News
Search
email
Share this page on Facebook Visit our Facebook page
Visit our Instagram page

Privacy policy

The following information provides a simple overview of what happens to your personal data when you visit our website or when your data is collected as part of a research project or environmental monitoring. Personal data is any data that can be used to identify you personally. For detailed information on data protection, please refer to our privacy policy below.

I. Name and address of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Müritz National Park Authority

Schloßplatz 3

17237 Hohenzieritz

Tel.: 0385 588 636-00

Email: poststelle@npa-mueritz.mvnet.de

II. Name and address of the data protection officer

The data protection officer of the controller is:

Barbara Lüthi Herrmann

Schloßplatz 3

17237 Hohenzieritz

Tel.: 0385 588 636-41

Email: Datenschutzbeauftragter@npa-mueritz.mvnet.de

III a General information on data processing (research and monitoring)

The collection of personal data (e.g., photos) is not the objective of environmental monitoring in the Müritz National Park. If personal data (e.g., photos) is unintentionally collected, it will be deleted or rendered unrecognizable during the initial review.

The rights of data subjects (see IX.) to information and deletion remain unaffected.


III b. General information on data processing Website

1. Scope of personal data processing

We only process the personal data of our users to the extent necessary to provide a functional website and our content and services. The processing of our users' personal data is carried out regularly only with the user's consent. An exception applies in cases where prior consent cannot be obtained for practical reasons and the processing of the data is permitted by law.

Translated with DeepL.com (free version)

2. Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations that are necessary for the implementation of pre-contractual measures.

Insofar as the processing of personal data is necessary to fulfill a legal obligation to which the National Park Authority is subject, Art. 6 (1) (c) GDPR serves as the legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) (d) GDPR serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of the National Park Authority or a third party and the interests, fundamental rights, and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) (e) GDPR in conjunction with §4 (1) of the State Data Protection Act serves as the legal basis for processing.

3. Data deletion and storage period

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage no longer applies. Storage may also take place if this has been provided for by European or national legislators in EU regulations, laws, or other provisions to which the controller is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfillment of a contract.


IV. Provision of the website and creation of log files

1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected:

(1) Information about the browser type and version used

(2) The user's IP address

(3) Date and time of access

(4) Websites accessed by the user's system via our website

(5) Amount of data transferred

(6) Notification of successful retrieval

(7) Method, path, name, and parameters of the accessed file

The data is also stored in our system's log files. This data is not stored together with other personal data of the user.

2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Art. 6 (1) lit. c, e GDPR.

3. Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

Storage in log files is done to ensure the functionality of the website. In addition, the data helps us to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

These purposes also constitute our legitimate interest in data processing pursuant to Art. 6 (1) lit. f GDPR.

4. Duration of storage

The data is deleted as soon as it is no longer necessary for the purpose for which it was collected. In the case of data collection for the provision of the website, this is the case when the respective session has ended.

In the case of storage of the data in log files, this is the case after seven three days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that an assignment of the calling client is no longer possible.

5. Right to object and right to erasure

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, there is no right to object on the part of the user.


V. Use of cookies (Art. 6 (1) (f) EU GDPR or Art. 6 (1) (a) EU GDPR with consent)

Our website uses cookies in several places. They serve to make our offer more user-friendly, effective, and secure. Cookies are small text files that are stored on your computer and saved by your browser (locally on your hard drive).

These cookies enable us to analyze how users use our websites. This allows us to tailor the website content to the needs of our visitors. Cookies also enable us to measure the effectiveness of a particular advertisement and to place it, for example, depending on the thematic interests of the user.

Most of the cookies we use are so-called “session cookies.” These are automatically deleted after your visit. Permanent cookies are automatically deleted from your computer when their validity period (usually six months) has expired or when you delete them yourself before the end of their validity period.

Specifically, the following cookies are used on our website:

  • YouTube API
  • Vimeo
  • Matomo
  • Most web browsers automatically accept cookies. Cookies are stored on the user's computer and transmitted to our website. Therefore, as a user, you have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or restrict the transmission of cookies. Furthermore, cookies that have already been set can be deleted at any time via an Internet browser or other software programs. This is possible in all common Internet browsers.
  • Please note: If you deactivate the setting of cookies, not all functions of our website may be fully usable.


VI. Use of plugins

When social media plugins are used, users' personal data is forwarded to the providers of social networks. We only use such plugins as part of a “two-click solution.” This means that the data is only transmitted after the user has given their prior consent. The legal basis for the processing of data after the user has given their consent is Art. 6 (1) (a) GDPR.

a.) Facebook plugins

Plugins from the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated into our pages. You can recognize the Facebook plugins by the Facebook logo on our page. An overview of the Facebook plugins can be found here: developers.facebook.com/docs/plugins/.
 

When you visit our pages, the plugin establishes a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our site with your IP address. If you click the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. This allows Facebook to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Facebook. For more information, please see Facebook's privacy policy at: de-de.facebook.com/policy.php.

If you do not want Facebook to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account. 
 

b.) Instagram plugins

Our pages incorporate features of the Instagram service. These features are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA.

You can recognize the Instagram plugins by the Instagram logo on our website. If you are logged into your Instagram account, you can link the content of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by Instagram.

For more information, please refer to Instagram's privacy policy: instagram.com/about/legal/privacy/.

3.) YouTube plugins

Our website uses plugins from the Google-operated site YouTube. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

You can recognize the YouTube plugins by the YouTube logo on our site. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited.

If you are logged into your YouTube account, you enable YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

The use of YouTube is in the interest of an appealing presentation of our online offerings. This constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f GDPR.

Further information on the handling of user data can be found in YouTube's privacy policy at: www.google.de/intl/de/policies/privacy.
 

4.) issuu plugins

Our website incorporates features from the issuu service. These features are provided by Issuu, Inc., 131 Lytton Ave, Palo Alto, CA 94301, USA.

You can recognize issuu plugins by a special frame, known as an inline frame, which allows you to view various publications as a page-turning e-paper.

Issuu uses “cookies,” small text files that are stored on your computer and enable an analysis of your use of the website.

We would like to point out that, as the provider of the pages, we have no knowledge of the content of the data transmitted or its use by issuu.

Further information on this can be found in issuu's privacy policy: issuu.com/legal/privacy.

5. ) Vimeo

We use the provider Vimeo to embed videos. Vimeo is operated by Vimeo, LLC, headquartered at 555 West 18th Street, New York, New York 10011.

We use plugins from the provider Vimeo on some of our web pages. When you visit the web pages of our website that contain such a plugin, a connection to the Vimeo servers is established and the plugin is displayed. This transmits to the Vimeo server which of our web pages you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal user account. When you use the plugin, e.g. by clicking the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.

Further information on data processing and information on data protection by Vimeo can be found at vimeo.com/privacy.

VII. Newsletter subscription

Newsletter provider
We use the services of CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (“CleverReach”) to send our newsletter.

Purpose and legal basis of processing
We only send our newsletter with your express consent. The legal basis for this is Art. 6 (1) (a) GDPR. The purpose of processing is to send information (e.g., news, event announcements, other topics related to the national park) to people who have subscribed to our newsletter.

Registration/double opt-in
You can subscribe to the newsletter using a form on our website. Your name and email address are required to receive the newsletter. After entering this information, you will receive a confirmation email with a link to confirm your subscription (double opt-in procedure). You will only receive our newsletter after this confirmation. This ensures that only people who are actually interested are added to the mailing list.

Data that is collected
Only your name and email address are processed. No other personal data is collected.

  1. Storage period and revocation
    Your email address will be stored for as long as you subscribe to the newsletter. You can unsubscribe from the newsletter at any time—either via the unsubscribe link in each newsletter email or by sending a message to presse@npa-mueritz.mvnet.de. After unsubscribing, your data will be deleted immediately, provided there are no legal retention obligations.
  2. Order processing and data security
    We have concluded an order processing agreement (AVV) with CleverReach, which accesses your data within the framework of order processing in accordance with Article 28 GDPR. In this context, the service provider acts in accordance with instructions, which has been ensured by corresponding contracts. Your data is stored and processed in data centers in the EU or Germany. CleverReach uses SSL encryption and offers functions for anonymous collection and evaluation (e.g., opening rates), so that we do not need to carry out individual personal evaluations.
  3. Tracking & analysis (optional/anonymized)
    For shipping purposes, CleverReach may process technical data as part of newsletter reporting (e.g., opening or click statistics). This data is evaluated anonymously so that no conclusions can be drawn about individual persons.
  4. Rights of data subjects
    You have the right to obtain information about your personal data stored by us, as well as the right to correction, deletion, restriction of processing, and data portability. You can also revoke your consent at any time. The revocation is effective for the future. 

VIII. Email contact

Users can also contact employees of the Müritz National Park Office with any queries by email. In this case, the user's personal data transmitted with the email will be stored.

The data will be used exclusively for processing the conversation or responding to the query.

1. Legal basis for data processing

The legal basis for processing the data is Art. 6 (1) (a) GDPR if the user has given their consent.

The legal basis for processing the data transmitted in the course of sending an email is Art. 6 (1) (c), (e) GDPR.

If the email contact is aimed at concluding a contract, the additional legal basis for processing is Art. 6 (1) lit. b GDPR.

2. Purpose of data processing

In the event of contact by email, the processing of personal data serves solely to process your request and to establish contact.

3. Duration of storage

For requests by email, the storage of data is governed by the file management regulations for the state administration of Mecklenburg-Western Pomerania (Official Gazette M-V 2014, page 1212).

4. Right to object and right to erasure

Users may revoke their consent to the processing of their personal data at any time. If users contact us by email, they may object to the storage of their personal data. In such cases, the conversation cannot be continued.

All personal data stored in the course of establishing contact will be deleted in this case.


IX. Rights of the data subject

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

1. Right of access (Art. 15 GDPR)

You may request confirmation from the controller as to whether personal data concerning you is being processed by us.

If such processing is taking place, you can request the following information from the controller:

(1) the purposes for which the personal data is being processed;

(2) the categories of personal data being processed;

(3) the recipients or categories of recipients to whom the personal data concerning you has been or will be disclosed;

(4) the planned duration of storage of the personal data concerning you or, if specific information on this is not possible, criteria for determining the storage period;

(5) the existence of a right to rectification or erasure of personal data concerning you, a right to restriction of processing by the controller, or a right to object to such processing;

(6) the existence of a right to lodge a complaint with a supervisory authority;

(7) any available information on the source of the data if the personal data are not collected from the data subject;

(8) the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

You have the right to request information about whether personal data concerning you is being transferred to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Art. 46 GDPR in connection with the transfer.

2. Right to rectification (Article 16 GDPR)

You have the right to obtain from the controller the rectification and/or completion of your personal data if the processed personal data concerning you is inaccurate or incomplete. The controller shall carry out the rectification without delay.

3. Right to restriction of processing (Art. 18 GDPR)

Under the following conditions, you may request the restriction of the processing of personal data concerning you:

(1) if you contest the accuracy of the personal data concerning you for a period enabling the controller to verify the accuracy of the personal data;

(2) the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead;

(3) the controller no longer needs the personal data for the purposes of the processing, but you require it for the establishment, exercise, or defense of legal claims; or

(4) you have objected to processing pursuant to Art. 21(1) GDPR and it is not yet clear whether the legitimate grounds of the controller override your grounds.

If the processing of personal data concerning you has been restricted, such data may, with the exception of storage, only be processed with your consent or for the establishment, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

If the restriction of processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.

4. Right to erasure (Art. 17 GDPR)

a) Obligation to erase

You may request that the controller delete your personal data without delay, and the controller is obliged to delete this data without delay if one of the following reasons applies:

(1) The personal data concerning you is no longer necessary for the purposes for which it was collected or otherwise processed.

(2) You withdraw your consent on which the processing was based in accordance with Art. 6 (1) (a) or Art. 9 (2) (a) GDPR, and there is no other legal basis for the processing.

(3) You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.

(4) The personal data concerning you has been processed unlawfully.

(5) The erasure of personal data concerning you is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.

(6) The personal data concerning you has been collected in relation to the services offered by information society services pursuant to Art. 8 (1) GDPR.

b) Information to third parties

If the controller has made the personal data public and is obliged to erase it pursuant to Art. 17 (1) GDPR, it shall take reasonable steps, including technical measures, taking into account the available technology and implementation costs, to inform controllers who process the personal data that you, as the data subject, have requested them to delete all links to this personal data or copies or replications of this personal data.

c) Exceptions

The right to erasure does not apply if processing is necessary

(1) for exercising the right of freedom of expression and information;

(2) for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

(3) for reasons of public interest in the area of public health pursuant to Art. 9 (2) (h) and (i) and Art. 9 (3) GDPR;

(4) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89(1) GDPR, insofar as the right referred to in section a) is likely to render impossible or seriously impair the achievement of the objectives of that processing, or

(5) for the establishment, exercise or defense of legal claims.

5. Right to be informed (Article 19 GDPR)

If you have exercised your right to rectification, erasure, or restriction of processing against the controller, the controller is obliged to notify all recipients to whom your personal data has been disclosed of this rectification, erasure, or restriction of processing, unless this proves impossible or involves disproportionate effort.

You have the right to be informed by the controller about these recipients.

6. Right to data portability (Art. 20 GDPR)

You have the right to receive the personal data concerning you that you have provided to the controller in a structured, commonly used, and machine-readable format. You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where

(1) the processing is based on consent pursuant to Art. 6 (1) (a) GDPR or Art. 9 (2) (a) GDPR or on a contract pursuant to Art. 6 (1) (b) GDPR, and

(2) the processing is carried out using automated means.

In exercising this right, you also have the right to have the personal data concerning you transmitted directly from one controller to another controller, where technically feasible. The freedoms and rights of other persons must not be affected by this.

The right to data portability does not apply to the processing of personal data that is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

7. Right to object (Art. 21 GDPR)

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Art. 6(1)(e) or (f) GDPR; this also applies to profiling based on these provisions.

The controller will no longer process the personal data concerning you unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves to assert, exercise, or defend legal claims.

If the personal data concerning you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing purposes; this also applies to profiling insofar as it is related to such direct marketing.

If you object to processing for direct marketing purposes, the personal data concerning you will no longer be processed for these purposes.

In connection with the use of information society services, you have the option of exercising your right to object by means of automated procedures using technical specifications, irrespective of Directive 2002/58/EC.

8. Right to withdraw your consent to data processing (Art. 7 GDPR)

You have the right to withdraw your consent to data processing at any time. Withdrawing your consent does not affect the lawfulness of processing based on your consent prior to withdrawal.

9. Automated decision-making in individual cases, including profiling (Art. 22 GDPR)

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

(1) is necessary for entering into, or performance of, a contract between you and the controller,

(2) is authorised by Union or Member State law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or

(3) is based on your explicit consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) GDPR applies and appropriate measures have been taken to protect your rights and freedoms and legitimate interests.

With regard to the cases referred to in (1) and (3), the controller shall take appropriate measures to safeguard your rights and freedoms and legitimate interests, including at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

10. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant of the status and outcome of the
complaint, including the possibility of a judicial remedy
pursuant to Art. 78 GDPR.


X. Further general information

Protection of minors

Children and persons under the age of 18 should not transmit any personal data to us without the consent of their parents or legal guardians. We do not request personal data from children, do not collect such data, and do not pass it on to third parties.

Links to other websites

Our online offering contains links to other websites. We have no influence on whether their operators comply with data protection regulations.