We are delighted that you are interested in Nobiliana.
This site, which has been founded on 7 October 2003, is for all those, who share the same interest in royal and noble genealogy of Gotha families [reining, dethroned, mediatised, other princely and ducal houses plus morganatic lines as well as non-European reigning and dethroned houses] and Non-Gotha families [margravial, comital, viscountal, baronial, baronetial and untitled noble houses plus landed gentry and knights] and genealogical research, as we do. This site also offers the possibility to discuss the Austro-Hungarian and German monarchies, the Balkan monarchies and the Russian Empire, the Benelux monarchies, the British and Irish monarchy, the French, Iberian and Italian monarchies, the Scandinavian monarchies and the Non-European monarchies.
The protection of personal data is an important asset and it is therefore very important to us.
1. BASIC INFORMATION
The Regulation (EU) 2016/679, known as General Data Protection Regulation (GDPR), is applicable as of 25 May 2018 in all member states to harmonize data privacy laws across Europe and lays down rules relating to the protection of natural persons with regard to the processing of personal data and rules relating to the free movement of personal data. This regulation protects fundamental rights and freedoms of natural persons and in particular their right to the protection of personal data. The free movement of personal Data within the European Union shall be neither restricted nor prohibited for reasons connected with the protection of natural persons with regard to the processing of personal data. This regulation also applies to the processing of personal data wholly or partly by automated means and to the processing other than by automated means of personal data which form part of a filing system or are intended to form part of a filing system. According to Art. 2 (2) (a) GDPR this regulation does not apply to the processing of personal data by a natural person in the course of a purely personal or household activity. However, according to Recital 160 GDPR this regulation should also apply to the processing of personal data for historical research purposes, which should also include historial research and research for genealogical purposes, bearing in mind that this regulation should not apply to deceased persons.
1.1.1. PERSONAL DATA
means any information relating to an identified or identifiable natural person ("data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
1.1.3. RESTRICTION OF PROCESSING
means the marking of stored personal data with the aim of limiting their processing in the future.
means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
1.1.6. FILING SYSTEM
means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
1.1.10. THIRD PARTY
means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data
of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her
means a natural or legal person established in the Union who, designated by the controller or processor in writing pursuant to Art. 27 GDPR, represents the controller or processor with regard to their respective obligations under this regulation.
1.2. CONTROLLER AND CONTROLLER'S REPRESENTATIVE
Controller for the purposes of the GDPR, other data protection laws applicable in member states of the European Union and other provisions related to data protection is:
|Name of controller:
|webmaster (at) nobiliana.de
|Please always contact me by using the contact form first!
This website's controller is represented by Netty Leistra, of Groningen, The Netherlands, with regard to their respective obligations under the GDPR in case the controller is absent because of illness, vacation or for other personal reasons. Miss Leistra can be contacted via the contact form of her website and her blog as well as Facebook and Twitter. The respective privacy policies for her website, her blog, Facebook and Twitter apply.
2. COLLECTION, PROCESSING AND USE OF PERSONAL DATA
In the following passage you will be explained which personal data are collected, processed and used, its purpose and legal grounds.
2.1. WHEN VISITING THIS WEBSITE
When you visit this website, the browser you are using on your device is automatically sending information to this website's server. These information are temporarily stored in so-called log-files. The following information will be collected without your intervention and stored until automated deletion:
• IP address of the requesting device
• date and time of your access
• name and URL of the retrieved file
• website from which access is made (referrer URL)
• used browser and possibly the operating system of your device and the name of the access provider
2.1.1. LOG-FILES AND THEIR PERIOD OF STORAGE
All log-files are rotated daily. The logs from the previous date are archived and are available for the specified retention time.
The following log-file is deleted after 14 days:
• Access-Logfile (contains all accesses on our website)
The following log-files are deleted after 7 days:
• Error-Logfile (contains error messages of PHP, CGI and the web server itself)
• FTP-Logfile (contains logins via FTP and all done transactions)
• POP3/IMAP-Logfile (contains logins via POP3 and IMAP as well as done deletions of emails)
• SMTP-Logfile (contains date and time as well as sender and receiver of sent emails)
2.1.2. PURPOSE OF THE COLLECTION, PROCESSING AND USE OF THIS KIND OF PERSONAL DATA
The data mentioned are processed by us for the following purposes:
• ensuring a smooth connection of the website,
• ensuring comfortable use of our website,
• evaluation of system security and stability,
• further administrative purposes
2.1.3. LEGAL BASIS
2.2. WHEN REGISTERING ON THIS WEBSITE
In order to have full access to this website you have to sign up for a member's account. Upon your registration the following personal data are collected, processed and used
• display name (required field)
• email address (required field)
• password (required field)
• date and time of registration
• IP address
• estimated location
• used device
• browser (including user-agent)
After creating your account, an email will be automatically sent to your email address. This email contains a link you need to click in order to confirm your account. You will need to do this before you will be able to access our site as a registered member.
Registered members can change their personal data specified during the registration themselves at any time in their account settings. However, if a registered member wants to have his/her account removed from this website, you have to contact the controller via the contact form (see link at the bottom of this website), email or the internal messenger system. In order to retain the content of the member who want to have his/her account removed, we anonymise or pseudonymise the content and remove any stored IP addresses.
2.2.1. PURPOSE OF THE COLLECTION, PROCESSING AND USE OF THIS KIND OF PERSONAL DATA
The data mentioned are collected, processed and used by us for the following purposes:
• only registered members can view the full content of this website
• only registered members can post a topic
• only registered members can post a reply
• only registered members can post a comment
• only registered members can follow topics and subscribe to the email newsletter
• only registered members can communicate privately with other registered members via the website's messenger system
• for sending you an email upon resetting your password
• for internal use by the controller
• prevention of misuse of our services
• if necessary, making it possible to investigate committed offenses
• to secure the controller
2.2.2. LEGAL BASIS
2.3. WHEN POSTING A TOPIC AND REPLY, REPORTING A POST AND USING THE COMMENT FUNCTION
When posting a topic and reply or reporting a post or using the comment function, the following personal data of registered members are collected, processed and used:
• display name
• date and time when the topic, reply, report or comment has been posted
• IP address
Of course, the topics, replies, reports and comments are also stored and published and they can contain personal data such as births, christenings, engagements, marriages, separations, divorces, deaths and burials as well because this website is about royal and noble genealogy. For genealogical information this site and its registered members make use of public sources such as television and radio programmes, newspapers (both online and print version), magazines (both online and print version), social media (online), newsletters (subscribed), books (both print and digitalized versions) and church registers (digitalized online version).
However, while reports and its connected personal data of registered members are deleted after the report has been completed, all other personal data of registered members connected with topics, replies and comments are only deleted or anonymised or pseudonymised when the respective registered member wants to have his/her account deleted or when they had to be deleted for legal reasons (e. g. violation of copyright, violation of the rights of third parties, illegal content, insults etc.).
All personal data which have been posted in topics, replies and comments are deleted once the purpose of this website has been fulfilled, which will be when there is no interest in this website anymore and it will thus be deleted.
2.3.1. PURPOSE OF THE COLLECTION, PROCESSING AND USE OF THIS KIND OF PERSONAL DATA
The personal data of registered members mentioned are collected, processed and used by us for the following purposes:
• security reasons
• in the case the data subject violates the rights of third parties
• in the case the data subject posts illegal content
• own interest of the data controller, so that she could exculpate in the event of an infringement
The personal data in topics, replies and comments are collected, processed and used by us for the following purposes:
• fullfil our interest in royal and noble genealogy, its updating and its research in historical context
2.3.2. LEGAL BASIS
The legal basis for the processing of personal data of our registered members is Art. 6 (1) a) GDPR. The legal basis for the processing of personal data in topics, replies and comments are Art. 5 GDPR and Art. 6 (1) f) GDPR in combination with Art. 9 (2) e) + j) GDPR, Art. 14 (1) + (2) + (4) GDPR, Art. 89 (2) GDPR, Recital 153 GDPR and Recital 156 GDPR as well as Art. 27 BDSG (German Bundesdatenschutzgesetz).
2.4. WHEN FOLLOWING NEW CONTENT AND SUBSCRIBING TO OUR EMAIL-NEWSLETTER
This website offers its members the possibility to be kept up-to-date by following new content or by subscribing to our newsletter.
For following new content you can choose between different sending methods:
• a notification when new content is posted
• one email per day with all new content from that day
• one email per week with all new content from that week
• do not end me any notification
You can subscribe to the newsletter by opting-in during the registration process and later in your account settings.
You can unfollow new content and unsubscribe from the newsletter yourself at any time, either by using the link at the end of each notification or newsletter or by editing the notification settings or the manage followed content settings.
2.4.1. PURPOSE OF THE COLLECTION, PROCESSING AND USE OF THIS KIND OF PERSONAL DATA
For receiving the notification or newsletter the indication of an email address is sufficient as those information can not be send without the email address of the receiver.
2.4.2. LEGAL BASIS
2.5. WHEN USING OUR CONTACT FORM
For questions of any kind, we offer you the opportunity to contact us via a contact form provided on the website.
The following personal data have to be provided:
• your name (in case you are not a registered member)
• your valid email address (in case you are not a registered member)
• your message
If you are not a registered member, you further have to opt-in to pass the security check confirming that you are not a robot.
The personal data collected by us for the use of the contact form will be automatically deleted after completion of the request made by you.
2.5.1. PURPOSE OF THE COLLECTION, PROCESSING AND USE OF THIS KIND OF PERSONAL DATA
We need to know who has contacted us, so that we can answer the person's questions or requests.
2.5.2. LEGAL BASIS
3. DISTRIBUTION OF DATA
A distribution of your personal data to third parties for other purposes that those listed below does not take place. We only share your personal data with third parties if
• you have given your consent in accordance with Art. 6 (1) a) GDPR,
• the distribution is in accordance with Art. 6 (1) f) GDPR required to assert, exercise or defend legal claims and there is no reason to assume that you have a predominantly legitimate interest in not disclosing your data,
• in the case that the distribution is a legal obligation in accordance with Art. 6 (1) c) GDPR.
Nobiliana places cookies on your device to help make this website better. Any cookies that may be used by this website are used either solely on a per session basis or to maintain user preferences. Cookies are not shared with any third parties.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Depending on your access level and actions on the site, various preference based cookies may be set to enrich your experience. These cookies are used to remember your theme, language and item marking preferences, etc.
4.1. STANDARD COOKIES
This cookie contains the ID of your current session.
Your member ID. This cookie is set after you log in when you tick "Remember Me" so you can be automatically logged in again in the future.
A unique key to authenticate your member ID cookie. This cookie is set after you log in when you tick "Remember Me" so you can be automatically logged in again in the future.
4.2. THIRD PARTY COOKIES
The site owner may set additional cookies in addition to the standard cookies above. These cookies are often used for website usage tracking, or set by embedded service providers when viewing embedded content from providers such as YouTube and Vimeo, etc.
4.3. HOW DO I CHANGE MY COOKIE SETTINGS?
You can adjust your cookie settings as most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit http://www.aboutcookies.org/ or http://www.allaboutcookies.org/. To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout.
5. THIRD PARTIES
We are using certain third parties tools at this website.
5.1. ANALYTIC TOOLS
The tracking measures listed below and used by us are based on Art. 6 (1) f) GDPR. With the used tracking measures, we want to ensure system security and stability, that only human beings are registering at this website and to avoid that spammers are registering. These interests are to be regarded as justified within the meaning of the aforementioned provision. The respective data processing purposes and data categories can be found in the respective tracking tools.
5.1.3. SPAM DEFENSE
5.2. SOCIAL MEDIA PLUG-INS
We use social media plug-ins from the social networks Instagram and Twitter in order to make our website better known and from YouTube in order to show videos related to royalty and nobility in accordance with Art. 6 (1) f) GDPR. The underlying purpose is to be regarded as a legitimate interest within the meaning of the GDPR. Responsibility for the operation compliant with data protection is to be guaranteed by their respective providers. The integration of these plug-ins by us is done by means of the so-called two-click method to protect visitors to our website in the best possible way.
This site uses integrated components of the service Instagram. Instagram is a service that may be qualified as an audiovisual platform, which allows users to share photos and videos, as well as disseminate such data in other social networks.
The operating company of the services offered by Instagram is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.
With each call-up to one of the individual pages of this website, which is operated by the controller and on which an Instagram component (Insta button) was integrated, the internet browser on the information technology system of the data subject is automatically prompted to the download of a display of the corresponding Instagram component of Instagram. During the course of this technical procedure, Instagram becomes aware of what specific sub-page of our website was visited by the data subject.
If the data subject is logged in at the same time on Instagram, Instagram detects with every call-up to our website by the data subject and for the entire duration of their stay on our internet site, which specific sub-page of our Internet page was visited by the data subject. This information is collected through the Instagram component and is associated with the respective Instagram account of the data subject. If the data subject clicks on one of the Instagram buttons integrated on our website, then Instagram matches this information with the personal Instagram user account of the data subject and stores the personal data.
Instagram receives information via the Instagram component that the data subject has visited our website provided that the data subject is logged in at Instagram at the time of the call to our website. This occurs regardless of whether the person clicks on the Instagram button or not. If such a transmission of information to Instagram is not desirable for the data subject, then he or she can prevent this by logging off from their Instagram account before a call-up to our website is made.
On this website, the controller has integrated components of Twitter. Twitter is a multilingual, publicly-accessible microblogging service on which users may publish and spread so-called "tweets", e. g. short messages, which are limited to 280 characters. These short messages are available for everyone, including those who are not logged on to Twitter. The tweets are also displayed to so-called followers of the respective user. Followers are other Twitter users who follow a user's tweets. Furthermore, Twitter allows you to address a wide audience via hashtags, links or retweets.
The operating company of Twitter is Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
With each call-up to one of the individual pages of this website, which is operated by the controller and on which a Twitter component (Twitter button) was integrated, the internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding Twitter component of Twitter. Further information about the Twitter buttons is available under https://about.twitter.com/de/resources/buttons. During the course of this technical procedure, Twitter gains knowledge of what specific sub-page of our website was visited by the data subject. The purpose of the integration of the Twitter component is a retransmission of the contents of this website to allow our users to introduce this web page to the digital world and increase our visitor numbers.
If the data subject is logged in at the same time on Twitter, Twitter detects with every call-up to our website by the data subject and for the entire duration of their stay on our internet site which specific sub-page of our internet page was visited by the data subject. This information is collected through the Twitter component and associated with the respective Twitter account of the data subject. If the data subject clicks on one of the Twitter buttons integrated on our website, then Twitter assigns this information to the personal Twitter user account of the data subject and stores the personal data.
Twitter receives information via the Twitter component that the data subject has visited our website, provided that the data subject is logged in on Twitter at the time of the call-up to our website. This occurs regardless of whether the person clicks on the Twitter component or not. If such a transmission of information to Twitter is not desirable for the data subject, then he or she may prevent this by logging off from their Twitter account before a call-up to our website is made.
The applicable data protection provisions of Twitter may be accessed under https://twitter.com/privacy?lang=en.
5.2.3. YOUTUBE VIDEOS (EMBEDDED)
Components from YouTube have been integrated into our website. YouTube is an online video portal which enables video publishers to upload videos free of charge, and enables other users to watch, rate and comment on these videos, also free of charge. YouTube allows all types of videos to be published, which is why both complete films and television programmes, as well as also music videos, trailers or videos made by the users themselves, can be accessed via the online portal.
The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube , LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time one of the individual pages of this website, which is operated by the party responsible for processing and which has an integrated YouTube component (YouTube video), is visited, the respective YouTube component automatically prompts the internet browser on the IT system of the person concerned to download a representation of the corresponding YouTube component from YouTube. Additional information about YouTube can be accessed at https://www.youtube.com/yt/about/de/. Within the framework of this technical process, YouTube and Google receive information about which specific sub-pages from our website are visited by the person concerned.
If the person concerned is logged into YouTube at the same time, then when a sub-page containing a YouTube video is visited YouTube is able to recognise which specific sub-page from our website the person concerned is visiting. This information is collected by YouTube and Google and allocated to the respective YouTube account of the person concerned.
If the person concerned is simultaneously logged into YouTube when they visi our website, then YouTube and Google always receive information via the YouTube component that the person concerned has visited our website. This takes place regardless of whether or not the person concerned clicks on the YouTube component. If the person concerned does not wish this information to be transmitted to YouTube and Google in this way, they can prevent the transmission by logging out of their YouTube aacount before visiting our website.
The data privacy statements published by YouTube, which are accessible at https://www.google.de/intl/de/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.
5.3. OTHER TOOLS
We use other third party tools in order to have a consistent and attractive presentation of our website is a legitimate interest in accordance with Art. 6 (1) f) GDPR.
5.3.1. GOOGLE WEB FONTS
This website uses so-called web fonts, provided by Google, for the uniform presentation of fonts. When you call up a page, your browser loads the requires web fonts into your browser cache to display texts and fonts correctly.
To do this, the browser you use must conntect to Google's servers. Google thus becomes aware that our website was accessed via your IP address.
If your browser does not support web fonts, a standard font will be used by your computer.
6. RIGHTS OF THE DATA SUBJECT
The GDPR grants the data subjebt rights. These so-called data subject rights describe the right of the data subject concerning data processing.
6.1. RIGHT OF ACCESS BY THE DATA SUBJECT
You have the right to ask us for information about whether we process personal data of you and, as far as this is the case, you have the right to information about these personal data and to those information mentioned in Art. 15 GDPR.
6.2. RIGHT TO RECTIFICATION
You have the right to obtain the rectification of inaccurate personal data concerning you, and in accordance with Art. 16 GDPR , you may demand to have incomplete personal data completed.
6.3. RIGHT TO ERASURE ("RIGHT TO BE FORGOTTEN")
You have the right to obtain from us the erasure your personal data without delay in case the requirements of Art. 17 (1) GDRP are met. We are obliged to delete them immediately, where one of the following grounds applies:
a) Your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
b) You withdraw your consent consent on which the processing of your personal data was based, and there is no other legal ground for the processing.
c) Your personal data have been unlawfully processed.
According to Art. 17 (3) GDPR the right to erasue shall not apply to the extent that processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes and for the establishment, exercise or defence of legal claims.
6.4. RIGHT TO RESTRICTION OF PROCESSING
In accordance with Art. 18 (1) GDPR you have the right to obtain from us restriction of processing where one of the following applies:
a) You contest the accuracy of the personal data and we have thus to verify the accuracy.
b) The processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead.
c) We no longer need the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims.
d) You have objected to processing of your personal data, pending the verification whether our legitimate grounds override those of you.
6.5. RIGHT TO DATA PORTABILITY
In accordance with Art. 20 GDPR you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, to which the personal data have been provided, in case the processing is based on your consent and the processing is carried out by automated means.
6.6. RIGHT TO OBJECT
In accordance with Art. 21 GDPR you have the right to object, on grounds relating to you particular situation, at any time to processing of personal data. In case of revocation we will delete the personal data concerned immediately, as far as further processing can not be based on a legal basis for consentless processing. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until the revocation.
You also have the right to object, on grounds relating to your particular situation, to processing of your personal data where your personal data are processed for scientific or historial research purposes or statistical purposes, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
6.7. RIGHT TO WITHDRAW THE CONSENT
In accordance with Art. 7 (3) GDPR you have the right to withdraw your consent at any time. As a result, we are no longer allowed to continue de data processing based on this consent for the future.
However, the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. It shall be as easy to withdraw as to give consent.
6.8. RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
In accordance with Art. 77 GDPR you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement, without prejudice to any other administrative or judicial remedy, if you consider that the processing of personal data relating to you infringes this regulation.
The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 GDPR.
7. DATA SECURITY
We use the common SSL (Secure Socket Layer) and TLS method in conjunction with the hightest encryption level your own browser is supporting. This is usually the case with a 256-bit encryption. If your browser is not supporting 256-bit encryption, 128-bit v3 technology is used. Whether a single page of this website is transmitted encrypted, you can recognize the string https:// and the lock icon in your browser bar.
Incidentally, we use appropriate technical and organized security measures to your personal data against accidental or intenional manipulations, partial or complete loss, destruction or against the unauthorized to protect access of third parties.