Version: 27 October 2021
1. General information
The protection of your personal data is particularly important to us. We process your personal data exclusively on the basis of statutory provisions (the General Data Protection Regulation (GDPR), the Austrian Data Protection Act (DSG) and the Austrian Telecommunications Act (TKG) 2003).
For the provision of our website and services, we process information about you, referred to as personal data or, hereinafter for short, “data”. The term “processing” means any handling of data, such as the collection, storage, use or erasure of personal data.
We wish to inform you within this Privacy Policy about the processing of your personal data and about your entitlements and rights under data protection regulations.
Responsibility for processing your personal data lies with:
Jewish Community of Vienna (Israelitische Kultusgemeinde Wien)
Seitenstettengasse 4,
A-1010 Vienna
Tel.: +43/1/531 04-0
If you have any complaints, questions or suggestions relating to data protection, please do not hesitate to contact us using the aforementioned contact details. You can also get in touch with our Data Protection Officer:
Mag. Markus Dörfler
Höhne, In der Maur & Partner Rechtsanwälte GmbH & Co KG
Mariahilfer Straße 20, A-1070 Vienna
Tel.: +43/1/521 75-41
2. Data processing within the framework of our website
2.1. General information
Within the framework of our website, we process data that you provide to us (in the context of orders, for example), logs (for security reasons, our servers log details of who makes requests) and cookies (small text files that are stored on your device and contain information to recognise you).
We have engaged Heroku as a processor to technically operate the web server used to run our website.
To prevent cookies from being set by third-party providers, you can block third-party cookies in your browser. Below you can find instructions on how to do this for the most common browsers:
Firefox: here
Chrome: here
Internet Explorer: here
Safari: Third-party cookies are blocked by default in Apple’s Safari.
2.2. Data processing for the operation and security of our website (server logs):
2.2.1. Server logs
Purpose of the processing: When you visit our website, the web server collects usage data (known as server logs). The collection of such data is required for technical reasons to enable you to establish a connection to our server and to use the website. Such data are also used to analyse and defend against attacks.
The following server logs are collected: the IP address of the requesting device, together with the date and time of the request, which file is requested (name and URL), what volume of data is transmitted to you, notification of whether the request was successful, data to identify the browser and operating system used, and the website from which access was obtained (if access is obtained via a link).
Legal basis for the processing: Your data are processed on the basis of our legitimate interest in ensuring operation of the service and system security.
Data recipients: We have engaged the IT service centre of Rackspace, Heroku und Amazon Web Services as a processor to technically operate the web server used to run our website. The data from the server logs shall be passed on to the law enforcement authorities in the event of a hacker attack. They shall not be passed on to any other third parties.
Further information: The server logs are stored for up to 1 day.
2.3. Data processing for marketing purposes:
2.3.1. Web analytics
We use the following tool to process data about your use of our website in order to adapt it to your interests as best we can.
Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”).
Purpose of the processing: Google Analytics stores cookies so that it can recognise you and then create personalised user statistics about your website activities. In addition, we have activated Google’s “anonymize IP” module. To this end, the IP address assigned to you within the European Union is anonymised by Google.
Google Analytics stores the following cookies on your device:
Name: Duration: Purpose:
Legal basis for the processing: The processing of your data is based on your consent. If you click on the “Settings” box on our cookie banner and then confirm the cookie banner using the “Accept” button, you agree that we may process your data to the extent described here.
Data recipients: As a rule, the information generated by the cookie regarding your use of the website is transmitted to and stored on a server in the USA that is operated by Google. The appropriate level of protection for transmission results from an adequacy decision passed by the European Commission in accordance with Article 45 GDPR. Google is certified under the Privacy Shield agreement and thereby offers a guarantee of compliance with European data protection law. Google is engaged by us as a processor and may use the transmitted data solely for processing specific orders and is obliged by contract with us to comply with statutory data protection regulations.
Further information: You can prevent the storage of cookies through a corresponding setting in your browser software; please note, however, that in this case you may not be able to use all the features of the website to their full extent. In addition, you can prevent the forwarding of data generated by the cookie and associated with your use of the website (incl. your anonymised IP address) to Google, as well as the processing of such data by Google, by downloading and installing the browser plug-in available under the following link (https://tools.google.com/dlpage/gaoptout?hl=en).
2.4. Data processing within the framework of our social media activities:
We use social media plug-ins. These enable us to display interaction elements or content (e.g. texts, graphics, images and videos) of social media services to you. Via these plug-ins, data, including personal data, can be transmitted to social media service providers and, if necessary, used by them.
When you visit our website, the social media plug-ins only establish a direct connection between your browser and the server of the social media service provider if you have consented to transmission of the data.
We currently use social media plug-ins provided by the following services:
YouTube: We use plug-ins provided by the service YouTube on our website. The plug-ins can display interaction elements or content (e.g. videos, graphics or texts). These plug-ins allow data to be sent to YouTube and, if necessary, used by YouTube. Data are only transmitted to YouTube if you have consented to the use thereof.
Further information on YouTube and on the exact scope and purpose of the data processing can be found in Google’s Privacy Policy at https://policies.google.com/privacy. Responsibility for this data processing lies with Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Twitter: We use plug-ins provided by the service Twitter on our website. The plug-ins can display interaction elements or content (e.g. videos, graphics or texts) and are identifiable by the Twitter logo. Plug-ins enable you to “like” a post on our website or to share it on Twitter. Data are only transmitted to Twitter if you have consented to the use thereof.
Further information on Twitter and on the exact scope and purpose of the data processing can be found in Twitter’s Privacy Policy at https://twitter.com/privacy. Responsibility for this data processing lies with Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, Ireland.
3. Data processing within the framework of the newsletter
Purpose of the processing: If you have subscribed to our newsletter, you shall receive regular information from us by email about us and our services. If you no longer wish to be contacted by us, that is not a problem. Simply get in touch at [Bitte ergänzen] or use the link to unsubscribe in the newsletter.
Legal basis for the processing: The processing of your data is based on your consent.
Data recipients: The following service providers receive your data in order to create and send the newsletter on our behalf:
“MailChimp”, an email marketing platform belonging to the US provider The Rocket Science Group, LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. This company is engaged by us as a processor and may use your data solely for processing specific orders and is obliged by contract with us to comply with statutory data protection regulations. The appropriate level of protection for the transmission of data to the USA results from standard contractual clauses in accordance with Article 46 GDPR. Further information on the standard contractual clauses and on suitable or appropriate guarantees can be found at https://mailchimp.com/legal/data-processing-addendum/.
Further information: We shall process your data until you withdraw your consent or unsubscribe from the newsletter.
4. Data processing within the framework of business operations:
4.1. Data processing within the framework of the initiation of contact:
Purpose of the processing: If you contact us (e.g. by email, contact form or telephone), we shall process the data you provide to us when you contact us only to the extent necessary to handle and process the request.
Legal basis for the processing: Your data are processed for the implementation of pre-contractual measures or for the fulfilment of a contractual relationship or on the basis of our legitimate interest, namely for organising the response to your request.
Data recipients: Such data are transmitted only on condition that transmission is necessary to respond to the request.
Further information: We process your data for as long as is necessary to handle the request and for a further seven years after the last contact with you in case there is a follow-up request.
4.2. Data processing within the framework of donations made by you
Purpose of the processing: If you intend to support projects run by the Jewish Community through donations, your data shall be processed to comply with statutory recording and retention obligations. By processing your data, we can also enable you to make your donation tax-deductible.
Legal basis for the processing: The processing of your data is based on legislation.
Data recipients: If it is necessary to transmit your data as relevant in a specific individual case in order to fulfil the contractual relationship or due to legislation, such data shall be transmitted to the following categories of recipients:
- Competent administrative authorities
- “DirectMind”, an online donation platform provided by DIRECT MIND GmbH, Technologiestraße 8, A-1121 Vienna. This company is engaged by us as a processor and may use your data solely for processing specific orders and is obliged by contract with us to comply with statutory data protection regulations.
Further information: We process your data only for as long as is necessary due to legal obligations (e.g. in accordance with retention obligations under tax and company legislation). Unless required otherwise by law, we retain your data for seven years as a rule.
4.3. General data processing within the framework of membership:
Purpose of the processing: If you wish to join us as a member or are already a member, we shall process your data to deal with your registration or the membership relationship and for formal handling of the business transactions to be executed by us within the framework of a business relationship. This also includes processing your data in order to provide you with the membership benefits (e.g. membership magazine, exemption from contribution payments, privileges, insurance), to organise events and courses, and to manage members.
Data necessary for membership: The fields specially marked in the registration form are required for membership (conclusion of a contract). If you do not provide such data, you cannot join the Jewish Community. Additional data are optional.
Legal basis for the processing: Your data are processed for the implementation of pre-contractual measures or for the fulfilment of a contractual relationship and due to legislation within the framework of a business relationship (or for managing such a relationship).
Data recipients: In principle, we only pass on your data to selected partners required for fulfilment of the contract. These partners, in turn, only receive the parts of the data they need to execute their tasks. The data of all members are managed centrally by the umbrella association in Innsbruck. We use appropriate service providers for services (e.g. IT environment, email, internet, magazine mailing, insurance). In case of accidents, data are transmitted to the insurance company and/or the competent authorities.
Further information: We shall process your data for as long as you are a member so that we can meet our obligations and safeguard your interests (e.g. training). If you leave the Jewish Community, your data shall be erased as soon as the retention periods prescribed for us by laws and bylaws have expired. These periods vary in length for different categories of data. For example, we shall immediately erase the details of which newsletters you have received or your areas of interest. Documents that are required by tax law to be retained for 7 years, for instance, shall only be erased by us after this period has expired.
4.4. Data processing for event management:
Purpose of the processing: If you register with us for an event, we shall process your data to deal with your registration, to organise and run the event, to answer questions that you address to us in connection with your registration, and for formal handling of the business transactions to be executed by us within the framework of a business relationship.
Legal basis for the processing: Your data are processed for the fulfilment of a contractual relationship.
Data recipients: The following service providers receive your data for the allocation of tickets to our events:
“Ticket Tailor”, an online ticket distribution platform provided by Zimma Ltd., Unit 6, 14A Andre St, London, E8 2AA, Great Britain. This company is engaged by us as a processor and may use your data solely for processing specific orders and is obliged by contract with us to comply with statutory data protection regulations.
Ticket tailer uses the following cookies:
AWSALB [x2]
6 days
Optimizing the user experience
AWSALBCORS [x2]
6 days
Optimizing the user experience
intercom.played-notifications
Duration of the browser session
What support message is shown to user.
PHPSESSID [x2]
maintaining the session browser
tickettailor
30 days
_hjSession_2101740
day
_hjSessionUser_2101740
1 year
Further information: We process your data only for as long as is necessary to fulfil the contractual relationship or due to legal obligations (e.g. in accordance with retention obligations under tax and company legislation). As a rule, we retain data for seven years.
Please note that we may take photographs and video recordings during the event to document the event and to report on it in media (e.g. in magazines and publications or on websites and social media platforms).
These images are processed on the basis of our legitimate interest. We have a legitimate interest in documenting and presenting our activities. When publishing images, care is taken to ensure that no legitimate interests of persons shown are violated.
4.5. Data processing for the handling of events:
Purpose of processing: if you register with us for an event or purchase an online ticket, we will process your data for the purpose of handling the registration, sending the tickets, organizing (including for security purposes) and conducting the event, answering questions that you address to us in connection with your registration, and administrating business cases to be managed by us as part of the business relationship.
Legal basis of processing: The processing of your data is carried out for the fulfillment of a contractual relationship.
Recipients of the data:
- External assistants of the IKG Vienna (in particular tour guides, transport companies, and other tourist service providers).
- Connecteam is an event scheduling software provided by Mobilesson Ltd, Ariozorov 111, Tel Aviv, Israel and Mobilesson Ltd´s subsidiary Connecteam, Inc. 119 West 24th St. 4th floor New York, NY 10011, United States. Connecteam and Mobilesson are joint data controllers and use servers in the Netherlands and Germany for data storage. For more information, please visit https://connecteam.com/gdpr-ready/ and https://connecteam.com/privacy/.
- "Tickettailor," is an online ticket distribution platform provided by Zimma Ltd, Unit 6, 14A Andre St, London, E8 2AA G, Great Britain. This company acts as an organizer for us and may only use your data to process specific orders. Furthermore, the company is contractually obligated to us to comply with the statutory provisions on data protection. We use the service for the ticket booking of events of the Rabbinate and the Youth and Culture Department of the IKG Vienna.
- "Stripe" is a payment processing company by Stripe Payments Europe Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland. Stripe is the provider of an online payment service that we use to process payments for online ticket bookings. It is a transferee that processes the data to settle the payment. For more information, please visit https://stripe.com/at/privacy.
Additional information: We only process your data for as long as is necessary in order to fulfill the contractual relationship or to follow legal obligations (for example, in accordance with tax and company law retention obligations). As a rule, we keep data for at most seven years.
Please note that we may take photographs and video recordings during the event for the purpose of documentation and media coverage of the event (such as in journals, magazines, publications, and websites or social media platforms).
The processing of the image recordings is based on our legitimate interest. Our legitimate interest is the documentation and presentation of our activities. Image recordings are published with care and concern care to ensure that no legitimate interests of persons depicted are violated.
4.6 Data processing in the context of online ticket booking (Infopoint):
Purpose of processing: If you book a guided tour via the Infopoint and purchase a ticket online, we will process your data to create and transmit the ticket and to organize and conduct the event.
Legal basis of processing: Your data is processed to fulfill a contractual relationship.
Recipients of the data: The following service providers receive your data in order to issue the tickets to our events and settle the payment:
- "Bókun", Nóatún 17, 105 Reykjavík, Iceland, is a provider of the booking system we use for online ticket booking. The provider acts as a processor for us in accordance with Art 28 DSGVO and may only use your data to process specific orders Furthermore, the provider is contractually obligated to us to comply with the statutory provisions on data protection.
- "Stripe" is a payment processing company by Stripe Payments Europe Limited, 1 Grand Canal Street Lower, Grand Canal Dock, Dublin, D02 H210, Ireland. The company is a provider of an online payment service that we use to settle payments for online ticket bookings. Stripe is a transferee that processes the data to settle the payment. For more information, please visit https://stripe.com/at/privacy.
Additional information: We process your data only for as long as is necessary in order to fulfill the contractual relationship or to follow legal obligations (for example, according to the tax and company law retention obligations). As a rule, we keep data for at most seven years.
4.7 Security check for the visit of the City Temple and indoor events:
Purpose of the processing: When persons participate in a guided tour of the City Temple or in any indoor event of the IKG Vienna, a security check takes place for safety reasons, during which the personal details of the participants are verified by the presentation of a photo ID.
Legal basis of processing: Data is processed in the context of the tour for the fulfillment of a contractual relationship.
Recipients of the data: Tour guides, tourist guides
Additional information: During the security check, the photo IDs of the participants are only confirmed visually. A storage of the data does not take place.
5. Your rights
5.1. Right of access to information about stored data in accordance with Article 15 GDPR
You have a right of access to information about whether we are processing personal data relating to you. If this is the case, you have a right of access to information about such personal data and other information related to the processing.
5.2. Right to rectification of inaccurate data in accordance with Article 16 GDPR
In the event that personal data that we process about you are not (or no longer) accurate or are incomplete, you can request the rectification and, if applicable, completion of such data.
5.3. Right to erasure of data in accordance with Article 17 GDPR
If the legal requirements are met, you can request the erasure of your personal data.
5.4. Right to restriction of processing of data in accordance with Article 18 GDPR
If the legal requirements are met, you can request a restriction of processing in relation to the data concerning you.
5.5. Right to data portability in accordance with Article 20 GDPR
If the legal requirements are met, you can request the transfer of your data in a structured, commonly used and machine-readable format.
5.6. Right to object to unreasonable data processing in accordance with Article 21 GDPR
On grounds relating to your particular situation, you may object at any time to the processing of data concerning you which we process based on a legitimate interest in accordance with Article 6(1)(f) GDPR.
5.7. Right to withdraw your consent
If processing is based on a declaration of consent, you may withdraw this at any time without any impact on the lawfulness of processing based on consent before its withdrawal.
5.8. Right of appeal to the data protection authority
If you believe that our processing of your personal data is in violation of the relevant data protection legislation or that your rights under data protection law have been infringed in any other way, you can lodge a complaint with the competent supervisory authority (Austrian Data Protection Authority). The address is:
Austrian Data Protection Authority (Österreichische Datenschutzbehörde)
Barichgasse 40-42
A-1030 Vienna
Telephone: +43 1 52 152-0
6. Further information:
We need the data that we ask you to provide for the purpose of selling our goods and delivering our services within the framework of the contractual relationship or for the purpose of supplying the information you have requested from us or sending our newsletters and other information.
If you do not provide the data, we cannot deliver our services.
There is no automated decision-making, including profiling. If we process your personal data for a purpose other than that for which we have collected such data, we shall notify you of this fact and inform you about this other purpose.
Legal Notice
Responsibility for website content
Jewish Community of Vienna
A-1010 Vienna, Seitenstettengasse 4
Tel. +43/1/531 04-0
Fax +43/1/531 04-108
Disclaimer
1. Online content
The author accepts no liability whatsoever for the topicality, correctness, completeness or quality of the information provided. Liability claims against the author relating to damage of a tangible or intangible nature caused by the use or non-use of the information presented or by the use of incorrect and incomplete information are hereby excluded in principle except in the case of demonstrably intentional or grossly negligent behaviour on the part of the author.
All offers are non-binding and without obligation. The author expressly reserves the right to alter, supplement or erase sections of the website or the entire content without separate notice, or to cease publication temporarily or permanently.
2. References and links
In the case of direct or indirect references to third-party websites (hyperlinks) that are beyond the responsibility of the author, the author would only be liable if they had knowledge of the content and it was technically possible and reasonable for the author to prevent the use of illegal content.
The author hereby expressly declares that no illegal content was identifiable on the linked sites at the time when the links were inserted. The author has no influence over the current and future form, content or authorship of the linked/referenced sites. The author, therefore, hereby expressly distances itself from the content of all linked/referenced sites changed after the creation of the link. This declaration applies to all links and references on the author’s own website, as well as to external entries in guest books, discussion forums, link directories, mailing lists and all other forms of databases set up by the author that may be written in by third parties. Only the provider of the site to which a link refers, and not the party who merely creates the link referring to that publication, shall be liable for any illegal, incorrect or incomplete content or, in particular, for any losses arising from the use or non-use of information so presented.
3. Copyright and trademark rights
In all publications, the author endeavours to observe copyright in relation to the graphics, audio files, video sequences and texts used and to use its own graphics, audio files, video sequences and texts or to access licence-free graphics, audio files, video sequences and texts.
All brand names and trademarks mentioned on the website, including any protected by third parties, are subject without restriction to the provisions of the applicable trademark law and to the ownership rights of the respective registered owners. It must not be concluded solely on the basis of the mere mention of trademarks that they are not protected by third-party rights.
The copyright for any published material created by the author shall remain exclusively with the author of the site. Any reproduction or use of such graphics, audio files, video sequences and texts in other electronic or printed publications shall require the express permission of the author.
4. Data protection
Should the opportunity arise to enter personal or business-related data (email addresses, names, addresses) on the website, the disclosure of such data on the part of the user shall be on an explicitly voluntary basis. All services offered may also be used and paid for without the provision of such data, or by entering anonymised data or an alias, if and insofar as this is technically possible and reasonable. The use of contact data published within the legal notice or comparable information, such as postal addresses, telephone or fax numbers and email addresses, by third parties for sending unsolicited information is prohibited. We expressly reserve the right to take legal action against senders of spam mail in the event of violations of this prohibition.