Newsletter

Subscribe to our newsletter to stay up to date.

Follow us

Privacy Policy

General

This statement concerns data that becomes known when the user accesses or uses the website of Deutsches Auswandererhaus gemeinnützige GmbH, www.dah-bremerhaven.de, and all subpages. The following information will explain what kind of data is involved and what happens to it.

If there are links to other websites on the Deutsches Auswandererhaus gemeinnützige GmbH website, this statement does not apply to data collection and usage on the linked pages.

I. Collection of personal data when visiting our website – Logging

The website of Deutsches Auswandererhaus gemeinnützige GmbH is operated by Deutsches Auswandererhaus gemeinnützige GmbH, Columbusstr. 65, 27568 Bremerhaven, Germany.

When you only use the website for informational purposes, that is, if you do not register or transmit information to us in any other way, we only collect the personal data that your browser transmits to our server. When you wish to view our website, we collect the following data, which is technically necessary for us to display our website and to ensure its stability and security (the legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR):

1. IP address
2. Date and time of the request
3. Time zone difference to Greenwich Mean Time (GMT)
4. Content of the request (specific page)
5. Access status/HTTP status code
6. Amount of data transmitted
7. Website from which the request originates
8. Browser
9. Operating system and its interface
10. Language and version of the browser software.

In addition to the previously mentioned data, cookies will be stored on your computer when you use our website. Further information on this can be found under the ‘Cookies’ section in this privacy statement.

These data are required exclusively for technical or statistical purposes and serve to evaluate our online offerings; no matching with other databases occurs. Access to the collected data is limited to employees of Deutsches Auswandererhaus gemeinnützige GmbH and the companies commissioned by them. Any further sharing with third parties, even in excerpts, does not take place.
After evaluating the annual accesses, the logged data will be deleted. The evaluation occurs monthly and annually, and deletion takes place each January of the following year. Evaluation and deletion are carried out by employees of Deutsches Auswandererhaus gemeinnützige GmbH.

II. Personal Data – Collection and Use

Deutsches Auswandererhaus gemeinnützige GmbH processes your personal data purposefully.

In summary, we process your personal data for the following purposes:

a. To address your concerns in contact inquiries (e.g., email address, first name, last name)
b. To send you an offer based on your request
c. To send a newsletter with information about our services and updates on our offerings (e.g., name, email address)
d. To manage the rental of our facilities to you appropriately
e. To conduct and evaluate recurring online surveys
f. To technically implement our website and provide you with information on this site (e.g., IP address, cookies, browser information)
g. To accept and process your application for one of our job postings
h. To participate in reports related to family stories or historical accounts
i. To process orders for online admission tickets and online vouchers

The specific purposes of the processing described here are outlined in this privacy policy.

Regarding the legal basis for processing your personal data:

Personal data necessary for the establishment, execution, or processing of our service offerings (contract fulfillment) are processed on the basis of Art. 6 Para. 1 lit. b GDPR. To the extent that we obtain your consent for processing your personal data, the consent under Art. 6 Para. 1 lit. a GDPR forms the legal basis for the data processing. Data processing is also permissible if we process your data to protect our legitimate interests and do not outweigh your interests or fundamental rights and freedoms regarding the processing of personal data. If we use external service providers within the framework of contract data processing, the processing takes place on the basis of Art. 28 GDPR.

The Deutsches Auswandererhaus gemeinnützige GmbH stores this data in its database and uses it exclusively for individual communication with the customer and for the execution of the contract. This includes initiation, completion, processing, warranty obligations, and returns. Data is collected solely for the purpose of contract fulfillment.
Data is generally stored only as long as the contract is completely fulfilled. As long as commercial and tax law retention periods exist, the storage duration may extend up to 10 years.

General contact data:
• Name, first name
• Email address
• Content of the message

Online application:
• Name, first name
• First and last name
• Street, house number
• ZIP code
• City
• Email address
• Message
• Application documents

Newsletter registration:
• Email address

III. Other Collection and Use of Personal Data

Except when placing an order, the input of personal data is necessary in the case of feedback as well as for using communication portals (surveys, submission of family stories). The use of these services and offerings by the user is expressly on a voluntary basis. In the case of communication portals, data collection takes place for scientific purposes. The collection of personal data in the communication portals is required, as the family stories collected here can only be scientifically correctly categorized in connection with the respective personal data (e.g., dates of life, date of departure, etc.).

IV. Data Transmission

The transfer of customer data occurs only to the extent necessary for contract fulfillment. Data transfer takes place particularly in the following cases:


1) Address data to the in-house gastronomy in case of combined offers
2) Payment data to credit institutions or payment intermediaries for processing payments
3) The above data to collection agencies in case of assignment of claims


Furthermore, the Deutsches Auswandererhaus gemeinnützige GmbH only transmits customer data to third parties when this is necessary to avert dangers to public safety and order, especially when obliged to transmit to law enforcement or regulatory authorities.

V. Consent-Based Use of Data

For the purpose of advertising, market, and opinion research, the Deutsches Auswandererhaus gemeinnützige GmbH uses personal data only to the extent that the user has consented. The user is specifically requested for consent in each respective case. The consent is provided by checking a box next to the corresponding consent text. A revocation of this consent is possible at any time.

VI. Use of Cookies

In the information provided by the Deutsches Auswandererhaus gemeinnützigen GmbH, cookies are used. Cookies are small text files that are stored on your storage device and save certain settings and data for exchanging with our system through your browser. A cookie typically contains the name of the domain from which the cookie data was sent, as well as information about the age of the cookie and an alphanumeric identifier.

Cookies enable our systems to recognize the user’s device and make any pre-settings immediately available. As soon as a user accesses the platform, a cookie is transmitted to the hard drive of that user’s computer. Cookies help us improve our website and offer you a better and more tailored service. They allow us to recognize your computer or your (mobile) device when you return to our website and thereby:

• Store information about your preferred activities on the website and thus tailor our website to your individual interests.

• Speed up the processing of your inquiries.

We collaborate with third-party services that help us make the internet offering and the website more interesting for you. Therefore, when visiting the website, cookies from these partner companies (third parties) are also stored on your hard drive. These are cookies that automatically delete themselves after a specified time.

If you do not wish to use browser cookies, you can adjust your browser settings to refuse the storage of cookies. Please note that in this case, you may be able to use our website only in a limited way or not at all. If you wish to accept only our own cookies and not those of our service providers and partners, you can select the setting “Block third-party cookies” in your browser. We do not take any responsibility for the use of cookies by third parties.

VII. Integration of Services from Other Providers

Our website uses content, services, and features from other providers. This includes, for example, services for statistical analysis of the use and visits to our website, or for embedding videos from video platforms such as YouTube. To allow these data to be accessed and displayed in the user’s browser, it is essential to transmit the user’s IP address to these third parties.
Even though we strive to use only third-party providers that only require the IP address to deliver content or even work with anonymized IP addresses, we have no control over whether the IP address may be stored. Information about the third-party providers used can be found in this privacy policy.

Plyr

Type and scope of processing

We use Plyr CDN for the proper delivery of the content on our website. Plyr CDN is a service from Plyr that functions as a Content Delivery Network (CDN) on our website.

A CDN helps deliver the content of our online services, especially files such as graphics or scripts, faster by using regionally or internationally distributed servers. When you access this content, you connect to servers of Plyr, and your IP address and possibly browser data such as your User-Agent will be transmitted. This data is processed solely for the aforementioned purposes and to maintain the security and functionality of Plyr CDN.

Purpose and Legal Basis

The use of the Content Delivery Network is based on our legitimate interests, i.e., the interest in secure and efficient delivery, as well as optimizing our online services in accordance with Art. 6 Para. 1 lit. f. GDPR.

Storage Duration

The specific storage duration of the processed data is not influenced by us, but determined by Plyr. For more information, please refer to the privacy policy for Plyr CDN: https://www.plyr.com/policy.

Sentry

Type and scope of processing

We use Sentry from Functional Software, Inc., 132 Hawthorne St San Francisco, CA 94107, United States as a bug tracker to detect code errors early and thereby ensure the technical functionality of our online services. Anonymous information about the device on which the error occurred and about the time when the error was detected is collected. In some cases, user sessions may also be recorded to simplify the resolution of the error. Functional Software, Inc. does not evaluate this data for advertising purposes.

Purpose and Legal Basis

The use of Sentry is based on Art. 6 Para. 1 lit. f GDPR, as there is a legitimate interest in resolving errors to improve the product.

We intend to transfer personal data to third countries outside the European Economic Area, especially the USA. The data transfer to the USA is carried out in accordance with Art. 45 Para. 1 GDPR based on the adequacy decision of the European Commission. The US companies involved and/or their US subcontractors are certified under the EU-U.S. Data Privacy Framework (EU-U.S. DPF).

Storage Duration

The exact storage duration varies from case to case. Data will be deleted as soon as we have fixed the error and no longer require access to error details. Further information regarding storage duration from Functional Software, Inc. can be found in the privacy policy for Sentry: https://sentry.io/privacy/.

Plausible Analytics

Type and scope of processing

We use the web analytics service “Plausible Analytics” to continuously optimize our offerings, both technically and content-wise. Plausible is a brand of Plausible Insights OÜ, Västriku tn 2, 50403, Tartu, Estonia, Registration number 14709274, hereinafter referred to as “Plausible.” Plausible Insights OÜ is fully GDPR-compliant.

Plausible follows a particularly privacy-friendly approach to analyze your visit. For this purpose, Plausible collects, among other things, the following information: date and time of your visit, title and URL of the visited pages, incoming links, the country you are in, and the user agent of your browser software. Plausible does not use or store any “cookies” on your device. All personal data (such as your IP address) is stored in a fully anonymized form as a so-called hash. A hash is an irreversible encryption of data, meaning it cannot be “decrypted.” In this way, we can analyze your visit without storing personal data in a form that would be readable by us, Plausible, or third parties.

To provide transparency about the data we collect, you can view the full statistics of this site yourself: https://plausible.io/wemake.de.

Purpose and Legal Basis

The use of Plausible Analytics is based on our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR.

Storage Duration

The specific duration of storage for the processed data is not controlled by us, but is determined by Plausible. Further information on data protection at Plausible can be found at https://plausible.io/data-policy.

VIII. General Notes on Presence in Social Networks

To present our company in the best possible way and to communicate with you as a user, customer, or interested party, as well as to inform you about our offered services, we rely on our presence in social networks. When using social networks, data may be processed outside of the European Union (EU) and the European Economic Area (EEA). An equivalent level of data protection, as present in the EU, cannot be guaranteed in all countries outside the EU.
In this context, there may be risks for you as a user if the transmitted data is processed in so-called third countries with inadequate data protection standards.

This complicates the enforcement of known user rights. Additionally, it may happen that your data is processed by the provider in the third country contrary to your interests.

We only transfer personal data to third countries where an adequate level of protection has been confirmed or when the transfer of personal data can be ensured through contractual agreements or other appropriate safeguards.

Alongside the respective provider of a social network, we also collect and process personal user data on so-called “fan pages.” This notice informs you about what data we collect from you on our appearances in social media, how we use it, and how you can object to data usage. You can find the respective purposes and categories of data processing in the specific offerings listed in detail below.

The activities we operate in social media, detailed below, are conducted based on a balance of interests under Article 6(1)(f) GDPR.

To achieve this, cookies are used which capture user behavior and enable user profile creation.
A concrete listing of the purposes for processing user data can be found in the privacy notices of the respective providers. By making the appropriate settings in your user account, you can limit the profile creation to some extent. For exact procedures, please refer to the relevant privacy notices of the respective provider.

The relevant platforms are:

PlatformResponsible entityPrivacy notices of the platform operators
FacebookMeta Platforms Ireland Ltd
4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland		https://privacycenter.instagram.com/policy
InstagramMeta Platforms Ireland Ltd
4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland		https://privacycenter.instagram.com/policy
YouTubeGoogle Ireland Limited
Gordon House, Barrow Street, Dublin 4, Ireland		https://policies.google.com/privacy?hl=en

The German Emigration Center operates profiles on the listed platforms to draw attention to products and service offerings as well as to interact with customers, interested parties, and other users of the platform.

The platform operators use certain data collected from users of the platform in this context (e.g., whether a photo on a profile has been marked or commented with ‘Like’) to create aggregated usage statistics and provide these to the respective profile operators (so-called ‘Insights’ or ‘Analytics’). We as profile operators also receive such usage statistics. The information we receive as profile operators cannot be traced back to individual users. The profile operator does not have access to personal data that the platform operators process for creating the usage statistics. Only the respective platform operator determines which data is processed for these purposes and how. The Deutsches Auswandererhaus cannot legally or practically influence the processing by the platform operators.

For the processing related to the creation of, we are considered joint controllers with the respective platform operator according to Article 26 of the GDPR.

If possible, agreements on joint responsibility exist with the respective platform operators.

Furthermore, data processing by the Deutsches Auswandererhaus as the profile operator only occurs in very limited scope:

  • Processing of usernames and comments that are deleted due to violations of netiquette. These are retained for the necessary proof in legal disputes within the limitation period.
  • Processing of usernames and individual messages when you contact us via messenger services.
  • Processing of usernames when participating in competitions. The relevant participation conditions apply.
  • Processing of usernames and postings in connection with inquiries and, if necessary, obtaining consent for the re-posting of images.

For these purposes, we usually only process your name, message content, comment content, and the profile information you provide as ‘public’.

IX. Newsletter

With your consent, you can subscribe to our newsletter, through which we will inform you about our current interesting offers. The advertised goods and services are specified in the consent declaration.

For signing up for our newsletter, we use the so-called double opt-in procedure. This means that after you sign up, we will send you an email to the provided email address asking you to confirm that you wish to receive the newsletter. If you do not confirm your registration within [24 hours] [SU1], your information will be blocked and automatically deleted after one month. Additionally, we will store your used IP addresses and timestamps of registration and confirmation. The purpose of this procedure is to be able to prove your registration and, if necessary, clarify any possible misuse of your personal data.

The only mandatory information for sending the newsletter is your email address. Providing additional, specially marked data is voluntary and is used to address you personally. After your confirmation, we will store your email address for the purpose of sending the newsletter. The legal basis is Art. 6 Abs. 1 S. 1 lit. a DS-GVO.

Your personal data may be processed on our behalf based on data processing agreements according to Art. 28 GDPR. In these cases, we ensure that personal data is processed in accordance with the General Data Protection Regulation.

You can withdraw your consent for the transmission of the newsletter at any time and unsubscribe from the newsletter. You can declare the revocation by clicking on the link provided in each newsletter email, by emailing to datenschutz@dah-bremerhaven.de, or by sending a message to the contact details provided in the imprint.

X. Application Procedure

We publish job offers on our website, to which you can apply via email. If you decide to apply for an open position, we will process the personal data you provide there and transmit to us solely for the purpose of conducting the application process.

The legal basis for processing your personal data as part of the application process is § 26 Abs. 1 in conjunction with Abs. 2 BDSG.

In the event of a rejection, we will delete your data as soon as the legally required retention period of 6 months has expired. The period begins with the sending of the rejection. If you have expressly consented to the further use of your data for possible future contact regarding positions that may be of interest to you, we will continue to retain your data in accordance with that consent.

If a employment relationship arises after the application process, the data will be stored as far as necessary and permissible and subsequently transferred to the personnel file.

Data transfer to recipients outside the company will only occur if legal provisions allow or require it, if transfer is necessary to fulfill legal obligations, or if you have consented to it. A transfer to a third country is not intended.

The provision of personal data in the context of application processes is neither legally nor contractually required. Therefore, you are not obligated to provide personal data. However, providing personal data is necessary for making decisions about an application or for concluding a contract regarding an employment relationship with us. In your application, you should only provide personal data that is necessary for the initiation and processing of the application. If you do not provide personal data in an application, we cannot make a decision regarding the establishment of an employment relationship.

Please note that applications sent to us via email are transmitted unencrypted. Thus, there is a risk that unauthorized parties may intercept and use this data.

XI. Participation in Historical Reporting

We regularly offer opportunities/participation in historical reporting for our ongoing exhibitions. Participation and the transmission of your data is voluntary and only with your consent. The data will not be transmitted to third parties. If photos or video recordings are sent, by sending them, you transfer your rights to the images/video material for publication in our facilities. By sending them, you confirm that you are the sole owner and rights holder of the photo and video recordings. You also confirm that there is no violation of third-party rights or that materials were transmitted without the knowledge of the affected person.

We will use the data and recordings only within the scope of the corresponding exhibition. Use for other purposes requires your consent, which we must obtain.

Your rights to information, modification, or deletion remain unaffected.

XII. Online Admission Tickets

For your visit to the German Emigration Center, we have set up the option to purchase online tickets or vouchers that can be ordered online. The purchase of online tickets is managed by the service provider Gantner Ticketing GmbH, Sandäcker 6B, 97076 Würzburg.

During the ordering process by visitors to the website, personal data such as email, name, and address are stored. The provided data are necessary for the performance of the contract as part of the registration on the ticket platform and the purchase of tickets based on the legal basis of Art. 6 para. 1 b) GDPR.

There is no transfer of personal data to third parties, except for the transmission of payment data to our employed ticketing and payment service providers (Gantner Ticketing GmbH and PayOne GmbH) for the payment of online tickets.

To ensure that the implementation of online tickets on the website is displayed correctly, temporary storage of log file data such as date, time of access, browser type, operating system, and your IP address is necessary based on the legal basis of Art. 6 para. 1 f) GDPR. Deletion of this technical data will occur no later than after 7 days.

After completing the purchase of online tickets, you will receive a confirmation email with a QR code. The boarding pass will then be issued on-site at the ticket office of the German Emigration Center.

XIII. Purchase / Booking by Email or Phone

For your visit to the German Emigration Center, we have set up the option to order vouchers by email, inquire about group bookings / events by phone or email, or order items from our museum shop. The orders or bookings will be handled by the German Emigration Center.

As part of the order / booking process, personal data such as email, name, and shipping address are stored. The provided data is necessary for the initiation / execution of the contract in the context of orders / bookings based on Art. 6 para. 1 b) GDPR.

XIV. Purchase on Account

For the purchase of vouchers / items as well as for the payment of events and direct group visits, we offer the payment method purchase on account. For this, we process your personal data exclusively for the execution of the contract. In doing so, we collect the necessary data for invoicing, such as your name, your address, and the invoice amounts.

Initially, your data will not be passed on to third parties, as we do not use external payment service providers for the processing of purchase on account. No credit check will be carried out either. The processing of the data is solely for the fulfillment of contractual obligations and to ensure proper billing. However, should invoices remain unpaid despite multiple reminders, we will transmit data, as necessary, to a collection agency for the purposes of debt collection. We collaborate with the collection agency Creditreform, Hammfelddamm 13, 41460 Neuss. The legal basis for data transfer is additionally Art. 6 para. 1 f) GDPR. Your data will be stored in accordance with legal retention requirements for tax purposes for a period of 10 years. After this period, your data will be deleted, provided there are no further legal obligations for retention.

XV. Rights of the affected person

As a data subject under Article 4 No. 1 GDPR, you have the following rights regarding the processing of your personal data under the GDPR. You can find the legal text of the rights listed below at https://www.bfdi.bund.de/SharedDocs/Publikationen/Infobroschueren/INFO1.pdf.

a. Right to confirmation and access
In accordance with Article 15 GDPR, you have the right to request confirmation as to whether personal data concerning you is being processed, and to receive free of charge information about your stored personal data and a copy of this information at any time from the responsible party for the processing.

b. Right to rectification
In accordance with Article 16 GDPR, you have the right to request the immediate rectification of inaccurate personal data concerning you. You also have the right, taking into account the purposes of the processing, to request the completion of incomplete personal data – also by means of an additional declaration.

c. Right to deletion
In accordance with Article 17 GDPR, you have the right to request that we delete your personal data without delay, provided that one of the reasons stated in Article 17 GDPR applies and the processing is not necessary.

d. Right to restriction of processing
In accordance with Article 18 GDPR, you have the right to request the restriction of processing if one of the conditions mentioned in Article 18 GDPR applies.

e. Right to data portability
Under the conditions of Art. 20 GDPR, you have the right to obtain your personal data that you have provided to us in a structured, commonly used, and machine-readable format, and you have the right to transmit this data to another controller without hindrance from us, provided the further requirements of Art. 20 GDPR are met.

f. Right to withdraw consent
You have the right to withdraw any consent you have given us for processing personal data at any time, effective for the future. Please direct your withdrawal to the contact details provided above.

g. Right to object
Under the conditions of Art. 21 GDPR, you have the right to object at any time to the processing of personal data concerning you. If the requirements for an effective objection are met, processing by us may no longer take place.

h. Right to lodge a complaint with a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the member state of your residence, your workplace, or the location of the suspected infringement, if you believe that the processing of your personal data violates the provisions of the GDPR.

XVI. Data Protection Officer

The German Emigration Center Bremerhaven has appointed Mr. Markus Altenburg – DataGap GmbH – as its Data Protection Officer.

DataGap GmbHBessemerstr. 8212103 BerlinEmail: datenschutz@dah-bremerhaven.de

Internal reporting channel

We are very pleased to present our contribution for better communication and greater transparency within the company. To respond more quickly to breaches and thus to unfavorable situations for you, we have established an internal reporting channel. You can easily access the internal reporting channel anytime from any device via a link:

https://hinweise-app.compliance2b.com/?location=DAH-2005

For input, please confirm the company ID “DAH-2005” displayed in the selection window in the input form so that we can reliably receive your report. The system is operated by Compliance 2b GmbH to ensure the highest possible level of anonymity and security.

Each report will be treated confidentially and with the utmost care. You will receive information about the handling of your report within a maximum of three months.