The Platform is provided by Caritas Zentrum Garmisch-Partenkirchen, Dompfaffstraße 1, 82467 Garmisch-Partenkirchen (hereinafter referred to as "Operator"). The Platform is based on the technology of Hakisa, a company based in France. Hakisa is a Société par Actions Simplifiée registered in the commercial register (registre du commerce et des sociétés, RCS) SARREGUEMINES TI under number 538 224 254, with VAT identification number FR07538224254.
Who can use the services
You may use the Services only if you agree to enter into a binding contract with the Operator and you are not a person excluded from receiving the Services under the laws of the relevant jurisdiction. In any case, in order to use the Services, you must be at least 13 years old.
The contractual partners undertake to comply with the statutory data protection requirements, in particular those under the German Telemedia Act (TMG), the Church Data Protection Ordinance (KDG) and the Federal Data Protection Act (BDSG). Your inventory and usage data will only be collected, processed or used insofar as this is necessary for the processing of the above-mentioned service relationship or on the basis of a legal basis.
The Operator may terminate the service relationship if any of the following reasons apply:
the operation of the platform is discontinued
The Operator reserves the right to limit, suspend or terminate the rights of use of the User of the Site, should the User abuse the General Terms and Conditions of Use or any other regulations or guidelines appearing on the Site, or any other applicable laws.
In general, the Operator reserves the right to limit, block or cancel access or use of the Site at its sole discretion and at any time.
Access to the Platform and registration
Access to the Platform and its use are free of charge.
To gain access to additional content, you must register. To do so, enter your first and last name, e-mail address, a password and your place of residence.
Duties and rights of users
You are obliged to keep your password for access to the platform secret and to change it immediately or have it reset by the operator if unauthorized third parties have gained or could have gained knowledge of it.
The platform stands for civilized communication. You undertake to treat all persons on the platform with respect. Particular attention must be paid to the personal rights of other persons and copyrights to images and recordings, as well as to the laws on the protection of minors. You undertake not to misuse the platform.
If the structure and functionalities of the platform as well as its designations and its databases are further developed, Hakisa shall retain or acquire the exclusive and unrestricted rights thereto.
The user agrees neither to provide access to the platform with automated systems nor to let them interact. With the exception of search engines that are "robots" or similar indexing programs, or for similar and non-harmful purposes for the Operator and the Platform.
Any element on the Platform may not be copied, reproduced, modified, republished, denatured or distributed in any way or through any medium, either in part or in its entirety, without the prior written consent of HAKISA.
Interfering with, slowing down, blocking or altering the normal flow of data regarding the acceleration of the display of the Platform's content so that the functionality of the Platform is modified or distorted, or performing any other actions that have similar disruptive effects on the functionality of the Platform.
The Operator reserves the right to take all necessary steps to stop such violations and to claim for damages.
As a user of the platform you respect public order and good morals. You do not incite to crime, violence, racial hatred, suicide, crimes against humanity, terrorism. You do not post content of a pornographic or violence glorifying nature. You do not violate the rights of third parties, in particular (a) intellectual property rights, (b) fundamental rights, (c) privacy (slander, insult, abuse, etc.).
You are liable for third parties who use or have used services through your personal user account, whether authorized or unauthorized. This does not apply if you are not responsible for unauthorized use. It is up to you to prove that you were not responsible for such use.
Liability between users and partners of the platform
The user bears sole responsibility for interactions with other users of the site, including interactions in the case of sponsored or exclusive clubs of which he is a member. The Operator shall not be liable for any disputes between Users and Partners of the Platform.
Links to external sites
The Operator as well as the User can create links to external websites on their own platform. These sites are independent and are neither edited nor controlled by the Operator.
The links to any websites do not in any case constitute an agreement or partnership between the Operator and this platform. Accordingly, the Operator is not responsible for the content, products, advertising or any element or service offered on the external sites.
Should the User express the wish to no longer be subject to the applicable TOS, he/she may at any time cancel his/her subscription to the Site by following the steps on the following link: https://www.mit1nander.de/profile/delete.
Cancellation, deletion of the user account
The service relationship is for an indefinite period of time. It can be terminated by you at any time without notice by deleting your user account.
You may selectively delete all of your own communication content yourself prior to termination. All calendar entries, posts, pictures in forums etc. not deleted by you will remain in the platform - but will be marked with "profile deleted"; an assignment to your person is no longer possible. Comments will be deleted, the deletion will be marked in the text history to maintain the flow of communication.
A termination of the user relationship by you can only be done via the platform.
The Operator shall not be liable for any damage or loss suffered by the User as a result of the User's failure to take notice of any changes to the Terms and Conditions, provided that the Operator has duly fulfilled its obligations with respect to such changes.
All legal relations between the Operator and you shall be governed exclusively by the laws of the Federal Republic of Germany.
I. Provider and operator of the website
Caritas Association of the Archdiocese of Munich and Freising e.V.
Telephone: 089 551690
Fax: 089 5504203
Gabriele Stark-Angermeier, Thomas Schwarz
Responsible for the content
Caritas Center Garmisch-Partenkirchen
Phone: 08821 943480
Joint data protection supervisory authority of the Bavarian (arch)dioceses
Telephone: 089 21371796
Register of associations of the district court Munich under VR-Nr.: 7706
Sales tax ID: DE 129 522 447
II. technology partner
The platform is provided by Caritas Zentrum Garmisch-Partenkirchen,
Dompfaffstraße 1, 82467 Garmisch-Partenkirchen, Germany.
The platform is based on the technology of Hakisa, a company based in France. Hakisa is a Société par Actions Simplifiée registered in the commercial register (registre du commerce et des sociétés, RCS) SARREGUEMINES TI under number 538 224 254, with VAT identification number FR07538224254.
Liability for contents
The contents of our pages have been created with the utmost care. However, we cannot guarantee the accuracy, completeness and timeliness of the content. As a service provider, we are responsible for our own content on these pages in accordance with § 7 paragraph 1 TMG under the general laws. According to §§ 8 to 10 TMG, however, we are not obligated as a service provider to monitor transmitted or stored third-party information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information under the general laws remain unaffected. However, liability in this regard is only possible from the point in time at which a concrete infringement of the law becomes known. If we become aware of any such infringements, we will remove the relevant content immediately.
Liability for links
Our offer contains links to external websites of third parties, on whose contents we have no influence. Therefore, we cannot assume any liability for these external contents. The respective provider or operator of the pages is always responsible for the content of the linked pages. Illegal contents were not recognizable at the time of linking. However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. If we become aware of any infringements, we will remove such links immediately.
The content and works created by the site operators on these pages are subject to German copyright law. Duplication, processing, distribution, or any form of commercialization of such material beyond the scope of the copyright law shall require the prior written consent of its respective author or creator. Downloads and copies of this site are only permitted for private, non-commercial use. Insofar as the content on this site was not created by the operator, the copyrights of third parties are respected. In particular, third-party content is identified as such. Should you nevertheless become aware of a copyright infringement, please inform us accordingly. If we become aware of any infringements, we will remove such content immediately.
The use of contact data published within the framework of the imprint obligation by third parties for the purpose of sending advertising and information material not expressly requested is hereby expressly prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam mails.
We are pleased about your visit to our service & communication platform "Together". This connects local providers and institutions from the district of Garmisch-Partenkirchen with users.
For better readability, the masculine form is used for personal names and personal nouns on this website. Corresponding terms apply in principle to all genders for the purpose of equal treatment. The abbreviated form of language is for editorial reasons only and does not imply any valuation.
The person responsible in the sense of § 4 Abs1 Nr. 9 Kirchliches Datenschutzgesetz (KDG) for the processing of your personal data in the sense of the data protection regulations is the:
Caritas Center Garmisch-Partenkirchen
II. data protection officer
If you have any questions on the subject of data protection or would like further information on data protection-relevant processes on our domain, you are welcome to contact our data protection officer. The data protection officer of the operator is:
Timo Steven, SoCura Systems gGmbH
III. scope of processing of personal data
As a matter of principle, we process visitors' personal data only to the extent necessary to provide a functioning platform and our content and services. Personal data is only collected, stored or used insofar as this is permitted by law or we have your consent. The provision of personal data or the granting of consent is generally voluntary. If you do not give your consent or do not provide us with personal data, this will not have any negative consequences for you.
Personal data are individual details about natural persons that allow conclusions to be drawn about their personal, economic or factual circumstances.
Insofar as we collect, process or use personal data, we do so in compliance with the applicable legal provisions, in particular the Church Data Protection Act (KDG), the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG).
We would like to point out that data transmission on the Internet (e.g. communication by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible.
For the operation of the domain, we use technical service providers by way of order processing in compliance with the provisions of § 29 KDG. In connection with the operation of this platform, the operator has commissioned the company Hakisa GmbH, Rheinstraße 66, 77694 Kehl. An order processing contract was concluded with the company Hakisa GmbH in accordance with § 29 KDG, according to which the company has undertaken to treat the personal data in accordance with the applicable data protection regulations.
legal basis of data processing
Insofar as we obtain the consent of the data subject for processing operations involving personal data, Section 6 (1) lit. b KDG serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Section 6 (1) lit. c KDG serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.
If processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Section 6 (1) (d) KDG serves as the legal basis.
If processing is necessary to protect a legitimate interest of ours and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Section 6 (1) (g) KDG serves as the legal basis for the processing.
Scope of the processing of personal data
In order to use the platform and create a corresponding user account on the platform for this purpose, users must first register. When registering to use our services, some personal data is collected. These are the following data:
First name and last name of the user
E-mail address of the user
Place of residence
Legal basis and purpose for data processing
The legal basis for the data processing of the above-mentioned data is § 6 para. 1 lit. c and § 6 para. 1 lit. g KDG. Our legitimate interest is to ensure the achievement of the functions and services described below.
use of the services provided on the platform
The following data collection and data processing are carried out on our platform in detail:
First and last name: To identify the user and to personalize e-mails and messages sent by the platform.
Postal code and city: enables the activation of certain services such as weather and local news
Email address: Used to uniquely identify the connection to the platform and allows confirmation or reminder emails to be sent to the user
The following information is optional:
Full postal address as well as landline number: when using alerts: for the purpose of contacting the user in case of a problem (The information is required when using the alert tool).
Mobile phone number: for the purpose of sending alarms via SMS and alerting the user in case of existing problems
Profile photo: Allows personalization of the account and can be deleted by the user at any time. The photo is also displayed to the contacts and administrators of the clubs to which the user belongs.
Gender and date of birth information: this data is used to allow administrators to select users in order to send them personalized messages or offer them personalized services.
Profile settings: Font size, notification and reminder email settings, dashboard configuration, use of simplified navigation.
Time zone: Enables the correct display of calendar events
Language: Allows the user to access written content in the languages supported by the platform
The legal basis for the voluntary information is Section 6 (1) lit. b KDG.
Notifications and e-mails
The "My Contacts" area is used for exchanges between users. To add another user to the contacts, the e-mail address of this user must be known. The personal data stored here may be:
First and last name of the user: for identification purposes. In a direct conversation, the last name is reduced to the first letter
Profile photo (if users have posted a photo): For easier identification
Email address: For sending contact invitations. This information is not visible later
Date, time and username of contact invitation: For the purpose of tracking the status of the sent invitation
Date, time of the created conversation, participants of the conversation and messages: for the purpose of identifying the participants of conversations
User status: to enable the creation of a contact
Date, time and name of the caller in case of video conference calls: Information about the call
This section allows users to create photo albums. Users can share their photo albums with their contacts. In case of sharing photo albums, participants of the photo album can view the photos, download them to their device, comment on them, delete them and add more photos to the album. The data stored in this context are:
Photos added to the album,
date and time when the album was created and the number of existing photos
Date, time and name of the user, when or who added or commented on the photo. The name of the user is not fully legible.
Under "My Internet" users can access external websites. Users can create their own buttons and personalize this area. In this context, the following data is processed:
URL of the website
Image of the website
Title of the website
Category of the website
In the "My Clubs" section, users can access the content and services of the clubs in which this user is a member. There are open clubs, where users can become members without invitation, and closed clubs, which are accessible only by invitation of administrators. Here, the following content is processed:
Internal content: Created by club administrators of the platform, e.g. articles, topics and events.
External content (if enabled): Third party content displayed in the club, e.g. RSS feeds, Google News.
Internal content of the club: comment on an article, message in a forum, comment on an event
First name and initial of the last name of the creator of the message. In an exclusive club (marked by a lock symbol) the full name of the user is visible.
The date of publication of the message and the message itself.
Within a closed club (indicated by the lock icon next to the club name), the administrator can activate a member directory. In this case, the mandatory personal data of the club member are visible to the other members (name, first name, e-mail address, zip code, city, country). If filled in by the user, the optional personal data will also be visible to the other members of the club (postal address, and landline and cell phone numbers). Public clubs can be left independently by users at any time. In the case of closed clubs, users must inform the administrator of their wish to leave the club, who will implement the request as soon as possible.
Data shared with Club Administrators and Club Managers
By joining a club, users agree to share their data with the respective club administrators. This involves the following data:
First and last name
E-mail address (only for exclusive clubs)
Language of the user account
Postal code and city
Messages within a club
Messages posted by users within a club are time-stamped. The administrator of the club has access to the data of the messages and the user who published them: Name, first name, date, time, content, e-mail address of the user (only in case of a closed club).
Events of club
Administrators can create events in clubs and send invitations to all club members. The administrator has access to the list of participating or non-participating members. The administrator sees the following data regarding each user: First and last name, status of the invitation (participates, pending, declined).
Club Manager conversations
There is also the function of "Club Manager Conversations". This feature allows the member of a club to start a private conversation with the club administrator. The conversation is always initiated by the user and is only visible to the club administrator. The administrator has access to the following personal data of the user:
First and last name
Content of the message and date the message was sent
The conversation has an editing status, which is updated by the Club Administrator and visible to the user.
This feature allows the club administrator to create and conduct polls. There are two types of polls:
Anonymous surveys: the administrator has access to the overall results of the survey as well as the anonymized individual results. No IP addresses are stored.
Non-anonymous surveys: The administrator has access to the overall results of the survey as well as to the individual results of the club members who participated (identified by the member's full name). No IP addresses are stored in the process.
Regardless of the type of survey: club members never have access to the individual results of other users. The administrator can give club members access to the overall survey results.
3.7 My Apps
Data shared in the service provider catalog
Name of the service provider/service
Category (from a predefined list)
Landline number and/or mobile phone number
Detailed address for geolocation
Products of the service provider
Club of the service provider directory
Data shared in the product catalog
Name of the product
Subcategories (from a predefined list)
Extract from service provider (see above)
3.8 Back-Office (Administration Interface)
This part concerns only users with access to the administration interface. In this case, the user assumes the role of the administrator. A role hierarchy defines access to the various administration functions:
Platform administrators: access to user data (details under "My Profile") as well as information about the clubs the user is a member of.
Club administrators/club managers: access to shared user data within clubs
Alarm system operators: Access to the data of users who have subscribed to the Alarm Management App.
Legal basis and purpose for data processing
We process your personal data in connection with the use of the services provided on the Platform. The legal basis for data processing is Section 6 (1) lit. g KDG. Operation of the platform is not possible without this data processing. It is therefore in our legitimate interest to process this data so that we can continue to offer our platform to any interested visitor.
We process your personal data in connection with the use of the services provided on the platform. The legal basis for data processing is Section 6 (1) lit. c KDG, which allows us to process the data if this is necessary for the performance of a contract with you or to carry out a pre-contractual measure.
4. cookies and external applications
Legal basis and purpose of cookies
In order to improve the user experience, we use technical cookies.
A cookie is a text file that is sent to your browser by the Platform. This cookie only contains an identifier of the user's session, the rest of the data (user ID, language, etc...) is stored on the servers. The user's password is never stored.
We use technical cookies, which are necessary for execution and therefore do not belong to the cookies that can be managed by the user.
The use of technical cookies allows the user to stay logged in without having to log in each time, as well as to manage the configuration of the Progressive Web App (PWA) when it is installed on a cell phone.
The legal basis on which we use technically necessary cookies is our legitimate interest, based on Section 6 (1) lit. g KDG, to be able to offer you our platform and to maintain the settings you have made for the duration of your use of our platform. You can set your browser to inform you about the setting of cookies. This makes the handling of cookies transparent for you. Please note, however, to use the full functionality of our platform. is required to allow cookies.
Legal basis and purpose of plug-ins
A plug-in is used: This forwards the location you specify (but not the location), which enables a weather forecast under "My calendars".
We process your personal data in connection with the use of the services provided on the platform. The legal basis for data processing is Section 6 (1) lit. c KDG, which allows us to process data if this is necessary for the performance of a contract with you or for the implementation of a pre-contractual measure.
Links to other websites
If desired, the Platform user can install a Progressive Web App (PWA) on his mobile device (available on Android version 4.4 or higher and via the latest version of the Chrome browser) to receive Platform push notifications on his mobile device.
The data stored are:
Operating system of the mobile device
Brand of the cell phone
Model of the cell phone
Type of cell phone (smartphone or tablet)
Date of installation
The PWA does not require access to the user's personal data on their mobile device.
IV. Collected technical data for troubleshooting (logs).
The Platform also collects technical data at the Symfony Framework level to enable troubleshooting and visualization of information about Platform usage in case of problems.
The data collected is as follows:
The technical data (instance used, date, ...).
The HTTPS calls with the method used (POST or GET) by the clients, via:
the URL called
the user ID
the e-mail of the user
the user's role
the IP address of the sender
the Symfony route used
the used user agent
One line is generated, per URL called.
There is a slightly different handling of errors. In this case, a buffer is created that allows the same personal information and technical information to be retrieved for troubleshooting. The data is stored in text format in the Amazon CloudWatch tool for 3 months. In addition, the IP addresses of visitors are stored for the purpose of detecting and defending against attacks within the legal retention periods.
V. Duration of storage
A user's user data is stored for the duration of his account on the platform. The user can delete his account at any time. When a User deletes his account, all content created by him (messages, comments, etc.) on the Platform will be anonymized and archived for 12 months (with identification that allows his identification), in accordance with the law, to allow access to requests for legal assistance from the competent judicial authority.
VI. Transmission to a third country
A transfer to a third country does not take place and is not intended.
With the ineffectiveness of the EU-US Privacy Shield since July 16, 2020 by the European Court of Justice (ECJ), the USA is considered an unsafe third country under data protection law. Different data protection regulations apply in the USA than in Europe. Personal data may not be transferred without further ado. A transfer of personal data, for example by Google Analytics, is only possible with the consent of the user. This is legally possible by DSGVO Art. 49 para. 1 lit. a (see here).
VII. recipients of the data
We pass on your personal data within our company exclusively to those areas and persons who need this data to fulfill contractual and legal obligations or to implement our legitimate interest.
Furthermore, service providers employed by us with regard to the operation of the platform and acting on our behalf (so-called commissioned data processors pursuant to Section 29 KDG) could process data in connection with the above-mentioned purposes. In this regard, it should be noted that in this case corresponding commissioned data processing contracts are concluded with the respective service providers in accordance with Section 29 KDG, according to which they are contractually obligated to handle the personal data in accordance with the applicable data protection regulations.
Otherwise, data will only be forwarded to recipients outside the company if this is permitted or required by law, if the forwarding is necessary to fulfill legal obligations, or if we have your consent.
VIII. Your rights
The KDG gives you, as the data subject, the following rights with regard to the processing of your personal data:
1. right to information (§17 KDG).
Pursuant to Section 17 KDG, you may request information about your personal data processed by us. In particular, you can request information about the processing purposes, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, about a transfer to third countries or international organizations, and about the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details.
2nd Right to rectification (§18 KDG).
In accordance with §18 KDG, you can request the correction of incorrect or the completion of your personal data stored by us.
3. right to deletion (§19 KDG).
Pursuant to §19 KDG, you may request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims.
4. right to restriction of processing (§ 20 KDG).
Furthermore, you can demand the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, we no longer need the data and you refuse their deletion because you need them for the assertion, exercise or defense of legal claims. You also have the right under Section 20 KDG if you have objected to the processing in accordance with Section 23 KDG.
5. right to information (Section 21 KDG).
If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right against the controller to be informed about these recipients.
6. right to data portability (§ 22 KDG).
You may request to receive your personal data that you have provided to us in a structured, common and machine-readable format, or you may request that it be transferred to another controller.
7. right to revoke consent (§ 8 Abs 6 KDG).
Insofar as the processing of data is based on your consent, you are entitled pursuant to
§ 8 Abs 6 KDG, you are entitled to revoke your consent to the use of your personal data at any time. Please note that the revocation is only effective for the future. Processing that took place before the revocation is not affected. Please also note that we may need to retain certain data for a certain period of time in order to comply with legal requirements.
Should you wish to exercise any of the above rights, please feel free to contact us by e-mail at
or by mail
Caritas Center Garmisch-Partenkirchen
8. right of objection (§ 23 KDG)
Insofar as the processing of your personal data is carried out in accordance with § 6 para. 1 lit. g KDG for the protection of legitimate interests, you have the right, in accordance with § 23 KDG, to object to the processing of this data at any time for reasons arising from your particular situation. We will then no longer process this personal data unless we can demonstrate compelling legitimate grounds for the processing. These must outweigh your interests, rights and freedoms, or the processing must serve the assertion, exercise or defense of legal claims. You can send your objection in each case by e-mail
or by mail
Caritas Center Garmisch-Partenkirchen
82467 Garmisch-Partenkirchen, Germany
send it to us.
9. right of complaint (§ 48 KDG)
Furthermore, you have the right to complain to the supervisory authority according to § 48 KDG if you believe that the processing of your personal data is not lawful. The supervisory authority responsible for the operator is:
Joint data protection supervisory authority of the Bavarian (arch)dioceses.
Chapel Street 4
Telephone: 089 2137-1796
The right of appeal is without prejudice to any other administrative or judicial remedy.
We reserve the right to change this data protection declaration at any time with effect for the future. The current version is available on our website. Please visit our website regularly and inform yourself about the applicable data protection provisions.
If there are changes to the data protection declaration, these must be accepted by the user the next time he visits the platform.
Entry into force of the data protection declaration
The latest version of this data protection declaration is valid.
The rapid development of the Internet makes it necessary to make adjustments to the data protection declaration from time to time. You will be informed about the changes at this point.
Changes to the data privacy statement
Status: June 2021