Privacy notice

Below we inform you about our data protection. Here you will find information about the type, scope and purpose of the collection, use and storage of personal data when using our website. We observe the data protection law applicable to the Evangelical Church in Germany (EKD) and its churches and institutions in its currently valid version (EKD Data Protection Act).

We expressly point out that data transmission on the Internet (e.g. when communicating by e-mail) is subject to security vulnerabilities and cannot be completely protected against access by third parties.
The use of the contact data in our legal notice for commercial advertising is expressly prohibited unless we have given our prior written consent or a business relationship already exists. The provider and all persons named on this website hereby object to any commercial use and disclosure of their data.


Provider and responsible body within the meaning of the Data Protection Act:

Evangelical Lutheran Cathedral Parish
Parish Council
Mühlendamm 2-6
23552 Lübeck

Local data protection officer:
Lars Sewing (Email: )


Scope of application:

This privacy policy provides users with information about the type, scope and purpose of the collection and use of their data by the responsible provider. The legal framework for data protection is provided by the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG).


Collection of general information:

Each time our homepage is accessed, information is automatically collected by us or the web space provider. This information, also known as server log files, is of a general nature and does not allow any conclusions to be drawn about your person.
The information collected includes Name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the page from which you accessed our website), IP address and the requesting provider.
This data cannot be assigned to a specific person. This data is not merged with other data sources. However, we reserve the right to check the log data retrospectively if there are concrete indications of suspected illegal use.

Without this data, it would not be technically possible in some cases to deliver and display the content of the website. In this respect, the collection of data is absolutely necessary. We also use the anonymous information for statistical purposes. It helps us to optimize our offering and technology. We also reserve the right to check the log files retrospectively if we suspect illegal use of our website.


Personal data:

You can visit our website without providing personal data. If personal data (such as name, address or e-mail address) is collected on our website, this is done on a voluntary basis as far as possible. You have the right to revoke your consent at any time with effect for the future. Personal data will be deleted if you withdraw your consent to its storage. This data will not be passed on to third parties without your express consent. If a contractual relationship between you and us is to be established, developed or amended, or if you send us an inquiry, we will collect and use your personal data insofar as this is necessary for these purposes (inventory data). We collect, process and use personal data insofar as this is necessary to enable you to use the website (usage data). All personal data is only stored for as long as is necessary for the stated purpose (processing your request or processing a contract). Retention periods under tax and commercial law are taken into account here.

By order of the competent authorities, we may provide information about this data (inventory data) in individual cases, insofar as this is necessary for the purposes of criminal prosecution, to avert danger, to fulfill the statutory duties of the constitutional protection authorities or the Military Counter-Intelligence Service or to enforce intellectual property rights.


Contact form:

Data transmitted via the contact form, including your contact details, will be stored in order to process your request or to be available for follow-up questions. This data will not be passed on without your consent.
The data entered in the contact form is processed exclusively on the basis of your consent (Section 3 DSG-EKD). You can withdraw your consent at any time. An informal notification by e-mail is sufficient for the revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
Data transmitted via the contact form will remain with us until you ask us to delete it, revoke your consent to storage or there is no longer any need to store the data. Mandatory statutory provisions - in particular retention periods - remain unaffected.



If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter.
We use the so-called double opt-in procedure to ensure that the newsletter is sent with your consent. This involves the potential recipient being added to a mailing list. The user then receives a confirmation e-mail to confirm the registration in a legally secure manner. The address will only be actively added to the mailing list if confirmation is received.
We use this data exclusively for sending the requested information and offers.

You can revoke your consent to the storage of the data, the e-mail address and its use for sending the newsletter at any time. An informal notification by e-mail is sufficient for the revocation. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.


Integration of third-party services and content:

Our offer sometimes includes content, services and performances from other providers. These are, for example, maps provided by Open Street Map, videos from YouTube and graphics and images from other websites. In order for this data to be accessed and displayed in the user's browser, the transmission of the IP address is mandatory. The providers (hereinafter referred to as “third-party providers”) therefore perceive the IP address of the respective user.
Even if we endeavor to only use third-party providers who only need the IP address to be able to deliver content, we have no influence on whether the IP address may be stored. In this case, this process is used for statistical purposes, among other things. If we are aware that the IP address is stored, we will inform our users accordingly.



We have integrated Instagram functions on our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram is a subsidiary of Meta Platforms Inc. and is a Facebook product. Embedding Instagram content on a website is called embedding. Embedding allows us to display content such as photos, buttons or videos from Instagram directly on our website. When you access web pages on our website that have an Instagram function integrated or embedded, data is transmitted to Instagram, processed and stored.
We would like to point out that we have no knowledge of the purpose and scope of data collection, storage and processing by Instagram. Further information on this can be found in Instagram's privacy policy.



Plugins from the social network SoundCloud (SoundCloud Limited, Berners House, 47-48 Berners Street, London W1T 3NF, United Kingdom) may be integrated on our pages. You can recognize the SoundCloud plugins by the SoundCloud logo on the affected pages.

When you visit our pages, a direct connection is established between your browser and the SoundCloud server after activating the plugin. SoundCloud then receives the information that you have visited our site with your IP address. If you click on the “Like button” or “Share button” while you are logged into your SoundCloud user account, you can link and/or share the content of our pages with your SoundCloud profile. This allows SoundCloud to associate your visit to our pages with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by SoundCloud. Further information on this can be found in SoundCloud's privacy policy at:



Our website uses plugins from YouTube to integrate and display video content. The provider of the video portal is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
When a page with an integrated YouTube plugin is accessed, a connection to the YouTube servers is established. This tells YouTube which of our pages you have visited.
YouTube can assign your surfing behavior directly to your personal profile if you are logged into your YouTube account. You can prevent this by logging out beforehand.
The use of YouTube is in the interest of an appealing presentation of our online offers. This constitutes a legitimate interest within the meaning of Section 13 (1) No. 3 DSG-EKD.
Details on the handling of user data can be found in YouTube's privacy policy at:



This website uses so-called cookies, which are small text files that store specific device-related information on your access device. Cookies are not harmful to your device and do not contain viruses.
They serve to improve our offer, the cookies enable our homepage to recognize your browser on your next visit.
You can set your browser so that it restricts or prevents the storage of cookies. In this case, the use of this website may be restricted

We use a web analysis tool to design our websites in line with requirements. Data processing takes place on the basis of your consent, provided you have given your consent via our cookie banner. You can revoke your consent at any time with effect for the future.
The web analysis tool provider used creates user profiles for us on the basis of pseudonyms. The usage profiles created are used to analyze visitor behavior and are evaluated to improve and tailor our offer to your needs. For this purpose, permanent cookies are stored on your end device and read by us. In addition, it is possible for us to retrieve recognition features for your browser or device (e.g. using tracking pixels or so-called browser fingerprints). In this way, we are able to recognize returning visitors and count them as such.

Which third-party providers do we use in this context?
Below you will find an overview of the third-party providers with whom we work for analysis purposes. If the data is processed outside the EU or the EEA in this context, we provide information on the appropriate level of data protection. With regard to providers from the USA, no adequate level of data protection can be assumed due to processing in the USA. There is a risk that authorities may access the data for security and monitoring purposes without you being informed or being able to take legal action. Please bear this in mind if you decide to give your consent to our use of web analysis tools.

Provider: Cookiebot / Usercentrics
Level of data protection: The level of data protection is adequate, as processing only takes place in the EU.
If you wish to revoke your consent, make the appropriate setting via our banner (symbol at the bottom left). Finally, please note that the Cookiebot tool respects your browser settings for tracking. If you have configured your browser so that tracking should not take place (“Do not Track”), tracking by Cookiebot will not take place - regardless of what you have selected via the banner.


Data economy

In accordance with the principles of data avoidance and data economy, we only store personal data for as long as is necessary or prescribed by law (statutory retention period). If the purpose of the information collected no longer applies or if the storage period ends, we block or delete the data.



We use ChurchDesk for administrative work and communication within the Kirchengemeindeverband Innenstadt Lübeck and our congregation. ChurchDesk is a provider of the church administration software of the same name. This includes calendar management, website, newsletter communication, contact database, digital forms, a web analysis tool and online payments. The data used is subject to the GDPR. The processing is described in our privacy policy and the consents you have given. ChurchDesk processes data only on the basis of the data processing agreement concluded between us and ChurchDesk.



This website uses the donation tool from Digital.Wolff, Plötz & Co GmbH, Berlin, which is integrated via i-Frame. An i-Frame is an auxiliary element with a direct link for entering data on the website
By default, only uses the local intermediate memory (“cache”) of the user's browser and only stores data for as long as it is required for the current process. Once the current process has been completed, the data entered is no longer stored by The deactivation of intermediate storage by the user does not restrict the functionality of

When processing a donation, only the information necessary to complete the current payment process is collected. When donating by credit card, this is the card information and the cardholder's address data. When donating by SEPA direct debit, this is the account information and the address data of the account holder. The collection of address data is based on the EU PSD2 directive on the regulation of payment services and payment service providers.

The data is transmitted directly to the technical payment service provider VR Payment, Frankfurt (credit card, SEPA direct debit) for payment processing or, in the case of PayPal, collected directly by PayPal Inc.

We implement the Church Act on Data Protection of the Protestant Church in Germany (DSG-EKD) by concluding a contract with Digital.Wolff for commissioned data processing in accordance with the European General Data Protection Regulation (GDPR) and a supplementary contract in accordance with Section 30 (5) DSG-EKD.
Your data is processed and transmitted on the basis of Art. 6 para. 1 (b) GDPR (processing for the performance of a contract), Art. 6 para. 1 (c) GDPR (processing for compliance with a legal obligation), Art. 6 para. 1 (f) GDPR (data processing necessary for the purposes of a legitimate interest).

If you request a donation confirmation or the sending of further information during the payment process, your data will be processed by us for these purposes in accordance with Art. 6 para. 1 (a) GDPR (consent) and Art. 6 para. 1 (a) GDPR (performance of a contract).
You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.


Your rights to information, correction, blocking, deletion and objection:

You have the right to request information free of charge about the personal data stored by us and/or to request that it be corrected, blocked or deleted. Exceptions: Data storage is required for business transactions or the data is subject to statutory retention obligations.
For these purposes, please contact our data protection officer
Email: or by post at the address given in the legal notice.

In order to be able to take a data lock into account at any time, it is necessary to keep the data in a lock file for control purposes. If there is no statutory archiving obligation, you can also request the deletion of the data. Otherwise, we will block the data if you so wish.

Right to lodge a complaint with the competent supervisory authority
As a data subject, you have the right to lodge a complaint with the competent supervisory authority in the event of a breach of data protection law. The competent supervisory authority for data protection issues is the data protection officer of the Nordkirche. You can find the contact details under the following link:


Changes to our privacy policy:

We reserve the right to regularly revise this privacy policy so that it always complies with the current legal requirements. The new privacy policy will then apply to your next visit.

You can find the latest information on data protection here


Status: 2024-01-20