We are very pleased about your visit to our website and the expressed interest in our offers. The protection of your personal data has a special significance for our management and our employees. The visit of our web pages is basically possible without giving your personal data. However, processing of your personal data may be required, if you use a special service via the Internet pages.
We want you to feel safe at all times when you visit our websites, so we assure you that we have taken technical and organisational measures to ensure the highest possible protection of your rights and that we constantly strive to ensure that the legal requirements are respected by both our employees as well as by our external service providers. However, web-based services can always present security vulnerabilities, so absolute protection cannot be guaranteed. You are also welcome to transfer your personal data using other means of communication (for example: by post, by telephone or fax).
The protection of your personal data is carried out in accordance with the Data Protection Regulation, the German Federal Data Protection Act and other sector-specific laws and therefore uses the same terminology that will be explained below for you.
a) Personal Data
Personal data means any information relating to an identified or identifiable natural person ('the data subject'); a natural person is regarded as identifiable, if it can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, which express the physical, physiological , genetic, mental, economic, cultural or social identity of this natural person.
Processing means any process performed with or without the help of automated processes, or any such process associated with personal data such as collecting, organising, storing, adapting or modifying, reading, querying, using, disclosure by submission, dissemination or other form of provision, reconciliation or association, restriction, erasure or destruction.
c) Restriction of processing
Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.
Profiling refers to any type of automated processing of personal data that consists in using that personal information to evaluate certain personal aspects relating to a natural person, in particular aspects relating to work performance, economic situation, health, personal preferences to analyse or predict interests, reliability, behaviour, whereabouts or location of this natural person.
Pseudonymisation is the processing of personal data in such a way that the personal data can no longer be assigned to a specific data subject without additional information being provided, provided that such additional information is kept separate and subject to technical and organisational measures to ensure that the personal data is not assigned to an identified or identifiable natural person.
f) Responsible person
The responsible person is any natural or legal person, public authority, body or other body that, alone or in concert with others, decides on the purposes and means of processing personal data; where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.
g) Third Party
A Third Party is a natural or legal person, public authority, body or body other than the data subject, the controller, the processor and the persons authorised to process the personal data under the direct responsibility of the controller or processor.
The data subject's consent shall be deemed to be voluntary in a written, informed and unambiguous manner in the form of a statement or other unambiguous confirmatory act informing the data subject that they consent to the processing of their personal data.
Responsible for the processing within the meaning of the General Data Protection Regulation, as well as the data protection laws of the member states of the European Union and other area-specific laws with data protection character are:
Our external data protection officer can be reached at the following contact details:
a) Right to information
You have a right to know if a controller is processing your personal information. As far as this is the case, you continue to have a right to information about the circumstances of the data processing. This right to information extends to the particular data, the purposes of the processing, the categories of personal data being processed and the recipients to whom the data has been transferred or disclosed. In addition, on the planned duration of the storage, the origin of the data, as far as these were not collected from you and the existence of an automated decision-making including profiling. In addition, the right to information includes a right to information on the existence of a right to rectification or deletion of personal data and a right to information about the existence of a right to complain to a supervisory authority.
b) Right to delete
You have the right of the person responsible to request the immediate deletion of your personal data, if the following reasons are present and the processing is not required:
c) Right to data portability
You have the right to receive personal data relating to you provided to us as a controller in a structured, common and machine-readable format, and you have the right to transfer that data to another controller without hindrance to inform the controller to whom the data was provided. This right should exist if automated data processing was used to execute a contract or based on consent. The claim also includes the right to have the data transmitted directly from one controller to another controller for as far as technically feasible.
d) Right to objection
The right to objection on the one hand includes the possibility of objecting to the processing of one's own data for advertising purposes. In addition, if there are special reasons, an originally lawful data processing for other purposes may be objected to.
e) Right to restriction of processing
You may have the right to restrict processing on certain conditions to the effect that your personal data is blocked at the controller and thus not further processed. Thus, the blocking may be required for the duration of the investigation, if the correctness of the stored data is disputed.
f) Right to rectification
The right to rectification includes your right as an affected person to demand from us, as the person responsible without delay, the correction of any incorrect personal data concerning you.
For most of the processing operations, we make sure to receive your previous consent to them. Then Art. 6 I lit. a and Art. 7 GDPR are the basis for processing operations. In some cases, the processing may also be required to fulfill the contract or to initiate the contractual relationship, this applies above all to the delivery of the information material requested by you and the registration for one of our events. In this case the legal basis of the processing is Art. 6 I lit. b GDPR. If the processing of data is required due to legal obligations, for example in the case of tax information requests, the processing is based on Art. 6 I lit. c GDPR. The processing of data may also be necessary for the protection of vital interests of affected or other natural persons. The legal basis in this case would then be Art. 6 I lit. d GDPR. If none of these allowances are met, the processing may also be subject to Art. 6 I lit. f GDPR be supported. This may be the case if the processing is necessary to safeguard the legitimate interests of our company or third parties, and provided that the interests, fundamental rights and fundamental freedoms of us as the controller do not prevail. A legitimate interest is, for example, the performance of our business activities to protect the interests of our employees and shareholders. We also consider the tracking of user behaviour by cookies in the context of advertising, which do not involve sensitive data and have no personal reference, as a legitimate interest.
When we process data in a third country (ie in a country outside the European Union or the European Economic Area), or in the context of the use of third party services or disclosure, or transmission of data to third parties, this is done exclusively for the purpose of fulfilling contractual obligations or the initiation of an agreement, on the basis of your consent, on the basis of a legal obligation or on the basis of our legitimate interests. We process, transmit or have data processed only in a third country if the requirements of Art. 44 et seq. GDPR are met. The processing is e.g. on the basis of specific guarantees, such as the establishment of a level comparable to the EU standard (eg "privacy shields"), the observance of officially recognised contractual obligations or the submission of test certificates that testify other recognized levels of protection (via the "safe harbor" commitment level of protection) (see also the extended requirements of the („Düsseldorfer Kreis“) .
If, during our processing, we disclose, transmit to, or otherwise provide access to other persons and companies (processors, affiliates of the COGNOS Group or third parties), this is always done on the basis of a legal permission (eg the transmission of the payment data to the responsible company within the group of companies for the fulfillment of the contract is required or if the forwarding of the requested information material to the dispatcher, according to Art. 6 Abs. 1 bGB GDPR), and requires a consent, a legal obligation, or is based on a legitimate interest or a data processing in accordance with Art. 28 GDPR.
To protect the security of your data during transmission, we use state-of-the-art encryption procedures over HTTPS.
We use so-called cookies on our Internet pages, which enable web-based applications to manage the status of an online visit and to enable smooth navigation between the individual services and content on the website. Cookies are stored on your computer's hard drive and do no damage there. A cookie is a small data file that is transferred from the web server to your computer if you browse our pages. A cookie contains only information that we send to your computer - private data can not be read with a cookie. If cookies are accepted by you, we will not have access to your personal information.
Cookies store different information. They are primarily intended to store information about the user during or after his visit to a website. Temporary cookies and permanent cookies are to be distinguished. The former are deleted when the user leaves the website. The latter are also stored after closing the browser. This type of cookie also serves to measure reach and to analyse usage patterns. In addition, there are the so-called third-party cookies from other providers than the person responsible for the website. This website uses temporary and permanent cookies whose operation we inform you about in this privacy statement.
When using the booking button „Travel by Train to your Event” we would like to point out that Third-Party-Cookies are in effect and that data will be transmitted to and from Deutsche Bahn when accessing the Website of Deutsche Bahn.
Each time a page is accessed, access data from us or our hosting provider is stored in a log file via this process. In connection with the access, we receive usage data that is temporarily stored for statistical purposes and then deleted. Log data is collected solely for internal purposes and is not forwarded to third parties.
The stored data is anonymised at the earliest possible date (deletion of the last octet of the IP address) and used only for purposes of identifying and tracking inadmissible attempts to access and the actual access to the Web server. A further evaluation, with the exception of statistical purposes in anonymous form, does not take place. These data are not assigned to specific people. Individual user profiles are not made. Without your consent we do not collect any personal data through our websites. The consent given by you to the processing of your data can be revoked at any time with effect for the future. Please note that specific legal provisions may mean that, despite your objection, we must continue to store the data for a period specified by law. Data collected automatically on websites for the purposes of securing web services is processed exclusively within the scope of the EU Data Protection Directive.
When using some areas of our website, we ask you as a user to provide some data that can be clearly assigned to your person. This happens when you order informational material, register for our newsletter, reserve a seat for an event, register for an event or order documentation.
When booking an event, preliminary reserving a seat or ordering an event documentation:
Which information is actually required results from the respective input mask. The data is always encrypted. Information you provide to us via the input masks "Newsletter", "My Account", "General Enquiries", "Request updates", "Provisional reservation", "Book Now" will be processed using the Salesforce CRM solution. This solution is hosted also outside the scope of the EU Data Protection Directive. Due to contractual obligations of the supplier, which go beyond the minimum requirements of the self-obligation under Safe Harbor and according to presented proofs of verification (see also: trust.salesforce.com/trust), an adequate level of protection has been demonstrated (see also the extended requirements of the „Düsseldorfer Kreis“). The data collected here are used only for the purpose of carrying out the sending of information material, in the case of consent to the sending of advertising for this purpose or in case of registration for an event or the ordering of documentation for the purpose of carrying out the contract. A transfer is made only to the chosen shipping service provider, who in turn uses the personal data only to fulfill the contract. By registering the access data provided by the provider, such as the assigned IP address, the date and time of registration are logged in order to prevent misuse of our services and to clarify possible crimes. Any further transmission of data will not take place unless there is a legal obligation.
The registration on our website is always voluntary and only to offer services that only inevitably make a registration necessary. Any registered person may at any time modify or completely delete the data in question, unless there is no legal obligation to keep records. In addition, we provide information on the stored data on request. In this respect, our data protection officer is at your disposal.
For the purpose of reporting on our events photo or video recordings are occasionally made at the event venue and published anonymously on our website and on our social media channels. If, as a participant in one of our events, you do not agree, please contact us by e-mail at firstname.lastname@example.org or by postal mail to Die Akademie Fresenius GmbH, Alter Hellweg 46, 44379 Dortmund, Germany. In addition, the rights of use of images of the photo databases Fotolia, Stockphoto, Pixelio, Aboutpixel, Shutterstock, Stockfood and Clipdealer were acquired. The image credits are listed under the respective motifs.
If you have expressly consented to receive advertising by email and / or telephone, we will store your input data, e.g. your e-mail address, first name and surname, and use this information only to send information about our events and training opportunities. For the receipt of advertisement by e-mail the indication of your e-mail address is sufficient. The data you provide will only be used for marketing, advertising and to a limited extent for our own market research purposes. At best, subscribers may also be notified of circumstances relevant to the service or registration (such as changes in e-mail or technical conditions).
For the effective registration we need a valid e-mail address. In order to verify that an application is actually made by the owner of an e-mail address, we use the "Double opt-in" procedure. For this, we record the consent to receive advertising by e-mail and / or telephone, the dispatch of a confirmation e-mail and the receipt of the requested response. Further data is not collected. The e-mails are sent through our service provider CleverReach (Cleverreach GmbH & Co KG, Mühlenstraße 43, 26180 Rastede) on the basis of our legitimate interests in accordance with Art. 6 (1) lit. 1 f GDPR and a contract processing contract pursuant to Art. 28 (3) sentence 1 GDPR. The service provider may use the data and metadata to optimize the services and for statistical purposes in a pseudonymised manner. However, the service provider does not use your information to write to you on his own behalf or to share it with third parties. You can unsubscribe from the mailing list at any time and / or terminate the transfer in accordance with your consent. Just send us an e-mail to email@example.com. You will then receive a confirmation e-mail about the cancellation of your consent to receive advertising.
Visitors to our website have the opportunity to create a user account. As part of the registration process, the required information is processed on the basis of Art. 6 (1) (b) GDPR for the purpose of providing the user account. This includes login information (name, e-mail address, password). The data entered for the creation of a user account will be used exclusively for this purpose. In case of closure of the user account, your data will be deleted, unless there is a legal storage obligation. In this case, it is up to the users to ensure data storage, we are entitled to delete all data in the event of termination. When using the registration function, your IP address and the time of the respective use will be saved. This is done on the basis of our legitimate interests, as well as the user's protection against misuse. The resulting usage data will be deleted after 7 days. The data will not be transferred to third parties. Exceptions exist in the case of a legal obligation.
In your user account you have direct access to your stored data (user account) at any time. Here you can also view data about the events you attended and your conference documentation and manage your address data and the newsletter. You agree to treat your personal access data confidentially and not to hand it over to an unauthorised third party. We assume no liability for misused passwords.
The hosting services we use are designed to provide the following services: Platform Services, Computing Capacity, Storage Space, Database Services Security Settings and the technical service and maintenance required to operate the Online Service. We or our hosting provider process this on the basis of our legitimate interest in the provision of our online presence in accordance with Art. 6 para. 1 lit. f GDPR i.c.w. Art. 28 GDPR Inventory, contact, usage, contract data as well as meta and communication data of customers, prospects and visitors of our website.
We analyse our database for business transactions, contracts, enquiries about market trends, to be able to recognise customer and user requirements and to design our business economically. In doing so, we process inventory, contact, usage, contract data as well as meta and communication data of customers, prospects and visitors of our website based on our legitimate interest in maintaining and optimising our business in accordance with Art. 6 (1) lit. f GDPR. Such analyses are carried out for the purpose of business analysis, marketing and sales, as well as market research. These analyses serve to optimise our offer, increase usability and optimise our business operations. The analyses and profiles are carried out anonymously where possible and not passed on to third parties.
If you send us enquiries via the contact form, your details from the enquiry form, including the contact details you provided there, will be stored in order to process the request and in case of follow-up questions. It will not be passed on to third parties. Should this be nevertheless necessary to process your request, we would ask for your permission prior to disclosure.
We only process and store your personal data for as long as the storage purpose requires it or as provided for in the regulations of the European directives and / or regulations. After elimination of the purpose of storage or periods of storage provided for in European directives and / or regulations, the data is routinely deleted. The duration of the storage corresponds to the respectively valid legal retention periods. The legal requirements for safekeeping in Germany are 6 years according to § 257 Abs. 1 HGB, 10 years according to § 147 Abs. 1 AO. Your data will be routinely deleted after the deadline, unless they are still required to fulfill the contract or contract.
Our websites use the online advertising program "Google Adwords". This is an analysis service provided by Google Inc. 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. This internet advertising service allows ads to appear in the search engine results and in the Google advertising network. In this case, predefined keywords can be determined in advance and cause the display of an advertisement in the search engine results as soon as a user enters this particular keyword. The advertisements are distributed by means of an automatic algorithm on the relevant internet pages. The purpose of this data processing is the placement of interest-relevant advertising on third-party websites and in Google's search engine results. If you reach our website via a google ad, a conversion cookie will be stored on the person's computer. However, this automatically expires after 30 days and does not serve to identify the person. Unless the cookie has expired, it will be tracked to see if certain subpages of our website have been accessed. Google uses the cookie to create visitor statistics that we can use to measure the success of certain AdWords ads. However, neither we nor any other person receives information that enables us to identify certain individuals.
You can permanently prevent the setting of cookies by means of a corresponding setting of your Internet browser. In this way, already set cookies can be deleted. You can make this deactivation, for example, via http://optout.aboutads.info/?c=2#!/.
Within the offers on our web pages, within blogs maintained by us as well as within our presences in social media, we integrate third-party content and third-party services, on the basis of our legitimate interests in the optimisation and economic operation and our interest in the analysis according to article 6 paragraph 1 lit. f GDPR. The integration and representation of these services requires the perception of the IP address, as this information is transmitted to the browser. As far as we can see this, we try to include only contents of those providers who use the IP address only for the purpose of delivering the content. However, third parties may collect data for statistical or marketing purposes through the use of so-called pixel tags or "web beacons". In addition, cookies may be placed on your device to collect information about your operating system, history of visited websites, times of access and metadata. Under certain circumstances, these pseudonymous user data can also be merged with information from other sources.
a) Youtube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA)
Data protection policy: https://www.google.com/policies/privacy/
Date: 8 June, 2018
© Die Akademie Fresenius GmbH