Privacy Policy
Version: v1
Last updated: 03.06.2026
1. Privacy at a Glance
General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data is any information that can be used to identify you personally. Detailed information on the subject of data protection can be found in this Privacy Policy.
Data Collection on This Website
Who is responsible for data collection on this website?
Data processing on this website is carried out by the website operator. You can find the operator’s contact details in the section “Information about the Controller” of this Privacy Policy.
How do we collect your data?
Some data is collected when you provide it to us. This may include, for example, information that you enter into a contact form.
Other data is collected automatically by our IT systems when you visit the website. This primarily includes technical data (e.g. internet browser, operating system, or the time of the page request). This data is collected automatically as soon as you access this website.
What do we use your data for?
Some of the data is collected to ensure the error-free provision of the website. Other data is processed to respond to your inquiries submitted via the contact form and to protect the website from abusive automated access (e.g. spam).
What rights do you have regarding your data?
You have the right to obtain information free of charge at any time about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given consent to data processing, you may revoke this consent at any time with effect for the future. Furthermore, under certain circumstances, you have the right to request the restriction of the processing of your personal data. You also have the right to lodge a complaint with the competent supervisory authority.
If you have any questions regarding data protection or the processing of your personal data, you may contact us at any time.
2. Hosting
External Hosting
This website is hosted by external service providers. Personal data collected on this website is processed on the servers of the hosting providers we use. This includes, in particular, IP addresses and technical connection data (e.g. browser type, operating system, or the time of the page request).
External hosting is carried out in the interest of providing our online services in a secure, fast, and efficient manner (Art. 6(1)(f) GDPR). In this context, data may also be processed in third countries (e.g. the United States).
We use the following hosting providers:
Netlify, Inc., 101 2nd Street, San Francisco, CA 94105, USA
Render Services, Inc., 525 Brannan St, Suite 300, San Francisco, CA 94107, USA
Data Processing Agreements
The service providers we use provide the Data Processing Agreements (DPAs) required under Art. 28 GDPR. The processing of your personal data is carried out on the basis of these agreements.
3. General Information and Mandatory Information
Data Protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the applicable data protection regulations and this Privacy Policy.
When you use this website, various types of personal data are collected. Personal data is any data that can be used to identify you personally. This Privacy Policy explains what data we collect, how we use it, and for what purpose it is processed.
Please note that data transmission over the Internet (e.g. communication by e-mail) may have security vulnerabilities. Complete protection of data against access by third parties is not possible.
Information about the Controller
The controller responsible for data processing on this website is:
Ukrainischer Kultur und Bildungsverein Mönchengladbach e.V.
Eibenstraße 34
41239 Mönchengladbach
E-mail: ukibimev@gmail.com
The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, or similar information).
Data Retention
Unless a more specific retention period is stated in this Privacy Policy, your personal data will remain with us until the purpose for the data processing no longer applies. If you submit a legitimate request for deletion or withdraw your consent to data processing, your data will be deleted unless we have other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods). In the latter case, deletion will take place once these reasons no longer apply.
General Information on the Legal Bases for Data Processing on This Website
The processing of your personal data is based on our legitimate interest (Art. 6(1)(f) GDPR), unless another legal basis applies. This applies in particular to the technical provision of the website (external hosting) and protection against spam (hCaptcha). Information about the specific legal basis applicable in each individual case is provided in the following sections of this Privacy Policy.
Recipients of Personal Data
As part of our activities, we work with various external service providers. In some cases, it is necessary to transfer personal data to these external parties. We only disclose personal data to external parties when we have a legitimate interest in doing so pursuant to Art. 6(1)(f) GDPR or when another legal basis permits the disclosure. When using data processors, we transfer personal data only on the basis of a valid Data Processing Agreement (DPA).
Right to Object (Art. 21 GDPR)
IF THE PROCESSING OF YOUR PERSONAL DATA IS BASED ON ARTICLE 6(1)(F) GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME, ON GROUNDS RELATING TO YOUR PARTICULAR SITUATION, TO THE PROCESSING OF YOUR PERSONAL DATA. THE RELEVANT LEGAL BASIS FOR THE PROCESSING CAN BE FOUND IN THIS PRIVACY POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS YOUR PERSONAL DATA UNLESS WE CAN DEMONSTRATE COMPELLING LEGITIMATE GROUNDS FOR THE PROCESSING WHICH OVERRIDE YOUR INTERESTS, RIGHTS, AND FREEDOMS.
Right to Lodge a Complaint with the Competent Supervisory Authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State of their habitual residence, place of work, or the place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.
Right to Data Portability
Where the requirements of Art. 20 GDPR are met, you have the right to receive the personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request that it be transmitted to another controller.
Access, Rectification, and Erasure
Within the framework of the applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin and recipients, and the purpose of the data processing. You may also have the right to request the correction or deletion of this data. If you have any questions regarding personal data, you may contact us at any time.
Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data. You may contact us at any time for this purpose. The right to restriction of processing applies in the following cases:
- If you contest the accuracy of your personal data stored by us, we generally require time to verify this. During the verification period, you have the right to request the restriction of the processing of your personal data.
- If the processing of your personal data was or is unlawful, you may request the restriction of processing instead of deletion.
- If we no longer need your personal data, but you require it for the establishment, exercise, or defense of legal claims, you have the right to request the restriction of processing instead of deletion.
- If you have objected pursuant to Art. 21(1) GDPR, a balancing of your interests and ours must be carried out. As long as it has not yet been determined whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data may, apart from being stored, only be processed with your consent or for the establishment, exercise, or defense of legal claims, for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or a Member State.
SSL/TLS Encryption
For security reasons and to protect the transmission of confidential content, such as inquiries submitted via the contact form, this website uses SSL/TLS encryption. You can recognize an encrypted connection by the change in the browser’s address bar from “http://” to “https://” and by the lock symbol displayed in your browser.
When SSL/TLS encryption is enabled, the data you transmit to us cannot be read by third parties.
4. Data Collection on This Website
Cookies
Our website uses only technically necessary cookies. These cookies are required to provide basic website functionality, in particular to store your selected language preference (NEXT_LOCALE).
The processing is carried out on the basis of our legitimate interest in the technically error-free and user-friendly provision of the website pursuant to Art. 6(1)(f) GDPR.
Cookies are not used for analytics, marketing, or advertising purposes. You may disable or delete cookies at any time through your browser settings.
Server Log Files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information includes:
- Browser type and browser version
- Operating system used
- Referrer URL
- Hostname of the accessing device
- Time of the server request
- IP address
This data is not combined with data from other sources.
The collection of this data is based on Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of the website. For this purpose, server log files must be collected.
Contact Form
If you send us an inquiry via the contact form, the data you enter (name, e-mail address, telephone number, and message) will be processed. In addition, technical data generated during transmission (IP address, user agent, timestamp) will be transmitted to us and stored in the received e-mail. The transmission is carried out via the service Resend (Plus Five Five, Inc., USA).
The processing of your data is based on our legitimate interest in responding to your inquiry (Art. 6(1)(f) GDPR).
Data transmitted through the contact form will remain with us until the purpose of the processing no longer applies or until you request the deletion of your data, provided that no statutory retention obligations apply.
Contact by E-mail or Telephone
If you contact us by e-mail or telephone, your inquiry, including all resulting personal data (e.g. your name and the content of your inquiry), will be stored and processed for the purpose of handling your request.
The processing of this data is based on our legitimate interest in the effective handling of your inquiry (Art. 6(1)(f) GDPR). The data will remain with us until the purpose of the processing no longer applies or until you request deletion. Mandatory statutory retention periods remain unaffected.
E-mail Delivery (Resend)
We use the service Resend (Plus Five Five, Inc., 2261 Market Street #5039, San Francisco, CA 94114, USA) for the delivery of e-mails sent through our contact form.
The transmitted data is used solely for the delivery and processing of your inquiry.
The transmitted data is not stored in our own database.
Resend provides the Data Processing Agreement (DPA) required under Art. 28 GDPR. The processing of your personal data is carried out on the basis of this agreement.
Further information: https://resend.com/privacy-policy
Provision of Website Content and Data Storage (Supabase)
For the provision of content on our website (e.g. texts, images, and media files) as well as for the storage of application data, we use Supabase, Inc., 3500 S. DuPont Highway, Dover, Delaware 19901, USA.
Data is processed in the Central EU (Frankfurt am Main, Germany) region.
When accessing the website or the provided content, it may be technically necessary to process connection data (e.g. the IP address).
The processing is carried out on the basis of our legitimate interest in the secure and efficient provision of our online services pursuant to Art. 6(1)(f) GDPR.
A Data Processing Agreement (DPA) pursuant to Art. 28 GDPR has been concluded with Supabase.
Further information: https://supabase.com/privacy
5. Plugins and Tools
hCaptcha
We use hCaptcha (provider: Intuition Machines, Inc., 1065 SW 8th St #704, Miami, FL 33130, USA) to protect our website against abusive automated access (spam). As part of the use of hCaptcha, various technical information may be processed, including IP address, browser and device information, as well as interactions with the hCaptcha element. The collected data is transmitted to the provider.
The processing is carried out on the basis of our legitimate interest in the security and integrity of our website (Art. 6(1)(f) GDPR). Since the provider is located in the United States, personal data may be transferred to the USA. An adequate level of data protection is ensured through the provider’s certification under the EU-U.S. Data Privacy Framework (DPF).
Intuition Machines, Inc. provides the Data Processing Agreement (DPA) required under Art. 28 GDPR. The processing of your personal data is carried out on the basis of this agreement.
Further information can be found in hCaptcha’s Privacy Policy: https://www.hcaptcha.com/privacy.