DGFI (en)

Official website of the German Society for Immunology

immunologie-logo1[1]
Home > Data protection

DGFI

Data protection DGFI

Data protection at a glance

Insofar as personal data is collected on our pages, this is always done on a voluntary basis as far as possible. This data will not be passed on to third parties outside DGfI. We use SSL encryption for the member area. The complete DGfI website (https://dgfi.org/*) can also be accessed via SSL.

We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can be subject to security vulnerabilities. A complete protection of the data against access by third parties is not possible. The use of contact data published within the scope of the imprint obligation by third parties to send unsolicited advertising and information materials is hereby expressly prohibited. The operators of this website expressly reserve the right to take legal action against unsolicited mailing or e-mailing of spam and other similar advertising materials.

The following information provides a simple overview of what happens to your personal data when you visit our website. Personal data are all data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our data protection declaration listed below this text.

 

Who is responsible for data collection on this website?
The responsible authority for the data processing on this website results from the imprint. This office is the first point of contact for data protection questions.

 

How do we collect your data?
On the one hand, your data is collected by you communicating it yourself. This can be data that you enter in a contact form or when registering for membership in the German Society of Immunology. Other data is automatically collected by our IT systems when you visit our website. These are mainly technical data (e.g. Internet browser, operating system or time of the page call). This data is collected automatically as soon as you enter our website.

 

Analysis of your data
When you visit our website, your surfing behaviour can be statistically evaluated. This is done primarily with cookies and so-called analysis tools. The analysis of your surfing behaviour is anonymous and cannot be traced back to you. You can object to this analysis or prevent it by not using certain tools. Details on this can be found in our data protection declaration under the heading "Third party modules and analysis tools".

 

What do we use your data for?
Some of the data is collected to ensure that the website is error-free.
With other data, we can statistically analyse your user behaviour on the Internet (e.g. via so-called cookies). Such analyses are anonymous and cannot be traced back to your person. You can object to this analysis. Details on this can be found in our data protection declaration under the heading "Third party modules and analysis tools".

 

What rights do you have with regard to your data?
You have the right at any time and free of charge to obtain information about the origin, recipient and purpose of your stored personal data. You also have the right to demand the correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for this and other questions on the subject of personal data. Furthermore, you have the right to appeal to the responsible supervisory authority.

Is the transmission of your data encrypted?
Yes, this website uses encryption. This is to prevent unauthorized access to your data.

Privacy statement

1. General information and mandatory information
The Deutsche Gesellschaft für Immunologie e.V. takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal data protection regulations as well as this data protection declaration.

When you use our website, various personal data is collected. Personal data is data with which you can be personally identified. This privacy statement explains what data we collect and how we use it. It also explains how and for what purpose this is done.

If users contact the Deutsche Gesellschaft für Immunologie e. V. by e-mail, this e-mail and the associated e-mail address will be used exclusively for direct correspondence. We would like to point out that data transmission over the Internet (e.g. communication by e-mail) can be subject to security vulnerabilities. A complete protection of the data against access by third parties is not possible.

Responsible body
The responsible authority for the data processing on this web page results from the imprint. The responsible body is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data (e.g. names, e-mail addresses, etc.).

Right to object to data collection in special cases and to direct advertising (Art. 21 DSGVO)
If data processing is carried out on the basis of Art. 6 para. 1 lit. e or f DSGVO, you have the right at any time to object to the processing of personal data concerning you for reasons arising from your particular situation.

If you file an objection, we will no longer process your personal data concerned unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms or the processing serves the assertion, exercise or defence of legal claims.

Revocation of your consent to data processing
Many data processing operations are only possible with your consent. We will expressly obtain this from you before data processing begins. You can revoke this consent at any time. For this purpose, an informal e-mail notification to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

Right of appeal to the competent supervisory authority
The website visitor is advised that in the event of violations of data protection laws, he has the right to lodge a complaint with the responsible supervisory authority. The responsible supervisory authority for data protection issues is the state data protection officer of the federal state in which our company has its headquarters. A list of the data protection officers and their contact details can be found in the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html

 

Right to data transferability
You have the right to have data which we process automatically on the basis of your consent or in fulfilment of a contract handed over to you or to another responsible person in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only be done as far as it is technically feasible.

SSL- bzw. TLS-encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as requests you send to us as a site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Information, blocking, deletion
Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, their origin and recipient and the purpose of data processing and, if applicable, a right to correction, blocking or deletion of this data. You can contact us at any time at the address given in the imprint for this and other questions on the subject of personal data.

Social networks in general
The Deutsche Gesellschaft für Immunologie e. V. takes the current discussion about data protection in social networks very seriously. It is currently not legally clear whether and to what extent all networks offer their services in accordance with European data protection regulations.
We therefore expressly draw attention to the fact that the Twitter, Facebook, YouTube and Google Maps services also used by the Deutsche Gesellschaft für Immunologie e. V. store the data of their users (e.g. personal information, IP address, etc.) in accordance with their data usage guidelines and use them for business purposes. DGfI e.V. has no influence on data collection and its further use by social networks. For example, there is no information on the extent to which, where and for how long the data is stored, the extent to which the networks comply with existing deletion obligations, which evaluations and links are made with the data and to whom the data is passed on.

Contradiction advertising mails
We hereby object to the use of contact data published within the scope of the imprint obligation to send unsolicited advertising and information material. The operators of this website expressly reserve the right to take legal action against unsolicited mailing or e-mailing of spam and other similar advertising materials.

 

Modification of this data protection declaration
We reserve the right to change these data protection regulations at any time in compliance with the legal requirements.

 

2. data collection on our website

Access Data/Server Log Files

The provider (or his web space provider) collects data about each access to the offer (so-called server log files). The access data includes: Name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. The provider uses the log data only for statistical evaluations for the purpose of operation, security and optimisation of the offer. However, the provider reserves the right to subsequently check the log data if there are concrete indications of justified suspicion of illegal use.

Contact forms
If you send us enquiries via the contact form, your details from the enquiry form including the contact data you provided there will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. These data will not be passed on without your consent.
The processing of the data entered in the contact form takes place exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time. For this purpose, an informal e-mail notification to us is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.
The data entered by you in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

Processing of data within the framework of legal relationships
We collect, process and use personal data only to the extent necessary for the establishment, content or modification of the legal relationship (inventory data). This is done on the basis of Art. 6 para. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures. We collect, process and use personal data relating to the use of our Internet pages (usage data) only to the extent necessary to enable the user to make use of the service or to bill the user.
The collected customer data will be deleted after completion of the order or termination of the business relationship, but not before the statutory retention periods expire.

3. collection, use, storage and deletion of personal member data
DGfI collects, processes and stores member data which is essential for the pursuit of the statutory purpose of the association, for the design of membership and for the support and administration of members. Everything about the nature and purpose of the data collected by DGfI can be found in Appendix 1.

3.1 Data collection

(a) individual members
With the accession of a member, the German Society of Immunology (Deutsche Gesellschaft für Immunologie e.V.) raises the following fees (hereinafter referred to as "DGfI") collects the following personal data (basic data), which is essential for the pursuit of the statutory purpose of the Society, for the design of membership and for the support and administration of members: First name and surname, address incl. country or federal state, date of birth.

When joining, the new member selects a contribution allocation. New members who want to claim a reduction are obliged to prove this. The DGfI can request written receipts, which will be archived. Should these contain further personal data (e.g. matriculation number) due to their origin, DGfI will only use these data for the purposes of membership administration or to achieve its association goals (see 3. Use of data). The same applies to any different billing addresses.

In order to facilitate member administration or to improve the exchange of members with the same interests, the following additional data is collected on a voluntary basis: Payment method, bank details, title, e-mail addresses, telephone numbers, type of institution, professional group/study, if applicable membership in statutory subdivisions (working groups).

Upon joining, a personal membership number is assigned to each member of the association.

Registration for DGfI takes place via the DGfI homepage, where the basic data is stored in the password-protected member area. Members have the possibility to view and, if necessary, change their data by means of the deposited e-mail address and a personal password determined by themselves. In DGfI's password-protected intranet, DGfI members can check on their individual profile page which master data (basic data and voluntary data) are available for the member administration. Apart from the data which are absolutely necessary for the identification of the member (membership number), the master data displayed there can be changed by the member himself. Bank data is not made available via the intranet as data that requires special protection.

Information on the institution and studies can also be entered on the profile page on a voluntary basis and changed at any time.

(b) Corporate members
DGfI only collects data from its corporate members (company members) which is necessary for the statutory work of the umbrella association, for the organisation of membership, including the determination of membership fees and internal communication.

On joining and then once a year, the following data is collected from all corporate members: Basic data and other personal data (surname, first name, title, e-mail address, telephone number, postal address, function if applicable) of a contact person and, if required, of other contact persons voluntarily nominated by the member, invoice addresses if applicable.

3.2 Data storage
Personal data is stored in a computer system (GSVerein, Sage) to which only persons who have been expressly authorised to do so by virtue of their function or task within DGfI have access. In addition, external service providers may be commissioned to store the data. The external service provider must prove a suitable data protection concept (data protection declaration, confidentiality clauses, etc.).

Personal data is protected from unauthorised third parties by suitable technical and organisational measures (in particular by controlling access, entry, access, forwarding, input, commissioning and availability as well as by data separation) in accordance with the Annex to § 9 BDSG.

3.3 Use of data
The personal data mentioned under 1 are only used for the pursuit of the statutory purposes of the association or for the support and administration of members. This will only be done if there is no indication that the data subject has an interest worthy of protection that is opposed to processing. If the use of certain data is objected to, the corresponding data will be deleted. If the deletion of the data is not possible for technical reasons, the data subject will be informed accordingly. Data subject to statutory provisions (e.g. documents relevant to the tax office) will be deleted after expiry of the relevant deadlines, at the latest after 10 years. The use of personal data of individual members is only carried out by persons who are authorised to do so.

3.3.1 Access to data
Signatory members of the executive committee have access to all member data, provided that these are directly required for the completion of tasks. In the case of the Secretary General, this also includes all member data relevant for the determination and collection of dues. Full-time employees of the association's offices have access to all member data within the framework of membership administration and support. This also includes access to the e-mail address for sending the DGfI newsletter, unless the member has objected to this.

3.3.2 Data transfer within DGfI
Personal data of individual DGfI members are only passed on internally if this serves the purposes of the association or member support. Personal data of individual members will only be passed on to DGfI officials in accordance with its statutes. No data is transferred between the different member groups in DGfI (individual and cooperating members). A written request is necessary for this.

3.3.3 Data transfer to third parties
Personal data of its individual members as well as the contact data of its cooperating members are not passed on to third parties for advertising purposes.

DGfI reserves the right to forward the personal data of individual members to third parties (e.g. senders) for the purpose of delivering the Association's magazine or communicating with its members by letter, who in turn are obliged to protect their data.

In the event of benefits linked to membership in DGfI (e.g. reduced participation fees at certain congresses), DGfI will provide information on membership upon request. In this context, DGfI reserves the right to transmit personal data (first name, surname, title, postal address, possibly business address, membership number) of individual members if this is essential for the granting of the discount.

Third parties are obliged to use the data provided by the association only for the agreed purposes and not for their own purposes and to destroy all data after completion of the respective defined order.

3.3.4 Third party specifications
DGfI points out that it can also transmit basic data to banks within the framework of (international) payment transactions (SEPA mandates) if this is required by the banks as an indispensable prerequisite for processing the payment of the membership fee.

DGfI reserves the right to document payment transactions including any return debit entries.

3.4 Publication
DGfI announces special events and activities in the Association magazine via press releases, on the DGfI website or on the intranet. Photos and personal member data can be published.

The individual member can object to such publication at any time by contacting the member administration. In the event of an objection, no further publication shall be made with regard to the member who has objected, with the exception of results from elections.

Contact data of statutory officials will only be published if it is official data. Private contact data can only be published if the statutory functionary has explicitly agreed to this.

3.5 Deletion
Master data which are not essential for the clear identification of the member, as well as voluntary information on interests and studies can be deleted by the individual member at any time on the DGfI intranet on the respective individual profile page after a password-protected login. When a member leaves the DGfI, all personal data will be deleted as long as they do not concern the cash management. These data will be stored for up to ten years after the written confirmation of the resignation by the member administration in accordance with the tax law provisions. They are blocked during this period and will be deleted upon expiry of the deadline. Documents and databases that DGfI no longer requires are disposed of in such a way that third parties cannot gain knowledge of the personal data contained therein.

3.6 Association archive
As a rule, the DGfI archives only store personal data that is considered to be publishable (see 6). If processes with personal data that are no longer actively used are stored, it is ensured that only individuals who have signed a data protection declaration have access.

The use of the archive material in personal form is restricted within the scope of concrete questions and only permitted after approval by the Presidium.

3.7. participants in events
DGfI only collects data from participants of events that is required for the execution of the event or for the issuance of participation certificates. These are usually first name, surname, title, e-mail address or postal address.

DGfI reserves the right to request additional receipts proving entitlement to discounts if discounts are to be granted for events subject to a fee.

For the documentation of the event, image and sound recordings can be made, which in turn can be used for reporting in print or digital media. DGfI will respect the personal rights of the persons depicted.

3.8 Shipping customers
When ordering information material, DGfI only collects the data required for the proper processing of the order. These are usually first name, surname, title, delivery address and (if different) the billing address of the customer.

DGfI reserves the right to request additional documents proving the entitlement to a discount if discounts are to be granted for information material subject to a charge, and to store such documents as long as they are necessary for the proper processing of the order.

4. integration of services and contents of third parties
It may happen that contents of third parties, such as videos from YouTube, map material from Google Maps, RSS feeds or graphics from other websites are integrated within this online offer. This always presupposes that the providers of this content (hereinafter referred to as "third-party providers") use the IP address of the user. Without the IP address, they would not be able to send the content to the browser of the respective user. The IP address is therefore required for the presentation of this content. We make every effort to use only those contents whose respective providers only use the IP address to deliver the contents. However, we have no influence on whether the third party providers store the IP address for statistical purposes, for example. As far as this is known to us, we inform the users about it.

Cookies
Some of the Internet pages use so-called cookies. Cookies do not damage your computer and do not contain viruses. Cookies serve to make our offer more user-friendly, more effective and safer. Cookies are small text files that are stored on your computer by your browser. Cookies make it possible to store specific information relating to the device on the user's access device (PC, Smartphone, etc.). They serve on the one hand the user-friendliness of web pages and thus the users (e.g. storage of login data). On the other hand, they serve to collect statistical data on the use of the website and to be able to analyse them in order to improve the offer. Users can influence the use of cookies. Most browsers have an option that restricts or completely prevents the storage of cookies. However, it should be noted that the use and in particular the comfort of use are restricted without cookies.

 

Matomo
The data controller has integrated the Matomo component on this website. Matomo is an open source software tool for web analysis. Web analysis is the collection, collection and evaluation of data about the behavior of visitors to Internet sites. A web analysis tool collects data on, among other things, from which website a person concerned came to a website (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. A web analysis is mainly used to optimise a website and to analyse the costs and benefits of Internet advertising.

The software is operated on the server of the data controller, the data protection sensitive log files are stored exclusively on this server.

The purpose of the Matomo component is to analyse the flow of visitors to our website. The data controller uses the data and information obtained, among other things, to evaluate the use of this website in order to compile online reports showing the activities on our website.

Matomo places a cookie on the data subject's information technology system. What cookies are has already been explained above. The use of cookies enables us to analyse the use of our website. Each time one of the individual pages of this website is accessed, the Matomo component automatically prompts the Internet browser on the data subject's information technology system to transmit data to our server for online analysis. As part of this technical process, we gain knowledge of personal data, such as the IP address of the person concerned, which we use, among other things, to track the origin of visitors and clicks.

Personal information such as the access time, the location from which an access originated and the frequency of visits to our website are stored by means of cookies. Each time you visit our website, this personal data, including the IP address of the Internet connection used by the person concerned, is transferred to our server. This personal data is stored by us. We do not pass this personal data on to third parties.

The person concerned can prevent the setting of cookies by our Internet site, as already described above, at any time by means of an appropriate setting of the Internet browser used and thus permanently object to the setting of cookies. Such a setting of the Internet browser used would also prevent Matomo from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Matomo can be deleted at any time via an Internet browser or other software programs.

Furthermore, the data subject may object to the collection of data generated by Matomo in connection with the use of this website and prevent such collection. For this purpose, the person concerned must set "Do Not Track" in your browser.

With the setting of the opt-out cookie, however, it is possible that the Internet pages of the person responsible for processing may no longer be fully usable by the data subject.

Further information and the valid data protection regulations of Matomo can be found at https://matomo.org/privacy/ .

Using Facebook Social Plugins
This offer uses social plugins ("Plugins") of the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The plugins can be recognized by one of the Facebook logos (white "f" on a blue tile, the terms "like", "like" or a "thumbs up" sign) or by the addition "Facebook Social Plugin". The list and appearance of the Facebook Social Plugins can be viewed here: https://developers.facebook.com/docs/plugins/.

When a user accesses a website of this offer that contains such a plugin, his browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted directly from Facebook to your browser, which integrates it into the website. The provider therefore has no influence on the extent of the data that Facebook collects with the help of this plugin and therefore informs the user according to his level of knowledge:

By integrating the plugins, Facebook receives the information that a user has called up the corresponding page of the offer. If the user is logged in to Facebook, Facebook can assign the visit to his Facebook account. When users interact with the plugins, for example by clicking the Like button or commenting, the corresponding information is transferred directly from your browser to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to find out his IP address and save it. According to Facebook, only an anonymous IP address is stored in Germany.

The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the relevant rights and setting options to protect the privacy of users can be found in Facebook's data protection information: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about him via this offer and link it with his Facebook stored member data, he must log out of Facebook before visiting the website. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: https://www.facebook.com/settings?tab=ads.

5. Newsletter

Newsletter data
Only DGfI members can receive the DGfI newsletter. If you wish to receive the DGfI newsletter, 1&1 Internet SE requires an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data will not be collected or will only be collected on a voluntary basis. We use this data exclusively for sending the requested information and do not pass it on to third parties.

The data entered in the registration form will be processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke your consent to the storage of data, e-mail address and their use to send the newsletter at any time, for example via the link in the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

The data you have stored with us for the purpose of subscribing to the newsletter will be stored by 1und1 Internet SE until you unsubscribe from the newsletter and deleted after the newsletter has been cancelled. This does not affect data stored by us for other purposes (e.g. e-mail addresses for the member area).

1&1 Newsletter Tool and Newsletter Tracking
DGfI uses the 1&1 newsletter tool to send newsletters. The provider is 1&1 Internet SE, Elgendorfer Str. 57, 56410 Montabaur. The 1&1 newsletter tool is a service with which newsletters can be organized and analyzed. The data entered by us for the newsletter subscription (e.g. e-mail address) is stored on the servers of 1&1. The newsletters sent with the 1&1 newsletter tool enable us to analyse the behaviour of the newsletter recipients. Among other things, it is possible to analyze how many recipients have opened the newsletter message. Data processing is based on your consent (Art. 6 para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

If you do not want a newsletter or no analysis by the 1&1 newsletter tool, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. You can also unsubscribe directly by email.

The data that you have stored with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted both from our servers and from the servers of 1&1 after you unsubscribe from the newsletter. This does not affect data stored by us for other purposes (e.g. e-mail addresses for the member area).

You can find more details in the data protection regulations of 1&1 at: https://hosting.1und1.de/terms-gtc/terms-privacy/

 

Appendix 1: Nature and purpose of the member data collected
The database fields that are stored in the DGfI member database are listed below. A distinction is made between:

Basic data, which is absolutely necessary for the pursuit of the association's goals defined in the statutes and for the direct support and administration of the members, and
Voluntary information that serves to improve communication with the member and is necessary to safeguard the legitimate interests of the association.

The assignment of the data to the respective purposes takes place after weighing the interests of the association and the interests of the member worthy of protection.

By registering for membership, the IP address assigned to the person concerned by the Internet Service Provider (ISP), the date and time of registration are stored. The storage of these data takes place against the background that only so the abuse of our services can be prevented, and these data make if necessary possible to clear up committed crimes. In this respect, the storage of this data is necessary to safeguard the data controller. These data will not be passed on to third parties unless there is a legal obligation to do so or the data is used for criminal prosecution.

If a member of the association objects to the processing of useful but not necessary personal data, this data must not be processed.

1. necessary personal data

1.1 Basic data

  • salutation
  • first name
  • Surname
  • Address
  • email
  • Contribution assignment (in the case of reduction, contribution-reduction reason and document)
  • sex
  • date of birth
  • payment method
  • Date of entry, date of leaving
  • Name of guarantor

2. data collected voluntarily

2.1 Data that simplifies member administration:

Account details

2.2 Data for better communication with the Member:

  • Title
  • Phone
  • Type of institution
  • Profession/Study
  • Email address of the guarantors

Released May 2018