Privacy Policy
Privacy Policy
Wikirate International e.V.
Status: May 2025
In accordance with our obligation to provide information pursuant to Art. 13 of the General Data Protection Regulation (GDPR), we hereby make our processing of personal data transparent to you in a comprehensible manner.
According to Art. 4(1) GDPR, personal data is any information relating to an identified or identifiable natural person. A natural person is considered identifiable if he or she can be (re)recognised as an individual on the basis of the data.
1. Contact details of the data controller:
Wikirate International e.V.
Schliemannstraße 29
10437 Berlin, Germany
E-Mail: [email protected]
2. Contact details of the Data Protection Officer:
Ethan McCutchen
Email: [email protected]
3. Purpose and scope of data processing
You can register on our website to use certain features.
As this is a wiki, everything you publish on our website is by definition public and accessible to everyone. However, your personal information (such as your email address and password) will always remain protected and private.
- Account information: Name, email, password, choice of alias is sufficient.
- and for each edit, the time and change of content (and temporarily also the IP),
- the type of user profile (e.g. 'studies', 'civil society organisation', 'investment', 'data enthusiast', etc.), but these are anonymised.
The legal basis is Art. 6 para. 1 lit. a of the General Data Protection Regulation (GDPR). The data will only be processed within the scope of your consent. You may revoke your consent at any time. An informal notification by e-mail is sufficient to revoke your consent. The lawfulness of any data processing that has already taken place remains unaffected by the withdrawal.
We store the personal data collected during registration for as long as you are registered on our website. Your personal data will be deleted if you cancel your registration. Statutory retention periods remain unaffected.
4. Server Log
When you visit our website, each access is stored in a log file, the so-called server log. Each data record contains information about
- the page from which a page on our website was requested,
- the page requested within our website,
- the date and time of the request,
- the amount of data transferred,
- the access status (whether the request was successful or not),
- the browser used (e.g. Mozilla Firefox, Google Chrome, Apple Safari, etc.).
The legal basis for this collection is Art. 6 para. 1 lit. f) GDPR (legitimate interest). We cannot offer you the opportunity to object to this collection, as the server log is essential to ensure the availability of this website and in the event of attacks on the website.
Processing in the context of contacting us takes place so that we can process and respond to your request. The legal basis is Art. 6 par. 1 lit. a) GDPR. Our legitimate interest lies in the above-mentioned purpose.
Data security: Our website and other systems are protected by technical and organisational measures against loss, destruction, access, modification or distribution of your data by unauthorised persons. However, despite regular checks, complete protection against all risks is not possible.
Obligation to provide information: You are under no contractual or legal obligation to provide us with personal data. However, we will not be able to provide you with our services without the information you provide.
Existence of automated decision making (including profiling): No automated decision making takes place on our website.
5. Deletion
Your personal data will be deleted as soon as you withdraw your consent.
Server log data is automatically deleted after seven days.
6. Data transfer
-
We use the Slack service provided by Slack Technologies, Inc, 500 Howard Street, San Francisco, CA 94105, USA. Data transfers outside the scope of the GDPR are based on EU standard contractual clauses: https://slack.com/intl/de-de/terms-of-service/data-processing, Further information can be found in Slack's privacy policy: https://slack.com/intl/de-de/legal We integrate third party payment services on our website.
-
PayPal: The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). Details can be found in PayPal's privacy policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full.
-
The donation will be processed by the third party provider Donorbox of Rebel Idealist LLC, located at 5 3rd St, Suite 900, San Francisco, CA 94103. Information about Donorbox's donation processing: https://donorbox.org/terms. Donorbox privacy policy: https://donorbox.org/privacy. The information you enter is therefore sent directly to the technical service providers used by Donorbox to provide the form, such as Paypal or Mastercard, using an encrypted SSL connection to process the donation request.
-
We use the Content Delivery Network (CDN) of Cloudflare Germany GmbH, Rosental 7, c/o Mindspace, 80331 Munich, Germany (Cloudflare) to increase the security and delivery speed of our website.
-
We use New Relic, a website optimisation platform. The service provider is the US company New Relic Inc, San Francisco, CA, 188 Spear St, San Francisco, USA. New Relic also processes data in the USA. New Relic is an active participant in the EU-U.S. Privacy Framework, which governs the safe transfer of personal data from EU citizens to the United States. Learn more at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
-
We work with DigitalOcean, a cloud service. The service provider is the US company DigitalOcean, LLC, New York, NY, 101 6th Ave, USA. DigitalOcean also processes your data in the USA. DigitalOcean is an active participant in the EU-US Privacy Framework, which governs the safe transfer of personal data from EU citizens to the US. Learn more at https://commission.europa.eu/document/fa09cbad-dd7d-4684-ae60-be03fcb0fddf_en.
-
Google Tag Manager is a tool that allows us to integrate tracking or statistics tools and other technologies on our website. Google Tag Manager is used to manage and display the tools it integrates. However, Google Tag Manager collects your IP address, which may also be transmitted to Google's parent company in the United States. That company is certified under the EU-US Data Privacy Framework (DPF).
-
This website uses web fonts provided by Google for the standardised display of fonts. More information about Google web fonts can be found at https://developers.google.com/fonts/faq and in Google's privacy policy at https://policies.google.com/privacy?hl=de.
-
Use of Google Analytics: We use Google Analytics provided by Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland). Google processes this data on our behalf and is contractually bound to ensure the security and confidentiality of the data processed.
The following information is sent to Google when you use our website
- Pages viewed
- Orders, including sales and products ordered A
- chievement of 'website goals' (e.g. contact requests and newsletter registrations)
- Your behaviour on the pages (e.g. time spent, clicks, scroll depth)
- Your approximate location (country and city)
- Your Internet address (IP address)
- Technical information such as browser, Internet provider, device and screen resolution
- Source of your visit (i.e. which website or advertising medium you used to reach us)
- A randomly generated user ID
- No information such as name, address or contact details is sent to Google.
This information is transferred to Google's servers in the USA. Please be aware that the USA does not provide the same level of data protection as the EU.
7. Session cookies
We use session cookies. Session cookies are small text files that a website stores on a user's computer or mobile device while they are visiting the website. They are used to temporarily store information about the user's interaction with the website and keep it available for the duration of the session. Once the user leaves the website or closes their browser, session cookies are automatically deleted.
Session cookies contribute to the security of a website by, for example, ensuring that a user remains logged in while navigating through different pages or by preventing fraudulent activity.
The legal basis for this collection is Art. 6 par. 1 lit. f) GDPR (legitimate interest). We cannot offer you an opt-out of this collection, as it allows you to return to recently visited pages while remaining logged in.
Modern web browsers allow you to monitor, limit or prevent the setting of cookies. Many web browsers can be configured to automatically delete cookies when you close them.
8. Newsletter
If you subscribe to our newsletter, this is done on the legal basis that you have given us your consent to do so (Art. 6 (1) (a) GDPR).
You can object to the further delivery of the newsletter at any time by clicking on the unsubscribe link displayed at the end of each newsletter.
We send our newsletters with "MailChimp", a newsletter distribution platform of the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
The email addresses of our newsletter recipients are stored on MailChimp's servers in the USA. MailChimp uses this information to send the newsletter on our behalf. Furthermore, MailChimp may, according to its own information, use this data to optimise or improve its own services, e.g. to technically optimise the sending and presentation of the newsletter or for economic purposes in order to determine which countries the recipients come from. However, MailChimp does not use the data of our newsletter recipients to write to them itself or to pass it on to third parties.
We have concluded a "data processing agreement" with MailChimp. This is a contract in which MailChimp undertakes to protect the data of our users, to process it on our behalf in accordance with its data protection provisions and, in particular, not to pass it on to third parties.
9. Your rights as a data subject
You have the following rights:
- the right of access (Art. 15 GDPR)
- the right to rectification (Art. 16 GDPR)
- the right to erasure (Art. 17 GDPR)
- the right to restriction of processing (Art. 18 GDPR)
- the right to object (Art. 21 GDPR)
- the right to data portability (Art. 20 GDPR)
To exercise your rights, you can contact us using the contact details provided above.
10. Right to lodge a complaint
If you are of the opinion that our website is processing data in violation of data protection law, you can also contact the data protection supervisory authority responsible for you. You can find out which supervisory authority is responsible for you on the website of the Federal Commissioner for Data Protection and Freedom of Information at the following link BfDI - Contact (bund.de).
If you have comments, questions, or requests regarding the processing of your personal data, please contact [email protected].