logo
  • Image descriptionGerman
  • Image descriptionEnglish
  • Image descriptionUkrainian

© Copyright 2024 WE AID. All Rights Reserved.

Breadcrumb Image
Privacy Policy
Home
Privacy Policy

Data Protection

Privacy Policy

Privacy Policy

Last updated: January 2026

1. Controller

The controller responsible for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:
WE-AID gGmbH Anna-Louisa-Karsch-Str. 2 10178 Berlin Germany E-mail: contact@we-aid.org

2. General Information on Data Processing

We take the protection of your personal data very seriously. Personal data is processed on this website only to the extent necessary. Processing is carried out in accordance with the applicable data protection regulations, in particular the GDPR and the German Telecommunications and Digital Services Data Protection Act (TDDDG).
This Privacy Policy explains which data we collect, for what purpose we use it, and on which legal basis this is done.

3. Hosting of the Website

Our website is hosted by external service providers:
  • Microsoft Azure (Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA)
  • Amazon Web Services – AWS (Amazon Web Services, Inc., 410 Terry Avenue North, Seattle, WA 98109-5210, USA)
The personal data collected on this website is processed on the servers of these providers. This may include in particular IP addresses, meta and communication data, website access data and other data generated via a web form.
Processing is carried out on the basis of Art. 6(1)(f) GDPR (legitimate interest in the secure, fast and efficient provision of our online services).
Where data is transferred to the United States, this is done on the basis of the EU Commission’s Standard Contractual Clauses or on the basis of the EU-US Data Privacy Framework.

4. Collection and Storage of Personal Data When Visiting the Website

When you access our website, information is automatically sent by your browser to the server of our website. This information is temporarily stored in so-called server log files.
The following data is collected in particular:
  • IP address of the requesting device
  • Date and time of access
  • Name and URL of the retrieved file
  • Website from which access is made (referrer URL)
  • Browser used and, if applicable, the operating system of your device
We process the above data for the following purposes:
  • Ensuring a smooth connection to the website
  • Ensuring convenient use of our website
  • Evaluating system security and stability
The legal basis is Art. 6(1)(f) GDPR.

5. Cookies

Our website uses cookies.
Cookies are small text files that are stored on your device and contain information to facilitate the use of the website.
We use:
  • technically necessary cookies
  • cookies from external services (e.g. YouTube)
Some cookies are stored only for the duration of your visit to the website (session cookies), while others remain stored on your device until you delete them or their storage period expires.
The legal basis for technically necessary cookies is Section 25(2) TDDDG.
For all other cookies, your consent is required in accordance with Section 25(1) TDDDG and Art. 6(1)(a) GDPR.

6. Linking to YouTube Videos (External Links)

Videos from the YouTube service are not embedded directly on our website but are provided exclusively via external links (so-called “pseudo two-click solution”).
The provider is:
Google Ireland Limited Gordon House Barrow Street Dublin 4 Ireland
The YouTube videos are displayed on our website only as clickable links. Only when you actively click on such a link do you leave our website and are redirected to YouTube.
Only at this point are personal data transmitted to YouTube (Google). This may include in particular:
  • IP address
  • Date and time of access
  • Page accessed on our website
  • Device and browser information
  • Any existing YouTube cookies
Before clicking the link, we explicitly inform you that clicking it will result in data being transferred to YouTube (Google).
The legal basis for the redirection and the associated data transfer is Art. 6(1)(a) GDPR (consent by active action) and Art. 6(1)(f) GDPR (legitimate interest in an appealing presentation of our content).
Further information on data processing by YouTube can be found at: Link :https://policies.google.com/privacy

7. Processing of Personal Data in Connection with Donations

If you make a donation via our website, we collect and process personal data that is necessary to process the donation and to comply with our legal obligations.
In particular, we process the following categories of personal data:
  • Identification data (e.g. first name, last name, organization)
  • Contact data (e.g. email address, postal address)
  • Donation-related data (e.g. selected project, donation amount, additional amount for WE-AID, total amount, currency, donation status)
  • Contract and subscription data (e.g. one-time or recurring donation, interval, subscription ID)
  • Payment-related data (e.g. payment method)
  • Technical metadata (e.g. session ID, source, creation and modification timestamps)
The data is processed for the following purposes:
  • Processing and allocation of donations
  • Execution and administration of payments
  • Management of recurring donations
  • Issuance of donation receipts
  • Accounting and compliance with tax law obligations
  • Internal administration
  • Fraud prevention and IT security
  • One-time or up to two-time contact of donors by email, in particular to thank them for their donation or to inform them about further fundraising campaigns
The data is stored in our own database, which is hosted by the hosting providers named in this Privacy Policy (Microsoft Azure and Amazon Web Services).
The legal bases for the processing are:
  • Art. 6(1)(b) GDPR (performance of a contract / processing of the donation)
  • Art. 6(1)(c) GDPR (compliance with legal retention obligations)
  • Art. 6(1)(f) GDPR (legitimate interest in a secure, proper and traceable donation process as well as in maintaining donor relationships and informing donors about further fundraising campaigns)
Personal data is stored for the duration of the statutory retention periods. Donation and accounting data are generally retained for up to 10 years.
Technical and administrative metadata (e.g. session IDs, status information) are deleted as soon as they are no longer required for the above purposes, and at the latest after 24 months.

8. Donation Processing via Stripe

We use the payment service provider Stripe to process online donations.
The provider is:
Stripe Payments Europe, Ltd. 1 Grand Canal Street Lower Grand Canal Dock Dublin 2 Ireland
When making a donation, personal data (e.g. name, e-mail address, payment data, donation amount) is transmitted to Stripe and processed there.
Processing is carried out for the purpose of completing the donation and fulfilling the contract in accordance with Art. 6(1)(b) GDPR.
Stripe may also transfer data to the United States. This transfer is carried out on the basis of the EU Commission’s Standard Contractual Clauses or the EU-US Data Privacy Framework.
Further information on data protection at Stripe can be found at: Link :https://stripe.com/de/privacy

9. Newsletter

On our website, you have the option to subscribe to our newsletter.
For this purpose, we collect the following personal data:
  • E-mail address
  • Name (optional, if provided)
The data is stored and processed exclusively in our own database. It is not passed on to third parties.
The data is processed for the purpose of sending our newsletter and providing information about our projects, activities and donation campaigns.
Subscription to our newsletter is voluntary and based on your consent in accordance with Art. 6(1)(a) GDPR. We use a double opt-in procedure to ensure that the subscription is actually made by the owner of the e-mail address provided.
The data is stored for as long as the newsletter subscription exists.
You can withdraw your consent at any time, for example via the unsubscribe link in the newsletter or by sending us an informal message by e-mail.
After unsubscribing from the newsletter, your data will be deleted without delay, unless statutory retention obligations prevent deletion.

10. Future Use of External Newsletter Service Providers

The dispatch of our newsletter currently takes place exclusively via our own technical infrastructure.
If we use an external service provider for newsletter distribution in the future, the personal data required for this purpose (e.g. e-mail address, name) will be transmitted to this provider.
In this case, processing will be carried out on the basis of a data processing agreement in accordance with Art. 28 GDPR.
We will inform you in good time in this Privacy Policy about the specific provider, the scope of data processing and any third-country transfers.

11. Contact

If you contact us by e-mail, telephone or contact form, your details from the inquiry, including the contact data you provide there, will be stored by us for the purpose of processing the request and in case of follow-up questions.
The legal basis is Art. 6(1)(b) GDPR (contract or pre-contractual measures) or Art. 6(1)(f) GDPR (legitimate interest in processing your inquiry).

12. Your Rights as a Data Subject

You have the right:
  • to access pursuant to Art. 15 GDPR
  • to rectification pursuant to Art. 16 GDPR
  • to erasure pursuant to Art. 17 GDPR
  • to restriction of processing pursuant to Art. 18 GDPR
  • to data portability pursuant to Art. 20 GDPR
  • to object to processing pursuant to Art. 21 GDPR
You also have the right to withdraw any consent you have given at any time.

13. Right to Lodge a Complaint with a Supervisory Authority

You have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.
Contact Us

WE AID gGmbH

Anna-Louisa-Karsch-Str. 2

10178 Berlin

Germany

Contact Us
Contact Us card image