Data protection
introduction
In these data protection provisions, the DGAF describes its procedure with regard to the data recorded by members and by users who access our websites or provide us with personal data in other ways.
Responsible authority within the meaning of the General Data Protection Regulation (GDPR):
State Commissioner for Data Protection and Freedom of Information, Königsstrasse 10a, 70173 Stuttgart.
User rights
According to the GDPR, you have the following rights vis-à-vis us with regard to your personal data:
1. Right to information, Art. 15 GDPR
2. Right to rectification, Art. 16 GDPR
3. Right to erasure (“right to be forgotten”), Art. 17 GDPR
4. Right to restriction of processing, Art. 18 GDPR
5. Right to data portability, Art. 20 GDPR
6. Right to object to processing, Art. 21 GDPR (see also section 5 below).
According to Art. 22 GDPR, you also have the right not to be subjected to a decision based solely on automated processing - including profiling - which has legal effect on you or which significantly affects you in a similar manner, provided that the decision
• is not required for the conclusion or performance of a contract between you as the data subject and us as the person responsible,
• is permissible on the basis of legal provisions of the Union or of the member states to which we as the controller are subject and these legal provisions contain appropriate measures to safeguard your rights and freedoms and your legitimate interests as the person concerned, or
• is made with your express consent.
Please note, however, that these rights do not apply unconditionally, but are subject to our own legitimate interests and regulatory requirements.
Your rights of withdrawal and objection
Your right to withdraw consent
You have the right to revoke your consent at any time without affecting the legality of the processing carried out so far. If the consent is withdrawn, we will stop the corresponding data processing.
Your right to object to legitimate interests
According to Art. 21 GDPR, you have the right at any time, for reasons that arise from your particular situation, to object to the processing of personal data relating to you, which is collected on the basis of Art. 6 Para. 1 lit.f GDPR To file an objection. We will then no longer process the personal data unless there are demonstrably compelling reasons worthy of protection for the processing that outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims.
Your right to object to direct mail
According to Art. 21 GDPR, you have the right to object to the processing of your personal data for the purpose of direct marketing, the exercise of which leads to the termination of processing for the purpose of direct marketing or the safeguarding of legitimate interests.
If you are of the opinion that the processing of the data concerning you violates data protection regulations, you have the right to complain to a supervisory authority according to Art. 77 GDPR. The right to lodge a complaint can in particular be asserted with a supervisory authority in the Member State in which you are staying or the place of the alleged violation. In Baden-Württemberg, the responsible supervisory authority is the state commissioner for data protection and freedom of information, Königsstraße 10a, 70173 Stuttgart.
If you would like to exercise any of the rights listed here or would like further information, please contact our data protection officer at:
49 7774 9390102
storage
We store your personal data for as long as is necessary to provide our services, comply with legal obligations, as well as resolve disputes and enforce our policies. The retention periods depend on the type of data collected and the purpose for which this data was collected, taking into account both the case-specific circumstances and the need to delete outdated, unused information as soon as possible. We store data records with personal data from customers, documents about the account setup, messages and other data in accordance with applicable laws and regulations.
We can correct, complete or remove incomplete or incorrect data at any time and at our sole discretion.
Basis for data acquisition
The legal basis of the data processing results from the regulation of Art. 6 DS-GVO, whereby our data processing predominantly
• on the basis of consent, Article 6, Paragraph 1, Sentence 1, Letter a GDPR
• for the performance of the contract, Art. 6 Paragraph 1 Sentence 1 lit b. GDPR
• to fulfill legal obligations, Article 6 Paragraph 1 lit. GDPR
• to safeguard legitimate interests, Article 6 (1) (f) GDPR
respectively.
In accordance with Art. 13 GDPR, the respective underlying legal basis is named below for the respective processing operations in this data protection declaration.
If we use contracted service providers for individual functions of our offer or if we would like to use your data for advertising purposes, we will inform you in more detail about the respective processes below in this data protection declaration. We also state the specified criteria for the storage period.
The processing of your personal data (ie any data that allows you to identify yourself by reasonable means; "personal data") is necessary in order to fulfill our contractual obligations to you and so that we can provide you with our services, protect our legitimate interests as well as legal and meet the financial regulatory obligations to which we are subject.
By using this website, you consent to the collection, storage, use, disclosure and other use of your personal data as described in this privacy policy.
Please read the privacy policy carefully before making any decisions.
Which data are recorded?
We collect two types of data and information from users.
The first category includes non-identifying and non-identifiable user data that is provided or collected through the use of the website ("non-personal data"). You can visit our website without having to provide any personal information. If you only use our website for informational purposes, e.g. if you do not register or otherwise provide us with information, we only collect the data that your browser transmits to our server and that is stored in log data (server log files). If you want to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security. The legal basis for this is Art. 6 Para. 1 S. 1 lit.f DS-GVO:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- content of the request (specific page)
- Access status / HTTP status code
- Amount of data transferred in each case
- Website from which the request came
- browser
- Operating system and its interface
- Language and version of the browser software.
As a result, we do not know the identity of the user from whom non-personal data was collected. The non-personal data that can be recorded includes aggregated usage data and technical data that are transmitted by your device, including certain information relating to software and hardware (e.g. browser and operating system used on the device, language setting, access time, etc. .). We use this data to improve the functionality of our website. We can also collect data about your activity on the website (e.g. pages viewed, surfing behavior, clicks, actions, etc.).
The second category includes personal data, i.e. data that identifies an individual or can identify them through appropriate measures. Such data include:
• Device data: We collect personal data from your device. Such data include geolocation data, IP address, unique identifiers (e.g. MAC address and UUID) and other data resulting from your activity on the website
• Registration data: When you register on our website, you will be asked to provide certain information, e.g. E.g .: first and last name, e-mail address or address or other information.
How do we get data about you?
We obtain your personal data from various sources:
• You provide us with such data voluntarily, for example when registering on our website. The registration is your personal, central access to the functions and our offers.
• We receive such data when you use our website or access it in connection with one of our services.
• We receive such data from other providers, services and from public registers (for example from data traffic analysis providers).
How is the data used? Who will the data be passed on to?
We do not pass on user data to third parties, except as described in this privacy policy. If you use the extended functions / services of our services, we will save the data you need to process the contract (Art. 6 Para. 1 S. 1 lit. b GDPR), including information on the method of payment. Furthermore, we store the voluntary data you provide for the time necessary to use our services, unless you delete them beforehand.
We use data for the following purposes:
• For the contractual processing of membership fees
• Your participation in our events
• To communicate with you (sending newsletters, providing technical information and, if necessary, processing inquiries)
• For information about new updates and services
• To place ads when you use our website (more information under "Advertising")
• To market our websites and products (further information under "Marketing")
• For statistical and analysis purposes to improve the website
In addition to the various uses listed above, we can also pass on personal data to our subsidiaries, affiliated companies and subcontractors.
In addition to the purposes listed in this privacy policy, we can forward personal data to our trustworthy external providers, who are based in different jurisdictions around the world, for the following reasons:
• Hosting and operating our website
• Providing our services, including the personalized display of our website
• Storing and processing such data on our behalf
• Placing advertisements as well as the ability to assess the success of our advertising campaigns, retargeting of users
• Provision of marketing offers and promotional materials in connection with our website and our services
Your participation in our events
• To communicate with you (sending notices about our services, providing technical information and, if necessary, processing customer service inquiries)
• For information about new updates and services
• To place ads when you use our website (more information under "Advertising")
• To market our websites and products (further information under "Marketing")
• For statistical and analysis purposes to improve the website
In addition to the various uses listed above, we can also pass on personal data to our subsidiaries, affiliated companies and subcontractors.
In addition to the purposes listed in this privacy policy, we can forward personal data to our trustworthy external providers, who are based in different jurisdictions around the world, for the following reasons:
• Hosting and operating our website
• Providing our services, including the personalized display of our website
• Storing and processing such data on our behalf
• Placing advertisements as well as the ability to assess the success of our advertising campaigns, retargeting of users
• Provision of marketing offers and promotional materials in connection with our website and our services
• Carrying out studies, technical diagnoses or analyzes
We may also disclose information if we have a good faith belief that it is helpful or appropriate to: (i) comply with any applicable law, regulation, legal process, or government request; (ii) enforce our policies (including our agreement) and investigate any possible violations thereof; (iii) investigate, detect, prevent, or take action against illegal activity or other misconduct, suspected fraud or security issues; (iv) to assert or enforce our own legal claims or to defend ourselves against the claims of others; (v) protect the rights, property or safety of our users, your safety or the safety of others; or to (vi) cooperate with law enforcement agencies and / or protect intellectual property or other legal claims.
Cookies
We and our partners use cookies to provide corresponding services. This also applies when you visit our website or access our services.
A "cookie" is a small data package that is assigned to your device when you visit a website from this website. Cookies are useful and can be used for different purposes. These include B. easier navigation between different pages, automatic activation of certain functions, saving your settings and optimized access to our services. The use of cookies also enables us to show you relevant advertising tailored to your interests and to collect statistical information on your use of our services.
The processing (the use of cookies) takes place on the legal basis of Art. 6 Para. 1 S. 1 lit.f DS-GVO from the legitimate interest in achieving the aforementioned purposes.
This website uses the following types of cookies:
a. "Session cookies", which ensure normal system usage. Session cookies are only stored for a limited time during a session and are deleted from your device as soon as you close your browser.
b. "Permanent cookies", which are only read by the website and are not deleted when the browser window is closed, but are stored on your computer for a certain period of time. This type of cookie enables us to identify you on your next visit and, for example, to save your settings.
c. "Third party cookies" that are set by other online services that have their own content on the page you are visiting. This can e.g. B. be external web analytics companies that record and analyze access to our website.
Cookies do not contain any personal information that identifies you, but the personal information we hold may be linked to the information contained in the cookies. You can remove cookies via the device settings of your device. Follow the relevant instructions. Note that deactivating cookies may restrict certain functions when using our website.
The tool we use is based on Snowplow Analytics technology. The data we collect about the use of our website include, for example, how often users visit the website or which areas are accessed. The tool we use does not collect any personal data and is only used by our web hosting provider and service provider to improve our own offer.
Use of social media plug-ins
We currently use the following social media plug-ins: Facebook. We use the so-called two-click solution. This means that when you visit our site, no personal data is initially passed on to the plug-in providers. You can recognize the provider of the plug-in by the logo. We give you the opportunity to use the button to communicate directly with the provider of the plug-in. Only if you click on the marked field and thereby activate it will the plug-in provider receive the information that you have accessed the corresponding website of our online offer. In addition, the data mentioned under Section II. No. 1 of this declaration will be transmitted. In the case of Facebook, according to the provider in Germany, the IP address is anonymized immediately after it is collected. By activating the plug-in, your personal data will be transmitted to the respective plug-in provider and stored there (in the case of US providers in the USA). Since the plug-in provider collects data in particular via cookies, we recommend that you delete all cookies using the security settings of your browser before clicking on the logo.
We have no influence on the data collected and the data processing operations, nor are we aware of the full scope of data collection, the purposes of processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
The plug-in provider saves the data collected about you as a usage profile and uses this for advertising, market research and / or needs-based design of its website. Such an evaluation takes place in particular (even for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, although you must contact the respective plug-in provider to exercise this. Via the plug-ins, we offer you the opportunity to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Article 6 Paragraph 1 Sentence 1 Letter f GDPR.
The data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected by us will be assigned directly to your existing account with the plug-in provider. If you press the activated button and z. For example, if you link the page, the plug-in provider will also save this information in your user account and share it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this allows you to avoid being assigned to your profile with the plug-in provider.
Further information on the purpose and scope of the data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers, which are provided below. There you will also find further information on your rights in this regard and setting options to protect your privacy.
Addresses of the respective plug-in providers and URL with their data protection information:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; Further information on data collection and the Facebook plug-ins: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo and https://developers.facebook.com/docs/plugins/ .. Facebook has submitted to the EU-US Privacy Shield, https : //www.privacyshield.gov/EU-US-Framework.
Use of script libraries (Google Web Fonts)
We use script and font libraries such as Google Web Fonts (https://www.google.com/webfonts) for this website so that our content is displayed correctly and graphically appealing in every browser. Google Web Fonts are transferred to your browser's cache so that they only have to be loaded once. If your browser does not support Google Web Fonts or denies access, the content will be displayed in a standard font.
• When calling up script or font libraries, a connection to the library operator is automatically established. There is theoretically the possibility for this operator to collect data. It is currently not known whether and for what purpose the operators of the relevant libraries actually collect data.
• Here you can find the data protection regulations of the operator of the Google library: https://www.google.com/policies/privacy.
Collection of data by third parties
This policy only addresses the use and disclosure of information that we collect from you. If you publish data on other websites or disclose it to third parties on the Internet, different provisions may apply. Therefore, always read the terms and conditions and privacy policy carefully when disclosing data.
Basics
This privacy policy does not apply to the business practices of companies that we do not own or control, or to anyone other than our employees and collaborators, including third parties, to whom we disclose this information as described in this privacy policy.
How do we protect your data?
We implement the security measures on the website with great care and protect your data. We use industry standard procedures and guidelines to ensure the privacy of the information we collect and store, and to prevent unauthorized use of such information. We also require third parties to adhere to similar security requirements in accordance with this privacy policy. Although we take reasonable steps to protect data, we cannot be held responsible for the actions of those who have gained unauthorized access to our website or misuse it, and we make no express or implied warranty that we will such access can prevent.
Transfer of data outside of the European Economic Area
Your personal data will not be transferred to third countries outside the EU.
Note that some recipients may not be based in the European Economic Area. If this is the case, we will only transfer your data to countries approved by the European Commission with an appropriate level of data protection or to ensure an appropriate level of data protection through a legal agreement.
advertising
When you access our website, we may display advertisements using third-party advertising technology. This technology uses your usage data for the services to serve ads (e.g. by placing third-party cookies in your web browser).
You can unsubscribe from many third party advertising networks, including networks operated by members of the Network Advertising Initiative ("NAI") and the Digital Advertising Alliance ("DAA"). Information about what NAI and DAA members do, your options about how these companies use such information, and how you can unsubscribe from third party ad networks operated by NAI and DAA members can be found on the respective website: http://optout.networkadvertising.org/#!/ and http://optout.aboutads.info/#!/.
marketing
We may use your personal information, such as your name, email address, telephone number, etc., ourselves or forward it to an external subcontractor to provide you with promotional materials about our services that may be of interest to you.
We respect your right to privacy. You will therefore always have the option of unsubscribing from further mailings in these marketing materials. If you unsubscribe, your email address or phone number will be removed from our marketing distribution lists.
Please note that even if you have unsubscribed from receiving our marketing emails, we will continue to send you emails with important information that do not contain an unsubscribe option. This includes maintenance notifications or administrative notifications.
Minors
The protection of children's data is very important, especially in the online area. The website is not designed for and is not aimed at children. The use of our services by minors is only permitted with the prior consent or authorization of a parent or legal guardian. We do not knowingly collect personal information from minors. If a parent or legal guardian learns that his or her child has provided us with personal data without their consent, he / she can contact us at moc.tnemeganamsgnugat-was@ofni.
Updates or changes to this privacy policy
The protection of children's data is very important, especially in the online area. The website is not designed for and is not aimed at children. The use of our services by minors is only permitted with the prior consent or authorization of a parent or legal guardian. We do not knowingly collect personal information from minors. If a parent or legal guardian learns that his or her child has provided us with personal data without their consent, he / she can contact us at ed.fagd@ofni.
This is how you can reach us with general questions about the website, the data we have collected about you or the use of this data at ed.fagd@ofni
German Society for Arteriosclerosis Research eV (DGAF)
Last changed on April 22nd, 2020