The controller within the meaning of the General Data Protection Regulation (GDPR) is:
Coding for Change e.V.
Enzianstr. 3
85748 Garching bei München
Germany
Represented by the board: David Frank (Chair), Jakob Landbrecht (Deputy Chair)
Email: info@codingforchange.com
We process our users' personal data only insofar as this is necessary to provide a functional website and our content and services. Processing is carried out on the basis of the statutory provisions of the GDPR and the German Federal Data Protection Act (BDSG).
This website uses no cookies and does not integrate any third-party analytics or tracking services (e.g. Google Analytics). For reach measurement we use exclusively our own, cookie-free method; see section 7 for details.
Our website is hosted by Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany. The servers are located in Germany.
When you access our website, Hetzner automatically collects data in so-called server log files, which your browser transmits automatically. These are:
- IP address of the requesting device
- Date and time of access
- Name and URL of the retrieved file
- Website from which access is made (referrer URL)
- Browser used and, where applicable, the operating system
This data is not merged with other data sources. Collection is based on Art. 6(1)(f) GDPR. Our legitimate interest lies in ensuring the secure and stable operation of the website. The log files are deleted automatically after a short time.
We have concluded a data processing agreement with Hetzner pursuant to Art. 28 GDPR.
If you send us an enquiry via the contact form, the data you enter (in particular name, email address and message content) is stored in our database to process the enquiry and in case of follow-up questions. We do not share this data without your consent.
Processing is based on Art. 6(1)(b) GDPR insofar as your enquiry relates to the initiation or performance of a contract or membership relationship, and otherwise on Art. 6(1)(f) GDPR. Our legitimate interest lies in the effective handling of the enquiries addressed to us.
The data you enter in the contact form remains with us until you ask us to delete it or the purpose for storing it ceases to apply (e.g. after your enquiry has been dealt with). Mandatory statutory provisions, in particular retention periods, remain unaffected.
Via our application form you can apply to contribute to Coding for Change e.V. The data you submit (in particular name, contact details, information on qualifications and motivation, and any uploaded documents) is stored in our database and processed solely to carry out the application process.
Processing is based on Art. 6(1)(b) GDPR (performance of pre-contractual measures or the establishment of a participation relationship). Insofar as you grant us consent, Art. 6(1)(a) GDPR is the legal basis.
If your application is successful, your data is stored for the duration of your involvement in the association. If your application is unsuccessful, we delete your application data at the latest six months after completion of the application process, unless you have consented to longer storage for future opportunities.
While applications are closed, you can add your email address to a waitlist on our join page in order to be notified as soon as the application period reopens. For this purpose we store your email address and your chosen language setting.
Processing is based on your consent pursuant to Art. 6(1)(a) GDPR. You can withdraw your consent at any time with effect for the future by sending an informal message to info@codingforchange.com; we will then delete your email address without undue delay.
We use your email address solely for this notification and do not share it with third parties. Your data is deleted as soon as the purpose ceases to apply — at the latest once you have applied or declared your withdrawal.
To understand which channels (e.g. posters, QR codes, newsletters, social-media posts, search engines) bring visitors to our website and how the website is used, we operate our own, cookie-free reach-measurement method. We do not use Google Analytics or any other third-party analytics service for this.
We collect:
- the campaign label contained in a tagged link (e.g. the "src" parameter or "utm_" parameters);
- for untagged visits — if your browser transmits it — the domain of the referring website (e.g. google.com), which we assign to a broad channel (search, social media, referral or direct); we do not store the full address of the referring page;
- the pages you view and individual interactions (starting and submitting a form, reaching the booking widget) and the language setting.
This information is linked to a randomly generated session number that is stored solely in your browser's session storage and deleted automatically when you close the browser tab. It is not a cookie. In this context we do not store any IP address, do not track you across other websites, and do not create user profiles. The data is not shared with third parties and is stored exclusively on our own infrastructure within the EU.
If you submit a form (contact, application or waitlist form), the campaign label of your visit is stored together with your submission so that we can understand which measure led to it.
Processing is based on Art. 6(1)(f) GDPR. Our legitimate interest lies in measuring and improving the reach, usability and effectiveness of our non-commercial public-relations work.
Usage events are stored for a maximum of 12 months and then deleted automatically. A campaign label stored with a form submission is deleted together with that submission.
If your browser transmits a "Do Not Track" or "Global Privacy Control" signal, we do not collect any usage analytics from you. Your right to object under Art. 21 GDPR and your other rights under section 11 remain unaffected.
This website uses so-called Google Fonts to display fonts consistently. The fonts are installed locally on our server. No connection to Google's servers is established, and no data is transferred to Google.
Our website contains links to our profiles on social networks. These are pure links, not embedded plugins. Therefore, no data is transferred to the operators of the social networks when you visit our website. Only when you click a link are you redirected to the respective platform. From that point on, the privacy policy of the respective provider applies.
For security reasons and to protect the transmission of confidential content, such as enquiries and applications that you send to us, this site uses SSL/TLS encryption. You can recognise an encrypted connection by the fact that the browser's address bar begins with "https://" and by the lock symbol in your browser bar.
You have the following rights vis-à-vis us regarding the personal data concerning you:
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to object to processing (Art. 21 GDPR)
Insofar as processing is based on your consent, you can withdraw it at any time with effect for the future (Art. 7(3) GDPR). The lawfulness of the processing carried out up to the withdrawal remains unaffected.
To exercise your rights, an informal message by email to info@codingforchange.com is sufficient.
You have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data (Art. 77 GDPR). The supervisory authority responsible for us is:
Bayerisches Landesamt für Datenschutzaufsicht (BayLDA)
Promenade 18
91522 Ansbach
www.lda.bayern.de
This privacy policy is dated July 2026. Due to the further development of our website or as a result of changed legal requirements, it may become necessary to amend this privacy policy. You will always find the current version on this page.