This data protection statement is intended to inform you about the manner, scope, and purpose of personal data processing on our website. Personal data refers to any data that has a personal reference to you, such as your name, address, or email address or information about your user behaviour.
Party responsible for data processing
Kulturamt der Stadt Kempten (Allgäu)
Martin Fink, MA (chief officer)
Memminger Str. 5
87439 Kempten (Allgäu)
Contact data for the data protection officer
Stadt Kempten (Allgäu)
87435 Kempten (Allgäu)
Tel.: 0831/2525 – 1085
Fax: 0831/2525 – 1015
To maintain our online presence, we make use of an internet service provider (ISP) whose server hosts the website and makes it accessible on the internet. The ISP processes a range of data on our behalf: contact data, content data, contract data, usage data, inventory data, metadata, and communication data.
Name and address of the ISP
1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany. The company’s data protection regulations (in German) can be viewed here: https://hosting.1und1.de/terms-gtc/terms-privacy/
The legal basis for the aforementioned data processing is our legitimate interest in making our online presentation efficient and secure, Art. 6(1f) GDPR in conjunction with Art. 28 GDPR (“Processor”).
Should you only use our website for information purposes, our ISP only collects the personal data transmitted to the server by the browser you are using. The following data is collected:
- IP address
- The date and time our website was accessed
- Time zone difference to Greenwich Mean Time (GMT)
- Access status (HTTP status)
- The volume of transmitted data
- The ISP of the accessing system
- The type and version of the browser you are using
- The operating system you are using
- The website from which you accessed our website (if relevant)
- The pages or sub-pages that you visit on our website.
The above data is stored on our ISP’s servers in the form of log files. This is necessary in order to display the website on the end device you are using and to ensure stability and security. Our legitimate interest in data processing is based on the purposes described above.
The legal basis is Art. 6(1f) GDPR.
The above data necessary for the provision of our website is stored for a period of 7 days and then deleted.
As processing of the above data is absolutely necessary for the provision of our internet presence, no right of objection exists.
The purpose of cookies is to make our website more user-friendly. Some elements of our website require that the browser seeking to establish a connection can be identified even after changing pages. Information on language settings or log-in details may be stored in these cookies.
Our legitimate interest in data processing is based on the purposes described above. The legal basis for this is Art. 6(1f) GDPR.
As the cookies are stored on your computer, you also have full control over how cookies are used. You may use your browser’s security settings to determine whether cookies are stored at all. For example, you can choose not to accept cookies from the outset, accept them only on request, or specify that they are to be deleted each time you close your browser. If cookies are deactivated for our website, it may not be possible to use all our website’s functions to their full extent.
We erase or block your personal data as soon as the purpose for storing it has been achieved or no longer applies. Any storage beyond this period will only be undertaken if we are required to do so by German or European regulations. In this case, the data will be blocked or erased when the storage period mandated by the regulations in question has expired, unless we require your data to fulfil a contract concluded between us or it is necessary to assert, exercise, or defend legal claims.
Contact via contact form, email, social media, or telephone
Should you use the contact form offered on our website or contact us by email, telephone, or social media and provide us with your personal data, this data will be stored automatically and processed by our institution in order to deal with your enquiry. This data is only processed for the purposes of communicating with you. The data is transmitted via an encrypted SSL connection. Your data will not be transferred to third parties.
We require your name in order to address you in our response. We require your email address in order to reply to your enquiry. We require your telephone number to be able to respond to your call-back request.
The legal basis is Art. 6(1a) GDPR.
The personal data we collect will be deleted once it is no longer necessary. Every two years we review whether it is necessary to keep your data. You also have the option at any time to withdraw your consent to our processing of your data.
You can prevent the storing and processing of your personal data by avoiding the use of our contact formula.
Your rights as a user of our website as per the GDPR
- Right of access
Pursuant to Art. 15 GDPR, you may request confirmation as to whether we process your personal data and what data is involved. In addition, you can request information from us free of charge concerning the purposes for which the data is processed, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, and the existence of a right to rectify or erase your data, to limit the processing of it, or to withdraw your consent to this, and the existence of a right to file a complaint. You may also request information about where your data originated from if it was not collected by us. Furthermore, you have the right to be informed whether your personal data has been transferred to a third country or to an international organisation. Should this be the case, you have the right to obtain information about the appropriate safeguards relating to the transfer.
- Right to rectification
Pursuant to Art. 16 GDPR, you can request that personal data stored by us be corrected if it is inaccurate or completed if incomplete.
- Right to erasure
Pursuant to Art. 17 GDPR, you have the right to demand the erasure of personal data stored by us as long as it is unnecessary for us to process this data for the following purposes: to comply with a legal obligation; to assert, exercise, or defend legal claims; to exercise the right to freedom of expression and information; or for reasons of public interest as stipulated in Art. 17(3c,d) GDPR.
- Right to restriction of processing
Pursuant to Art. 18 GDPR, you have the right to demand the restriction of how your personal data is processed if:
- you contest the accuracy of data for a period of time that allows us to verify its accuracy;
- he processing of your data is unlawful, but you prefer not to have it erased and request instead that use of the data be restricted,
- e no longer require the personal data for processing purposes, but you require the data in order to assert, exercise, or defend legal claims;
- pursuant to Art. 21 GDPR, you have objected to the processing of your data, but it has not yet been determined whether your rights are outweighed by the legitimate grounds that entitle us to continue processing said data despite your objection.
- Right to information
If you have exercised the right to rectification, erasure, or restriction of processing, we are obliged to inform all those to whom your personal data has been disclosed of the rectification or erasure of said data or your request that the processing of said data be restricted, unless this proves impossible or involves a disproportionate effort. You have the right to be informed by us about the parties involved.
- Right to data portability
Pursuant to Art. 20 GDPR, you may ask to receive the personal data that you have provided to us in a structured, commonly used, and machine-readable format or request that we transfer it to another responsible party.
- Right to lodge a complaint
Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. If you are of the opinion that the processing of your personal data violates the GDPR, you have the right to lodge a complaint with the supervisory authority without prejudice to other legal remedies.
You can reach this authority using the following contact details:
Landesbeauftragter für den Datenschutz in Bayern
Postfach 22 12 19
- Right of withdrawal
Pursuant to Art. 7(3) GDPR, you have the right to withdraw your consent to the processing of your data at any time. Your declared withdrawal does not affect the lawfulness of any processing of your personal data that took place before the withdrawal request was made.
- Right to object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data which is carried out on the basis of a weighing of interests, as per Article 6(1f) GDPR. This is particularly the case if said data processing is not required for the fulfilment of a contract. If you exercise your right of objection, we ask you to explain your reasons for doing so. We will then no longer process your personal data unless we can prove to you that there are compelling reasons for said data processing that merit protection and outweigh your interests and rights.
Irrespective of the above, you have the right to object to the processing of your personal data for the purposes of advertising and data analysis at any time.
Please send any objections to the contact address of the responsible party named above.
Use of Google Maps components
On our website we use components of “Google Maps”, a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter referred to as “Google”).
Google Maps visually displays geographical information. In doing so, Google collects and processes the visitor’s IP address. This is transmitted to Google regardless of whether Google Maps is actually used or you are logged into your Google account. Your IP address will be assigned to your Google account if you are logged into this account when you visit our website. This data is transferred to external Google servers in the USA. Google is a participant in the Privacy Shield agreement and is certified to process data in accordance with European standards. Google may pass on data collected via this technical procedure to third parties.
The integration of Google Maps serves to simplify visualisation and navigation when visiting our site. Google processes data for the purposes of advertising, market research, website design, and the provision of targeted advertising.
The legal basis for the aforementioned usage of data is Art. 6(1f) GDPR.
Information on the third-party provider
Headquarters within the EU: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
Data protection regulations
Use of social media plug-ins
Our website uses what are known as social media plug-ins in the form of “social media buttons” from the providers listed below. You can recognise which plug-in belongs to which provider by the respective logo with which the plug-in is marked.
To ensure that data is not automatically transmitted to the plug-in provider when you visit our pages, we use the “Shariff solution”. Collection of information and its transmission to the provider is triggered only when you click on the respective “social media button”. Data can be sent to the associated provider by clicking the button even if you do not have an account with the respective social network or are not logged into your account.
The provider may store and analyse the data it collects in order to create a user profile of you for the purpose of advertising and market research. You have a right to object to the creation of such user profiles. To exercise this right, you must contact the plug-in provider.
You can find out the purpose and extent of data collection by the provider in their respective data protection statements, which are provided below.
We ourselves do not collect any personal data via social media plug-ins or log data on how they are used. We have no influence on what data an activated plug-in collects and how the provider uses this data.
We use social media plug-ins from the following companies on our website:
Google Plus is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Headquarters in the EU: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001
Link to data protection statement: https://policies.google.com/privacy?hl=en
Instagram is a service of Instagram LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA
Link to data protection statement: https://help.instagram.com/155833707900388
Facebook is a service of Meta, 1601 S. California Ave, Palo Alto, CA 94304, USA
Headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Link to data protection statement: https://www.facebook.com/about/privacy/
Use of the Matomo Analytics analysis tool
On our website we use Matomo Analytics, a web analysis service of InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand (“Matomo”).
Matomo Analytics collects, among other things, data about the website from which you accessed our website (“referrers”), which subpages of the website you accessed, how often and for how long a subpage was viewed, and which interactions you performed. Mamoto Analytics uses “cookies” for this purpose. These are small text files that are stored by the web server on the user’s computer when a website is visited. These files store data about the user’s behaviour. Such data is stored exclusively on our own servers in Germany. There is no transmission of data to third parties. We use the AnonymizeIP function to anonymise your IP address. The IP address is shortened and can no longer be matched to your visit to our website. Mamoto does not assign or link any other transmitted information to the anonymised IP address. The use of Mamoto enables us to evaluate the information obtained and create statistical reports on the type and extent of website usage. These statistics enable us to constantly improve our website, to perform cost-benefit analysis of our internet marketing, and to make our website more interesting and user-friendly for you as a user.
The purpose of our use of Mamoto Analytics is the abovementioned interest in the evaluation of user data.
The legal basis for the data usage described above is Art. 6(1f) GDPR.
You can prevent cookies from being stored by setting an “opt-out cookie”, which prevents the future collection of your data on our website. If you wish to do so, please click on the box at the bottom of the page. Please note that if you do so, you may no longer be able to use all the functions of our website to their full extent. To ensure that data is no longer transferred, the opt-out cookie must be installed on each of the systems you use. You can also prevent the storage of cookies in your browser settings.
Information on the third-party provider
Data protection statement: https://matomo.org/privacy/
In addition, we carry out technical and organisational security measures in accordance with the most up-to-date technologies in order to comply with the provisions of data protection laws and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or against unauthorised access by third parties.
Current validity and changes to this data protection statement
This data protection statement is currently valid as of April 2023. This data protection statement may need adjusting in response to future changes to the legal or regulatory stipulations.
This data protection statement was generated with the aid of the SOS Recht data protection statement generator. SOS Recht is a service of MMR Müller Müller Rößner Rechtsanwälte Partnerschaft located in Berlin.
The content and works created on these pages by the website operators are subject to German copyright law. Reproduction, processing, distribution, and any kind of usage beyond the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of this website are only permitted for private, non-commercial use. Insofar as the content on this website was not created by the operator, the copyrights of third parties are respected. Third-party content is identified as such. Please inform us should you become aware of any copyright infringement, notwithstanding our every effort to avoid this. If we are made aware of any such infringements, we will remove any such content immediately.
Our presence on social media
We maintain an online presence on social media and, as part of this presence, we process user data in order to communicate with users who are active on these networks or to present information about us.
- Our presence on Instagram: https://www.instagram.com/apc.kempten
- Our presence on Facebook: https://www.facebook.com/apc.kempten.offiziell
We would like to point out that user data may be processed outside the European Union. This may result in risks for users because this may make it more difficult for the rights of the users to be enforced.
Additionally, user data on social media is generally processed for the purposes of market research and advertising. For example, usage profiles can be created based on user behaviour and the interests this behaviour reveals. These usage profiles can be used, for example, to place advertisements that are presumed to correspond to the users’ interests both within and outside the networks. To achieve this, cookies recording user behaviour and their interests are usually stored on the users’ computers. User data may also be stored in usage profiles that are independent of the devices they use (especially if the users are members of the respective platforms and are logged into them).
For a detailed overview of the individual forms of processing and options for objecting (opt-outs), we refer you to the respective networks’ data protection statements and information provided by the operators.
Should you decide to request information and assert data subject rights, we would like to point out that these can be asserted most effectively in direct communication with the providers. Only these providers have access to user data and can take appropriate measures and provide information directly. Please contact us if you require further assistance.
Types of data processed
Contact data (e.g. email, telephone numbers); content data (e.g. online form entries); usage data (e.g. websites visited, interest in content, access times); metadata / communication data (e.g. device information, IP addresses)
Users (e.g. website visitors or users of online services)
Contact requests and communication; feedback (e.g. collecting feedback via an online form); marketing
Legitimate interests as per Art. 6(1f) GDPR
Additional information regarding processing operations, procedures, and services