Privacy Policy

Mit den folgenden Datenschutzinformationen erläutern wir, welche personenbezogenen Daten wir verarbeiten, wenn Sie unsere Internetseite besuchen. Wir möchten Sie darauf hinweisen, dass standardmäßig sämtliche Datenübermittlungen im Zusammenhang mit unserer Internetseite über eine verschlüsselte Verbindung erfolgen. Wir behalten uns vor, unsere Daten­schutz­informationen gelegentlich anzupassen, damit sie stets den aktuellen recht­lichen Anfor­de­rungen entspricht oder um Änderungen unserer Leistungen darzustellen.

Responsible
The smac - State Museum of Archaeology Chemnitz is an institution of the State Office for Archaeology of Saxony
Zur Wetterwarte 7
01109 Dresden
E-mail: tacheles@smac.sachsen.de

Data Protection Officer
Dresdner Institut für Datenschutz
Hospitalstraße 4
01097 Dresden
E-mail: datenschutz@lfa.sachsen.de

Accessing the Website, Logging and Creating Log Files
To access our website, it is technically necessary to process your IP address and other access information for the duration of the session. In addition, the IP address and the access information are logged and stored in the server log files. This includes your browser identification and domain, the name of the retrieved file, the date and time of the retrieval, the amount of data transferred and the successful retrieval. The personal data is processed to provide the website (Art. 6 para. 1 sentence 1 lit. b) GDPR) and to ensure the security of our information technology systems (Art. 6 para. 1 sentence 1 lit. c) GDPR in conjunction with Art. 32 GDPR). Art. 32 GDPR). The log files are automatically deleted after 14 days.

Use of Cookies
We use cookies on our website. Cookies can be used to optimise the information and offers on our website for the benefit of the user. Only strictly necessary cookies are used on our website on the basis of Section 25 (2) No. 2 TDDDG. The subsequent processing of personal data takes place on the basis of the provision of our website in accordance with Art. 6 para. 1 sentence 1 lit. b) GDPR) and is carried out for the purpose of storing language settings (‘i18n_redirected’, storage period: twelve months), to ensure the security of our information technology systems in accordance with Art. 6 para. 1 sentence 1 lit. c) GDPR in conjunction with Art. 32 GDPR (‘_Host-csrf’, storage period: session) and for the storage and documentation of consents via consent management in accordance with Art. 6 para. 1 sentence 1 lit. c) GDPR in conjunction with Art. 5 para. 2 GDPR (“ncc_c”, ‘ncc_e’, storage period: twelve months). No information is transmitted to third parties in this regard.

Display of Map Content by OpenStreetMap
On the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR, we integrate elements of OpenStreetMap from the OpenStreetMap Foundation CLG (132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom) to display map content. The use of OpenStreetMap involves the transfer of personal data to the United Kingdom. This transfer takes place on the basis of Art. 45 para. 1 GDPR. By displaying the map content, the user's IP address and other browser-related information is transmitted to OpenStreetMap. The purpose and scope of data processing by OpenStreetMap as well as your rights in this regard and setting options to protect your privacy can be found in OpenStreetMap's privacy policy.

Presentation of Video Content by Vimeo
On the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR, we integrate content from the video platform Vimeo of Vimeo Inc. (555 West 18th Street, New York, NY 10011, USA) for attractive presentation. The use of Vimeo involves the transfer of personal data to the USA. This transfer takes place on the basis of Art. 45 para. 1 GDPR in conjunction with Art. 45 para. 1 GDPR. EU-U.S. Data Privacy Framework. By displaying the video content, the IP address of the user and other browser-related information is transmitted to Vimeo. However, if you are currently logged in to Vimeo as a user, Vimeo may assign this information to your personal account. The purpose and scope of data processing by Vimeo as well as your rights in this regard and setting options to protect your privacy can be found in Vimeo's privacy policy.

Newsletter
On the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR, we will send you our newsletter after your registration. To subscribe to the newsletter, it is sufficient for you to provide your email address. Providing your surname and first name is voluntary and only serves to personalise the newsletter. After submitting the completed form, you will receive an e-mail with a confirmation link (double opt-in). When you open this link, your consent is confirmed and the registration is finalised. This confirmation is necessary so that no-one can register with a third-party e-mail address.

If consent is not confirmed via the confirmation link within 14 days of the unconfirmed consent being granted, the data entered and stored in connection with the granting of unconfirmed consent will be deleted in full. For the purpose of verifying a valid declaration of consent, the following data will be stored after successful registration:
• E-mail address;
• Website from which the registration form was sent;
• IP address from which the form was sent;
• IP address from which the confirmation link was clicked;
• Time of registration;
• Time of confirmation;
• Subscriber fields and lists requested in the form; and
• Subscriber ID once the registration has been confirmed.

This data is stored in a user profile for the entire duration of the existing consent so that, if necessary, consent in accordance with data protection regulations can be verified. In the event of cancellation, this data will be deleted immediately.

The server-side reaction of your e-mail provider is analysed and stored in the system to prevent incorrect mailings. This always applies if a newsletter could not be sent to the specified email address for temporary reasons (soft bounce; e.g. if the mailbox is full) or permanently (hard bounce; specified email address does not exist).

The data processing described above is carried out by mailingwork GmbH on behalf of the Saxon State Chancellery.

Use of Service Providers to Provide the Website
To provide the website, we use other service providers who process personal data on our behalf or through whom access to personal data cannot be ruled out. Contracts for order processing in accordance with Art. 28 GDPR exist with all of these service providers. In addition to the service providers already mentioned, these are Planetary Networks GmbH (hosting) and HENKELHIEDL GmbH & Co. KG (technical support).

Rights of Data Subjects and Right to Lodge a Complaint
Data subjects may at any time request information about the personal data concerning them and, subject to the statutory requirements, assert the right to rectification, erasure, restriction of processing or data portability. If processing is based on the legal basis of a legitimate or public interest, there is also the right to object. Furthermore, if data processing is carried out on the basis of consent, this can be revoked at any time for the future. To exercise your rights, please contact us using the contact details above. Furthermore, in accordance with Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if it is suspected that your personal data is being processed unlawfully.

We maintain a number of different social media presences, partly in joint responsibility with the social network operators listed below, in order to actively communicate with users and to provide information about our activities.

In the context of the user-side use of our presences in the social networks listed below, we would like to point out that personal data of users may also be processed by the operators of the social networks outside the European Union and outside the European Economic Area. This may result in possible risks for users, for example in a more difficult enforcement of the rights of data subjects under data protection law. At the same time, however, we would like to point out that personal data will only be transferred if the requirements of Art. 44 et seq. GDPR are met, in particular if an adequacy decision pursuant to Art. 45 para. 1 GDPR exists or standard data protection clauses pursuant to Art. 46 para. 2 lit. c) GDPR can be concluded. Furthermore, agreements on joint responsibility pursuant to Art. 26 GDPR are concluded if the operators of the social networks support this.

We would also like to point out that the personal data of users is generally also processed by the operators of social networks for their own market research and advertising purposes. Any user profiles generated from user behaviour can also be used to display interest-based advertisements outside the social networks. For this purpose, the operators of social networks generally store cookies on users' computers so that device information, user behaviour and user interests can be processed even if the user does not have a profile on the respective network. For more information on this and any options to object, please refer to the data protection information and further information provided by the respective social network operators, which we have linked for you below

The following also applies to the processing of personal data:

Processed Data Category
The processed data categories include inventory data (e.g. names), contact data (e.g. email addresses), content data (e.g. text entries), usage data (e.g. interest in content) as well as meta and communication data (e.g. device information and IP addresses).

Purpose and Legal Basis of the Processing
Data processing is carried out for the purposes of providing information, communication, marketing and measuring reach, insofar as this is our responsibility. The operation of the social media presences is based on a legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR, whereby the respective interests result from the aforementioned purposes.

Storage Period
The data categories processed by us are only stored within the respective social network. In most cases, we have no influence on the specific storage period, as this is determined by the providers of the social networks. Information on this can be found in the data protection information of the respective provider. If the storage period can be influenced by us in individual cases, the data will be deleted after the purpose has been fulfilled in compliance with the statutory retention obligations.

Services and Service Providers Used by Us and Network-Specific Information
In the following, we inform you about the services and service providers used by us and about network-specific information, naming the respective responsible bodies within the EU/EEA and those outside the EU/EEA. We do not transfer any further data.

• Facebook, Meta Platforms Ireland Limited / Meta Platforms Inc., 1 Hacker Way, Menlo Park, CA 94025, USA

  • Data Protection Information

  • Information on the agreement on joint processing of personal data on Facebook pages

  • Settings for adverts

•  Instagram, Meta Platforms Ireland Limited / Meta Platforms Inc., 1 Hacker Way, Menlo Park, CA 94025, USA

  • Data Protection Information

• Vimeo, Vimeo Inc., 555 West 18th Street, New York, NY 10011, USA

  • Data Protection Information

  • Possibility to object to the use of optional cookies and analysis services

• YouTube, Google Ireland Limited / Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA

  • Data Protection Information

  • Option to Object to Targeted Adverts

  • Browser add-on to deactivate Google Analytics

Information on Data Subject Rights
Data subjects may at any time request information about the personal data concerning them and, subject to the statutory requirements, assert the right to rectification, erasure, restriction of processing or data portability. If processing is based on the legal basis of a legitimate or public interest, there is also the right to object. Furthermore, if data processing is carried out on the basis of consent, this consent can be withdrawn at any time with effect for the future. To exercise your rights, please contact us using the contact details above. Furthermore, in accordance with Art. 77 GDPR, you have the right to lodge a complaint with a data protection supervisory authority if it is suspected that your personal data is being processed unlawfully.

With regard to the assertion of data subject rights, we would like to point out that these should ideally be addressed directly to the respective operator of the social network in order to obtain comprehensive measures. Only the operators have access to all of the processed personal data of the users and can accordingly provide more comprehensive information and take any necessary measures. If you need help with this, you can of course contact the controller or the data protection officer at any time using the contact details above.