our legitimate interest to display our content according to your preferences and to be able to verify the consent(s) you have given. Your settings, the consents you have granted, and parts of your usage data are stored in a cookie. This ensures that the cookie remains available for subsequent page requests and that your consents can continue to be tracked. For more information, please refer to the section titled “Essential Cookies.”
The provider of the consent management platform acts on our behalf as a service provider strictly bound by our instructions (data processor). A data processing agreement pursuant to § 29 KDG has been concluded.
Matomo
We use the web analytics tool “Matomo” to tailor our websites to your needs. Matomo creates usage profiles based on pseudonyms. To do this, permanent cookies are stored on your device and read by us. This allows us to recognize returning visitors and count them as such.
Data processing is based on your consent, provided you have given your consent via our banner. You can withdraw your consent at any time. To do so, please follow this link and adjust the settings via our banner.
The cookies set are generally deleted or no longer processed after 13 months at the latest or upon withdrawal of your consent.
Newsletter Subscription and Distribution
You can subscribe to our newsletter on our website. Please note that we require certain information (at a minimum, your email address) to process your subscription.
The newsletter will only be sent if you have given us your express consent. After subscribing, you will receive a confirmation email at the email address you provided (so-called double opt-in). You can revoke your consent at any time. An easy way to revoke your consent is, for example, via the unsubscribe link included in every newsletter.
In connection with your newsletter subscription, we store additional data beyond the information already mentioned, provided this is necessary to enable us to prove that you have subscribed to our newsletter. This may include storing the full IP address at the time of the subscription or confirmation of the newsletter, as well as a copy of the confirmation email we sent. The corresponding data processing is carried out on the basis of § 6 (1) (g) of the Church Data Protection Act (KDG) and in the legitimate interest of being able to account for the lawfulness of the newsletter distribution.
Retention Period
Unless we have already provided specific information regarding the retention period, we delete personal data when it is no longer necessary for the aforementioned processing purposes and no legitimate interests or other (legal) grounds for retention prevent such deletion.
Other Data Processors
We share your data with service providers in the context of data processing pursuant to § 29 KDG, who assist us in operating our websites and the associated processes. These include, for example, hosting service providers. Our service providers are strictly bound by our instructions and are contractually obligated accordingly.
Below, we list the processors with whom we collaborate, unless we have already done so in the preceding text of this Privacy Policy. If data may be processed outside the EU or the EEA in this context, we inform you of this in the table below.
| Processor | Purpose | Adequate Level of Data Protection |
| STILEFFEKT GmbH | Web hosting | Processing only within the EU/EEA |
| Cleverreach GmbH & Co. KG | Newsletter | Processing only within the EU/EEA |
| Borlabs GmbH | Provision of cookie banner | Processing only within the EU/EEA |
Your Rights as a Data Subject
When processing your personal data, the KDG grants you, as a data subject, certain rights:
Right of Access (Section 17 KDG)
You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have the right to access this personal data and to the information specified in detail in § 17 KDG.
Right to rectification (Section 18 KDG)
You have the right to request the immediate rectification of inaccurate personal data concerning you and, where applicable, the completion of incomplete data.
Right to erasure (Section 19 KDG)
You have the right to request that personal data concerning you be erased immediately, provided that one of the grounds listed in detail in § 20 KDG applies.
Right to restriction of processing (Section 20 KDG)
You have the right to request the restriction of processing if one of the conditions listed in § 20 KDG is met, e.g., if you have objected to the processing, for the duration of the review by the controller.
Right to Data Portability (Section 22 KDG)
In certain cases, which are listed in detail in § 22 KDG, you have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format, or to request that this data be transmitted to a third party.
Right to Withdraw Consent (Section 8 KDG)
If data processing is based on your consent, you are entitled under § 8 (6) KDG to withdraw your consent to the use of your personal data at any time. Please note that the withdrawal of consent takes effect only for the future. Processing that took place prior to the withdrawal is not affected.
Right to Object (Section 23 KDG)
If data is collected on the basis of § 6 (1) (f) KDG (data processing for the performance of a task carried out in the interest of the church or in the exercise of official authority) or on the basis of § 6 (1) (g) KDG (data processing to safeguard the legitimate interests of the controller or a third party), you have the right to object to the processing at any time on grounds relating to your particular situation. We will then no longer process the personal data unless there are demonstrable compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.
Right to File a Complaint with the Data Protection Authority (Section 48 KDG)
Pursuant to § 48 KDG, you have the right to file a complaint with the Data Protection Authority if you believe that the processing of your personal data violates the provisions of the KDG or other data protection regulations.
Exercising Your Rights
Unless otherwise stated above, please contact the office listed in the imprint to exercise your rights as a data subject.
Contact Information for the Data Protection Officer
Our external Data Protection Officer is available to answer any questions you may have regarding data protection. Please use the following contact information:
datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Web: www.dsn-group.de
Email: kirche@datenschutz-nord.de
When contacting our Data Protection Officer, please also specify the responsible entity listed in the imprint.
Date of last update: March 26, 2026