The responsible entity for the processing of personal data is the German Oceanographic Museum Foundation
Katharinenberg 14–20
18439 Stralsund

Data processing when visiting our sites

We collect your personal data for the purpose of contact tracing in the sense of infection protection (§ 28 a para. 1, 4 IfSG), among others by means of the luca app of the provider culture4life GmbH, Charlottenstraße 59, 10117 Berlin. Further information on the provider can be found at www.luca-app.de/app-privacy-policy 

With the above-mentioned data processing, we contribute to the health protection of the population and base the contact tracing on the legal requirements according to the Corona State Ordinance Mecklenburg-Western Pomerania in the currently valid version, orders of the competent health authority and our legitimate interest according to Art. 6 para. 1 lit f. GDPR to protect our visitors and employees from the risk of infection.

The data processing includes the following categories of data:
Name, first name, full address, telephone number, date and time of visit, location.

This data is stored pseudonymously using the luca app. Decryption of the collected data is only possible by the competent health authority after release by the responsible person.

Your use of the luca app is voluntary. Alternatively, you have the option of leaving the data in writing.Therefore, if you do not provide us with your contact details using the luca app or by using another method, we may have to exclude you from visiting or using our premises.

Duration of data storage

The data is stored for four weeks by us or encrypted and pseudonymised in the app on your device and by the service provider and then deleted. Data is only stored beyond this period if it is required by law to be forwarded to the local health authority.

Recipients or categories of recipients of personal data

At the request of the health authority, the personal data collected will be decoded and forwarded in accordance with the Corona/COVID-19 infection control regulations.

Your rights

As a data subject, you have various rights under the General Data Protection Regulation.
These are

• Right to information about the data we hold about you (Art. 15 GDPR)
• Right to have inaccurate data corrected (Art. 16 GDPR)
• Right to have data deleted if there is no legal basis for further storage (Art. 17 GDPR)
• Right to restrict the processing of data to specific purposes (Art. 18 GDPR)
• Right to data portability (Art. 20 GDPR) and
• Right to object to the processing of your data (Art. 21 GDPR).

If the processing of your data is based on consent, then you have the right to revoke the consent you have given at any time. The lawfulness of the processing carried out on the basis of the consent given until the revocation is not affected by the revocation. The obligation to notify is not affected by this once the test result is available.

In addition, according to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of the data concerning you violates data protection regulations. The supervisory authority responsible for us is:The State Commissioner for Data Protection and Freedom of Information of Mecklenburg-Western Pomerania
Schwerin Castle, Lennéstraße 1, 19053 Schwerin, Germany
www.datenschutz-mv.de

Finally, you have the right to contact our data protection officer at any time, if one has been appointed. The data protection officer is bound to secrecy with regard to your enquiry as far as the processing of your data is concerned. You can contact our data protection officer using the contact details provided.

Video surveillance in the buildings

Insofar as video surveillance systems are installed in the buildings of the locations, these serve to protect collection property and, in the cashier areas, to protect against robbery or to clarify differences in cash payment transactions due to our legitimate interest in protecting the property and health of our employees and customers. In individual cases, the video recording data may also be used to pursue the legal interests of third parties. The director decides on the use of the recording data in individual cases, if necessary in consultation with the works council and the data protection officer. Data that is not required will be deleted immediately.

Ticket purchase

In principle, you can purchase tickets anonymously by paying cash during our opening hours. If you are entitled to a discount, it may be necessary for you to present certificates or IDs to prove your eligibility. These are used by us solely to check eligibility when issuing tickets. The tickets issued contain an admission control barcode which does not contain any personal data.

If you purchase tickets as a member of a travel or student group, we collect personal data of the respective ticket purchasers only as part of the ordering and payment process.

Online ticket sales

The German Oceanographic Museum Foundation offers you the possibility to order tickets online, which will be sent to you by e-mail immediately after payment. This is done via the service deutsches-meeresmuseum.ticketfritz.de of our service provider Beckerbillett GmbH, Fangdieckstraße 61, 22547 Hamburg. The payment data will be transmitted directly and exclusively to your payment service provider. Neither we nor our commissioned service provider have access to your data during this process. This enables you to order and pay for tickets anonymously. The German Oceanographic Museum Foundation has access to your first and last name, e-mail address and payment method via the payment provider solely for the purpose of allocating the payment transactions for accounting purposes. Your e-mail address is required for the order process, to which the admission ticket is sent electronically. For the prevention and prosecution of fraudulent acts at your expense, we will store this e-mail address for a further three months after your account has been debited and the admission ticket has been used for admission to our premises. We will only combine the card identification and the e-mail address for this purpose and will only use this data in the event of suspected fraud to clarify and, if necessary, legally pursue our interests.

GetYourGuide and Tiqets

Insofar as you have purchased your ticket via other providers (intermediaries), a contractual relationship concerning the procurement of the ticket is established between you and the intermediary, who is responsible for the processing of your data. This also applies in the case of support requests. Please inform yourself about the data processing there.

We work with the following intermediaries:

Tiqets/Tiqets International B.V., James Wattstraat 100, 1097 DM Amsterdam, The Netherlands

Privacy policy (tiqets.com) (German Version)

GetYourGuide/GetYourGuide Deutschland GmbH, Sonnenburger Strasse 73, 10437 Berlin, Germany

Privacy policy (getyourguide.de)

To the extent necessary to clarify access authorisation, we collect your data from the intermediaries on the basis of Art. 6 (1) b GDPR for the purpose of fulfilling the contract between you and us concerning access to the museum.

Vouchers and Annual Passes 

You can order vouchers and annual tickets from us using an online form. In this case, your personal data will be processed by the German Oceanographic Museum Foundation to create, invoice and send the ordered vouchers/annual tickets on the basis of a contract in accordance with Art. 6 (1) b GDPR. For this purpose, we require the number and desired locations for the tickets, your name and address for invoicing and sending the tickets, e-mail address for sending the order confirmation and for clarifying questions in the ordering process. If you have any further questions or comments, you can use the comments field or leave a telephone number. After placing your order, you will receive an electronic payment request with a voucher number. The voucher will be sent within 10 days after receipt of the invoice amount plus a service fee.

Programmes/Tours/Events

In the context of the implementation of programmes, guided tours or other events, personal data of the contact persons at the customer's premises and, if applicable, of the legal guardians of participating children are collected exclusively for the fulfilment of the contractual agreements with the customer in accordance with Art. 6 (1) f GDPR and used for agreements and organisational issues and, if applicable, forwarded to contractual partners (e.g. honorary staff, harbour tour provider).

Use of the information in the internet

Every time an information offer is used on the Internet, data is collected by the requested computer, which serves the technical processing of the request, but also allows conclusions to be drawn about the requesting computer. We store this data exclusively for the technically necessary duration of the connection. As our information offer is free of charge, no user or connection data is stored beyond this, unless we expressly point this out. This data protection declaration applies to the websites:

www.deutsches-meeresmuseum.de

www.meeresmuseum.de

www.ozeaneum.de

www.natureum-darss.de

www.nautineum.de

www.schweinswalsichtung.de

www.fischbestimmer.de

For the protection of our underage interested parties, the website www.kindermeer.de is free of any forwarding of personal data to third parties and cookies. Data is only processed for the purpose of technical operation and security of the internet presentation.

Data subjects‘ rights (Information for data subjects under Chapter 3 of the GDPR)

You have the following rights based on the processing of your personal data:

• the right to information according to Art. 15 GDPR
• the right to rectification according to Art. 16 GDPR
• the right to erasure according to Art. 17 GDPR
• the right to restriction of the processing of personal data according to Art. 18 GDPR
• the right to data portability according to Art. 20 GDPR and
• the right to object to the processing of personal data pursuant to Art. 21 GDPR.

In addition, there is a right of appeal to a data protection authority in accordance with Article 77 of the GDPR. The complaint can be lodged with the data protection authority of the country in which you reside or work or in which the alleged infringement occurred. If the data protection authority of another member state is competent for the body you are complaining about, the national data protection authority will coordinate with the other data protection authority. You can find an overview here:

https://www.bfdi.bund.de/EN/Home/home_node.html 

The supervisory authority responsible for us is

The State Commissioner for Data Protection and Freedom of Information Mecklenburg-Western Pomerania
Schloss Schwerin,
Lennéstraße 1,
19053 Schwerin

Telephone: +49 385 59494 0
Fax: +49 385 59494 58
eMail: info@datenschutz-mv.de 

web (German): www.datenschutz-mv.de; www.informationsfreiheit-mv.de; https://www.datenschutz-mv.de/kontakt/kontaktformular/ 

You can find detailed information here:
Rights for citizens | European Commission (europa.eu)  

and the text of the law in all official languages of the EU:
EUR-Lex - 32016R0679 - EN - EUR-Lex (europa.eu)

Data Protection Commissioner

You can reach our data protection commissioner as follows:

ECOVIS Keller Rechtsanwälte PartG mbB
Attorney Axel Keller/Senior Associate Karsten Neumann
Am Campus 1 – 11, 18182 Rostock-Bentwisch

Telephone.: +49 381 649210
eMail: dsb-nord@ecovis.com  

Web: www.ecovis.com/datenschutzberater

datenschutzbeauftragter@meeresmuseum.de

You have the right to contact our data protection commissioner at any time, free of charge and confidentially if you wish, to support you in enforcing your data protection rights.