Privacy Policy

The Conference on Jewish Material Claims Against Germany (“Claims Conference”, “we” and “us”), a New York non-profit corporation acknowledges that the protection of your Personal Data and privacy when interacting with us or using our website is very important to us.

This Privacy Notice sets out what Personal Data we collect, how we collect it, how we use it, and your rights in connection with how we process your Personal Data. We are committed to protecting your Personal Data as the data controller in accordance with our duties under the General Data Protection Regulation (“GDPR”).

In addition, please refer to our “Cookie Policy” below for more information regarding the data we collect when you access our website and how it is processed.

Our website contains links to third party pages and websites that are outside our control and are not covered by this Privacy Notice (“Third Party Websites”). If you access Third Party Websites using the links provided, the operators of those websites may collect Personal Data from you that will be used by them in accordance with their privacy notice, which may differ from ours. We encourage you to review the privacy notices of those Third Party Websites for information on how your Personal Data is collected, used and transferred.

1. Collection, use and transfer of Personal Data

We have set out below, in a table format, a description of the types of Personal Data we collect, the sources we collect it from, how we plan to use your Personal Data, and what are the legal bases we rely on to do so. We process the following categories of personal data:

• Contact Information, including your first and last name, mailing address, email address, telephone number, mailing preference and other contact information you may provide when communicating with us.
• Communication Information, such as the contents of the communications and correspondence between us by email, or otherwise.
• Claims Conference Program Data, which includes:
  • General personal information such as, date of birth and ID numbers.
  • Demographic data, such as gender, religion, country and occupation
  • Ethnic/Racial Data
• Health Data means information about your physical and mental health, such as medical history and any other information included in a medical assessment performed in relation to a Claims Conference Program.
• Persecution History Data, such as in information relating to your persecution history you were subject to during the war
• Financial Data, such as account details and related transactional data.
• Other Identifying Information, such as your IP address and other information your device makes available to us.

Please note that depending on the purpose for which we use your Personal Data, we may rely on more than one legal basis for processing. The relevant processing conditions are as follows:

• Consent: your consent for us to process your Personal Data for one or more specified purposes (Article 6(1)(a) GDPR, Article 9(2)(a) GDPR);
• Contract: means the processing of Personal Data is necessary for entering into or performing a contract with you (Article 6(1)(b) GDPR);
• Legal Obligations: means the processing of Personal Data is necessary for us to comply with the legal obligations we are subject to (Article 6(1)(c) GDPR);
• Legitimate Interest: means our legitimate business interest (Article 6(1)(f) GDPR) of managing our relationship with you and conducting our outreach programs;
• Legitimate activities of a not-for-profit body or association: means processing carried out by a not-for-profit body, association or foundation in connection with its purposes (Article 9(2)(d) GDPR); and
• Substantial public interest means where processing is necessary for reasons of substantial public interest (Article 9(2)(h) GDPR).

If you have any queries, you can contact us at the email address listed in section 11 Contact Us of this notice.

When we rely on your consent as the legal basis for processing your Personal Data, you have the right to withdraw your consent at any time (for more information on this see section 5(8) Right to withdraw consent below).

We may use your Personal Data for purposes other than the ones listed below. Should this be the case, we will inform you of the purpose in accordance with applicable laws and regulations.

Use	Source of Personal Data	Categories of Personal Data	Legal Basis	Legitimate Interests
Outreach work to support our objectives
To conduct outreach for our programs or related programs	Compensation applications submitted to us	Contact Information	Legitimate interests Consent	It is in our legitimate interest to promote our mission of providing a measure of justice for Jewish Holocaust victims, and to provide them with the best possible care
To provide you with our newsletter and other promotional information	Your direct interaction with our website	Contact Information	Consent
Publication of individual stories, photos/videos for education, outreach and general promotional purposes	Your direct interaction with us	Information including photos and videos provided by or relating to you	Consent
In relation to Claims Conference programs
To consider you for a grant or fellowship application and to administer it	Through a portal on our website or grant application platform	Contact Information Financial Data	Legitimate Interests	It is in our mutual interest for us to assess your application for a Claims Conference grant and to administer it
To consider your organization for a grant application and to administer it	Through a portal on our website or grant application platform	Contact Information	Legitimate Interests	It is in our mutual interest for us to assess your organization’s application for a Claims Conference grant and to administer it
To process and administer your application for participation in Claims Conference funded social welfare programs (which includes home-care, socialization, emergency services, and other social welfare services)	Your direct interaction with a social service agency, which collects your information and shares it with us.	Contact Information Claims Conference Program Data Health Data – only for home-care Financial Data Persecution History Data	Consent (for Sensitive Personal Data) Contract Legitimate interests Legitimate activities of a not-for-profit body Substantial public interest	It is in our mutual interest for us to manage your application for Claims Conference funded social welfare programs
To process teacher evaluations in connection with Claims Conference teacher training education grants	Your direct interaction with a teacher training institution, which shares the information with us.	Contact Information	Legitimate interests	It is in our mutual interest for us to evaluate teachers in connection with Claims Conference teacher training education grants
To process and administer your application for compensation or other restitution program	Your direct interaction with us and any of our Claims Conference programs	Contact Information Claims Conference Program Data Health Data Financial Data Persecution History Data	Contract Consent (for Sensitive Personal Data) Legitimate interests Legitimate activities of a not-for-profit body	It is in our mutual interest to process and administer your application for compensation or other restitution program
To submit to audits and to respond to inquiries from the German Ministry of Finance/German Federal Audit Office, other regulators or government entities or other legal demands	Compensation records, grant records	Contact Information Communication Information Health Data Claims Conference Program Data Financial Data Persecution History Data	Contract Legal Obligation Consent (for Sensitive Personal Data)
To conduct audits on our agencies (i.e. grantee institutions)	Directly from the grantee	Contact Information Claims Conference Program Data Health Data Financial Data Persecution History Data	Contract Legal Obligation Consent (for Sensitive Personal Data)
Reporting on grants and programs to the German Ministry of Finance/German Federal Audit Office	Compensation records, grant records	Contact Information Claims Conference Program Data Persecution History Data	Legal Obligations Contract
General inquiries
To deal with your requests and questions regarding your compensation application or other compensation programs and social welfare services	Your direct interactions with us and our services department, your compensation application, information from your social service agency.	Contact Information Communication Information Claims Conference Program Data	Legitimate Interest Contract	It is in our mutual legitimate interest for us to respond to your inquiries
To answer your requests relating to your data protection rights	Your direct interaction with us	Contact Information Communication Information	Legal Obligations
Website
To improve your experience on our websites and social media platforms	Cookies	Other identifying information	Legitimate interest	It is our mutual legitimate interest to improve your experience on our websites
Internal management
To process payments in relation to vendors, independent contractors and other service companies	Directly from the vendor, independent contractor or company.	Contact Information Financial Data ID Numbers	Contract Legal Obligations
To run the Claims Conference in an efficient and proper way. This includes managing our financial position, business capability, planning, adding and testing systems and processes, managing communications, corporate governance, and audit	From all sources listed above	Contact Information Claims Conference Program Data Financial Data	Legitimate interests Legal Obligations	It is in our mutual interest to manage the efficiency of how we operate; and to comply with rules and regulations from regulators
To manage our Board of Directors	From the Board of Directors	Contact Information Communication Information	Contract Legitimate Interests	It is in our mutual interest to manage our relationship

2. Recipients

In order to achieve our purposes set forth in the data use table, we may share your Personal Data with the following categories of recipients:

• IT service providers;
• social welfare agencies located all over the world;
• grantee organizations;
• government authorities (primarily the German government);
• historical archives;
• banks;
• legal advisors;
• auditors;
• telecommunications companies and postal services; and
• vendors or other service providers.

We require all third parties who process Personal Data on our behalf to respect the security of your Personal Data and to treat it in accordance with their contractual obligations.

We may need to share your Personal Data with more recipients than the ones listed above. Should this be the case, we will inform you of the change in accordance with applicable laws and regulations.

3. If you fail to provide Personal Data

Where we need to collect Personal Data by law or under the terms of a contract we have with you, and you fail to provide the data when requested, we may not be able to perform the contract we have or are trying to enter into with you. If that is the case, we may have to cancel funding or services you receive under a Claims Conference program.

4. International Transfer of Personal Data

Because of the global nature of our business, we may need to transfer your Personal Data to countries outside the European Economic Area (EEA), such as the USA and Israel and any other country in which we have a social welfare agency that processes your data.

Israel is recognized by the European Commission as providing an adequate level of protection to Personal Data, which means that Personal Data can be transferred to Israel without any further safeguards being necessary.

For transfers to countries whose data protection laws do not offer the same level of protection as European laws, we put in place adequate safeguards such as standard data protection clauses adopted by the European Commission (where necessary) and by requiring the use of other appropriate technical and organizational information security measures. Alternatively, in certain circumstances we may ask for your express consent. You may contact the data protection officer to obtain additional information about the safeguards we take in connection with these transfers. A copy of the Standard Contractual Clauses can be accessed at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.

5. Your rights in relation to Personal Data

You have the following rights regarding your Personal Data that we hold:

• Right of access

You can request details of your Personal Data that we hold. We will confirm whether we are processing your Personal Data and we will disclose supplementary information including the categories of data, the sources from which it originated, the purpose and legal basis for the processing, the expected retention period, and the safeguards regarding data transfers to non-EEA countries, subject to the limitations set out in applicable laws and regulations. We will provide you free of charge with a copy of your Personal Data, but we may charge you a fee to cover our administrative costs if you request further copies of the same information.

• Right of correction

We will comply with your request to correct incomplete or inaccurate parts of your Personal Data, although we may need to verify the accuracy of the new information you provide us.

• Right to be forgotten

At your request, we will delete your Personal Data promptly if:

• it is no longer necessary to retain your Personal Data;
• you withdraw the consent which formed the basis of your Personal Data processing;
• you object to the processing of your Personal Data as set out in Section 5(6) below; and there are no overriding legitimate grounds for such processing;
• the Personal Data was processed illegally; or
• the Personal Data must be deleted for us to comply with our legal obligations.

We will decline your request for deletion if processing of your Personal Data is necessary:

• to comply with our legal obligations;
• in pursuit of a legal action;
• to detect and monitor fraud; or
• for the performance of a task in the public interest.

Please note that even if we stop all marketing communications, you may still receive administrative communications from us.

• Right to restrict processing of your Personal Data

At your request, we will limit the processing of your Personal Data if:

• you dispute the accuracy of your Personal Data;
• your Personal Data was processed unlawfully, and you request a limitation on processing, rather than the deletion of your Personal Data;
• we no longer need to process your Personal Data, but you require your Personal Data in connection with a legal claim; or
• you object to the processing pending verification as to whether an overriding legitimate ground for such processing exists.

We may continue to store your Personal Data to the extent required to ensure that your request to limit the processing is respected in the future.

• Right to data portability

At your request, we will provide you free of charge with your Personal Data in a structured, commonly used and machine-readable format, if:

• you provided us with Personal Data;
• the processing of your Personal Data is based on your consent or required for the performance of a contract; or
• the processing is carried out by automated means.
• Right to object

Where we process your Personal Data based upon our legitimate interest (or that of a third party), you have the right to object to this processing on grounds relating to your particular situation if you feel it impacts on your fundamental rights and freedoms. We will comply with your request unless we have compelling legitimate grounds for the processing which override your rights and freedoms, or where the processing is in connection with the establishment, exercise or defense of legal claims.

• Right not to be subject to decisions based solely on automated processing

You will not be subject to decisions with a legal or similarly significant effect (including profiling) that are based solely on the automated processing of your Personal Data, unless you have given us your explicit consent or where they are necessary for a contract with us.

• Right to withdraw consent

You have the right to withdraw any consent you may have previously given us at any time. Please note that where consent has been withdrawn you may not be able to receive certain benefits under a Claims Conference program.

• Right to complain to a supervisory authority

If you are not satisfied with our response, you have the right to complain to or seek advice from a supervisory authority and/or bring a claim against us in any court of competent jurisdiction.

If you wish to contact us in connection with the exercise of your rights listed above, please email or write us at the address listed in section 11 Contact Us of this notice. We will respond to your written request as soon as possible and no later than 30 days from receiving it.

Unless stated otherwise, we will not charge you any fee in connection with the exercise of your rights. In so far as it is practicable, we will notify the recipients of your Personal Data of any correction, deletion, and/or limitation on processing of your Personal Data.

Please note that if you decide to exercise your rights under sub-sections (3) and (8), depending on our response, it may lead to the cessation of payments or homecare services.

6. Retention Period

We keep your information as long as it is needed to achieve our purposes listed above, as well as for the amount of time necessary to meet any legal, tax, or reporting requirements.

We do not keep your personal information for longer than is required for legal purposes and for the purpose of historical research purposes.

7. Security

We have a management system to correct and prevent unauthorized access, loss, destruction, falsification, and leakage of Personal Data, as well as the appropriate technical and organizational measures to address such risks, as further detailed below. The goal of these measures is to maintain our data protection standards and to ensure we have the necessary safeguards for the processing of Personal Data.

• Active intrusion prevention and detection.
• Both physical and system, user and role-based access controls.
• Separation of responsibilities.
• Data ingress controls.
• Data availability controls.
• Data encryption.
• Redundant IT infrastructures.

8. Children

We do not collect Personal Data from children under the age of 16, or equivalent minimum age in the relevant jurisdiction, without their parent or guardian permission. If we discover that we have accidentally collected EU Personal Data from a child below the age of 16, or equivalent minimum age in the relevant jurisdiction, without their parent or guardian permission, we will remove that child’s Personal Data from our records as soon as reasonably possible. If you are a parent or guardian and you would like to know what information we hold about your child, or you want to exercise any of your child’s data protection rights, please email us at the email address listed in section 11 Contact Us of this notice.

9. Accountability

We are responsible for all the safeguards implemented in relation to the processing of Personal Data, and we maintain an electronic record of all processing activities of Personal Data.

10. Updates

This Privacy Notice may be updated to reflect changes to our Personal Data processing policy. In the event there is material change to this Privacy Notice we will notify you in an appropriate manner.

11. Contact Us

If you have any questions or opinions regarding this Privacy Notice, or if you have a request regarding information you provided us, you may either email us at privacy@claimscon.org or write to us at the address below:

The Claims Conference
PO Box 1215
New York, New York 10113

Our Data Protection Officer in Germany can be reached at:
SPIE GmbH, Herr Dr. Anton-Peuser, Lyoner Straße 9, 60528 Frankfurt am Main
phone: +49 69/6649-6920

Last updated: 07-23-2019

---

Cookie Policy

What are “cookies?”

Cookies are small text files that a website saves on your computer or mobile device.

It enables the website to remember your actions and preferences (such as login, language, font size and display preferences) over a period of time, so you don’t have to re-enter such information when you revisit the website.

What cookies do we use and how?

Our website uses the following types of cookies:

• Functional Cookies

It records your preferences when visiting the website.

• Performance Cookies

It analyzes how a website is used and monitors the website’s performance. In addition, in the event of a failure, cookies are used to quickly identify issues and troubleshooting.

Below is a list of cookies used on the website and what they are used for:

1. Google Analytics: _ga, _gid, _unam
   • Type of cookie: Performance
   • Description: These cookies are used to collect information about how visitors use our website. We use the information to distinguish users, compile reports and to help us improve the website. The cookies collect information such as, the number of visitors to the website, where visitors have come to the website from and the pages they have visited. Visit here for more information on how Google safeguards data
2. Marketing cookies : _ab12#, ads/ga-audiences
   • Type of cookie: Marketing
   • Description: This cookie tracks the visitor across websites to display relevant advertising
3. Other functional cookies: sharethis_cookie_test
   • Type of cookie: Functional
   • Description: This allows us to determine whether cookies are supported
4. Other functional cookies: Collect
   • Type of cookie: Functional
   • Description: This cookie distinguishes users, event data, and device type

You can find more information about cookies, and how to block or delete them, at www.allaboutcookies.org.