Privacy

(1) Below we inform you about the processing of personal data in connection with the use of this website. Personal data are all data that relate to you personally. These include, for example, name, address, e-mail address, user behavior. We want to inform you about our processing operations and at the same time comply with legal obligations, in particular from the EU General Data Protection Regulation (GDPR).

(2) The controller pursuant to Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is Kulturhauptstadt Europas Chemnitz 2025 gGmbH, Fabrikstraße 11, 09111 Chemnitz, E-Mail: datenschutz@chemnitz2025.de (see also our imprint). You can reach our data protection officer at datenschutz@preusse-co-ag.de or at the postal address Preusse & Co. Aktiengesellschaft, An der Markthalle 3, 09112 Chemnitz with the addition "Data Protection Officer".

(3) When you contact us by e-mail, the data you provide - e.g. e-mail address, possibly first name, last name, telephone number - will be stored by us for the purpose of individual communication with you. (The legal basis results from Art. 6 para. 1 sentence 1 lit. b GDPR or from Art. 6 para. 1 sentence 1 lit. f GDPR.) We delete your data that arise in this context if the request is assigned to a contract after the periods for the contract term, otherwise after the storage of the data is no longer necessary. If there are legal retention obligations, we restrict the processing.

(4) If we use commissioned service providers for individual functions of our offer, we will inform you in detail about the respective processes below. We also mention the defined criteria for the storage period.

(1) With regard to your personal data, you have the following rights vis-à-vis us:

• Right to information
• Right to rectification or deletion
• Right to restriction of processing
• Right to object to processing
• Right to data portability

(2) You also have the right to complain to a data protection supervisory authority about the processing by us with regard to your personal data.

(1) In addition to the purely informational use of our website, we offer various services that you can use if you are interested and use other common functions for analysis or marketing of our offers, which are presented in more detail below. For this purpose, you may need to provide further personal data or we process such further data that we use to provide the respective services. For all data processing purposes described here, the aforementioned principles of data processing apply.

(2) We sometimes use external service providers to process your data. These are carefully selected by us, are bound by our instructions and are regularly monitored.

(3) We inform you about the services of service providers on our website that are based in a country outside the European Economic Area (EEA) in the respective description of the offer.

(1) If you have given your consent to the processing of your data, you can revoke it at any time. Such a revocation affects the permissibility of the processing of your personal data after you have declared it to us. The permissibility of the processing of your data until the time of your revocation remains unaffected.

(2) Insofar as we base the processing of your personal data on a balancing of interests, you can object to the processing. This is the case if the processing is not necessary in particular for the fulfillment of a contract with you. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as carried out by us. In the event of your justified objection, we will examine the situation and either stop or adjust the data processing or show you our compelling legitimate reasons on the basis of which we continue the processing.

(3) Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time.

(4) Please address your revocation or objection to the contact options mentioned in § 1 para. 2.

(1) In addition to the data mentioned above, we use technical aids for various functions when you use our website, in particular cookies that can be stored on your device. When you visit our website and at any time later, you have the choice of whether to generally allow the setting of cookies or which individual additional functions you want to select. You can make changes in your browser settings or via our cookie consent manager. Below we first describe cookies from a technical point of view before we go into your individual selection options in more detail by describing technically necessary cookies and cookies that you can optionally select or deselect.

(2) Cookies are text files or information in a database that are stored on your hard disk and assigned to the browser you are using, so that certain information can flow to the entity that sets the cookie. Cookies cannot execute programs or transmit viruses to your computer, but primarily serve to make the Internet offer faster and more user-friendly. This website uses the following types of cookies, whose functionality and legal basis we will explain below: Transient cookies, in particular session cookies, are automatically deleted when the browser is closed or by logging out. They contain a so-called session ID. This allows various requests from your browser to be assigned to the common session and your computer can be recognized when you return to our website. Persistent cookies are automatically deleted after a predetermined duration, which is set differently depending on the cookie. You can view the cookies set and their lifetimes in your browser settings at any time and delete the cookies manually.

(3) The technical structure of the website requires us to use technologies, in particular cookies. Without these technologies, our website cannot be displayed (completely correctly) or the support functions could not be enabled. These are generally transient cookies that are deleted after the end of your website visit, at the latest when you close your browser. You cannot deselect these cookies if you want to use our website. The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. f GDPR.

(4) We only set various cookies after your consent, which you can select when you first visit our website via the so-called cookie consent manager. The functions are only activated if you give your consent and can serve in particular to enable us to analyze and improve visits to our website, to make it easier for you to use across different browsers or devices, to recognize you on a visit or to place advertising (possibly also to orient advertising to interests, measure the effectiveness of advertisements or show interest-based advertising). The legal basis for this processing is Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time without affecting the permissibility of the processing until revocation. We describe the functions we use below, which you can select and revoke individually via the cookie consent manager.

(1) This website uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser display.

(2) If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

(1) This website uses the services of Vercel Inc., 440 N Barranca Ave #4133 Covina, CA 91723, USA and Supabase Inc., 970 Toa Payoh N, #07-04, Singapore.

(2) Vercel is a cloud platform through which we provide our website. The data associated with the website visit is transmitted to Vercel. This is necessary so that your browser request can be processed successfully. Vercel processes data such as information about your browser, operating system used, IP address, referrer URL, time of server request, cookies. The data is also transmitted to the USA depending on the server location. Vercel has certification according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active. Further information on the purpose and scope of data collection and its processing by Vercel can be found in the privacy policy: https://vercel.com/legal/privacy-policy. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. The data transmission is necessary so that you can use this website.

(3) Supabase is the database provider. Database location is Frankfurt. Further information on the purpose and scope of data collection and its processing by Supabase can be found in the privacy policy: https://supabase.com/privacy. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. The data transmission is necessary so that you can use this website.

(1) On this website you can create a profile. The following data may be processed: e-mail address, first and last name, username, company name, description (free text describing the maker), profile picture (file upload), photo gallery (makers can upload photos of themselves or their services/products), address (street, house number, postal code, city and country), website URL, Facebook URL, Instagram username.

(2) Entering certain data is required to create a profile. The legal basis for this processing is Art. 6 para. 1 lit. f GDPR. You can enter further data voluntarily. The legal basis for this processing is Art. 6 para. 1 lit. a GDPR (processing based on your consent). You can revoke your consent at any time.

(3) Data or the entire profile can be deleted by you yourself. If the processing of your personal data is no longer necessary for the purpose or for the fulfillment of legal obligations, the personal data will be deleted, unless their (temporary) further processing is necessary for the fulfillment of the stated purpose due to an overriding legitimate interest. Otherwise, we only process your personal data to the extent and for as long as we are obliged to do so due to mandatory legal obligations or you have consented to storage beyond this in accordance with Art. 6 para. 1 lit. a GDPR.

(4) When registering, you can "Continue with Google" or "Continue with Facebook". We use OAuth (Open Authorization) for Google and Facebook. OAuth is a protocol that allows users of a third-party application to grant access to data without having to reveal their password. When using the buttons, you grant access to your data. No further data is processed. Meta Platforms, Inc. and Google have certification according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

(1) Posthog is used on this website. PostHog, 2261 Market Street #4008, San Francisco, CA 94114, is a web analytics tool to analyze the behavior of our visitors and improve our services. PostHog is GDPR-compliant and offers comprehensive security measures to protect personal data. Posthog has certification according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

(2) PostHog processes data such as IP addresses, information about your browser, user behavior and technical data of users. It is ensured that only necessary data is processed and that this data is handled securely. The legal basis for this processing is Art. 6 para. 1 lit. a GDPR (processing based on your consent). You can revoke your consent at any time.

(3) Your data is stored on servers within the European Union.

(4) Further information on the purpose and scope of data collection and its processing by Posthog can be found in the privacy policy: https://posthog.com/privacy

(1) Vercel Analytics is used on this website. Vercel Inc., 440 N Barranca Ave #4133 Covina, CA 91723, USA is a web analytics tool to analyze the behavior of our visitors and improve our services. Vercel has certification according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

(2) Vercel Analytics collects anonymized data about the use and performance of this website (e.g. pages visited, time spent on the website, devices and browsers used). Vercel Analytics does not use cookies and does not collect personal data that would enable direct identification of visitors. The lifetime of a visitor session is not permanently stored and is automatically deleted after 24 hours. The legal basis for this processing is Art. 6 para. 1 lit. a GDPR (processing based on your consent). You can revoke your consent at any time.

(3) Further information on the purpose and scope of data collection and its processing by Vercel can be found in the privacy policy: https://vercel.com/legal/privacy-policy

(1) We have integrated YouTube videos into our online offering that are stored on YouTube.com and can be played directly from our website. These are all embedded in "enhanced privacy mode", i.e. no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos will the data mentioned in para. 2 be transmitted. We have no influence on this data transmission. The legal basis for displaying the videos is Art. 6 para. 1 sentence 1 lit. a GDPR. The integration only takes place after your consent.

(2) By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the basic data mentioned above such as IP address and timestamp are transmitted. This happens regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for advertising, market research and/or needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

(3) The information collected is stored on Google servers, also in the USA. Google has certification according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

(4) Further information on the purpose and scope of data collection and its processing by YouTube can be found in the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: www.google.de/intl/de/policies/privacy

(1) On this website we use the Google Maps service. This allows us to display interactive maps directly on the website and enables you to use the map function comfortably. The legal basis for using the maps is Art. 6 para. 1 sentence 1 lit. a GDPR (processing based on your consent).

(2) By visiting the website, Google receives the information that you have accessed the corresponding subpage of our website. In addition, the basic data mentioned above such as IP address and timestamp are transmitted. This happens regardless of whether Google provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not want the assignment with your profile on Google, you must log out before activating the button. Google stores your data as usage profiles and uses them for advertising, market research and/or needs-based design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.

(3) The information collected is stored on Google servers, also in the USA. Google has certification according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active

(4) Further information on the purpose and scope of data collection and its processing by Google can be found in the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: www.google.de/intl/de/policies/privacy

(1) This website does not use social media plug-ins. These are links - Facebook, Twitter (X), WhatsApp (X) - that redirect you to the respective platform.

(2) Meta Platforms, Inc., and X Corp. and Google have certification according to the "EU-US Data Privacy Framework" (DPF). The DPF is an agreement between the European Union and the USA that is intended to ensure compliance with European data protection standards for data processing in the USA. Every company certified according to the DPF undertakes to comply with these data protection standards. Further information on this can be obtained from the provider: https://www.dataprivacyframework.gov/s/participant-search/participant-detail?contact=true&id=a2zt000000001L5AAI&status=Active