The author of this site is responsible for all privacy matters and are also the “controller” fo the data under the provisions of the General Data Protection Regulation (GDPR).
I’ll use your personally identifiable information (or “data”, in the following) only under the strict regulations of the GDPR and in the ways explained stated in this policy.
You will find the full contact information of the responsible person(s) in our imprint; and you can quickly get in touch concerning privacy matters by using the email address email@example.com.
You have the following rights under the GDPR. By contacting me through any of the above-mentioned channels you can:
- Get information about what data is stored on you and how it’s processed and used
- Have me correct data I have on you, if it is incorrect
- Request that I delete any data I have on you, or
- Block access to your data if I need to retain it for legal reasons
- Object to the processing of your data
If you gave me explicit consent to use your data for a particular purpose you can at, any time, revoke that consent for any future use.
You also have the right to your supervisory authority if you think that something is amiss. You can contact the “Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstr. 219, 10969 Berlin”, or the supervisory authority of your home country or region, if you live in the EU.
What data do is collected, and why?
In general, the only data that is collected is that necessary to operate and improve this website and ensure the safety and integrity of the systems.
I will only collect additional from you only if that is necessary for a specific purpose.
In the following, I’ll list what types of data are collected, how and when this happens, and for which purpose.
Deletion and blocking of your data
In general, your data is retained only as long it’s needed for a specific purpose.
Below you’ll find more details for each type of data.
Data necessary to operate this web site
Once you access any website, some data including your IP address is sent to the server(s) that contain the content of the web site. Your IP address can, under certain circumstances, be used to identify you as a person.
As this data transfer is necessary for the web site to work at all, so it is in our legitimate interest (Art. 6 (1) f GDPR) to process it.
This data is shared with all service providers (“processors” under the GDPR) who are involved in providing content for this web site.
- Our web hoster. This site is hosted with Netlify. They will receive only your IP address, and use it only to send you the pages. We have signed a Data Processing Addendum with them, that governs how they will use your data.
- Maps on this page are provided by Mapbox. They use the data only within the terms of the Data Processing Agreement that we have with us in order to provide embedded maps.
Objecting the use of your data: Since processing the data is neccessary for the web site to function at all, you can only “object” to the use of the data by not visiting it. (There are ways to mask your IP address (such as VPNs), but they are beyond the scope of this policy).
Deletion of the data: This type of data is normally deleted shortly within a few hours or days within using the site. With our current setup any log files that may are only accessible by technical staff of our processors – we ourselves do not have access.
Cookies are small text files that are stored on your browser and sent back to the web site when you visit again. This can be used to recognize a certain user.
Commenting, contacting us and emails
When you send me an email, I will collect your name, email address and the data contained in the message(s) you sent me. You may also indicate if you would like me to publish your comment/opinion or not.
I will use this data to contact you regarding your request and to publish your comment/opinion on our site if you allow me to do so. I may use this data as it is in our legitimate interest (Art. 6 (1) f GDPR) to answer user requests and provide additional opinions to to our readers.
Processors for this type of data data:
Deletion of your data: Data for published comments will be stored as long as the comment is public, and delete afterwards unless were are legally obliged to store it longer. Private correspondence will be deleted upon request, or after 24 months, unless I have to retain it due to legal obligations.
Note that I will not usually delete published user content unless you have an important reason for asking me to do so. You may also ask me to remove publicly visible information about you from comments.
Objecting to the use of this data: You can chose to not send me any messages, in which case I will not process it.
When you subscribe to the newsletter, you will receive regular updates and news about theurbananimals.com. Your email will not be used for other purposes.
By signing up, you give me permission to store and use your email address for that purpose and to use tracking pixels and – links to see wether you’ve opened the mail or clicked any links (Art. 6 (1) a GDPR).
Objecting to the use of this data: You can unsubscribe to the newsletter at any time, by clicking the unsubscribe link in the mail. I will not send you any further updates after you unsubscribe.
You can prevent being tracked by not loading any images in the newsletter, and not clicking any links.
Deletion of your data: You can ask me to delete your information at any time. Obviously, I’ll also have to unsubscribe you from the newsletter in that case.
However, I need to retain the information that you gave me consent in the first place as this is something that I may have to prove under the GDPR.
What data is transferred to third countries outside of the EEA or the EU?
If possible, I prefer hosting locations within the EU. However, all of the service providers used have data centers outside of the EU.
This means that it is possible that some data is transferred to third countries which have lower privacy standards than the EU.
In all of those cases I have additional guarantees that an EU-compliant privacy level is upheld for your data.
- Netlify may process data outside of the EEA. Privacy standards are guaranteed through the EU Standard Contractual Clauses I signed with with them
- Mapbox is based in the United States. Privacy standards are guaranteed through the EU Standard Contractual Clauses and their DPA.
- Sendgrid is based in the United States. Privacy standards are guaranteed through EU Standard Contractual Clauses and their DPA.
- Mailchimp is based in the United States. Privacy standards are guaranteed through their Privacy Shield certification.
Facebook can only collect that information if you visit that page, no information about visitors of this site is ever shared with Facebook: I do not include any Facebook code or tracking.
Facebook will provide some statistical information about visitors to our Facebook page to me. This data is not personally identifiable.
If you have any questions concerning your privacy, you can reach me at firstname.lastname@example.org.
Note that I’m not required to have an appointed data protection officer under Art 37.(1) of the GDPR – but I’ll be happy to answer any questions nonetheless.
Last updated on 10/23/2022