Wilhelma-App: GTC & Data Protection Policy

General Terms and Conditions for the use of the Wilhelma App

Preamble

The Wilhelma Zoological-Botanical Garden, Wilhelma 13, 70376 Stuttgart (hereinafter, “we” or “us”) is the provider of the Wilhelma app. Users can make their way around the Wilhelma grounds using map, navigation and location-based services (hereinafter, the “Services”). The following terms apply to the use of the Services. Information about data protection and about the personal data processed by the provider can be found in our Data Protection Policy.

§ 1 Conclusion of the use contract

1. The Wilhelma app can be downloaded and used without registration and free of charge.
2. A use contract is concluded between us and users at the following terms when the Wilhelma app is downloaded from the App Store (iOS) or the Google Play Store (Android) onto their mobile end devices.

§ 2 Subject of performance, requirements for use of the app

1. The Wilhelma app is intended solely for private, non-commercial use.
2. In some cases, it is possible to use the Wilhelma app without an internet connection. Fees may be charged by internet providers to use an internet connection.
3. There is no entitlement to the use of a specific version of the Wilhelma app. We constantly strive to improve and sensibly expand the app and the Services in the interest of all users in order to continuously increase their benefit. We therefore expressly reserve the right to enhance the Wilhelma app at any time. In connection with enhancements, we may in our own discretion modify, add or remove features, as well as adapt forms, the design and appearance as well as other elements of the front and back end (collectively, “Updates”). Users are not entitled to Updates.
4. We furthermore reserve the ability to discontinue the Wilhelma app and the Services in whole or in part at any time, including without prior notification. You cannot derive any claims against us as a result of this. Nor are you entitled to the availability or non-availability of certain features.
5. The Wilhelma app and the Service may be used only to the extent permitted by law and in accordance with these Terms of Use. Use in an improper manner is prohibited. The user is liable for all damages and detriments that we incur through unlawful or improper use of the app or as a result of the user breaching these Terms of Use.
6. The Wilhelma app and its content are protected by copyright. Exploitation of content protected by copyright, particularly through reproduction or dissemination, including in electronic form, as well as storage in database systems or internet or intranet, requires the prior consent of the Wilhelma, unless the German Copyright Act (Urhebergesetz) specifies differently. Vis-a-vis the user, we are entitled to all rights, particularly rights under copyright law to use and exploit the content made available.

§ 3 Term, termination of the use contract

1. The use contract runs for an indefinite period of time, unless it is terminated.
2. Users may terminate the use contract at any time without notice and without providing reasons. We may terminate the use contract at any time with four week’s notice. The foregoing does not affect our right to terminate without notice for cause.
3. Uninstalling the Wilhelma app is considered termination of the relevant use contract by the user. In the alternative the user can send us his or her notice of termination by postal mail.

§ 4 Limitation of our liability

We are liable, irrespective of the legal reason, solely in accordance with the following arrangements.

1. For negligently caused damages, we are liable only in the case of a breach of a material contractual obligation whose fulfilment is essential to proper performance of the contract and on whose compliance users are normally entitled to rely (cardinal obligation), limited in terms of amount to foreseeable damages typical of this type of contract. Liability for other remote consequential damages caused by a defect is excluded.
2. The foregoing limitation of our liability does not apply to damages caused wilfully or as a result of gross negligence, to loss of life, bodily injury and/or damage to health, to damages due to the absence of a guaranteed characteristic or to liability under the German Product Liability Act (Produkthaftungsgesetz).
3. We are not liable for events of force majeure that make the contractual services impossible or merely delay proper contract performance or make it materially more difficult. Force majeure is considered to be all circumstances that are independent of the will and influence of the contracting parties, such as terrorist attacks, embargo, seizure, natural disasters, strikes, decisions by authorities, pandemics or other serious and unforeseeable circumstances that are not the fault of the contracting parties. In this regard, a circumstance is considered to force majeure only if it occurred after conclusion of the contract.
4. In addition, we are not liable for disruptions and loss of quality of data transmission on the internet for which we are not responsible and that prevent the use of the contractual services or make such use more difficult.
5. If our liability is excluded or limited, this also applies to the liability of our statutory representatives and persons we use to perform an obligation (Erfüllungsgehilfen).
6. In the scope of application of the German Telecommunications Act (Telekommunikationsgesetz, TKG), the liability arrangement in section 44a TKG remains unaffected in any case.

§ 5 Contract language

The contract language is German. All communication between the contracting parties takes place in German.

§ 6 Applicable law; mandatory provisions of consumer protection

German law is applicable to the use contracts concluded between us and users, under exclusion of the United Nations Convention on Contracts for the International Sale of Goods The foregoing does not affect mandatory consumer protection requirements of the law of the country in which a user who is the consumer has his or her habitual residence. A consumer means every natural person who enters into a legal transaction for a purpose that is mainly outside his or her trade, business, or profession.

§ 7 Place of jurisdiction, online dispute settlement, consumer dispute resolution

1. If the user is a merchant, legal entity under public law or special fund under public law, the exclusive place of jurisdiction for all disputes resulting from the use of the Wilhelma app and the Services is the place of our registered office (currently Stuttgart, Germany). The same applies if the user does not have a general place of jurisdiction in German or the abode or habitual residence is unknown at the time suit is brought.
2. The European Commission provides consumers a platform for online dispute resolution. You can reach it at: http://ec.europa.eu/consumers/odr/. Our email address is info@wilhelma.de.
3. We are neither obligated nor prepared to participate in dispute resolution proceedings before a consumer arbitration body.

§ 8 Severability clause

If individual provisions of these Terms of Use should be ineffective or unenforceable, either in whole or in part, or become ineffective or unenforceable after contract conclusion, this does not affect the validity of these Terms of Use in any other respect. The same applies mutatis mutandis in the event that arrangements should prove to have a gap or omission.

Information about the processing of personal data when using ‘contagt services’

Section 1: Controller in charge of processing user data

Wilhelma Zoological-Botanical Garden Stuttgart
Wilhelma 13
70376 Stuttgart
Germany

Tel.: +49 (0)711 / 54 02 0
Email: info@wilhelma.de
Website: www.wilhelma.de

Section 2: Basic information about the collection and processing of your personal data

The Wilhelma with registered office in Stuttgart (hereinafter, “we”) offers map, navigation and location-based services (hereinafter, the “Services”) of contagt GmbH with registered office in Mannheim. These are provided in the form of the Wilhelma app, which enables users to make their way around the Wilhelma grounds.

We collect and process personal data to the extent that you provide us with them when making contract or through a form in the app. In addition, we collect and process data that are generated when using our Services. Your data are processed in accordance with applicable statutory provisions concerning data protection law, inter alia, the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz) and the German Telemedia Act (Telemediengesetz). Personal data means any information relating to an identified or identifiable natural person. In the following, we explain to you in detail which data we collect, how we collect them, and the legal basis for collecting them. In addition, we explain to you which rights you have and how long your data will be stored.

Section 3: Processing of data when using our Services

(1) The Wilhelma app enables you to determine your location on the grounds of the Zoological-Botanical Garden using a variety of technologies, such as Bluetooth, Wifi, mobile communications, positioning via satellite navigation system (e.g. GPS), QR codes and NFC chips. The usage of these technologies is necessary for the provision of our Services. If you use our Services, your movement data will be transferred to our servers only for the purpose of providing our Services in order to direct you to your desired destination. Your movement data are processed on the basis of Article 6(1)(b) GDPR, because they are necessary for the performance a contract between us. Other data relating to you are neither collected nor stored with the basic settings of the contagt app (privacy by default).

 (2) Risks through voice control: You can operate the Wilhelma app using voice control. In doing so, there is a risk that nearby persons can hear personal information, e.g. your destination search or the route description. We have technically limited both the collection of your spoken word and the audio rendition of the route description to the immediate vicinity. This is also intended to minimise the risk of the app inadvertently capturing the spoken words of nearby persons. Please be aware that we cannot completely prevent the above-described risks when using voice control.

Section 4: Processing of data for analysis purposes

(1) The Wilhelma app contains a database in which data generated from the transmission by Bluetooth, Wifi, mobile communications, positioning, QR codes and NFC chips are stored on your mobile end device through the app. Our servers can access this information through an internet connection. As a rule, no personal data are collected and stored in this regard, other than log-file data (on this, please also see Section 6).

 (2) In the Wilhelma app for mobile end devices, you can make the following settings that deviate from this:

a) Via explicit disclosure (“opt in”), you can disclose anonymised data to us, which are used for statistical analysis. In this regard, movement data will be stored by us in anonymised form. An association with the log-file data described in Section 5 does not take place.

b) Via explicit disclosure (“opt in”), you can disclose pseudonymised data to us, whereby your data will be associated with an alias (“user ID”). This means that although we do not know who is concealed by a user ID, we can attribute movement data to a specific person and thus can analyse and understand the use of the app and the movements of individual users. An association with the log-file data described in Section 5 does not take place.

These data are thus processed in each case on the basis of your consent pursuant to Article 6(1)(a) GDPR, which you can withdraw at any time with prospective effect. The withdrawal of consent does affect the lawfulness of processing based on consent before its withdrawal.

 (3) We use the anonymous data that we collect as described in subsection 2 a) only for statistical analyses, i.e. we only store when and how often a QR code or an NFC chip was accessed with the Wilhelma app, which searches and API calls took place, and which data were transferred by Bluetooth, Wifi, mobile communications and positioning. This enables us to analyse the use of our Service and to improve the Service. In the case of  pseudonymous data that we collect as described in subsection 2 b), the indicated data will be associated with an alias.

Section 5: Processing of location data

(1) In order to display content or further information to you in the vicinity of the buildings or grounds where you are at the moment, we use – provided that you have allowed this in the settings of your end device – on the basis of Article 6(1)(a) GDPR the positioning data of your mobile end device as well as the location detection via the mobile communications network and Bluetooth beacons as well as Wifi hotspots. In doing do, no personal data are stored by us. Instead, content is merely displayed to you for a moment, e.g. the availability of an audio guide.

(2) You can prevent us from using any location data by switching off the positioning function and/or location detection on your mobile end device.

(3) We use the data referred to in subsection 1 only to display offers to you in the form described in subsection 1, as well as for statistical analyses as described in Section 3, provided you have consented to it. In addition, we do not use and store the data referred to in subsection 1.

Section 6: Data collection in log files

(1) Access data are stored in a log file, the server log, for every request to our servers of contagt GmbH that you make when using the Wilhelma app and every access of the contagt API. The dataset stored in the process contains the following data:

- Your IP address

- the date; the time of day, the file that was accessed, the status, the request that you made to the server; the amount of data transferred; the QR code or NFC chip, from which you accessed the requested information;  the data generated by the Bluetooth, WLAN, mobile phone and location tracking transmissions through which you accessed the requested information (Referrer), and

- the product and version information of the utilised browser, your operating system and your country of origin.

 (2) We use the logs for anonymised statistical analyses in order, e.g. to learn on which days and at which times our offers are especially popular and how much data volume is generated by the various uses of our Service. Moreover, the log files enable us to identify any errors, e.g. defective links or programming errors. In that way, we can use the log files to enhance our offers. We reserve the ability to use data from log files if because of certain facts and circumstances, there is suspicion that users are using our websites and/or our Services unlawfully or in breach of contract. The foregoing purposes constitute legitimate interests of the Wilhelma pursuant to Article 6(1)(f) GDPR. We do not disclose the log-file data, other than where we are compelled to do so by statutory requirements. The logs are routinely anonymised after 14 days so that an inference about your identity or individual users is no longer possible.

Section 7: Data security

All data transmitted to us through the use of our Services are transferred over the internet using SSL encryption. We secure our apps and other systems through technical and organisational measures against loss, destruction, access, change or dissemination of data by unauthorised persons.

Section 8: Categories of recipients of data; data transmissions to a third country

(1) Service providers and agents used by us in connection with the provision of our Service, e.g. host providers, agencies and IT service providers, may have access to your personal data. However, to the extent these service providers and agents are working on our behalf, they act only in accordance with instructions and are contractually obliged by us accordingly.

 (1) We make you aware that the use of third-party systems is necessary for the conversion of spoken word into text, as well as for the audio rendition of a text (known as “speech synthesis”). This has to do with the operating system being used by you and the internet browser. The providers of these third-party systems process your personal data as independent controllers. We have no influence over the processing. Therefore, please take note of the terms of use and data protection information of the respective providers.

Section 9: Your rights

If you consented to the processing of your data, you have the right to withdraw your consent at any time. The withdrawal of consent has no impact on the legal effectiveness of the processing prior to your withdrawal.

Pursuant to Article 15 GDPR, you have the right to receive information upon request at no charge about the personal data that have been stored about you. Furthermore, pursuant to Articles 16, 17 and 18 GDPR, you have the right to rectification of inaccurate data as well as to blocking and erasure of your personal data. Under the conditions set out in Article 20 GDPR, you moreover are entitled to receive the personal data concerning you in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us. In addition, pursuant to Article 21(1) GDPR, you are entitled to object, on grounds relating to your particular situation, to processing of personal data concerning you which is based on Article 6(1)(e) or (f) GDPR, including profiling. If your personal data are processed for direct marketing purposes, you have the right pursuant to Article 21(2) GDPR to object at any time to the processing of your personal data for such marketing, which includes profiling to the extent that it is related to such direct marketing.

We will satisfy your foregoing rights to the extent that the statutory requirements are met for asserting the rights.

Please send all requests concerning your personal data using the contact data provided at the start of this Data Protection Policy and Terms of Use, as well as in the imprint on our website.

In addition, every data subject has the right to lodge a complaint with a data protection supervisory authority about the processing of data by us.

Section 10: Storage period and routine erasure

Unless expressly stated otherwise in this Data Protection Policy and Terms of Use, we process and store personal data only for the period of time necessary to achieve the purpose of processing or for as long as this was designated in statutes or requirements.

If the purpose for storage no longer exists, or if a statutorily prescribed storage period expires, the personal data are routinely blocked or erased in accordance with statutory requirements.

You may at ant time delete your user profile yourself. All data associated with it will then be irretrievably erased from our servers.