Please also refer to the German page regarding our privacy policy updated in July 2024.

Data Privacy Statement of the Japanese-German Center Berlin
(As of July 2024)

The website jdzb.de is published by the Japanese-German Center Berlin
Japanisch-Deutsches Zentrum Berlin, Saargemünder Str. 2, 14195 Berlin

At the Japanese-German Center Berlin (hereinafter referred to as JDZB), we are serious about protecting your personal data. Therefore, we always process your data based on the current legal provisions of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act. 
Your data are stored on German servers based on an order data processing contract according to Article 28 GDPR.
In the following, we will provide detailed information on how we handle your personal data.
We reserve the right to adapt this Data Privacy Statement to the respective applicable data protection regulations to safeguard the legally compliant handling of your data.
Note: You can also print or save this Data Privacy Statement via the functions of your browser.

 

1. General

1.1. Data Controller
The responsible body for the collection, processing, use and deletion of your personal data is the Japanese-German Center Berlin (JDZB), an incorporated foundation in civil law
Saargemünder Str. 2, 14195 Berlin
Tel.: +49 (0)30 839 07 0, Fax: +49 (0)30 839 07 220, E-Mail: jdzb@jdzb.de

1.2. General information on the collection, processing, and use of your personal data
You can visit our website without providing information about your person. In this case, we only log general access data. These include the so-called log files, cf. Section 6. Your IP address will only be used if it is necessary to safeguard the legitimate interests of JDZB as a data controller, or a third party, and only to the extent that such interests outweigh the interests or fundamental rights or fundamental freedoms of the data subject requiring the protection of personal data. Examples include the prosecution of legal claims, as well as the public interest in investigating criminal offenses, and the prevention of electronic attacks (e.g. hacking, brute force attacks). JDZB collects, processes, and uses your personal data in accordance with data protection laws and the following provisions, or in accordance with your express consent.

The processing of your personal data is based on the following principles, cf. Art. 6 GDPR:
a) The processing serves the fulfillment of contractual obligations entered into by JDZB and the service providers selected by JDZB.
b) Processing is required after the legitimate interests of JDZB have been weighed against the legitimate interests of the respective customer.
c) Processing takes place based on your revocable consent. 
d) Processing takes place based on legal requirements. 
e) Processing is required to perform a task of public interest.

You can contact our data protection officer at dataprotection@jdzb.de or via mail at: Japanisch-Deutsches Zentrum Berlin (JDZB), Der Datenschutzbeauftragte, Saargemünder Str. 2, 14195 Berlin.

1.3. Your rights (known as data subject rights) and their respective legal basis
You have the right to
a) request information about the purpose of processing, the categories of processed data, possible recipients, and the planned duration your data are stored (known as right of access; Art. 15 GDPR ).
b) to demand the correction of incorrect data concerning you and the completion of incomplete personal data (known as right to rectification, Art. 16 GDPR).
c) to withdraw your consent to data processing at any time (known as right to withdraw consent, Art. 7 (3) GDPR)
d) to object to the processing of personal data concerning you at any time on grounds relating to your particular situation (known as right to object, Art. 21 GDPR) 
e) to have your personal data erased immediately (known as right to erasure/ right to be forgotten, Art. 17 GDPR) if
 (1) the personal data are no longer necessary in relation to the purposes for which they were collected
 (2) you withdraw your consent (see b)
 (3) you have objected to further processing (see c)
 (4) the personal data have been unlawfully processed
f) to obtain the restriction of processing, e.g. if you contest the accuracy of your personal data, oppose the erasure of your personal data, still need your data, or you have objected to data processing, and the verification of legal grounds is still pending (known as right to restriction of processing, Art. 18 GDPR)
(g) to receive the personal data you have provided to us in a structured format and have them transmitted to third parties (known as right to data portability, Art. GDPR)
(h) to lodge a complaint about data processing to the supervisory authority (known as the right to lodge a complaint with a supervisory authority, Art. 77 GDPR). The supervisory authority in charge of JDZB is the Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstraße 219, 10969 Berlin. Alternatively, you can contact the data protection authority in charge of your place of residence.
To exercise any of these rights, please make sure we can clearly identify your person, and address your claim to the contact listed under 1.1.
 

 

2. Purpose of data collection, processing and use

JDZB stores your data for the purposes of providing of our website, for the fulfilment and processing of contracts (Art. 6 Par. 1 lit. b, contractual obligations), for replying to your enquiries and for its own advertising purposes, e.g. sending out our newsletter or our mail magazine.

 

3. Newsletters and mailing lists

If you would like to receive the ECHO+ newsletter offered on the website or information via mailing lists, we require an email address from you as well as information that allows us to verify that you are the owner of the email address provided and that you agree to receive the newsletter. Other data is not collected or is only collected on a voluntary basis. We use the email marketing provider Brevo, as described below, to process the newsletter.
This website uses Brevo to send out newsletters. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.
Brevo is a service that can be used, for example, to organise and analyse the distribution of newsletters. The data you enter for the purpose of subscribing to the newsletter will be stored on the servers of Sendinblue GmbH in Germany.

Data analysis by Brevo

Brevo enables us to analyse our newsletter campaigns. For example, we can see whether a newsletter message has been opened and which links have been clicked on. This allows us to determine, among other things, which links have been clicked on particularly often.
We can also see whether certain predefined actions have been carried out after opening/clicking (conversion rate).
Brevo also allows us to “cluster” newsletter recipients based on different categories.
If you do not want to allow analysis by Brevo, you must unsubscribe from the newsletter. We provide a corresponding link in every newsletter message for this purpose.
Detailed information on the functions of Brevo can be found at the following link: https://www.brevo.com/de/newsletter-software/.

Legal basis

Data processing is based on your consent (Art. 6 Par. 1 lit. a GDPR). You can revoke this consent at any time. The lawfulness of the data processing that has already taken place remains unaffected by the revocation.

Retention period

The data you provide to us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter; it will be deleted from the newsletter distribution list after you have unsubscribed from the newsletter. Data that has been stored by us for other purposes remains unaffected by this.
Once you have unsubscribed from the newsletter distribution list, your email address may be stored in a blacklist by us or the newsletter service provider, if this is necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Par. 1 lit. f GDPR). The storage in the blacklist is for an indefinite period. You can object to the storage if your interests outweigh our legitimate interest.
For more information, please refer to Brevo’s privacy policy at: https://www.brevo.com/de/datenschutz-uebersicht/ and https://www.brevo.com/de/legal/privacypolicy/.
 

4. Disclosure of personal data

We will only disclose your personal data to third parties if and to the extent to which you consent to it. We will not disclose your personal data for advertising purposes.
In addition, your data will be disclosed to third parties to the extent that JDZB is legally required to do so according to Art. 6, Par. 1, s.1 lit.d GDPR due to legal requirements or enforceable court or administrative orders.

5. Server log files

Every time you access our website, usage data are transferred by the respective internet browser and stored as what is known as server log files. The data sets stored in this process contain the following data: date and time of the retrieval, name of the page accessed, referrer-URL, data volume transferred, and product and version information of the browser used.
Users’ IP-addresses are collected solely in an anonymous format. To achieve this, the IP-addresses are changed so individual data concerning personal or factual circumstances can no longer be associated with an identified or identifiable natural person, or only with a disproportionate amount of time, cost, and manpower. JDZB evaluates log files to better tailor our offer to you and your needs, to find and fix bugs more quickly and to improve JDZB’s offer in general. In accordance with Art. 6, Par. 1 s.1 lit. f GDPR, the evaluation serves the preservation of our legitimate interest in the proper presentation of our website, which predominates in the context of a balance of interests.
The log files are stored for up to 14 days and then deleted. Any additional storage will only occur in exceptional cases, to prosecute legal claims, investigate criminal offenses, or prevent electronic attacks (e.g. hacking, brute-force attacks).

6. Volume of personal data processed - Matomo

On our website, we use the open-source web analytics software tool Matomo (formerly PIWIK) to evaluate browsing habits on our website. With Matomo, no data are transmitted to servers outside JDZB’s control. Without your consent, Matomo does not collect data about your session.
Matomo uses cookies. These small text files are stored on your computer and enable JDZB to analyze the use of our website. To this end, the information gained from cookies is transmitted to JDZB’s server and stored to analyze the behavior of page usage. At JDZB, we understand this analysis as part of our internet service. The aim is to improve our website and keep tailoring it to our users’ needs. If you agree to a web analysis using Matomo, the following data are collected as you access individual parts of our website:
(1)    2 bytes of the user’s IP address
(2)    The website accessed
(3)    The website from which the user has entered the website (referrer)
(4)    The sub-pages accessed from the website
(5)    The access duration
(6)    The frequency of accessing the website
This software runs exclusively on our website servers. User’s personal data are only stored there. Data are not transmitted to third parties.

 

7. Volume of personal data processed - Vimeo

On our website, we integrate the service "Vimeo", which is provided by Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA.
On some of our pages, we use plugins of the provider Vimeo. If you call up the pages of our online offer provided with such a plugin, a connection to the Vimeo servers is established and the plugin is displayed. This transmits to the Vimeo server which of our pages you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal user account. When using the plugin, such as clicking on the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo. The USA is a third country in the sense of the General Data Protection Regulation and there is no adequacy decision between the EU and the USA. We inform you that there is a risk that the intelligence service and, in individual cases, the authorities may access the personal data.
The privacy policy of Vimeo Inc. can be viewed here: vimeo.com/privacy
The data is processed on the basis of your consent pursuant to Art. 49 para. 1 lit. a.

 

8. Scope of processing of personal data - guestoo

You have the option on our website of registering for events organised by us and sometimes in cooperation with third parties (partners). We use the guestoo cloud solution to make reservations. The provider is code piraten UG, Am Ruhmbach 44, 45149 Essen (hereinafter referred to as “guestoo”).
For the purposes of organising and holding the event, you enter the requested data into the form provided for this purpose. The data entered will be used for the planning, implementation and, if necessary, for the follow-up of the event. The legal basis for data processing is Art. 6 Par. 1 lit. f GDPR. We have a legitimate interest in making events as uncomplicated as possible with interested parties and customers. If consent has been requested, Art. 6 Par. 1 lit. a GDPR is the legal basis for data processing; consent can be revoked at any time. If we hold individual events together with partners and assume sole responsibility for organisation of the event, we will ultimately transmit the respective final guest list, including the collected data and the participation status, to the respective partner. We carry out this transfer on the basis of the overriding legitimate interest of the respective partner in accordance with Art. 6 Par. 1 lit. f GDPR.
Within guestoo, we process and store your data for the duration of the organisation (including corresponding preparation and follow-up) of the respective event. Any existing statutory retention obligations remain unaffected by this. We will delete your data from guestoo within one year of the end of the event, unless you have been invited to an event again.
You will find more information on the use of your data on this website in guestoo’s privacy policy: www.guestoo.de/datenschutzerklaerung.
We have concluded a data processing agreement (DPA) with guestoo. This is a contract required by data protection law that ensures that guestoo processes the personal data of our website visitors only in accordance with our instructions and in compliance with the GDPR.
 


9. Scope of processing of personal data - stripe

We offer the option of implementing payment through the payment service provider Stripe, c/o Legal Process, 510, Townsend St., San Francisco, CA 94103 (Stripe). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to Stripe insofar as it is necessary for the performance of the contract (Art. 6 para. 1 lit. b. GDPR).
Cardholder name
Email address
Customer number
Order number
Bank details
Credit card details
Credit card expiry date
Credit card security code (CVC)
Date and time of transaction
Transaction amount
Provider name
Location
The processing of the data provided under this section is not required by law or contract. We will not be able to process a payment through Stripe unless you submit your personal information. [You have the option of choosing a different payment method.]
Stripe has a dual role as a controller and processor in data processing activities. As a controller, Stripe uses your submitted data to comply with regulatory obligations. This corresponds to Stripe’s legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the performance of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). We have no influence on this process.
Stripe acts as a processor in order to be able to complete transactions within the payment networks. In the context of the processing relationship, Stripe acts exclusively according to our instructions and has been contractually obliged to comply with the data protection regulations within the meaning of Art. 28 GDPR.
Stripe has implemented compliance measures for international data transfers. These apply to all global activities in which Stripe processes the personal data of individuals in the EU. These measures are based on the EU Standard Contractual Clauses (SCCs).
You will find more information on options for objection and deletion vis-à-vis Stripe at: https://stripe.com/privacy-center/legal
Your data will be stored by us until the payment processing is completed. This includes the time required to process refunds, receivables management and fraud prevention. [In accordance with Section 147 AO / Section 257 HGB, we have a statutory retention period of 10 years for the following documents: Invoices]
 

10. Scope of processing of personal data - PayPal
We offer the option of implementing payment through the payment service provider PayPal (PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg). This corresponds to our legitimate interest in offering an efficient and secure payment method (Art. 6 para. 1 lit. f GDPR). In this context, we pass on the following data to PayPal insofar as it is necessary for the performance of the contract (Art. 6 para. 1 lit. b. GDPR).

First name
Surname
Address
Email address
Phone number

The processing of the data provided under this section is not required by law or contract. We will not be able to process a payment through Paypal unless you submit your personal information. [You have the option of choosing a different payment method.]
PayPal carries out a credit check on various services such as direct debit payment to ensure your willingness and ability to pay. This corresponds to PayPal’s legitimate interest (pursuant to Art. 6 para. 1 lit. f GDPR) and serves the performance of the contract (pursuant to Art. 6 para. 1 lit. b GDPR). For this purpose, your data (name, address and date of birth, bank account details) will be passed on to credit agencies. We have no control over this process and only receive the result of whether the payment has been made, declined or a review is pending.

You will find further information on objection and deletion options vis-à-vis PayPal at: https://www.paypal.com/de/webapps/mpp/ua/privacy-full

Your data will be stored by us until the payment processing is completed. This includes the time required to process refunds, receivables management and fraud prevention. [In accordance with Section 147 AO / Section 257 HGB, we have a statutory retention period of 10 years for the following documents: Invoices]

 

11. Storage duration

JDZB will only store your data for as long as it is necessary to provide our services, or we have a legitimate interest in further storage that exceeds your interest in deleting them. In addition, we store data as long as we need them to fulfill our contractual obligations as well as our legally defined data retention periods.

12. Right to object

If you wish to object to the collection, processing and use of your data by JDZB for the future in general or for individual measures, you can send your objection by e-mail, fax or letter to the following contact:
Japanisch-Deutsches Zentrum Berlin (JDZB)
Der Datenschutzbeauftragte
Saargemünder Str. 2, 14195 Berlin
Tel.: +49 (0)30 839 07 0, Fax: +49 (0)30 839 07 220
E-Mail: dataprotection@jdzb.de

After exercising your right to object, we will not process your personal information unless we are required to do so by law or an overriding interest on JDZB’s behalf in the enforcement, exercise or defense of legal claims applies.