Privacy policy
Data protection information on the use of the FundraisingBox donation form
On our website we use the donation form of the FundraisingBoxa service of the wikando GmbHSchießgrabenstr. 32, 86150 Augsburg, Germany, to offer you a simple and secure way to make donations. When using the form, personal data is processed in accordance with the requirements of the General Data Protection Regulation (GDPR).
1. Processing of personal data
If you donate via the embedded FundraisingBox form, personal data such as name, address, e-mail and payment information will be collected. This data is processed exclusively for the purpose of processing the donation. The processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR (fulfillment of contract).
Responsible for data processing in this case is FundraisingBox as the processor in accordance with Art. 28 GDPR. There is an order processing contract between us and FundraisingBox, which ensures that your data is handled in compliance with data protection regulations.
2. Cookies and local storage
FundraisingBox uses cookies and local storage to operate the donation form:
- Cookies: The donation form uses cookies to ensure secure and stable use. These are used, for example:
- AWSALBCORSServes to distribute the server load.
- boxSaves an anonymized user session that does not contain any personal data.
Depending on the payment method selected, cookies may also be set by third-party providers such as payment service providers (e.g. Stripe). Further information on this can be found in the respective privacy policies of the payment providers.
- Local Storage: The donation form uses the browser's local storage to temporarily store data before the donation process is completed. This data remains locally on your device and is not transmitted to FundraisingBox unless you complete the transaction.
3. Security measures
FundraisingBox uses state-of-the-art security and encryption technologies to ensure the security of your data. All data transfers are encrypted using the HTTPS protocol. The FundraisingBox servers are located in highly secure data centers in Germany and meet the requirements of PCI DSS certification.
4. Purpose of data processing
Your personal data is processed exclusively for the purpose of processing donations and fulfilling the associated legal obligations (e.g. documentation obligations). The legal basis for this is Art. 6 para. 1 lit. b GDPR.
5. Storage duration
Your personal data will only be stored for as long as is necessary for the purpose of processing the donation and then deleted in accordance with the statutory retention obligations.
6. Your rights
You have the right to request information about your personal data processed by us at any time, as well as the right to rectification, erasure or restriction of processing of your data. In addition, you have the right to object to the processing or to request data portability.
Further information on data protection at FundraisingBox can be found at: FundraisingBox Privacy policy.
WordPress plugins
We use various WordPress plugins on our website, which is based on the WordPress content management system, to optimize the functionality and user-friendliness of our website. WordPress is developed and provided by Automattic Inc, 60 29th Street #343, San Francisco, CA 94110, USA (EU representative: Aut O'Mattic A8C Ireland Ltd, Grand Canal Dock, 25 Herbert Pl, Dublin, D02 AY86, Ireland).
WordPress enables companies to create websites using the modular principle. Automattic Inc. provides the technical infrastructure, hosting and anti-spam measures.
Plugins used and their functions:
The following plugins provide additional functions for our website. These functions are executed on the user's device and help to improve the user experience.
Data collection through plugins:
Depending on the Automattic Inc. plugin used, the following personal data may be collected and processed:
- Names
- E-mail addresses
- IP addresses
- Referrer URL (source from which you came to our website)
- Date and time of the request
This data may be transferred to Automattic Inc. servers in the USA and stored there. The USA is a so-called third country without an adequacy decision by the EU Commission, which means that there is no comparable level of data protection as in the EU. Automattic Inc. may pass this information on to third parties if this is required by law or if third parties process this data on behalf of Automattic Inc.
Legal basis for data processing:
- Consent (Art. 6 para. 1 lit. a GDPR): When we obtain your consent to use certain third-party plug-ins.
- Legitimate interest (Art. 6 para. 1 lit. f GDPR): We have a legitimate interest in using a modular system to create and manage our website. This enables easy operation and maintenance, allowing us to offer you a user-friendly and informative website.
Data transmission and storage:
The transfer of personal data to Automattic Inc. takes place on the basis of standard contractual clauses. Automattic is also a participant in the EU-U.S. Privacy Shield Framework, which regulates the secure transfer of data. Further information can be found at Privacy Shield.
Your rights and options to object:
If you do not want Automattic Inc. to collect data via our website, you can prevent or restrict the storage or installation of cookies by making the appropriate settings in your browser software. Cookies that have already been saved can be deleted at any time. Please note that deactivating cookies may limit the functionality of our website.
Further information:
For detailed information on the use of data by Automattic Inc. and your options to object, please visit the following websites:
The following plugins are used on this website:
WordPress plugin Yoast SEO
Processing of personal data by Yoast SEO
The Yoast SEO plugin helps to optimize your website for search engines without collecting or storing personal data of your website visitors. Here are the most important points on data processing in connection with Yoast SEO:
Data collected:
- Yoast SEO does not collect any personal data from you or your website visitors.
- Technical data may be collected, such as the type of browser used, operating system and theme usage, but only if users have explicitly consented to the collection of this data.
Use of the data:
- The data collected is used exclusively to improve the website and to analyze website performance.
- Yoast SEO does not store or process any personal data on its own servers.
Legal basis:
- Data processing by Yoast SEO is based on the consent of the user, who must explicitly agree to the collection of technical data (Art. 6 para. 1 lit. a GDPR).
Further information: For detailed information on data processing by Yoast SEO and how to exercise your rights, please visit the Yoast Privacy Policy https://de.wordpress.org/plugins.
WordPress Plugin Readabler
Processing of personal data by Readabler
The WordPress plugin Readabler improves the accessibility of your website for people with various disabilities. Here are the most important points on data processing in connection with Readabler:
Data collected:
- Readabler does not collect any personal data from you or your website visitors.
- Technical data such as the type of browser used, operating system and language settings can be processed to optimize accessibility.
Use of the data:
- The technical data collected is used exclusively to improve the user-friendliness and accessibility of the website.
- Readabler does not set any cookies and does not store any personal information on its own servers.
Legal basis:
- Data processing by Readabler is carried out on the basis of legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR to ensure the accessibility of the website for all users.
Further information: For detailed information on data processing by Readabler and how to exercise your rights, please visit https://readabler.merkulov.design/.
WordPress plugin UpdraftPlus
Processing of personal data by UpdraftPlus
The WordPress plugin UpdraftPlus allows you to create and manage backups of your website. Here are the most important points on data processing in connection with UpdraftPlus:
Data collected:
- UpdraftPlus does not store any personal data of your website visitors.
- Technical data and backup information, such as file sizes and storage locations, are processed to manage and perform backups.
- When using third-party providers to store backups (e.g. Dropbox, Google Drive), these services may also process data. UpdraftPlus acts as an intermediary here and has no direct access to this data.
Use of the data:
- The technical data collected is used exclusively to create, manage and restore backups.
- UpdraftPlus does not set any cookies and does not store any personal information on its own servers.
Legal basis:
- Data processing by UpdraftPlus is carried out on the basis of legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR in order to ensure the backup and restoration of the website.
Further information: For detailed information on data processing by UpdraftPlus and how to exercise your rights, please visit the https://updraftplus.com/data-protection-and-privacy-centre/
WordPress plugin WP Mail SMTP
Processing of personal data by WP Mail SMTP
The WordPress plugin WP Mail SMTP improves the deliverability of emails sent from your website. Here are the most important points on data processing in connection with WP Mail SMTP:
Data collected:
- WP Mail SMTP Lite: Saves only plugin settings in the database of your website.
- WP Mail SMTP Pro: Can optionally store email logs in your website's database. These logs contain:
- E-mail addresses of the recipients
- E-mail content and metadata (subject, time of sending)
- Technical data such as IP addresses and mailer used
Use of the data:
- The data collected is used to manage and monitor e-mail deliverability.
- WP Mail SMTP does not set any cookies and does not store any data on the provider's own servers.
Legal basis:
- Data processing by WP Mail SMTP is based on legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR to ensure the deliverability of emails and to use email logs for troubleshooting.
- Your express consent is required for the storage and processing of e-mail logs in accordance with Art. 6 para. 1 lit. a GDPR.
Further information: For detailed information on data processing by WP Mail SMTP and how to exercise your rights, please visit the WP Mail SMTP data protection page https://wpmailsmtp.com/docs/how-to-be-gdpr-compliant-within-wp-mail-smtp/
WordPress plugin All In One WP Security
Processing of personal data by All In One WP Security
The WordPress plugin All In One WP Security (AIOS) improves the security of your website by implementing a variety of protection mechanisms. Here are the most important points on data processing in connection with All In One WP Security:
Data collected:
- IP addresses: AIOS stores the IP addresses of visitors to your website in order to prevent malicious activities such as brute force attacks.
- Browser information: These can also be recorded in order to identify suspicious activities.
- 404 error logs: The plugin logs 404 errors to detect potential security threats.
Use of the data:
- The data collected is used exclusively to improve the security of your website.
- This data helps to prevent attacks, monitor suspicious activity and ensure the integrity of your website.
Legal basis:
- Data processing by All In One WP Security is carried out on the basis of legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR to ensure the security of your website.
Further information: For detailed information on data processing by All In One WP Security, please visit https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/