Mindelheimer Museen

Data privacy policy

The responsible authority within the meaning of the data protection laws, in particular the EU General Data Protection Regulation (GPDR), is: Stadt Mindelheim Represented by the First Mayor Dr. Stephan Winter Maximilianstrasse 26 87719 Mindelheim Germany Telephone: +49 (0) 8261-9915-0 Email: poststelle@mindelheim.de

Your rights as a data subject

You can exercise the following rights at any time using the contact details of our data protection officer given at the end of this declaration: • information about the data we store and how it is processed • correction of incorrect personal data • deletion of your stored data • restriction of data processing if data deletion is not yet permitted for legal reasons • objection to the processing of your data by us, and • data portability, provided you have consented to data processing or have concluded a contract with us • Your given consent to data processing can be revoked at any time with effect for future use. If you have a complaint, you can contact the supervisory authority responsible at any time: Bavarian State Commissioner for Data Protection Wagmüllerstraße 18 80538 Munich Germany Telephone: +49 (0) 89-212672-0 Fax: +49 (0) 89-212672-50 E-mail: poststelle@datenschutz-bayern.de

Purpose of data processing by the responsible authority and by third parties

We process your personal data only for the purposes stated in this privacy policy. We do not transfer your personal data to third parties for purposes other than those stated below. We will only disclose your personal data to third parties if: • you have given your express consent • data processing is necessary for the fulfilment of a contract with you • data processing is necessary in order to comply with a legal obligation • data processing is necessary in order to protect legitimate interests, and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data

Deletion or blocking of personal data

We adhere to the principles of data avoidance and data economy. We therefore only store your personal data for as long as is necessary to achieve the purposes stated here, or as stipulated by the various storage periods provided for by law. After the respective purpose has ceased to exist or these periods have expired, relevant personal data is routinely blocked or deleted in accordance with legal provisions.

Collection of general information when you visit our website

When you access our website, information of a general nature is automatically collected by means of a cookie. This information (server log files) includes, for example, the type of web browser, the operating system used, the domain name of your internet service provider and similar. This is exclusively information that does not allow any conclusions to be drawn about your person. This information is necessary for technical reasons, in order that the content matter of the web pages you request is provided correctly. It is compulsory when using the internet. In particular, this information is processed for the following purposes: • to ensure smooth connection to our website • to ensure trouble-free use of our website • to evaluate system security and stability, and • for other administrative purposes The processing of your personal data is based on our legitimate interest, which arises from the purposes of data collection stated above. We do not use your data in order to draw conclusions about your person. The only recipients of the data are the responsible authority and, if applicable, the handlers of an order placed. Anonymous information of this kind may be statistically evaluated by us in order to optimise our website and the technology underlying it.


Like many other websites, we also use “cookies”. Cookies are small text files that are transferred from a website server to your hard drive. They give us automatic access to specific data such as your IP address, the browser used, the operating system and your connection to the internet. Cookies cannot be used to run programs or to transmit viruses to a computer. The information contained in cookies allows us to facilitate site navigation and to ensure the correct display of our website. Under no circumstances will the data we collect be passed on to third parties or linked to personal data without your consent. Of course, you can also view the website without accepting cookies. Internet browsers are generally set to accept cookies. In principle, you can deactivate the use of cookies at any time via your browser settings. The help functions of your internet browser will tell you how to change these settings. Please note that individual functions of our website may not function properly if you have deactivated the use of cookies.

SSL encryption

To protect the security of your data during transmission, we use the latest encryption methods (e.g. SSL) via HTTPS.

Contact forms

If you contact us via a contact form, you give us your voluntary consent for the purpose of contacting you. In order to do so, you must provide us with your surname, first name, a valid e-mail address and telephone number. Once your enquiry has been dealt with, personal data will be deleted by the central IT office in the designated container (after 7 days at the latest) or deleted by the responsible authority after processing.

Use of Wordfence

We have integrated Wordfence on this website. The provider is Defiant Inc., 800 5th Ave Ste 4100, Seattle, WA 98104, USA (hereinafter “Wordfence”). Wordfence serves to protect our website from unwanted access or malicious cyber attacks. For this purpose, our website establishes a permanent connection to the Wordfence servers so that Wordfence can check its databases against the accesses made to our website and block them if necessary. The use of Wordfence is based on Art. 6 para. 1 lit. f GDPR.The website operator has a legitimate interest in protecting its website as effectively as possible against cyber attacks. If respective consent has been requested, processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR. This consent can be revoked at any time. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find more details here: https://www.wordfence.com/help/general-data-protection-regulation/

Changes to our privacy policy

We reserve the right to adapt this data privacy policy so that it always complies with the current legal requirements, or in order to implement changes to the services detailed in this policy, e.g. when introducing new services. The new data privacy policy will then apply to your next visit.

Questions for the data protection officer in Mindelheim

If you have any questions about data protection, please write us an e-mail or contact the person responsible for data protection in Mindelheim directly: Stadt Mindelheim Data protection officer Maximilianstrasse 26 87719 Mindelheim, Germany Tel. +49 (0) 8261/-9915-0 E-mail: datenschutz@mindelheim.de