Privacy policy

Data protection

We are very pleased about your visit to our website and the expressed interest in our offers. The protection of your personal data has a special significance for our management and our employees. The visit of our web pages is basically possible without giving your personal data. However, processing of your personal data may be required, if you use a special service via the Internet pages.

We always process your personal data confidentially and in accordance with the statutory provisions, in particular the General Data Protection Regulation, together with the applicable national data protection regulations and this privacy policy.

We want you to feel safe at all times when you visit our websites, so we assure you that we have taken technical and organisational measures to ensure the highest possible protection of your rights and that we constantly strive to ensure that the legal requirements are respected by both our employees as well as by our external service providers. However, web-based services can always present security vulnerabilities, so absolute protection cannot be guaranteed. You are also welcome to transfer your personal data using other means of communication (for example: by post, by telephone or fax).

1. Definitions

The protection of your personal data is carried out in accordance with the Data Protection Regulation, the German Federal Data Protection Act and other sector-specific laws and therefore uses the same terminology that will be explained below for you.

a) Personal Data
Personal data means any information relating to an identified or identifiable natural person ('the data subject'); a natural person is regarded as identifiable, if it can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, which express the physical, physiological , genetic, mental, economic, cultural or social identity of this natural person.

b) Processing
Processing means any process performed with or without the help of automated processes, or any such process associated with personal data such as collecting, organising, storing, adapting or modifying, reading, querying, using, disclosure by submission, dissemination or other form of provision, reconciliation or association, restriction, erasure or destruction.

c) Restriction of processing
Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.

d) Profiling
Profiling refers to any type of automated processing of personal data that consists in using that personal information to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal preferences to analyse or predict interests, reliability, behaviour, whereabouts or location of this natural person.

e) Pseudonymisation
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without additional information being provided, provided that such additional information is kept separate and subject to technical and organisational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.

f) Responsible person
The responsible person is any natural or legal person, public authority, body or other body that, alone or in concert with others, decides on the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.

g) Third Party
A Third Party is a natural or legal person, public authority, body or body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor.

h) Consent
The data subject's consent shall be deemed to be voluntary in a written, informed and unambiguous manner in the form of a statement or other unambiguous confirmatory act informing the data subject that they consent to the processing of their personal data.

2. Name and address of the controller

Responsible for the processing within the meaning of the General Data Protection Regulation, as well as the data protection laws of the member states of the European Union and other area-specific laws with data protection character are:

Die Akademie Fresenius GmbH

Alter Hellweg 46

44379 Dortmund

Germany

Represented by: Anja Staudenmaier

Telephone: +49 231 75896-50

Fax: +49 231 75896-53

E-mail: info@akademie-fresenius.de

 

3. Name and address of the data protection officer

The external data protection officer of the controller is:

Denise Schleip

COGNOS AG

Im Media Park 4e

50670 Köln

Telephone: +49 221 921512-782

Fax: +49 221 921512-10

Email: datenschutz@cognos-ag.de 


Your trust and the protection of your data are important to us. Therefore, we would like to be available at any time for your questions concerning data protection and the processing of your data. If you wish to receive more detailed information about this privacy policy or suggestions, you can always contact us.

4. Rights of data subjects

a) Right to information
You have a right to know if a controller is processing your personal information. As far as this is the case, you continue to have a right to information about the circumstances of the data processing. This right to information extends to the particular data, the purposes of the processing, the categories of personal data being processed and the recipients to whom the data has been transferred or disclosed. In addition, on the planned duration of the storage, the origin of the data, as far as these were not collected from you and the existence of an automated decision-making including profiling. In addition, the right to information includes a right to information on the existence of a right to rectification or deletion of personal data and a right to information about the existence of a right to complain to a supervisory authority.

b) Right to delete

You have the right of the person responsible to request the immediate deletion of your personal data, if the following reasons are present and the processing is not required: 

  • The purpose of collecting or processing the data has been eliminated or the data is no longer required. 
  • You have revoked your consent to data processing and there is a lack of a legal basis to which data processing can now be based.
  • The deletion was due to a legal obligation.
  • The processing of the data was illegal.

 

c) Right to data portability

You have the right to receive personal data relating to you provided to us as a controller in a structured, common and machine-readable format, and you have the right to transfer that data to another controller without hindrance to inform the controller to whom the data was provided. This right should exist if automated data processing was used to execute a contract or based on consent. The claim also includes the right to have the data transmitted directly from one controller to another controller for as far as technically feasible.

d) Right to objection
The right to objection on the one hand includes the possibility of objecting to the processing of one's own data for advertising purposes. In addition, if there are special reasons, an originally lawful data processing for other purposes may be objected to.


e) Right to restriction of processing
You may have the right to restrict processing on certain conditions to the effect that your personal data is blocked at the controller and thus not further processed. Thus, the blocking may be required for the duration of the investigation, if the correctness of the stored data is disputed.

f) Right to rectification
The right to rectification includes your right as an affected person to demand from us, as the person responsible without delay, the correction of any incorrect personal data concerning you.

5. Legal basis of processing

For most of the processing operations, we make sure to receive your previous consent to them. Then Art. 6 I lit. a and Art. 7 GDPR are the basis for processing operations. In some cases, the processing may also be required to fulfill the contract or to initiate the contractual relationship, this applies above all to the delivery of the information material requested by you and the registration for one of our events. In this case the legal basis of the processing is Art. 6 I lit. b GDPR. If the processing of data is required due to legal obligations, for example in the case of tax information requests, the processing is based on Art. 6 I lit. c GDPR. The processing of data may also be necessary for the protection of vital interests of affected or other natural persons. The legal basis in this case would then be Art. 6 I lit. d GDPR. If none of these allowances are met, the processing may also be subject to Art. 6 I lit. f GDPR be supported. This may be the case if the processing is necessary to safeguard the legitimate interests of our company or third parties, and provided that the interests, fundamental rights and fundamental freedoms of us as the controller do not prevail. A legitimate interest is, for example, the performance of our business activities to protect the interests of our employees and shareholders. We also consider the tracking of user behaviour by cookies in the context of advertising, which do not involve sensitive data and have no personal reference, as a legitimate interest.

6. Transmission to third countries 

When we process data in a third country (ie in a country outside the European Union or the European Economic Area), or in the context of the use of third party services or disclosure, or transmission of data to third parties, this is done exclusively for the purpose of fulfilling contractual obligations or the initiation of an agreement, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. We process, transmit or have data processed only in a third country if the requirements of Art. 44 et seq. GDPR are met. The processing is e.g. on the basis of specific guarantees, such as the establishment of a level comparable to the EU standard (eg "privacy shields"), the observance of officially recognised contractual obligations or the submission of test certificates that testify other recognized levels of protection (via the "safe harbor" commitment level of protection) (see also the extended requirements of the („Düsseldorfer Kreis“) . 

7. Collaboration with processors and third parties

If, during our processing, we disclose, transmit to, or otherwise provide access to other persons and companies (processors, affiliates of the COGNOS Group or third parties), this is always done on the basis of a legal permission (eg the transmission of the payment data to the responsible company within the group of companies for the fulfillment of the contract is required or if the forwarding of the requested information material to the dispatcher, according to Art. 6 Abs. 1 bGB GDPR), and requires a consent, a legal obligation, or is based on a legitimate interest or a data processing in accordance with Art. 28 GDPR.

8. SSL encryption

To protect the security of your data during transmission, we use state-of-the-art encryption procedures over HTTPS.

9. Cookies

We use so-called cookies on our Internet pages, which enable web-based applications to manage the status of an online visit and to enable smooth navigation between the individual services and content on the website. Cookies are stored on your computer's hard drive and do no damage there. A cookie is a small data file that is transferred from the web server to your computer if you browse our pages. A cookie contains only information that we send to your computer - private data can not be read with a cookie. If cookies are accepted by you, we will not have access to your personal information.

Cookies store different information. They are primarily intended to store information about the user during or after his visit to a website. Temporary cookies and permanent cookies are to be distinguished. The former are deleted when the user leaves the website. The latter are also stored after closing the browser. This type of cookie also serves to measure reach and to analyse usage patterns. In addition, there are the so-called third-party cookies from other providers than the person responsible for the website. This website uses temporary and permanent cookies whose operation we inform you about in this privacy statement.

Most browsers accept cookies by default. If you want to prevent the use of cookies, we ask you to disable the default setting in your browser. Saved persistent cookies can also be deleted in this way. In order to deactivate the setting of cookies for the purpose of online marketing, you can do so via the page www.youronlinechoices.com. If cookies are banned, certain features on our pages may not be available and some web pages may not be displayed correctly.

10. Access data

Each time a page is accessed, access data from us or our hosting provider is stored in a log file via this process. In connection with the access, we receive usage data that is temporarily stored for statistical purposes and then deleted. Log data is collected solely for internal purposes and is not forwarded to third parties.
These include:

  • IP address of the requesting computer,
  • Date and time of the request,
  • desired access method / function from the requesting computer,
  • Input values (for example file name) transmitted by the requesting computer,
  • Access status of the web server (file transfer, file not found, command not executed, etc.),
  • Name of requested file and transferred amount of data,
  • URL from which the file was requested

 

The stored data is anonymised at the earliest possible date (deletion of the last octet of the IP address) and used only for purposes of identifying and tracking inadmissible attempts to access and the actual access to the Web server. A further evaluation, with the exception of statistical purposes in anonymous form, does not take place. These data are not assigned to specific people. Individual user profiles are not made. Without your consent we do not collect any personal data through our websites. The consent given by you to the processing of your data can be revoked at any time with effect for the future. Please note that specific legal provisions may mean that, despite your objection, we must continue to store the data for a period specified by law. Data collected automatically on websites for the purposes of securing web services is processed exclusively within the scope of the EU Data Protection Directive.

11. Collection of inventory data

When using some areas of our website, we ask you as a user to provide some data that can be clearly assigned to your person. This happens when you order informational material, register for our newsletter, reserve a seat for an event, register for an event or order documentation.

  • In doing so, we only collect the inventory data necessary for the respective purpose, such as:
  • Name, First Name
  • E-mail address
  • Postal address (if you wish to receive the documents by post)
  • Telephone number
  • Your areas of interest

 

When booking an event, preliminary reserving a seat or ordering an event documentation:

  • Company, Department, Position
  • eventually a different billing address
  • For registrations / orders from other EU countries the VAT number of your company

 

Which information is actually required results from the respective input mask. The data is always encrypted. Information you provide to us via the input masks "Newsletter", "My Account", "General Enquiries", "Request updates", "Provisional reservation", "Book Now" will be processed using the Salesforce CRM solution. This solution is hosted also outside the scope of the EU Data Protection Directive. Due to contractual obligations of the supplier, which go beyond the minimum requirements of the self-obligation under Safe Harbor and according to presented proofs of verification (see also: trust.salesforce.com/trust), an adequate level of protection has been demonstrated (see also the extended requirements of the „Düsseldorfer Kreis“). The data collected here are used only for the purpose of carrying out the sending of information material, in the case of consent to the sending of advertising for this purpose or in case of registration for an event or the ordering of documentation for the purpose of carrying out the contract. A transfer is made only to the chosen shipping service provider, who in turn uses the personal data only to fulfill the contract. By registering the access data provided by the provider, such as the assigned IP address, the date and time of registration are logged in order to prevent misuse of our services and to clarify possible crimes. Any further transmission of data will not take place unless there is a legal obligation.

The registration on our website is always voluntary and only to offer services that only inevitably make a registration necessary. Any registered person may at any time modify or completely delete the data in question, unless there is no legal obligation to keep records. In addition, we provide information on the stored data on request. In this respect, our data protection officer is at your disposal.

You have the opportunity to set up a password-protected customer account on our website. This gives you direct access to your stored data (user account) at any time. Here you can view data about the events you attended and your conference documentation and manage your address data and the newsletter. You agree to treat your personal access data confidentially and not to hand it over to an unauthorised third party. We assume no liability for misused passwords.

12. Photo Credits

For the purpose of reporting on our events photo or video recordings are occasionally made at the event venue and published anonymously on our website and on our social media channels. If, as a participant in one of our events, you do not agree, please contact us by e-mail at fresenius@akademie-fresenius.de or by postal mail to Die Akademie Fresenius GmbH, Alter Hellweg 46, 44379 Dortmund, Germany. In addition, the rights of use of images of the photo databases Fotolia, Stockphoto, Pixelio, Aboutpixel, Shutterstock, Stockfood and Clipdealer were acquired. The image credits are listed under the respective motifs. 

13. Consent to the receipt of advertising by e-mail and / or telephone

If you have expressly consented to receive advertising by email and / or telephone, we will store your input data, e.g. your e-mail address, first name and surname, and use this information only to send information about our events and training opportunities. For the receipt of advertisement by e-mail the indication of your e-mail address is sufficient. The data you provide will only be used for marketing, advertising and to a limited extent for our own market research purposes. At best, subscribers may also be notified of circumstances relevant to the service or registration (such as changes in e-mail or technical conditions).

For the effective registration we need a valid e-mail address. In order to verify that an application is actually made by the owner of an e-mail address, we use the "Double opt-in" procedure. For this, we record the consent to receive advertising by e-mail and / or telephone, the dispatch of a confirmation e-mail and the receipt of the requested response. Further data is not collected. The e-mails are sent by a service provider on the basis of our legitimate interests in accordance with Art. 6 (1) lit. 1 f GDPR and a contract processing contract pursuant to Art. 28 (3) sentence 1 GDPR. The service provider may use the data and metadata to optimize the services and for statistical purposes in a pseudonymised manner. However, the service provider does not use your information to write to you on his own behalf or to share it with third parties. You can unsubscribe from the mailing list at any time and / or terminate the transfer in accordance with your consent. Just send us an e-mail to fresenius@akademie-fresenius.de. You will then receive a confirmation e-mail about the cancellation of your consent to receive advertising.

14. Hosting 

The hosting services we use are designed to provide the following services: Platform Services, Computing Capacity, Storage Space, Database Services Security Settings and the technical service and maintenance required to operate the Online Service. We or our hosting provider process this on the basis of our legitimate interest in the provision of our online presence in accordance with Art. 6 para. 1 lit. f GDPR i.c.w. Art. 28 GDPR Inventory, contact, usage, contract data as well as meta and communication data of customers, prospects and visitors of our website.

15. Analyses, market and opinion research

We analyse our database for business transactions, contracts, enquiries about market trends, to be able to recognise customer and user requirements and to design our business economically. In doing so, we process inventory, contact, usage, contract data as well as meta and communication data of customers, prospects and visitors of our website based on our legitimate interest in maintaining and optimising our business in accordance with Art. 6 (1) lit. f GDPR. Such analyses are carried out for the purpose of business analysis, marketing and sales, as well as market research. These analyses serve to optimise our offer, increase usability and optimise our business operations. The analyses and profiles are carried out anonymously where possible and not passed on to third parties.

16. Contact via the website

If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. It will not be passed on to third parties. Should this be nevertheless  necessary to process your request, we would ask for your permission prior to disclosure.

17. Deletion and blocking of personal data

We only process and store your personal data for as long as the storage purpose requires it or as provided for in the regulations of the European directives and / or regulations. After elimination of the purpose of storage or periods of storage provided for in European directives and / or regulations, the data is routinely deleted. The duration of the storage corresponds to the respectively valid legal retention periods. The legal requirements for safekeeping in Germany are 6 years according to § 257 Abs. 1 HGB, 10 years according to § 147 Abs. 1 AO. Your data will be routinely deleted after the deadline, unless they are still required to fulfill the contract or contract.

18. Privacy Policy Google Analytics

This website uses features of the Google Analytics web analytics service provided by Google Inc. 1600 Amphitheater Parkway Mountain View, CA 94043, USA. Google Analytics uses cookies that are stored on your computer and that allow an analysis of the use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. Google, on behalf of the operator of this website, uses this information to evaluate the use of the website, to compile reports on the activities of the website and to provide other services related to website activity and internet usage to the website operator. The IP address provided by Google Analytics as part of Google Analytics will not be merged with other Google data.We use Google Analytics based on our legitimate interests in the analysis and optimisation of our marketing activities and thus also based on economic interests within the meaning of Art. 6 para. 1 lit. f. GDPR. We consider the economic interest in the optimisation of marketing activities to be a legitimate interest. We have taken measures to make weighing up the interests in favor of the person responsible as a less invasive measure. We believe that this can increase user-friendliness. For example, we have concluded a contract processing agreement with Google pursuant to Art. 28 GDPR. In the variant chosen by us the personal data of the users are deleted or anonymised after 14 months. In addition, we have activated the IP anonymisation anonymize.ip. This truncates the last octet of your IP address from Google within member states of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the US and then shortened there. Google is certified under the Privacy Shield Agreement, providing a guarantee of compliance with European data protection standards.

You can prevent the storage of cookies by a corresponding setting of your browser software. In this case, you may not be able to use all features of this website in full. You may also prevent the collection of data generated by the cookie and related to your use of the website including your IP address to Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en. Please note that you can not delete the opt-out cookies as long as you do not want to record measurement data. If you have deleted all your cookies in the browser, you must set the respective opt-out cookie again. For more information about how Google handles data and how it works, please read the Google Privacy Policy https://policies.google.com/technologies/ads?hl=en  and Google Ads Ads Settings: / /adssettings.google.com/authenticated

19. Privacy Policy Google Adwords Conversion Tracking

Our websites use the online advertising program "Google Adwords". This is an analysis service provided by Google Inc. 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. This internet advertising service allows ads to appear in the search engine results and in the Google advertising network. In this case, predefined keywords can be determined in advance and cause the display of an advertisement in the search engine results as soon as a user enters this particular keyword. The advertisements are distributed by means of an automatic algorithm on the relevant internet pages. The purpose of this data processing is the placement of interest-relevant advertising on third-party websites and in Google's search engine results. If you reach our website via a google ad, a conversion cookie will be stored on the person's computer. However, this automatically expires after 30 days and does not serve to identify the person. Unless the cookie has expired, it will be tracked to see if certain subpages of our website have been accessed. Google uses the cookie to create visitor statistics that we can use to measure the success of certain AdWords ads. However, neither we nor any other person receives information that enables us to identify certain individuals.

We use Google Adwords Conversion Tracking based on our legitimate interests in the analysis and optimisation of our marketing activities and thus also economic interests within the meaning of Art. 6 para. 1 lit. f. GDPR. We only use cookies in the context of advertising, which do not concern sensitive data and do not suggest any personal reference for us. The display of any targeted advertising and its measurement is usually transparent to the persons concerned. Due to the lack of personal reference your interests worthy of protection are taken into account, so that the balance in favour of the person in charge fails.
You can permanently prevent the setting of cookies by means of a corresponding setting of your Internet browser. In this way, already set cookies can be deleted. You can make this deactivation, for example, via http://optout.aboutads.info/?c=2#!/.
In addition, interest-based advertising by Google may be contravened. More information on this and the privacy policy of Google can be found here: https://www.google.de/intl/de/policies/privacy/.

20. Privacy Policy Google Tag Manager

Our website uses the Google Tag Manager application, provided by Google Inc. (1600 Amphitheater Parkway, Mountain View, CA 94043, US "Google") .This is a feature that allows marketers to manage website tags through one interface. Tool Tag Manager itself (which implements the tags) is a cookie-free domain that triggers other tags that may collect data. Google Tag Manager does not access that data. Disabled, it will remain in effect for all tracking tags implemented with Google Tag Manager For more information and the Google Tag Manager Privacy Policy, please visit https://www.google.com/intl/en/policies/.

21. Privacy Policy for the Use of Social Plugins

On our websites social plugins of different social networks are integrated. These allow you to bookmark these pages and share content with other participants. You can recognise them by the logos that can be viewed on the social networking websites. To protect your data, we rely on the solution "Shariff" in the implementation. As a result, these buttons are integrated on the website only as a graphic that contains a link to the corresponding website of the button provider. By clicking on the graphic you will be redirected to the services of the respective provider. Only then will your data be sent to the respective provider. Unless you click on the graphic, there will be no exchange between you and the providers of the social media buttons. Information about the collection and use of your data in the social networks can be found in the respective terms of use of the respective providers. More information about the Shariff solution can be found here: www.drupal.org/project/shariff.We have integrated the social media buttons of the following companies on our website:a) FacebookSocial Network Operator: Facebook Inc., 1601 South California Avenue, Palo Alto, California 94304, United StatesData protection Facebook:  https://www.facebook.com/policy.phpb) Google+ button Social Network Operator: Google Inc., 1600 Amphitheater Parkway Mountain View, California 94043, USAData protection Google+:  https://www.google.com/intl/de/policies/technologies/product-privacy/C) LinkedIn Social PluginSocial network operator: LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, United StatesData protection LinkedIn: www.linkedin.com/legal/privacy-policyD) XING Social PluginOperator of the social network: XING AG, Dammtorstraße 30, 20354 Hamburg, GermanyData protection XING: www.xing.com/privacy 

 


Date: 25 May, 2018