Privacy Policy.
This policy explains what personal data we process when you visit this website, why we process it, and which rights you have. We keep data collection to a minimum: this site sets no cookies of its own, uses no analytics and no tracking.
The controller responsible for data processing on this website is:
exentra GmbH
Ludwig-Hirschberger-Allee 11
85276 Pfaffenhofen an der Ilm, Germany
Phone: +49 8441 47247-0
E-mail: info@ofa.aero
Open Flight Architecture (OFA) is an open initiative and not a separate legal entity. See our imprint for full details.
This website is hosted by Variomedia AG, Rungestr. 20, 10179 Berlin, Germany. The servers are located in Germany. Your data therefore stays within the European Union.
Variomedia processes personal data on our behalf and only according to our instructions. We have concluded a data processing agreement pursuant to Art. 28 GDPR.
When you access this website, our hosting provider automatically records information that your browser transmits. This is technically necessary to deliver the site and to keep it secure and stable. The following data is recorded:
- IP address of the requesting device
- Date and time of the request
- Requested page or file
- HTTP status code and amount of data transferred
- Referrer URL
- Browser type and operating system
Legal basis: Art. 6 (1) (f) GDPR. Our legitimate interest is the secure, stable and functional operation of this website.
Retention: [PRÜFEN: Speicherdauer bei Variomedia erfragen und hier eintragen — üblich sind 7 bis 30 Tage.] This data is not merged with other data sources and is not used to identify you personally.
This website uses the typeface “Archivo”. The font files are hosted on our own server and are not loaded from an external content delivery network. No connection to Google Fonts or any comparable service is established, and no data about you is transmitted to a font provider.
This website does not set any cookies of its own and does not use local storage for tracking purposes.
One exception applies: Google reCAPTCHA sets a cookie when the registration form is loaded. See section 6.
We use Google reCAPTCHA v2 to protect our registration form from automated abuse and spam. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Please note that reCAPTCHA is loaded on every page of this website, not only when you use the form. When it loads, the following data is transmitted to Google:
- Your IP address
- Information about your browser and device
- Mouse movements, keystrokes and time spent on the page
- A cookie named
_GRECAPTCHAis set in your browser
When you submit the form, our server sends the verification token to Google to confirm that you are not a bot.
Transfer to a third country: Data may be transferred to servers of Google LLC in the United States. Google is certified under the EU–US Data Privacy Framework, on the basis of which the European Commission has issued an adequacy decision.
Legal basis: [PRÜFEN: Rechtsgrundlage anwaltlich klären — Art. 6 (1) (f) berechtigtes Interesse (Spam-Schutz) oder Art. 6 (1) (a) Einwilligung. Bei Einwilligung muss reCAPTCHA erst nach Zustimmung nachgeladen werden.]
Further information is available in Google’s privacy policy at policies.google.com/privacy and in their terms at policies.google.com/terms.
If you register your interest via our form, we process the data you enter. Only the e-mail address is mandatory; all other fields are optional:
- First name, last name
- Organization, country, role
- E-mail address (required)
- Areas of interest
- Your selections for “Receive updates” and “I would like to contribute”
Double opt-in. After you submit the form, your registration is stored as unconfirmed and we send a confirmation link to your e-mail address. Your registration only becomes effective when you click that link. The link is valid for 7 days; if you do not click it, the unconfirmed record is deleted automatically and we do not contact you.
Proof of consent. To be able to demonstrate that consent was given, we store the date, time and IP address both of your registration and of your confirmation. Legal basis: Art. 6 (1) (c) in conjunction with Art. 5 (2) GDPR (accountability).
Legal basis: Art. 6 (1) (a) GDPR (consent). Providing your data is entirely voluntary.
Storage. Your data is stored as a file on our hosting provider’s server in Germany, in a directory that is not publicly accessible. We do not use a third-party newsletter service and we do not pass your data on to third parties.
Retention: [PRÜFEN: Löschfrist für bestätigte Anmeldungen festlegen und hier eintragen.] We store your data until you withdraw your consent or ask us to delete it.
If you tick “Receive updates”, we use your e-mail address to inform you about OFA news, events and membership. This too only takes effect after you confirm your address via the double opt-in described above.
Legal basis: Art. 6 (1) (a) GDPR (consent).
Withdrawal. You can withdraw your consent at any time with effect for the future — for example by sending an informal e-mail to info@ofa.aero. Withdrawing does not affect the lawfulness of processing carried out before the withdrawal.
Under the GDPR you have the following rights regarding your personal data:
- Access (Art. 15) — to obtain information about the data we hold about you
- Rectification (Art. 16) — to have inaccurate data corrected
- Erasure (Art. 17) — to have your data deleted
- Restriction (Art. 18) — to have processing restricted
- Data portability (Art. 20) — to receive your data in a machine-readable format
- Objection (Art. 21) — to object to processing based on legitimate interests
- Withdrawal of consent (Art. 7 (3)) — at any time, with effect for the future
To exercise any of these rights, contact us at info@ofa.aero.
If you believe that our processing of your data infringes data protection law, you have the right to lodge a complaint with a supervisory authority. The authority responsible for us is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 27
91522 Ansbach, Germany
www.lda.bayern.de
This site uses SSL/TLS encryption to protect the content you transmit to us. You can recognise an encrypted connection by the “https://” prefix in your browser’s address bar. When encryption is active, the data you submit cannot be read by third parties.
We may update this privacy policy to reflect changes to our website or to legal requirements. The current version always applies.