Privacy policy

We are BäLäKä, our website is: https://www.baelaekae.org.

1 Accountability
Responsible within the meaning of the General Data Protection Regulation (GDPR) is: BäLäKä

2 Hosting & server log files
We host this website at systemli.org

Every time you visit our website, the server automatically collects log files for technical reasons, which include the following

  • IP address
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which the access was made (referrer)
  • Browser used and, if applicable, operating system
  • Amount of data transferred

The aforementioned data is evaluated exclusively for the operation, security and optimization of the offer (legal basis is Art. 6 para. 1 lit. f GDPR, legitimate interest).

3 Use of cookies
Our website uses cookies. Cookies are small text files that are stored on your end device. They are used, among other things, to

  • Enable login sessions for users who log in to the WordPress site (essential cookies),

Types of cookies

  1. Necessary cookies
    • Purpose: Authentication, session management and display of your dashboard.
    • Legal basis: Art. 6 para. 1 lit. b GDPR (fulfillment of contract).

You can set your browser so that it informs you about the setting of cookies and cookies

4 User accounts
Our website offers registered users (registration by e-mail/password) access to protected areas. We collect and process the following data:

  • Mandatory information: E-mail address, user name, password (encrypted)
  • Further voluntary information: First and last name, profile picture, biography

Purpose and legal basis

  • Provision and administration of a user account (Art. 6 para. 1 lit. b GDPR).
  • Securing access rights (Art. 6 para. 1 lit. f GDPR).

You can request information about your stored data at any time and request rectification, erasure or restriction of processing (see section 8 “Your rights”).

5 Integration of CryptPad forms
We integrate forms from the CryptPad platform on our website, e.g. to implement surveys or registration forms in compliance with the GDPR.

  • Embedding: takes place via <iframe> from a CryptPad instance.
  • Encryption: CryptPad encrypts form data in the browser (end-to-end). The operators only store encrypted data blocks and have no access to your entries in plain text.
  • Server logs at CryptPad: When the iFrame is called up, the IP address, browser data and time are transmitted to the CryptPad instance – this is personal data.
  • Purpose: The purpose of collecting personal data via the forms is to organize the BäLäKä meeting

Order processing
For the integration of external CryptPad instances, we have concluded an AV contract with the operator(s) in accordance with Art. 28 GDPR.

Legal basis

  • Processing of the form data: Art. 6 para. 1 lit. a GDPR (consent), provided you submit the form.
  • Transmission of technical connection data: Art. 6 para. 1 lit. f GDPR (legitimate interest).

Please note that your form details cannot be viewed by us and are only published or shared via the end device key.

6 Contact options & contact form
If you contact us by e-mail or via the CryptPad form, the data you provide there (e.g. name, e-mail address, request) will be stored by us in order to process your request and subsequently answer it (Art. 6 para. 1 lit. b GDPR).

7 Disclosure to third parties
Personal data will only be disclosed to third parties if

  • you have given your consent (Art. 6 para. 1 lit. a GDPR),
  • the processing is necessary for the performance of a contract (Art. 6 para. 1 lit. b GDPR)
  • we are legally obliged to do so (e.g. requests for information from authorities)
  • or disclosure for billing purposes to our tax advisor (Art. 6 para. 1 lit. c and f GDPR).

8 Your rights as a data subject
You have the following rights vis-à-vis us with regard to your personal data:

  • Right of access (Art. 15 GDPR)
  • Right to rectification of inaccurate data (Art. 16 GDPR)
  • Right to erasure (“right to be forgotten”) (Art. 17 GDPR)
  • Right to restriction of processing (Art. 18 GDPR)
  • Right to data portability (Art. 20 GDPR)
  • Right to object to processing on the basis of Art. 6 para. 1 lit. f GDPR (Art. 21 GDPR)
  • Withdrawal of consent (Art. 7 para. 3 GDPR)
  • Complaint to the supervisory authority (Art. 77 GDPR)

To exercise your rights, please send an email to: info@baelaekae.org

9 Data security
We use technical and organizational measures to protect your data against manipulation, loss, destruction and unauthorized access (e.g. SSL/TLS encryption, firewalls, regular backups).

10 Topicality and changes to this data protection declaration
This data protection declaration is currently valid and is dated May 11, 2025. due to the further development of our website or legal or official requirements, it may become necessary to change this declaration. You will always find the current version on this page.