Privacy policy

We take the protection of your personal data very seriously and respect your wish for privacy. In the sections below, we inform you about the collection of personal data when using our website. If you have any further questions about the handling of your personal data, please do not hesitate to contact us.

1. Responsible party

The person responsible within the meaning of the General Data Protection Regulation (GDPR) is:

iF Design Foundation
Bahnhofstr. 8
30159 Hanover
Phone: +49 511 54224100


2. Your rights

You have the following rights towards us with regard to your personal data. To exercise your above rights, please contact the responsible body (section 1).

2.1 General Rights

We would be happy to provide you with information as to whether personal data relating to you are being processed; if this is the case, you have a right to information about this personal data and to the information listed in detail in Art. 15 GDPR. In addition, under the respective legal requirements, you have the right to rectification (Art. 16 GDPR), the right to restriction of processing (Art. 18 GDPR), the right to erasure (Art. 17 GDPR) and the right to data portability (Art . 20 GDPR) to.

2.2 Rights in data processing based on legitimate interest

In accordance with Article 21(1) GDPR, you have the right, for reasons arising from your particular situation, to object at any time to the processing of personal data relating to you, which is based on Article 6(1) sentence 1 lit. e GDPR (data processing in the public interest) or based on Article 6 Paragraph 1 S. 1 lit. f GDPR (data processing to protect a legitimate interest) to file an objection. In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

3. Legal basis of our processing

The processing of personal data can be based on various legal bases. If we need your data to fulfill a contract with you or to answer inquiries from you regarding a contract, the legal basis for this data processing is Article 6 Paragraph 1 Sentence 1 lit. b GDPR. If we obtain your consent for certain data processing, the legal basis is Article 6 Paragraph 1 Sentence 1 lit. a GDPR. We carry out some data processing on the basis of our legitimate interest, whereby your interests worthy of protection are always weighed up against our legitimate interests. The legal basis for this is Art. 6 Paragraph S. 1 lit. f GDPR. Insofar as processing is necessary to fulfill a legal obligation to which we are subject, the legal basis is Article 6 (1) sentence 1 lit. c GDPR.

Below we explain how we process personal data via our website.

3.1 Data processing when accessing the website

If you only use the website for informational purposes, i.e. if you do not contact us via the online form or otherwise provide us with information, we collect the following technical information (log file data):

– Operating system of the end device with which you visit our website
– Browser (type, version & language settings)
– the amount of data retrieved
– the current IP address of the device you are using to visit our website
– Date and time of access
– the URL of the previously visited website (referrer)
– the URL of the (sub)page that you call up on the website
– the internet service provider of the accessing system

The collection of this data is technically necessary in order to display our website to you and to ensure stability and security. We (and our service provider) do not regularly know who is behind an IP address. We do not combine the data listed above with other data.

The legal basis is Article 6 Paragraph 1 Clause 1 Letter f GDPR. Since the collection of the data for the provision of the website and the storage in log files for the operation of the website and for protection against misuse are absolutely necessary, our legitimate interest in data processing prevails at this point.

3.2 Contacting us by email, contact form, telephone or fax

When you contact us by e-mail or via a contact form, the data you provide (your e-mail address, your name and your telephone number) will be stored by us in order to answer your questions and process your concerns. The legal basis in this respect is Art. 6 (1) sentence 1 lit. f GDPR. Insofar as we request entries via our contact form that are not required for establishing contact, we have always marked these as optional. This information is used by us to specify your request and to improve the processing of your request. This information is provided expressly on a voluntary basis and with your consent, Article 6 Paragraph 1 Clause 1 Letter a GDPR. Insofar as this concerns information on communication channels (e.g. e-mail address, telephone number), you also agree that we may also contact you via this communication channel in order to answer your request. You can of course revoke this consent at any time for the future.

Your data, which we received when you contacted us, will be deleted as soon as they are no longer required to achieve the purpose for which they were collected, your request has been processed in full and no further communication with you is necessary or desired by you.

4. Newsletter

You can subscribe to our newsletter on our website, with which we will inform you about the projects of our foundation, events and publications.

The legal basis for sending the respective newsletter is your consent in accordance with Article 6 Paragraph 1 Sentence 1 lit.

We use the so-called double opt-in procedure to register for our newsletter. This means that after you have registered, we will send you an e-mail to the e-mail address provided, in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration, your information will be automatically deleted after 3 days at the latest.

The only mandatory information for sending the newsletter is your e-mail address. Providing further data is voluntary: This data is used to be able to address you personally. After your confirmation, we will save your e-mail address for the purpose of sending the newsletter and until further notice. We also store your current IP address at the time of registration, the time of registration and the confirmation for up to three years after registration (statute of limitations). The purpose of this procedure is to be able to prove your registration in case of doubt and, if necessary, to be able to clarify any misuse of your personal data. The legal basis for logging the registration is our legitimate interest pursuant to Article 6 Paragraph 1 Clause 1 Letter f GDPR in proof of a previously given consent, see also Article 7 Paragraph 1 GDPR.

You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter e-mail or by sending an e-mail to

5. Use of cookies

Cookies are data that are stored on your computer by a website that you visit and enable your browser to be reassigned. Cookies transmit information to the site that uses the cookie. Cookies can store various information, such as your language setting, the duration of your visit to our website or your entries made there. Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.

5.1 Transient Cookies

These cookies are automatically deleted when you close your browser. These include in particular the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

5.2 Persistent Cookies

These cookies are automatically deleted after a specified period, which can vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.


For the uniform display of fonts on our website, we use web fonts from Google LLC, 1600 Amphitheater Parkway Mountain View, CA 94043, USA. The responsible body for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland.

When you visit our website, the required data is loaded into your browser cache in order to display text and fonts correctly. This requires a connection to the Google servers and personal data, in particular the IP address, may be transmitted to the servers of Google LLC. come in the US. Google web fonts are transferred to your browser's cache to avoid multiple loading. If your browser does not support web fonts or prevents access, a standard font will be used by your computer.

Insofar as data is processed outside the EEA, where there is no data protection level corresponding to the European standard, we have concluded EU standard contractual clauses with the service provider to create a secure level of data protection.

Further information on Google Web Fonts can be found at and in Google's privacy policy:

Data collection and storage only takes place with express consent in accordance with Article 6 Paragraph 1 Clause 1 Letter a) GDPR. This can be revoked at any time with effect for the future.

7. Social Media - Third Party Offerings

We use plugins from various third-party providers on our website. You will be forwarded to our account or fan page on the respective platform via the plugins. The legal basis for the use of third-party offers is Art. 6 (1) sentence 1 lit. a GDPR.

7.1 Facebook

On this website we use plugins from the social network Facebook, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (belonging to Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304 , USA) ("Facebook").

Under certain circumstances, personal data can also be transmitted to the providers via the plugins. The content of the plugin is transmitted directly from Facebook to your browser, which integrates it into the website. We therefore have no influence on the amount of data that Facebook collects with the help of this plugin.

To prevent unwanted data transmission, the plugins on this website are deactivated by default. The plugin is only activated by clicking on the respective symbol and data can be transmitted to the provider. To do this, activating the plugin establishes a connection between your browser and the server of the social network. The plugins can of course be deactivated at any time.

If the plugins are activated, Facebook already receives information such as your IP address, a message that you have visited our site and other browser-related information when you visit our site. If you also use the plugin, for example by making a comment or clicking the Like button, this information will also be transmitted to Facebook.

If you are logged in to Facebook at the same time, Facebook can assign this information to your account.
If the plugin is active, however, it sends information regardless of whether you are currently logged in to Facebook or have an active Facebook account. When you visit our website, a cookie is stored in your browser, which stores the information and transmits it to the social network when you visit it again.

Further information about the data Facebook collects through the integration of social plugins can be found directly on Facebook at: and

7.2 Instagram

Functions of the Instagram service may be integrated on our website. These functions are offered by Instagram Inc., 1601 Willow Road, Menlo Park, CA 94025, USA ("Instagram").

If you are logged into your Instagram account, you can link the contents of our pages to your Instagram profile by clicking on the Instagram button. This allows Instagram to associate the visit to our pages with your user account. We point out that we as the provider of the pages do not receive knowledge of the content of the transmitted data and their use by Instagram.

Instagram Privacy Policy:

7.3 LinkedIn

We use a LinkedIn plugin. The provider is LinkedIn Corporation, 599 N Mathilda Ave, Sunnyvale, CA 94085, USA ("Linkedin"). When you use the LinkedIn services on our website, LinkedIn uses your login information, cookies, device information, and internet protocol address (“IP address”) to identify you and log your usage. If you are a member of the provider's social network and are logged in to the social network during your visit to this website, your data and information about your visit to this website can be linked to your profile on the social network. We have no influence on the exact scope of the data collected about you by the provider.

You can find more information about the scope, type, purpose of data processing, retention periods and your rights and data protection settings in the LinkedIn data protection information at and

7.4 Youtube

We have integrated a plugin from the "YouTube" platform from Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA, on this website. By clicking on the plugin, users are redirected to our YouTube channel. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the data transmitted or how it is used by YouTube.

The data protection declaration can be found at:

8. Data Transfer

A transfer of your data to third parties does not take place except in the cases mentioned, unless we are legally obliged to do so, or the data transfer is necessary for the execution of the contractual relationship or you have previously expressly consented to the transfer of your data.

Insofar as our external service providers come into contact with your personal data, we ensure that they comply with the provisions of the data protection laws in the same way as part of the order processing in accordance with Article 28 GDPR. In these cases, however, the scope of the transmitted data is limited to the necessary minimum. Please also note the respective data protection notices of the providers. The respective service provider is responsible for the content of third-party services, whereby we check the services for compliance with the legal requirements within the scope of what is reasonable.

We value processing your data within the EU/EEA. However, we may use service providers who process data outside of the EU/EEA. In these cases, we ensure that before the transmission of your personal data, an appropriate level of data protection that is comparable to the standards within the EU is established at the recipient.

9. data security

We have taken extensive technical and operational precautions to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological advances.