The German Peace Prize for Photography is a special category of the Felix Schoeller Photo Award.

1) Name and address of the Controller
The Controller pursuant to the General Data Protection Regulation (GDPR) and other national data protection laws of Member States as well as other data protection regulations is:
Felix Schoeller Holding GmbH & Co. KG
Burg Gretesch
49086 Osnabrück
Tel.: +49 541 3800-0
Fax: +49 541 3800-425
Email: info@felix-schoeller.com
Limited partnership – Registered office in Osnabrück – Register court: HRA 5121

Chairman of the Advisory Board: Prof. Dr. Andreas Georgi
Chief Executive Officers: Hans-Christoph Gallenkamp (Chairman), Georg Haggenmüller, Gerhard Hochstein, Guido Hofmeyer, Stephan Igel

these represented by the personally liable partner:
Felix Schoeller Holding Geschäftsführung GmbH
Burg Gretesch
49086 Osnabrück
Tel.: +49 541 3800-0
Fax: +49 541 3800-425
Email: info@felix-schoeller.com
Registered office in Osnabrück – Register court: HRB 16630
Chairman of the Advisory Board: Prof. Dr. Andreas Georgi
Chief Executive Officers: Hans-Christoph Gallenkamp (Chairman), Georg Haggenmüller, Gerhard Hochstein, Guido Hofmeyer, Stephan Igel

2) Name and address of the Data Protection Officer**
The Controller’s Data Protection Officer is:
Manfred Kisker
Burg Gretesch, 49086 Osnabrück
Tel.: +49 541 3800-379
Email: mkisker@felix-schoeller.com
Website: felix-schoeller.com

3) General information about data processing
3.1) Scope of processing of personal data
We generally only collect and use the personal data of our users if doing so is necessary to provide them with a functional website as well as content and services. The personal data of our users is generally only collected and used after they have given their consent. This does not include cases in which, for practical reasons, the participant’s prior consent cannot be obtained and processing the data is permitted under statutory regulations.

3.2) Legal basis for processing personal data
If the consent of the data subject is required to process personal data, Art. 6(1)(a) GDPR shall serve as the legal basis for processing personal data.
If processing personal data is necessary for the performance of a contract to which the data subject is a party, then Art. 6(1)(b) GDPR shall serve as the legal basis. This also applies to processing that is necessary to take steps prior to entering into a contract.

If processing personal data is necessary for compliance with a legal obligation to which our company is subject, then Art. 6(1)(c) GDPR shall serve as the legal basis.

If the processing is necessary in order to protect the vital interests of the data subject or of another natural person, then Art. 6(1)(d) GDPR shall serve as the legal basis.

If processing the personal data is necessary for the purposes of the legitimate interests of our company or a third party and if the interests and fundamental rights and freedoms of the data subject do not outweigh those of our company, then Art. 6(1)(f) GDPR shall serve as the legal basis.

3.3) Data deletion and storage period
The data subject’s personal data will be deleted or blocked once the reason it was saved no longer exists. The personal data may be saved beyond this point if required under European or national regulations, laws or other statutory provisions to which the Controller is subject. The data will also be blocked or deleted if a retention period specified under one of the aforementioned statutory provisions expires, unless it is necessary to continue to store the data in order to conclude or perform a contract.

4) Provision of the website and creation of log files
4.1) Description and scope of data processing when log files are used
Each time our website is accessed, our system collects automated data and information from the computer used to access the website. The following data is collected:

  • Information about the browser type and version used
  • The operating system used
  • The website you visit before visiting our site (referrer URL)
  • The pages that you visit
  • The data and time you access the website
  • Your internet protocol (IP) address

This anonymous data is stored separately from any other personal data we have on file for you and therefore cannot be used to ascertain the identity of a particular person. It is analyzed for statistical purposes in order to optimize our website and our offering.

4.2) Legal basis for data processing when log files are used
The legal basis for storing the data and the log files is Art. 6(1)(f) GDPR.

4.3) Purpose of data processing when log files are used
The temporary storage of the IP address by the system is necessary in order to enable the provision of the website to the user’s computer. Doing so requires the storage of the user’s IP address for the duration of the session.
The log files are stored in order to ensure the functionality of the website. In addition, the data helps us to optimize the website and ensure the security of our information systems. In this connection, the data is not analyzed for marketing purposes.

These purposes also include our legitimate interest to data processing pursuant to Art. 6(1)(f) GDPR.

4.4) Storage period of log files
The data will be deleted when it is no longer necessary for achieving the purpose for which it was collected. If the data was collected in order to provide the website, this will be the case when the session is ended.
If the data is stored in log files, then this will be the case no later than after days. Data may be stored longer than this. In this case, the IP addresses of the user will be deleted or anonymized so that they can no longer be associated with the accessing client.

4.5) Objection and removal option when log files are used
The collection of the data to provide the website and the storage of the data in log files is necessary to operate the website. Consequently, the user has not right to object.

5) Registration
5.1) Description and scope of data processing during registration
On our website, we offer users the option of registering as participants of the Felix Schoeller Photo Awards if they provide personal data. The data is entered in an input screen and transmitted to and stored by us. We do not forward data to third parties. The following data is collected during the registration process:

  • First and last name of the user
  • Address of the user
  • Telephone numbers of the user
  • Email address of the user
  • Date of birth of the user
  • Data that proves the user’s profession, training, studies, etc.
  • Data regarding the user’s career and work as a photographer, which the user agrees may appear in the press if the work submitted by the user is to be published. Publication approval is granted when the user uploads his/her CV during the submission process.

The following data is also stored during the registration process:

  • The user’s IP address
  • Date and time of registration

The user’s consent to process this data is obtained during the registration process.

Please see the separate privacy policy that applies for participation in the Felix Schoeller Photo Award.

5.2) Legal basis for data processing during the registration process
The legal basis for the data processing if the user has given his/her consent is Art. 6(1)(a) GDPR.

5.3) Purpose of the data processing during the registration process
Users must register on our website in order to participate in the Felix Schoeller Photo Award. In order to be able to participate in the competition, it must be possible to identify and contact the participant. In addition, it must also be possible to determine whether the participant meets the conditions set out in the conditions of participation for the Felix Schoeller Photo Awards in order to ensure a fair competition.

5.4) Storage period
The data will be deleted when it is no longer necessary for achieving the purpose for which it was collected.

5.5) Change and removal options during the registration process
As a user, you have the option to have your stored data changed at any time or to have your registration details deleted. In this case, all of the data you entered as part of the registration process will be deleted. You will no longer be part of the Felix Schoeller Photo Award and your participation in the competition will end.

6) Use of cookies during the registration process
6.1) Description and scope of the use of cookies
Our website uses cookies during the registration process. Cookies are text files that are stored in or by the internet browser on the user’s computer. Whenever a user accesses a website a cookie may be stored in his/her operating system. These cookies contain a unique series of characters that enable clear identification of the browser whenever the user accesses the website. We use session cookies and local storage technology to make the registration process more user-friendly.

The session cookie stores information that identifies the online activities of your individual browser session. The session cookie provides a session ID. This session ID is used to identify multiple user inquiries on our website. The session cookie is deleted when the user’s browser is closed.

We also use local storage technology (also called “local data” and “local storage”). With this technology, data is stored locally in your browser’s cache, and this data may continue to exist and be read even after the browser window is closed or the program is ended – as long as you do not delete the cache. 
Local storage technology allows us to store your preferences when you use our website. These preferences are stored on your computer and can be used by you.

6.2) Legal basis for the use of cookies and local storage
The legal basis for storing the data and the log files is Art. 6(1)(f) GDPR.

6.3) Purpose of the data processing when cookies and local storage are used
We use these technologies in order to provide you with an attractive and fully functional offering.

6.4) Removal option when cookies and local storage are used
If you do not want cookies and local storage functions to be used, then you can adjust the settings of your browser. You can see all of the cookies that have been saved in your browser settings.

You can delete or block cookies at any time. You can manage local storage content in your browser’s settings under “History” or “Local Data”, depending on the browser you use.

7) Use of website analysis services
7.1) Description and scope of the website analysis services used
Our website uses Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA, hereafter “Google”. Google Analytics uses “cookies”, text files that are stored on your computer and make it possible to analyze your use of the website.
The information collected with the help of these cookies, such as time, place and frequency of your website visits, including your IP address, are transmitted to Google in the US and stored there. We use Google Analytics on our website with an IP anonymization function. In this case, your IP address will be abbreviated and thus anonymized by Google within the member state of the European Union or in another state that is a party to the Agreement on the European Economic Area.

7.2) Legal basis for the use of Google Analytics
The legal basis for the use of Google Analytics is Art. 6(1)(f) GDPR.

7.3) Purpose of data processing when using Google Analytics
Google will use this information in order to analyze your use of our website, to compile reports on website activities for us and to provide other services related to the use of our website and the internet.
You can prevent the use of cookies by adjusting the settings of your browser software accordingly; note, however, that if you do so that you will not be able to use all of the functions of our website completely.

7.4) Forwarding of data to third parties when using Google Analytics
Where applicable, Google will transmit this information to third parties if required by law or if third parties process this data on behalf of Google. According to its own statements, Google never combines your IP address with other Google data.

7.5) Deactivation option when using Google Analytics
For the latest browsers, Google offers a deactivation option, which provides you with more control over which data Google collects and processes. If you activate this option, no information about your website visit will be transmitted to Google Analytics. However, doing so does not prevent data from being transmitted to us or, where applicable, other web analysis services used by us. Further information about the deactivation option provided by Google as well as about how to activate this option can be found at the following link: tools.google.com/dlpage/gaoptout

8) Use of YouTube components
8.1) Description and scope of the YouTube components used
Our website uses plugins from YouTube, which is owned by Google. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. If you visit one of our sites that has a YouTube plugin, a connection will be created with YouTube’s servers. YouTube will be informed which of our sites you have visited. If you are logged into your YouTube account, it will be possible for YouTube to allocate your surfing behavior directly to your personal profile.

8.2) Legal basis for the use of YouTube components
The legal basis for the use of YouTube components is Art. 6(1)(f) GDPR.

8.3) Purpose of data processing when using YouTube components
YouTube is used in the interest of ensuring the attractive presentation of our online offerings.

8.4) Deactivation option when using YouTube components
To prevent YouTube from allocating your surfing behavior directly to your personal profile you must log out of your YouTube account. Further information about the use of user data can be found in YouTube’s privacy policy at: www.google.de/intl/de/policies/privacy

9) Use of Vimeo components
9.1) Description and scope of the Vimeo components used
We use components provided by Vimeo on our website. Vimeo is a service of Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA. Every time you access one of our websites that has such components, the components allow your browser to download a corresponding representation of the Vimeo component. If you access our site while you are logged into Vimeo, Vimeo will recognize which site you visit as a result of the component and will allocate this information to your personal Vimeo account. For example, if you click on the “Play” button or enter a comment, this information will be transmitted to your personal user account at Vimeo and stored there. In addition, the fact that you visited our site will also be transmitted to Vimeo. This happens whether you, for example, click on the component/enter a comment or not.

9.2) Legal basis for the use of Vimeo components
The legal basis for the use of Vimeo components is Art. 6(1)(f) GDPR.

9.3) Purpose of data processing when using Vimeo components
Vimeo components are used in the interest of ensuring the attractive presentation of our online offerings.

9.4) Deactivation option when using Vimeo components
If you want to prevent the transmission and storage by Vimeo of data about you and your behavior on our website, you must log out of Vimeo before you visit our site. Vimeo’s privacy policy provides more information on this point, in particular, regarding the collection and use of the data by Vimeo: vimeo.com/privacy

10) Use of social media plugins
10.1) Description and scope of the social media plugins used
We use social media plugins on our website from the social networks Facebook, Twitter, Google+ and Instagram. The use of these social plugins makes it easier to share content from our website on the social media platforms. Content posted by users on Facebook, Twitter, Google+ or Instagram reaches additional users.
These plugins are integrated via the so-called “two-click” method to protect visitors to our website as best as possible.

10.2) Legal basis for the use of social media plugins
The legal basis for the use of social media plugins is Art. 6(1)(f) GDPR.

10.3) Purpose of data processing when using social media plugins
Social media plugins are used in the interest of publicizing the Felix Schoeller Photo Award and the related website. This purpose is a legitimate interest pursuant to the GDPR.

10.3.1) Facebook
Our website uses Facebook social media plugins in order to make the use of the website more personal. This involves the use of the “Share” button. This is an offering from Facebook.

If you access a page on our website that has such a plugin, your browser will create a direct connection with Facebook’s servers. The content of the plugin is transmitted directly from Facebook to your browser and integrated by it in the website.

The integration of the plugin allows Facebook to receive information indicating that the corresponding page on our website has been accessed, even if you do not have a Facebook account or are not logged into Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the US and stored there.

If you are logged into Facebook, Facebook can allocate the visit to our website to your Facebook account. If you interact with the plugins, for example, by clicking on the “Share” button, the corresponding information will also be transmitted directly to a Facebook server and stored there. The information will also be posted on Facebook and shown to your Facebook friends.

Facebook may use this information for advertising, market research and the need-based design of Facebook pages. To this end, Facebook creates usage, interest and relationship profiles to, for example, analyze your use of our website with respect to the ads shown to you on Facebook, to inform other Facebook users about your activities on our website and to provide other services related with the use of Facebook.

If you do not want Facebook to allocate the data collected on our website to your Facebook account, you must log out of Facebook before visiting our website.

For more information about the purpose and scope of data collection as well as the other ways in which Facebook processes and uses the data and the setting options for protecting your privacy, please see Facebook’s privacy policies facebook.com/about/privacy.

10.3.2) Twitter
Plugins from the short message network of Twitter Inc. (Twitter) are integrated on our website. The Twitter plugins (tweet button) can be recognized by the Twitter logo on our site.
When you access a page on our website that contains such a plugin, a direct connection is created between your browser and the Twitter server. This provides Twitter with information indicating that you have visited our site with your IP address. If you click on the Twitter tweet button while you are logged into your Twitter account, you can link the content on our website to your Twitter profile. This will allow Twitter to allocate the visit to our website to your user account. Please note that we, as the provider of the website, have no knowledge of the data that is transmitted or how it is used by Twitter.
If you do not want Twitter to be able to allocate the visit to our website to you, please log out of your Twitter account.
Further information can be found in Twitter’s privacy policy (https://twitter.com/privacy).

10.3.3) Google+
Plugins from the social media network Google+ (Google Plus) are integrated on our website. These plugins are provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.
When you access a page on our website that contains such plugins, your browser creates a direct connection with Google’s servers, allowing the content of the plugins to be transmitted to your browser and integrated in the website displayed on it. As a result of this connection, the fact that you visited our site will be transmitted Google.

If you have a Google+ account and are logged into it, Google will be able to allocate the visit to our website to your account. If you interact with the plugins, e.g. by clicking on the button or posting a comment, this information will be transmitted directly to Google and stored there. If you do not want such data to be transmitted, you must log out of your Google Plus or Google account before visiting our website.

We have no influence over the scope and content of the data that Google collects through this button. We assume that your IP address will also be collected and transmitted to Google. You can learn about the purpose, scope and use of the data collected by Google Inc. in its privacy policies (http://www.google.com/intl/de/+/policy/+1button.html).

10.3.4) Instagram
Our website contains social plugins from Instagram, which is operated by Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, USA (“Instagram”).
You can recognize the plugins from Instagram’s camera logo.

If you access a page on our website that has such an Instagram plugin, your browser will create a direct connection with Instagram’s servers. The content of the plugin is transmitted directly from Instagram to your browser and integrated by it in the website. The integration of the plugin allows Instagram to receive information indicating that the corresponding page on our website has been accessed, even if you do not have an Instagram profile or are not logged into Instagram.

This information (including your IP address) is transmitted by your browser directly to an Instagram server in the US and stored there. If you are logged into Instagram, Instagram can allocate your visit to our website to your Instagram account. If you interact with the plugins, for example, by clicking on the “Instagram” button, this information will also be transmitted directly to an Instagram server and stored there.

The information is also posted on your Instagram account and shown to your contacts there.

If you do not want Instagram to allocate the data collected on our website directly to your Instagram account, you must log out of Instagram before visiting our website. Further information can be found in Instagram’s privacy policy help.instagram.com/155833707900388

11) Newsletter
11.1) Description and scope of data processing for the newsletter
You can use our website to subscribe to our newsletter. The data entered in the input screen when registering for the newsletter is transmitted to us. This data includes:

  • First and last name of the user
  • Email address of the user

We use the newsletter to provide you with information about our offerings at regular intervals. You need a valid email address in order to be able to receive our newsletter. The email address that you enter will be reviewed to ensure that you are, in fact, the owner of the specified email address or that the owner of the email address has authorized receipt of the newsletter.

In addition, the following data will be collected when you subscribe to the newsletter:

  • IP address of the accessing computer
  • Date and time of registration

We do this to prevent the unauthorized use by a third parties of your email address to subscribe to our newsletter without your knowledge. We do not collect any other data. The data collected is used solely for the subscription to our newsletter.

It is not forwarded to any third parties. Nor is the data collected compared with data that may have been collected by other components on our website.

11.2) Legal basis for data processing related to the newsletter
The legal basis for the data processing after the user has subscribed to the newsletter if the user has given his/her consent is Art. 6(1)(a) GDPR.

11.3) Purpose of data processing with respect to the newsletter subscription
The user’s email address is collected in order to be able to send the newsletter. Any other personal data that is collected during the subscription process is used to prevent the misuse of the service or the email address used.

11.4) Storage period with respect to the newsletter subscription
The data will be deleted when it is no longer necessary for achieving the purpose for which it was collected. The user’s email address is stored for as long as the newsletter subscription is active.

11.5) Objection and removal option with respect to the newsletter subscription
You can unsubscribe from the newsletter at any time. Details can be found in the confirmation email as well as in each individual newsletter. Doing so also makes it possible to revoke the consent to store the personal data collected during the subscription process.

12) Use of web fonts
We use external fonts from Monotype Webfonts on our website. Monotype Webfonts Fonts is a service of Monotype Imaging Inc., 600 Unicorn Park Drive, Woburn, MA 01801, United States.

These web fonts are integrated in our website by accessing Monotype’s server in the US. As a result, information about which of our sites you have visited is transmitted to its servers. The IP address of the browser on the user’s device is also stored by Monotype Webfonts. Further details can be found in Monotype Webfont’s privacy policies (https://www.monotype.com/de/rechtshinweise/datenschutzrichtlinie/datenschutzrichtlinie-zum-tracking-von-webschriften/)

13) Rights of the data subject
If your personal data is processed, then you are a data subject pursuant to the GDPR and you have the following rights with respect to Felix Schoeller Holding Geschäftsführung GmbH:

13.1) Right to information
You may request information from us regarding whether personal data related to you has been processed by us. If such data has been processed by us, you may request the following information:

  • the purpose for which the personal data has been processed;
  • the categories of personal data that have been processed;
  • the recipients or categories of recipients to whom the personal data related to you has been or will be disclosed;
  • the period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
  • the existence of the right to request correction or deletion of personal data or restriction of processing concerning the data subject or to object to processing;
  • the right to lodge a complaint with a supervisory authority;
  • all available information about the source of the data if the personal data was not collected from the data subject.

13.2) Right to correction
You have the right to submit a request for correction and/or the addition of information to us if the processed personal data related to you is incorrect or incomplete. We will correct the data immediately.

13.3) Right to restrict processing
You can request that we restrict the processing of the personal data related to you under the following circumstances:

  • if you dispute the accuracy of the relevant personal data for a period that enables us to review the accuracy of the personal data;
  • the processing is unlawful and you reject erasure of the personal data and instead request that the use of the personal data be restricted;
  • we no longer need the personal data for processing purposes, but you require it for the purpose of asserting, exercising or defending legal claims, or
  • if you have lodged an objection to the processing pursuant to Art. 21(1) GDPR and it is not clear whether our legitimate interest outweigh your reasons. If the processing of your personal data has been restricted, this data may – apart from its storage – only be processed with your consent or to assert, exercise or defend legal claims or to protect the rights of other natural persons or legal entities or to protect the material public interest of the European Union or a member state.

If the processing of the data was restricted in accordance with the above conditions, we will inform you before the restriction is lifted.

13.4) Right to deletion
a) Deletion obligation
You may request that we immediately delete your personal data if one of the following reasons applies:

  • Your personal data is no longer needed for the purpose for which it was collected or otherwise processed.
  • You revoke your consent that served as the basis of the processing pursuant to Art. 6(1)(a) or Art. 9(2)(a) GDPR and there is no other legal basis for the processing.
  • You lodge an objection to the processing pursuant to Art. 21(1) GDPR and there is no overriding legitimate reason for the processing or you lodge an objection to the processing pursuant to Art. 21(2) GDPR.
  • Your personal data was processed unlawfully.
  • The deletion of your personal data is necessary to meet a legal obligation under European Union law or the law of a member state to which the controller is subject.
  • Your personal data was collected in relation to offered information society services pursuant to Art. 8(1) GDPR.

b) Information to third parties
If we have disclosed your personal data and if we are obliged pursuant to Art. 17(1) GDPR to delete the data, we will take the appropriate measures, including technical measures – taking account of the available technology and the implementation costs – to inform the controller responsible for the data processing that you, as the data subject, have request the deletion of all links to this personal data or copies or duplicates of this personal data.

c) Exceptions
There is no right to deletion if the processing is necessary

  • to exercise the right to the free expression of an opinion and information;
  • to meet a legal obligation under European Union law or the law of a member state to which the controller is subject, or to carry out a task that is in the public interest or in the exercise of public authority that has been transferred to the controller;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Art. 89(1) GDPR, provided the right specified under para. a) is likely to make the achievement of the objectives of such processing impossible or seriously impair such achievement, or
  • to assert, exercise or defend legal claims.

13.5) Right to notification
If you have asserted the right to correct, delete or restrict processing, we will be obliged to notify all recipients to whom your personal data has been disclosed of the correction or deletion of the data or restriction of its processing, unless this proves is impossible or involves a disproportionate amount of effort. You have the right to be notified about these recipients.

10.6) Right to data portability
You have the right to receive the personal data that you provided to us in a structured, common and machine-readable format. In addition, you have the right to transfer this data to another controller without obstruction by the controller to whom the personal data was given, provided

  • the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR.
  • the processing is carried out with the help of automated processes. In exercise of this right, you also have the right to request that your personal data be transferred directly from one controller to another controller, provided that doing so is technically feasible. The freedoms and rights of other persons must not be affected by this. The right to data portability does not apply for the processing of personal data that is necessary to perform a task that is in the public interest or in the exercise of a public authority that has been transferred to us.

10.7) Right to object
You have the right, for reasons that arise from your particular situation, to lodge an objection against the processing of your personal data which is processed on the basis of Art. 6(1)(e) or (f) at any time.

We will no longer process your personal data, unless we can demonstrate compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or if the processing serves to assert, exercise or defend legal claims.

In connection with the use of information society services – and irrespective of Directive 2002/58/EC – you may exercise your right to lodge an objection via automated processes that involve technical specifications.

10.8) Right to revoke the consent given under data protection law
You have the right to revoke your consent under data protection law at any time. The revocation of consent shall not affect the lawfulness of the processing carried out through the date until consent was revoked.

10.9) Right to lodge a complaint with a supervisory authority
Irrespective of any administrative or judicial remedies, you have the right to lodge a complaint with a supervisory authority, particularly in the member state where you maintain your place of residence, your place of employment or where the alleged breach occurred if you believe that the processing of your personal data was in breach of the GDPR.

The supervisory authority with which the complaint was lodged shall keep the complainant informed about the status and the results of the complaint, including the option of a judicial remedy pursuant to Art. 78 GDPR.