We take care of your data!

    Imprint / Disclaimer of the publishers

    German Maritime Museum
    Leibniz Institute for Maritime History

    The German Maritime Museum (DSM) is a foundation with legal capacity under civil law and, being a research museum, a member of the Leibniz Association. .

    Authorized representative:
    Prof. Dr. Ruth Schilling (Managing Director), Matthias Templin (Commercial Director)

    Sales tax identification number according to § 27a sales tax law (V.A.T. no.): DE 114 709 134 34

    Responsible for the content: Prof. Dr. Ruth Schilling

    Design and technical realisation

    GfG / Gruppe für Gestaltung
    Altes Zollamt / Waller Stieg 1 
    28217 Bremen 
    info@gfg-id.de

    www.gfg-id.de

    Contact

    Hans-Scharoun-Platz 1
    D-27568 Bremerhaven  

    +49 (0) 471 482 07 0

    info@dsm.museum
     

    Privacy Policy

    Thank you for visiting our website. In this Policy, we would like to inform you about how we handle your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR).
     

    ​​Controller

    The Controller for the data processing operations described below is the office named in the imprint.
     

    Usage Data

    When you visit our website, our web server temporarily evaluates usage data for statistical purposes in order to improve the quality of our website. This data consists of the following data categories:

    - the name and address of the requested content,

    - the date and time of the query,

    - of the transferred data volume,

    - the access status (content transferred, content not found),

    - the description of the used web browser and operating system,

    - the referral link, which indicates from which page you reached ours,

    - the IP address of the requesting computer, which is shortened in such a way that a personal reference can no longer be established.

    The above-mentioned log data will only be evaluated anonymously.
     

    Storage of IP Addresses for Security Purposes 

    We store the complete IP address transmitted by your web browser for a period of 14 days in the interest of detecting, limiting and eliminating attacks on our web pages. After this period, we delete or anonymize the IP address.

    The legal basis for this processing is Art. 6 (1) (f) GDPR.  
     

    Data Security

    We take technical and organizational measures to protect your data as comprehensively as possible from unwanted access. These measures include encryption procedures on our web pages. Your data is transferred from your computer to our server and vice versa via the internet using TLS encryption.

    You can usually recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https:// .
     

    Web analysis tool Matomo

    We use the web analysis tool Matomo to design our websites according to needs. This tool is operated on our own servers and the data collected is not passed on to any third parties.

    The data collected enables us to track the websites you have accessed one after the other. However, it is not possible for us to associate separate site visits to one person. Personally identifiable information is only stored in anonymized form for 30 days. These are then aggregated into statistics, which no longer allow any conclusions to be drawn about the anonymized data, but only contain information about the pages accessed.

    The following data is recorded to facilitate this:

    • Information about your device (display size, operating system, web browser, desktop/laptop)
    • Anonymized (shortened) IP address (e.g. 10.10.x.x) and the rough location determined from this
    • ID for related page visits (pages accessed one after the other directly via links)
    • Date, time, page URL and title (which page was accessed?), referral link (which page was previously accessed?), time spent on pages (these are recorded in aggregated statistics)

    However, you can object to this collection by opting out at the bottom of this privacy policy.

    Contact Form

    You may contact us third-party via our contact form. In order to use our contact form, we will require you to provide the data marked as mandatory.

    The legal basis for this processing is Art. 6 (1) (f) GDPR, being our legitimate interest to respond to your request.

    You can decide whether or not you would like to provide us with further information. This information is provided voluntarily and is not required to contact us.

    We process your voluntary details on the basis of your consent in accordance with Art. 6 (1) (a) GDPR.

    Your data will only be processed to process your request. We will delete your data if they are no longer required and there are no legal obligations to retain them.

    Where the processing of your data which is transmitted via the contact form is based on legitimate interest in accordance with Art. 6 (1) (f) GDPR, you have the right to object to that processing at any time. To do so, please use the email address provided in the imprint.

    In addition, you can withdraw your consent to the processing of your voluntarily provided information at any time. To do so, please use the email address provided in the imprint.
     

    Embedded Videos

    On our websites, we embed videos that are not hosted on our servers. In order to ensure that accessing our websites containing embedded videos does not automatically lead to the download of third-party content, we only show locally hosted preview images of the videos as a first step. As a result, the third-party provider does not receive any information.

    Only after you click on the preview image, is content from the third-party provider downloaded. This provides the third party with information that you have accessed our site and with the usage data technically required for this purpose. Furthermore, the third-party provider is then able to implement tracking technologies. We have no influence on the further data processing by the third-party provider. By clicking on the preview image, you give us your consent to download content from the third-party provider.

    The embedding is based on your consent if you have given your consent by clicking on the preview image. Please note that the embedding of many videos leads to your data being processed outside the EU or EEA. In some countries, there is a risk that authorities may access the data for security and surveillance purposes without informing you or allowing you to take legal action. Where we use providers in third countries without an adequate level of protection and you give your consent, the transfer to this third country is based on Art. 49 (1) (a) GDPR.
     

    Provider

    Maximum Storage Period

    Adequate level of data protection 

    Withdrawal of consent

    YouTube / Google (USA)

     

    No adequate level of data protection. The data is transmitted on the basis of Art. 49 (1) (a) GDPR.​

    If you click on a preview image, the content of the third-party provider is immediately downloaded. To avoid this downloading on other sites, please do not click on the preview image.​

     

     

    You may register to receive our newsletter on our website. Please note that we require certain data (your e-mail address at the minimum) to complete the newsletter registration. The processing of your data is being provided by Newsletter2Go/Sendinblue.

    We will only send the you the newsletter if you have given us your express consent. After you have completed the newsletter registration on our website, you will receive a confirmation e-mail at the e-mail address you provided (double opt-in).

    You may withdraw your consent at any time. An easy way to withdraw your consent is, for example, to use the unsubscribe link provided in every newsletter.

    As part of the newsletter registration process, we store certain data in addition to the above-mentioned data, as far as it is necessary to prove so that you have registered for our newsletter. This may include storing the complete IP address at the time of the registration or confirmation of the newsletter, as well as a copy of the confirmation mail sent by us.

    The legal basis for the data processing is our legitimate interest to be able to account for the legality of the newsletter delivery according to Art. 6 (1) (f) GDPR.

    If you give us the appropriate consent, we will include individual tracking pixels in our newsletters, with which we can recognize when the newsletter sent to you was accessed or opened and individualize the links in the newsletter to determine when you clicked on which link.

    To withdraw your consent, please use the link provided in each newsletter to unsubscribe or adjust your consent preferences.
     

    Embedding of additional technical third-party content and functions

    We use functions and content of the third-party providers listed below to enhance our websites.

    Calling up our websites will lead to downloading contents of the third-party providers who provide these functions and contents. As a result, the third-party provider receives the information that you have visited our site as well as the usage data technically required for this purpose.

    We have no control over the further data processing by the third-party provider.

    The legal basis for this data processing is your consent if you have previously given your consent via our banner/ consent management system.   

    Please note that the use of third-party content and functions may result in your data being processed outside the EU or EEA. In some countries, there is a risk that authorities may access the data for security and surveillance purposes without informing you or allowing you to take legal action.

    Where we use providers in third countries without an adequate level of protection and you give your consent, the transfer to this third country is based on Art. 49 (1) (a) GDPR.
     

    ProviderTechnical function or consentMaximum storage periodAdequate level of data protectionWithdrawal of consent


    Hoefler Type Foundry, Inc. d/b/a Hoefler&Co


    Web fonts

     


    No adequate level of data protection. The data is transferred on the basis of Art. 49 (1) (a) GDPR.​


    If you no longer consent to the processing, please stop using our site.​​

     

    Ticket shop

    If you wish to order products, you need to provide us with your contact details by registering in advance or ordering as a guest. We collect the following data on the basis of Art. 6 (1) b GDPR: First name, last name, email address, billing address, shipping address, payment method and order history. You can change or delete your profile within a registered account at any time. The data will then be automatically removed from our system, provided that there are no retention periods or the data is not still required in individual cases (for example, in the case of outstanding debts for the collection of receivables).

    We store and use your personal data, which you transmit to us in the course of an order process, on the basis of Art. 6 (1) b GDPR exclusively for the processing of your orders. We use your e-mail address for messages regarding the status of your order, in particular order confirmation, sending the invoice, sending download links for digital products, service messages. You can also provide a telephone number in order to be informed at short notice of important changes, but you do not have to do this; the information is voluntary and may be processed on the basis of Art. 6 (1) A GDPR (consent).
     

    Payment provider

    On our website, we offer, among other things, payment via PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). If you select payment via PayPal, the payment data you enter will be transmitted to PayPal.

    The transmission of your data to PayPal is based on Art. 6 (1) A GDPR (consent) and Art. 6 (1) b GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time which does not affect the validity of past data processing operations.
     

    Your rights as a data subject

    When processing your personal data, the GDPR grants you certain rights as a data subject:​​
     

    Right of access by the data subject (Art. 15 GDPR)

    You have the right to obtain confirmation as to whether personal data concerning you are being processed; if this is the case, you have the right to be informed of this personal data and to receive the information specified in Art. 15 GDPR.
     

    Right to rectification (Art. 16 GDPR)

    You have the right to rectification of inaccurate personal data concerning you and, taking into account the purposes of the processing, the right to have incomplete personal data completed, including by means of providing a supplementary statement without delay.
     

    Right to erasure (Art. 17 GDPR)

    You have the right to obtain the erasure of personal data concerning you without undue delay if one of the reasons listed in Art. 17 GDPR applies.
     

    Right to restriction of processing (Art. 18 GDPR)

    You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you have objected to the processing, for the duration of our examination.
     

    Right to data portability (Art. 20 GDPR)

    In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format, or to request that this data be transferred to a third party.
     

    Right to withdraw consent (Art. 7 GDPR)

    If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the withdrawal is only effective for the future. Processing that took place before the withdrawal is not affected.
     

    Right to object (Art. 21 GDPR)

    If data is collected on the basis of Art. 6 (1) 1 f GDPR (data processing for the purpose of our legitimate interests) or on the basis of Art. 6 (1) 1 e GDPR (data processing for the purpose of protecting public interests or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are compelling legitimate grounds for the processing which override your interests, rights and freedoms or if data is still needed for the establishment, exercise or defence of legal claims.
     

    Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

    According to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your data violates data protection regulations. This right may be asserted in particular with a supervisory authority in the Member State of your habitual residence, your place of work or the place of the suspected infringement.
     

    Asserting your rights

    Unless otherwise described above, please contact us to assert your rights. You will find our contact details in our imprint.
     

    Contact details of our data protection officer

    ​Our external data protection officer is available to provide further information on data protection.​

    datenschutz nord GmbH
    Konsul-Smidt-Straße 88
    28217 Bremen
    Web: www.datenschutz-nord-gruppe.de
    E-Mail: office@datenschutz-nord.de

    When contacting our data protection officer, please specify the name of the company, stated in our imprint.

     

    .svgNavPlus { fill: #002c50; } .svgFacebook { fill: #002c50; } .svgYoutube { fill: #002c50; } .svgInstagram { fill: #002c50; } .svgLeibnizLogo { fill: #002c50; } .svgWatch { fill: #002c50; } .svgPin { fill: #002c50; } .svgLetter { fill: #002c50; } Universität Bremen