Privacy Policy

Information in accordance with Article 13 GDRP.
(Last update: 30 September 2019)

1. General information and mandatory information

1.1. The party responsible for processing data on this website is:

Filmmakers for Future
Represented by:
Paul-Vincent Roll
Gürtelstraße 13
13088 Berlin
Germany

Telephone: +49 173 1626294
E-Mail: privacy@filmmakersforfuture.org

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

1.2. Revocation of your consent to the processing of your data

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient.

1.3 Right to file complaints with regulatory authorities

If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which we are located. A list of data protection officers and their contact details can be found at the following link: www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

1.4. Right to data portability

You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

1.5. SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

1.6. Information, blocking, deletion

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given above if you have further questions on the topic of personal data.

1.7. Underaged people

This website is not intended for people under 16 years of age. We do not knowingly process personal data of this group.

2. Data collection on our website

2.1. Server log files

Each time the website is accessed, we automatically collect and store information that your browser transmits to us in "server log files".

These are:

The basis for data processing is Art. 6 (1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

This data will be stored for fourteen days and not be merged with other data sources.

2.2. Session Cookie

When you visit the main page (containing the signature form) and our contact page, a session cookie is stored on your computer. It is only used to verify the correct captcha answer and is not used to track you.

The basis for data processing is Art. 6 (1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract.

A session is valid for 60 minutes at a time.

2.3. Signing the statement

You can sign a statement on our website. The input data will only be used for the purpose of listing you as a supporter and keeping you up to date if you choose to receive newsletters. The mandatory information requested during signing must be provided in full. Otherwise, we will reject your signature.

If you would like to sign our statement, we require a valid email address as well as information that allows us to verify that you are the owner of the specified email address and that you agree to sign our statement. In addition to an automatic check (link via email and verification of your email address via Mailgun) we may personally contact you via email to verify your signature.

If you are signing as a company please use an email address we can use to verify that you are entitled to decide on behalf of the company you entered. We may personally contact you via email or via phone to double check this.

Additionally the following data is collected:

The following data will be publicly published on our website alongside your signature:

For private individuals we only use the city you are located in order to determine what kind of information might be useful to you if you decide to sign up for our newsletter.

We will process the data provided during signing only based on your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with future effect. An informal email making this request is sufficient.

The data collected during signing will be stored for as long as you remain listed on our website. In case you want to have your signature removed, an informal email is sufficient.

2.4. Contact form

Our contact form allows you to easily send us an email.

The following data is collected:

We will process the data provided through the contact form only based on your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with future effect. An informal email making this request is sufficient.

2.5. Working Groups

We offer working groups to enable people to participate in Filmmakers for Future and to coordinate us using the open source tool HumHub. They can be found at groups.fm4f.org.

The following data are mandatory:

Optionally you can provide the following data categories:

Your full name, username and the optional data you provide will be visible to other members. The data will also be used for notification e-mails (e.g. "User X posted a new comment").

We will process the data provided based on your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with future effect by deleting your account.

2.6. Events

We use the open source tool Pretix at events.fm4f.org to issue tickets for events we host. We use the data you provided to send you your ticket. Furthermore we also use the data to remind you of the event shortly before it takes place and to inform you of any changes. After the event, we may use the data to send you a summary or follow-up information.

The following data are always mandatory:

You can optionally provide additional information (e.g. surveys about an event) when asked via a form during ticket booking.

We will process the data provided based on Art. 6 (1) (f) GDPR, which allows the processing of data to fulfill a contract or for measures preliminary to a contract and based on your consent per Art. 6 (1)(a) GDPR. You may revoke your consent at any time with future effect. An informal email making this request is sufficient.

The data collected during the booking process will be stored for a maximum of 60 days after the event. Once this period has expired, all data that we are not legally required to retain (e.g. invoicing data for reasons of financial auditability (Art. 17 (3)b GDPR)) will be deleted. Data that you have provided in the context of a survey while booking your ticket may be stored indefinitely in an anonymized form that cannot be linked back to you.

3. Newsletter

3.1. Newsletter data

For our newsletter we use the email and name you provided when signing our statement. We only use this data to send the requested information.

As mentioned above the cities you provided are being used to send you localized information that might be of interest to you. If you did not provide a city you will only receive the generalized newsletter.

We will process any data you enter into the signing form only with your consent per Art. 6 (1) (a) GDPR. You can revoke consent to the use of your email address and the cities you provided for sending the newsletter at any time, e.g. through the "unsubscribe" link in the newsletter.

The data you provided when signing the statement will be used to distribute the newsletter until you cancel your subscription.

4. Data processing by third party providers

4.1. Videos on our video page

The videos displayed on our videos page are hosted by third party services (YouTube and Vimeo). When playing one of those videos, a connection to their server is established.

This will only happen after and when you decide to click on one of the preview images on our videos page.

When you do the video provider will be told on which page you are watching the video from. In this way - if you are logged into your YouTube or Vimeo account - YouTube and Vimeo can personally assign your surfing behavior to you. You can prevent this by logging out of your YouTube and Vimeo account beforehand. If you want you can also right click on the images to copy the link to the video and manually open it in a new tab. This way YouTube and Vimeo won't know which page you are coming from. If a video is started, the providers use cookies that collect information about user behavior. Whoever has deactivated the saving of cookies for the Google Ads program will not have to reckon with such cookies when watching YouTube videos. However, YouTube and Vimeo also stores non-personal usage information in other cookies. If you wish to prevent this, you must block the storage of cookies in your browser. YouTube and Vimeo also obtains your IP address when watching a video.

4.1.1. YouTube

Videos hosted on YouTube are marked as such. When playing one of those videos, a connection to the servers of YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA is established.

Further information on data protection at "YouTube" can be found in the provider's data protection declaration under www.google.de/intl/de/policies/privacy/.

The use of YouTube is based on your consent (per Art. 6 (1) p. 1 lit. a GDPR) as well as on our legitimate interest (per Art. 6 (1) p. 1 lit. f GDPR) since it ensures that videos are watchable on a wide variety of browsers and internet speeds.

4.1.2. Vimeo

Videos hosted on Vimeo are marked as such. When playing one of those videos, a connection to the servers of Vimeo Inc., 555 West 18th Street, New York, New York 10011, USA is established.

Further information on data protection at "Vimeo" can be found in the provider's data protection declaration under vimeo.com/privacy.

The use of Vimeo is based on your consent (per Art. 6 (1) p. 1 lit. a GDPR) as well as on our legitimate interest (per Art. 6 (1) p. 1 lit. f GDPR) since it ensures that videos are watchable on a wide variety of browsers and internet speeds.

4.2. Mailgun

In order to verify your email address and send you emails we use the service Mailgun by Mailgun Technologies, Inc., 548 Market St. #43099 San Francisco, CA 94104.

We have entered into a data processing agreement and into the "EU standard contractual clauses" with Mailgun for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using Mailgun.

Mailgun Technologies, Inc. is certified under the EU-US Privacy Shield. The Privacy Shield is an agreement between the European Union and the US to ensure compliance with European data protection standards in the US (www.privacyshield.gov/participant?id=a2zt0000000PCbmAAG&status=Active).

The privacy policy of Mailgun can be found at: www.mailgun.com/privacy-policy

The use of Mailgun is based on our legitimate interest (per Art. 6 (1) p. 1 lit. f GDPR) since it ensures that emails (newsletters, signing verification etc.) are delivered reliably, securely and quickly without being mistakenly classified as spam.

4.3. Green Production Map

4.3.1. mapoftomorrow.org

The Green Production Map interface is hosted by mapoftomorrow.org. When loading the map, a connection to the servers of Ideen³ e.V., Knipsgasse 43, 54337 Alfter, Germany is established.

Further information on data protection at "Ideen³ e.V." can be found in the provider's data protection declaration under kartevonmorgen.org.

The use of mapoftomorrow.org is based on your consent (per Art. 6 (1) p. 1 lit. a GDPR).

4.3.2. Open Street Map

We use an API (Communication interface that allows software to talk to other software) hosted by the OpenStreetMap Foundation (OSMF) to look up the coordinates of search terms you enter into the search interface.
mapoftomorrow.org also uses services by OSMF to display the map you can see in the interface.
When loading the map, a connection to the servers of OpenStreetMap Foundation (OSMF), St John’s Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom is established.

Further information on data protection at the "OpenStreetMap Foundation (OSMF)" can be found in the provider's data protection declaration under wiki.osmfoundation.org/wiki/Privacy_Policy.

The use of Open Street Map is based on your consent (per Art. 6 (1) p. 1 lit. a GDPR).

4.4. phasedrei

We use phasedrei, Edenkobener Str. 12, 67067 Ludwigshafen am Rhein (https://phasedrei.de/) as our hosting provider.

The collected data mentioned in Section 2 is processed and stored on servers provided by phasedrei.

We have entered into a data processing agreement with phasedrei for the outsourcing of our data processing and fully implement the strict requirements of the German data protection authorities when using the services by phasedrei.

The privacy policy of phasedrei can be found at: https://phasedrei.de/datenschutz/

The use of phasedrei is based on our legitimate interest (per Art. 6 (1) p. 1 lit. f GDPR) in the efficient and secure hosting of this website.