Data Protection
Privacy Notice for Messenger Services and Cloud Services
The association we integrate e.V. uses the messenger services Signal, WhatsApp, and Telegram for communication with members, volunteers, and interested parties. The use of these services is based on our legitimate interest in efficient and modern communication as well as secure storage and management of association data according to Art. 6 Para. 1 lit. f GDPR.
Please note that when using these messenger services, your phone number is processed and may be visible to other members in group chats. Additionally, display name and possibly profile picture are visible to other group members. The groups are also informed about this in advance. Joining/leaving the group is possible at any time.
Existing personal data (including names, email addresses, phone numbers, addresses, date of birth, bank details, etc.) are processed via Google Drive. Personal data (including salutation, names, phone number, email address) of volunteers are stored by their own action, i.e., self-registered or unregistered. Information about the group of people with access rights is provided before registration.
Personal data of members are recorded on Google Drive. This is explained in detail in the membership application. Access is only possible for authorized persons (including board members, administration).
Data Security and Processing by Messenger Services
All three messenger services (WhatsApp, Signal, and Telegram) offer end-to-end encryption for private messages, ensuring that neither the provider nor third parties can view their contents. However, there are differences in the storage and processing of metadata:
- WhatsApp transmits metadata (e.g., sender, recipient, timestamp) to WhatsApp Inc. and its parent company Meta, which are based in the USA. The data transfer to the USA is based on the standard contractual clauses of the EU Commission and the EU-US Data Privacy Framework (DPF).
- Signal claims not to collect metadata and processes data exclusively in the USA.
- Telegram offers optional end-to-end encryption for individual chats, but by default stores messages on its own servers, which may be located outside the EU. The exact locations are not disclosed.
Processing of Personal Data with Google Drive
For internal management and storage of association documents, we use Google Drive, a cloud service provided by Google LLC based in the USA. This may involve a third-country transfer of personal data. The processing is based on the standard contractual clauses of the EU Commission and the EU-US Data Privacy Framework (DPF).
Google Drive is used exclusively for managing association documents. No sensitive personal data is shared without prior consent of the person concerned.
For more information on data processing by Google, please refer to Google’s privacy policy: Google Privacy Policy
Voluntariness and Revocation
Communication via the mentioned messenger services and the processing of personal data via Google Drive is voluntary. Alternatively, other contact options such as email or phone are available to you. If you do not wish to communicate via messenger services or want to object to the storage of your data, you can contact us at any time.
Disclaimer
We assume no responsibility for the data processing by the respective providers.
For more information on data processing by the providers, please refer to their privacy policies:
Signal: https://signal.org/legal/
WhatsApp: https://www.whatsapp.com/legal/
Telegram: https://telegram.org/privacy
Google Drive (Google LLC): https://policies.google.com/privacy