Privacy policy

Privacy Policy and Consents according to the Basic Data Protection Regulation in the European Union

Table of contents

1. Objectives and responsible body
2. Basic information on data processing
3. Processing of personal data
4. Collection of access data
5. Cookies & range measurement
6. Google Analytics
7. Social plugins / Share buttons
8. Integration of services and contents of third parties
9. Newsletter
10. User rights and deletion
11. Changes to the privacy policy

1. Objectives and responsible body

In accordance with the requirements of the Basic Data Protection Regulation of the European Union, this data protection declaration clarifies the type, scope and purpose of the processing (including collection, processing and use as well as obtaining consent) of personal data within our online service and the websites, functions and content associated with it (hereinafter jointly referred to as “online service” or “website”). The data protection declaration applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) on which the online service is executed.

The provider of the online offer and the responsible body for data protection is the

GWUP registered association (Society for the Scientific Investigation of Parasciences – German Skeptics),
Arheilger Weg 11,
64380 Roßdorf,
Chairman of the board authorized to represent the company: Dr. Holm Hümmler;
(hereinafter referred to as “Provider”, “we” or “us”).

For the contact possibilities, we refer to our imprint.

The term “user” covers all customers and visitors of our online offer. The terms used, such as “user”, are to be understood gender-neutrally.

2. Basic information on data processing

We process users’ personal data only in compliance with the relevant data protection regulations in accordance with the principles of the data economy and data avoidance. This means that the data of the users will only be processed if there is legal permission (in particular if the data are necessary for the provision of our services / online services or legally prescribed) or if there is a consent.

We take organisational, contractual and technical security measures in accordance with the state of the art in order to ensure that the provisions of the data protection laws are complied with and to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorised persons.

If content, tools or other means from other providers (hereinafter jointly referred to as “Third-Party Providers”) are used within the scope of this data protection declaration and their registered office is abroad, it is to be assumed that a data transfer to the registered office states of the Third-Party Providers takes place. The transfer of data to third countries takes place either on the basis of a legal permit, user consent or special contractual clauses which guarantee the security of the data required by law.

3. Processing of personal data (other than access data)

The use of our website is also possible completely without personal data. Insofar as such data is collected, it will be processed for the following purposes, in addition to the uses expressly mentioned in this data protection declaration, on the basis of legal permissions or consents of the user:

Provision, execution, maintenance, optimisation and safeguarding of our services,

Ensure effective customer service and technical support.

Such data only arise when using our site if you contact us via contact form or e-mail. We transmit user data to third parties only if this is necessary due to contractual or legal obligations.

When contacting us (via contact form or email), the user’s details are stored for the purpose of processing the enquiry and in the event that follow-up questions arise. Personal data will be deleted if they have fulfilled their intended purpose and if there are no storage obligations to prevent deletion.

4. Collection of access data


We host our website at our contract processor Strato, Strato AG, Pascalstraße 10, 10587 Berlin, Germany.

Connection data is processed for the purpose of providing and delivering the website. For the sole purpose of providing and delivering the website, the data is not saved beyond the time of access.

The legal basis for the data processing is the legitimate interest (unconditional technical necessity for the provision and delivery of the “website” service expressly requested by you through your call) in accordance with Art. 6 para. 1 lit. f DSGVO.

In order to operate the Website, the connection data and other personal data are NOT additionally processed within the framework of various other functions or services.

Server Log Files

Connection data is processed for the purpose of monitoring the technical function and increasing the operational reliability of our web host. The duration of processing is limited to 7 days. In addition, we collect data about every access to the server on which this service is located (so-called server log files). The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (if sent, the previously visited page), IP address and the requesting provider.

The legal basis for the data processing is the legitimate interest (unconditional technical necessity of a server log file as a basic data basis for error analysis and for security measures within the scope of the “website” service expressly requested by your request) in accordance with Art. 6 Para. 1 letter f DSGVO.

This data is automatically recorded directly by the provider (the operator of the server for this web offer). With regard to the permissible and necessary storage and processing of this data, compliance with the provisions of the DS-GVO is ensured by the fact that the operator of this website has concluded a contract for commissioned data processing with the provider in accordance with Art. 28 DS-GVO.

User data is only transferred to third parties if this is necessary for billing purposes (not applicable to this website) or for other purposes if this is necessary to fulfil our contractual obligations to the users.

Personal data will be deleted provided that they have fulfilled their intended purpose and there is no obligation to retain them.

We use the protocol data without allocation to the person of the user or other profiling in accordance with the legal regulations only for statistical evaluations for the purpose of operating, security and optimisation of our online offer. However, we reserve the right to check the log data subsequently if there is a justified suspicion of illegal use based on concrete evidence.

5. Cookies & range measurement

This website itself does not use first-party cookies for range measurement/analysis. You can convince yourself of this by checking this page at an online service like

6. Google Analytics

We do not use the Google Analytics service on this website.

7. Social plugins / Share  buttons

On our pages we provide so-called share buttons for social media platforms as Facebook and X (former Twitter), Messengers like WhatsApp or e-Mail via the plugin “Shariff Wrapper”. In the following we take over the explanations of the developer / manufacturer in our privacy policy:

“With Shariff, website operators protect the privacy of their visitors from the exaggerated curiosity of social networks such as Facebook and X (former Twitter). For visitors, one click is enough to share a page with friends.

With Shariff, you can use social media without compromising your privacy. The c’t project Shariff replaces the usual share buttons of social networks and protects your surfing behavior from prying eyes. Nevertheless, a single click on the button is enough to share information with others. You don’t have to do anything – the webmaster has already taken care of everything.

The usual social media buttons transfer the user data to Facebook & Co. every time a page is opened and provide the social networks with precise information about your surfing behaviour (user tracking). You do not need to be logged in or a member of the network. A Shariff button, on the other hand, establishes direct contact between the social network and the visitor only when the latter actively clicks on the share button.

In this way Shariff prevents you from leaving a digital trace on every page you visit and improves data protection. Then you can tweet or liken as you like – the social network doesn’t get more information.”

8. Integration of services and contents of third parties

It may happen that content or services of third-party providers, such as city maps or fonts from other websites, are integrated within our online offering. The integration of third-party content always presupposes that the third-party providers perceive the IP address of the users since they would not be able to send the content to the user’s browser without the IP address. The IP address is therefore required for the presentation of these contents. Furthermore, the providers of third-party content can set their own cookies and process the user data for their own purposes. User profiles can be created from the processed data. We will use this content as data-efficiently and data-avoidably as possible and select reliable third-party providers with regard to data security.

No such services are currently integrated into our website. Should this be the case in the future, this data protection declaration will be amended accordingly.

9. Newsletter

The newsletter service is currently not set up. If the newsletter service is implemented, this data protection declaration will be supplemented accordingly.

10. User rights and deletion of data

Users have the right, upon request and free of charge, to obtain information about the personal data we have stored about them.

In addition, users have the right to have incorrect data corrected, consents revoked, their personal data blocked and deleted, and the right to lodge a complaint with the competent supervisory authority if unlawful data processing is assumed.

The data stored by us will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.

11. Changes to the data protection declaration

We reserve the right to change the data protection declaration in order to adapt it to changed legal situations or in the event of changes to the service or data processing. However, this only applies with regard to declarations on data processing. If user consents are required or components of the data protection declaration contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users.

Users are requested to inform themselves regularly about the content of the data protection declaration.

Last update: 27.03.2024  10:00