Privacy Policy
The following section is presented in a structured, readable format aligned with ETS Online styling.
1.1 What is Personal Data
Personal data refers to information that reveals or could reveal the identity of the user. We adhere to the principle of data minimization. Collection of personal data is avoided wherever possible.
1.2 Processing of Personal Data
Personal data is used exclusively for the establishment, content design, implementation, or termination of the contractual relationship (Art. 6 (1b) GDPR).
Beyond this, personal data is only processed if we have received your consent (Art. 6 (1a) GDPR) or if it concerns data whose processing is necessary for our legitimate interests and where the balancing of interests shows that no overriding interests, fundamental rights, or freedoms on your part stand in opposition (Art. 6 (1f) GDPR).
We may employ processors for processing your personal data, with whom we have concluded a data processing agreement as required. However, we will generally not share personal data with third parties.
The processing of your personal data takes place within the EU and in countries classified by the EU as safe or adequate. Should processing of personal data occur in the United States, we ensure that the services we use are certified under the “Data Privacy Framework”.
1.3 Usage Data
When visiting the website, general technical information is collected. This includes the IP address used, time, duration of visit, browser type, and possibly the referring page. This usage data is registered in a log file for technical reasons and may be used and stored for statistical analysis of this website. No linking of this usage data with your other personal data takes place.
1.4 Registration Data
Registration is required for comprehensive use of the functions of our website. The registration data is collected through your corresponding inputs and used for the specifically stated purpose according to your consent (Art. 6 (1a) GDPR).
1.5 Duration of Storage
After the termination of the purpose for which the data was collected, we store your personal data only as long as required by statutory provisions (particularly tax law).
In detail, the following retention periods apply, for example:
| Type of data | Retention period |
|---|---|
| Tax data | 10 years |
| Commercial or business letters (including e-mails and faxes) and other documents, insofar as these are relevant for taxation. | 6 years from the end of the calendar year in which the last entry in the book was made, the inventory, the opening balance sheet, the annual financial statement, or the management report was prepared, the commercial or business letter was received or sent, or the accounting document was created, and the recording was made or the other documents were created. |
| Transaction and registration data | 10 years from the end of the calendar year in which the last entry was made in the book, the inventory, the opening balance sheet, the annual financial statement, or the management report was prepared, the commercial or business letter was received or sent, or the accounting document was created; furthermore the recording was carried out or the other documents were created. |
| Data protection consent for data processing | For the duration of the possibility of the assertion of rights by the person concerned. |
| (Electronic) correspondence that is not relevant under tax law | As long as it is necessary to fulfill the task, unless the processing serves to assert, exercise, or defend legal claims. |
| Usage data in accordance with section 1.3 of this data protection declaration | max. 30 days |
Your Rights
This section outlines your statutory rights under the General Data Protection Regulation (GDPR).
2.1 Right to Information
You may request information from us about whether we process personal data concerning you. If this is the case, you have the right to information about this personal data and to the further information specified in Art. 15 GDPR.
2.2 Right to Rectification
You have the right to obtain the rectification of inaccurate personal data concerning you and may request the completion of incomplete personal data in accordance with Art. 16 GDPR.
2.3 Right to Erasure
You have the right to demand that we delete your personal data immediately. We are obligated to delete it immediately, in particular if one of the following reasons applies:
- Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
- You revoke your consent on which the processing of your data was based, and there is no other legal basis for the processing.
- Your personal data has been processed unlawfully.
The right to erasure does not apply if your personal data is necessary for the assertion, exercise, or defence of our legal claims.
2.4 Right to Restriction of Processing
You have the right to request the restriction of the processing of your personal data if:
- You contest the accuracy of the data, for the period required to verify its accuracy.
- The processing is unlawful and you oppose the deletion of the personal data and request the restriction of its use instead.
- We no longer need the personal data for the purposes of the processing, but you require it for the assertion, exercise, or defence of legal claims.
- You have objected to the processing pursuant to Art. 21 GDPR and it has not yet been determined whether our legitimate grounds override yours.
2.5 Right to Data Portability
You have the right to receive the personal data concerning you that you have provided to us in a structured, commonly used, and machine-readable format. You also have the right to transmit this data to another controller without hindrance from us, provided that the processing is based on consent or on a contract and the processing is carried out by automated means.
2.6 Right to Withdraw Consent and Right to Object
Insofar as the processing of your personal data is based on consent (Art. 6 (1a) GDPR), you have the right to withdraw this consent at any time. The withdrawal of consent does not affect the lawfulness of processing carried out on the basis of consent prior to its withdrawal.
Insofar as the processing of your personal data is based on Art. 6 (1e) or Art. 6 (1f) GDPR, you have the right to object, pursuant to Art. 21 GDPR, at any time to the processing of personal data concerning you for reasons arising from your particular situation. We will then no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defence of legal claims.
2.7 General Information and Right to Lodge a Complaint
The exercise of your aforementioned rights is generally free of charge. You also have the right to lodge a complaint with the competent supervisory authority, in particular with the State Data Protection Officer responsible for us.
Data Security and Cookies
This section explains the technical and legal measures applied to ensure data security and the lawful use of cookies.
3.1 Data Security Measures
All data on our website is protected against loss, destruction, unauthorised access, alteration, and distribution through appropriate technical and organisational measures. These measures are continuously reviewed and adapted in line with technological developments.
3.2 Sessions and Cookies
For the operation of the website, we use cookies or server-side sessions in which data may be stored. We ensure that cookies are only used and that information already stored on your terminal equipment is accessed if this is strictly necessary for the provision of the digital service you expressly request (§ 25 (2) No. 2 TDDDG) or if you have given your explicit consent (§ 25 (1) TDDDG).
With your express consent, we use cookies to personalise content and advertisements, to provide social media features, and to analyse access to our website. Information about your use of our website may be shared with our partners for social media, advertising, and analytics purposes. These partners may combine this information with other data they already hold about you.
Social Media Presence
The following information explains how we use social media platforms for company presentation and communication.
We use the following social media platforms for company presentation and communication. Explicit reference is made to the respective privacy policies and opt-out options of each provider.
-
Facebook
Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, D04 X2K5, Ireland
Privacy Policy: https://www.facebook.com/about/privacy/
Opt-Out: https://www.youronlinechoices.com -
X (formerly Twitter)
Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland
Privacy Policy: https://twitter.com/de/privacy
Opt-Out: https://twitter.com/personalization -
Instagram
Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, D04 X2K5, Ireland
Privacy Policy and Opt-Out: https://instagram.com/about/legal/privacy/ -
YouTube
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Privacy Policy: https://www.youtube.com/t/privacy/
These social media platforms may process personal data outside the European Union. In this respect, we refer explicitly to the privacy policies of the respective social media providers listed above.
The respective social media platforms may create usage profiles based on your usage behaviour, interests, and interactions, and may store cookies on your device. If you are logged into your social media account, your usage behaviour may also be recorded across devices. These usage profiles may be used to display interest-based advertising.
We process personal data exclusively for the purpose of communicating with you via the social media platform you have chosen and for optimising our online presence. This processing is carried out on the basis of our legitimate interest (Art. 6 (1f) GDPR), provided that no overriding interests, fundamental rights, or freedoms on your part are affected. Where you have already given valid consent to the respective social media platform operator, the processing of your personal data is also based on this consent (Art. 6 (1a) GDPR).
Hosting and Third-Party Services
This section provides detailed information on external service providers, third-party integrations, and platform services used in the operation of ETS Online.
5.1 External Hosting
Our website is hosted by the following external service provider:
STRATO AG
Otto-Ostrowski-Straße 7, 10249 Berlin
Privacy Policy: www.strato.de/datenschutz/
The personal data collected on this website is transmitted to and stored on the servers of the aforementioned third-party provider. This may include, in particular:
- IP addresses
- Contact data
- Contract data
- Website accesses
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request
- HTTP status code
- Amount of data transferred
- Website from which the request originates
- Browser and operating system information
The use of the hosting provider is based on the fulfilment of contractual obligations (Art. 6 (1b) GDPR) and our legitimate interest in secure, fast, and efficient provision of our online offering by a professional provider (Art. 6 (1f) GDPR). The provider processes your data only to the extent necessary to fulfil its performance obligations and in accordance with our instructions.
5.2 Social Media Links
We maintain social media presences that are accessible via links on this website. By activating these links, you will be redirected to the respective third-party platforms (e.g., Facebook, X, Instagram).
To avoid unnecessary data transfer, we recommend logging out of the respective third-party provider before using such links, so that user profiles cannot be created through link usage.
5.3 Third-Party Login
5.3.1 Login with a Facebook Account
You may log in using your existing Facebook account by selecting “Login with Facebook”. You will be redirected to www.facebook.com, operated by Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, D04 X2K5, Ireland. The privacy policy and terms of use of Facebook apply.
5.3.2 Login with a Google Account
You may log in using your existing Google account by selecting “Login with Google”. You will be redirected to www.accounts.google.com, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. The privacy policy and terms of use of Google apply.
5.3.3 Login with a LinkedIn Account
You may log in using your existing LinkedIn account by selecting “Login with LinkedIn”. You will be redirected to www.linkedin.com, operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. LinkedIn may process personal data in the USA. LinkedIn’s privacy policy and terms of use apply.
5.3.4 Login with an Apple Account
You may log in using your existing Apple account via “Sign in with Apple”. Depending on your settings, Apple may provide your name or email address. You may edit your name or use a private relay email address.
You can manage “Sign in with Apple” in iOS under Settings → [Your Name] → Login & Security → Apps, or via your Apple account settings on macOS.
5.4 Cloudflare
We use Cloudflare, operated by Cloudflare Inc., 101 Townsend St, San Francisco, USA, to ensure performance, security, and availability of our website. Your browser may transmit personal data (e.g., IP address) to Cloudflare. Data processing may take place in the USA.
Cloudflare operates a Content Delivery Network (CDN) to distribute content efficiently and reduce server load. You may prevent Cloudflare data processing by disabling scripts or using browser extensions such as NoScript or Ghostery.
The use of Cloudflare is based on our legitimate interest in a secure and performant online offering (Art. 6 (1f) GDPR).
5.5 Google Web Fonts
We use Google Web Fonts provided by Google Ireland Limited to ensure consistent typography. Web fonts are cached locally in your browser. No overriding user interests are affected (Art. 6 (1f) GDPR).
Google Privacy Policy: https://www.google.com/policies/privacy/
5.6 gstatic
We use gstatic, a Google service, to deliver static assets such as fonts and scripts efficiently. Your browser transmits technical data (e.g., IP address, browser information) to Google for performance optimisation.
Processing is based on our legitimate interest in a functional and efficient website (Art. 6 (1f) GDPR).
5.7 Continuous Protection through Google reCAPTCHA
To protect our website against automated misuse and spam, we use Google reCAPTCHA v3. Interaction patterns (e.g., mouse movements, dwell time) are analysed to distinguish humans from bots.
Data processing occurs only after your active consent (Art. 6 (1a) GDPR). Google’s privacy policy applies: https://policies.google.com/privacy
5.8 Use of the Thinkific Platform
We use the e-learning platform Thinkific, operated by Thinkific Labs Inc., Vancouver, Canada, as technical infrastructure for:
- Hosting course content (videos, PDFs, quizzes)
- Managing user accounts and learning progress
- Processing payments via integrated gateways
- Sending automated course-related notifications
Data processing is based on contract fulfilment (Art. 6 (1b) GDPR) and our legitimate interest in providing a secure and professional learning platform (Art. 6 (1f) GDPR).
Thinkific Privacy Policy: https://www.thinkific.com/privacy-policy
Contact Information
For all inquiries regarding data protection and the processing of personal data, please use the contact details provided below.
Controller within the meaning of the GDPR
European Theological Seminary e.V.
Rippoldsauer Str. 50
72250 Freudenstadt
Germany
Email: [email protected]
Phone: +49 7442 / 4905-0
Data Protection Officer
Should you have any questions regarding data protection, you may also contact our appointed Data Protection Officer:
Attorney-at-Law Cornelius Matutis
Berliner Straße 57
14467 Potsdam
Germany
Email: [email protected]
Phone: +49 331 813 284 70