Data Privacy

Privacy Policy

I. Name and address of the controller

The controller for the purpose of the EU General Data Protection Regulation (hereinafter referred to as “GDPR”) and other national data protection laws of the Member States and also other applicable data protection regulations is:

Foundation for Cardiovascular Research and Education GmbH
Duisburger Straße 375

46049 Oberhausen
Deutschland
E-Mail: Info@fcre.eu
Website: www.fcre.eu

II. General information on data processing

FCRE collects and uses personal data of users only as far as it is necessary to provide and maintain a functional website and the content and services on the platform. In general, the collection and use of the personal data of the users takes place only after consent of the user has been obtained, or if the processing of the data is already permitted by legal regulations.

Insofar as FCRE obtains the consent of the users for the processing of their personal data, Art. 6 (1) (a) GDPR serves as the legal basis.

In case the processing of personal data is required for the performance of a contract to which the user is a party, Art 6 (1) (b) GDPR serves as the legal basis. This also applies to processing operations in order to take steps at the request of the user prior to entering into a contract.

Insofar as processing personal data is necessary for the fulfilment of a legal obligation, which FCRE is subject to, Art 6 (1) (c) GDPR serves as the legal basis.

In the event, that the vital interests of the user or another natural person require the processing of personal data, Art 6 (1) (d) GDPR serves as the legal basis.

If processing is necessary for the protection of a legitimate interest of FCRE or a third party and the interests, fundamental rights and freedoms of the person concerned do not override the former interest, then Art 6 (1) (f) GDPR serves as the legal basis for the processing.

The personal data of the user will be deleted or blocked as soon as the purpose of storage ceases to apply. In addition, data may be stored if it has been provided for by European or national legislators in EU regulations, laws or other provisions to which FCRE is subject. The data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

III. Provisioning of the website and creation of log files

At each of our webpages, the webserver used by FCRE automatically collects data and information of the accessing computer.

The following data is collected:

(1) information about the type of browser and the version used

(2) operating system of the user

(3) internet service provider of the user

(4) IP address of the user

(5) location, date and time of access

This data is used for session handling and will also be saved in the log files on the server. The IP address is transmitted with each server request so that the server knows where to send the response. Every internet user is assigned an IP address by his Internet Service Provider (ISP) as soon as he connects to the Internet. The ISP can trace which IP address was assigned to which of its customers at which time. As long as the IP address is stored, the identity of the subscriber can theoretically be determined by the ISP. FCRE saves the complete IP Address only temporarily to log files for debugging purposes and threat protection. The complete IP address is deleted after three days, so that the recorded data is then anonymous and identification of the user is no longer possible.

The processing of this data serves to deliver the contents of the website, to guarantee the functionality of the information technology systems and to optimize the website. The data of the log files are stored separately from other personal data.

The legal basis for the temporary storage of data and log files is Art 6 (1) (f) GDPR.

The temporary storage of the IP address by the server is necessary to enable the website to be delivered to the user’s computer. For this the IP address of the user must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, FCRE uses the data to optimize the website and to ensure the security of the IT systems.

FCRE’s legitimate interest in data processing pursuant to Art 6 (1) (f) GDPR lies in these purposes.

The data will be deleted as soon it is no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, deletion occurs after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that assignment of the accessing client is no longer possible.

The collection of data for the provision of the website and the storage of data in log files is essential for the secure and data protection compliant operation of the website. There is consequently no opportunity to object on the part of the user.

IV. Use of cookies

Cookies are text files that are stored in or by the internet browser on the user’s computer system. If a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic character string that enables a unique identification of the browser when the website is accessed again.

Some elements of the website require that the accessing browser can be identified even after a page change.

The following data is stored and transmitted within the cookies:

Cookie
Purpose
Duration
To check if user is logged in
Session Cookie
Remain logged-in
permanent

The user data collected in this way is pseudonymized by technical precautions. Therefore, it is no longer possible to assign the data to an accessing user. The data will not be stored together with other personal data of the users.

Upon accessing the website, the user will be informed about the use of cookies for analytical purposes. In this context, reference is also made to this data protection declaration.

The Legal basis for processing personal data using technically necessary cookies is Art 6 (1) (f) GDPR.

The legal basis for processing personal data using cookies for analytical purposes, if the user has given his or her consent in this regard, is Art 6 (1) (a) GDPR, otherwise Art 6 (1) (a) GDPR.

The purpose of using technically necessary cookies is to facilitate the use of websites for users. Some functions of the website cannot be offered without the use of cookies. For this it is necessary that the browser is recognized even after a page change.

The user data collected by technically necessary cookies are not used to create user profiles.

The user also has full control over the use of cookies. Through a change of the settings in the internet browser users can deactivate or limit the transmission of cookies. Already stored cookies can at any time be deleted. This can also be done automatically. If cookies are deactivated for the website, it may however no longer be possible to fully use all functions of the website.

V. Email contact

Site visitors can contact FCRE via the email address provided. In this case, the user’s personal data transmitted by email will be stored.

In this context, there is no disclosure of the data to third parties. The data are used exclusively for processing the conversation.

The legal basis for the processing of the data in the event of the user’s consent is Art 6 (1) (a) GDPR.

The legal basis for the processing of data transmitted in the course of sending an email is Art 6 (1) (f) GDPR. If the email contact is aimed at the conclusion of a contract, then additional legal basis for the processing is Art 6 (1) (b) GDPR.

The processing of the personal data of contact by email serves FCRE alone for the treatment of the establishment of contact. In the event of contact by email, this also constitutes the necessary legitimate interest in the processing of the data.

The other personal data processed during the sending process serves to prevent misuse and to ensure the security of the information technology systems.

The data will be deleted as it is no longer necessary to achieve the purpose for which it was collected. For the personal data transmitted via email this is the case once the conversation with the user has ended. The conversation is terminated when it can be inferred from the circumstances that the facts in question have been finally clarified.

The user always has the possibility to rescind his consent regarding the processing of his personal data. If the user contacts FCRE by email, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued.

VI. Rights of users

If personal data of the user is processed the user is affected within the meaning of the GDPR and the user is entitled to the following rights vis-à-vis FCRE:

1. Right to information

Users may request confirmation from FCRE whether personal data relating to the user is processed by FCRE.

Once such processing has taken place, users can request the following information from FCRE:

(1) The purposes for which the personal data is processed;
(2) The categories of personal data, which is being processed;
(3) The recipients or categories of recipients to whom the personal data relating to the user has been or is still being disclosed;
(4) The planned duration of storage of the user’s personal data or, in the case specific information on this is not possible, criteria for determining the storage period;
(5) The existence of a right to correction or deletion of personal data relating to the user, a right to restriction of processing by FCRE or a right to object to such processing;
(6) The existence of a right of appeal to a supervisory authority;
(7) Any available information on the origins of the data if the personal data is not collected from the user itself;
(8) The existence of automated decision-making, including profiling in accordance with article 22(1) and (4) GDPR and – at least in these cases – meaningful information on the logic involved and the scope and intended effects of such processing for the user.

Users have the right to request information as to whether personal data relating to the user is transferred to a third country or to an international organization. In this context, users may request to be informed of the appropriate guarantees in accordance with art 46 GDPR in connection with the transmission.

2. Right to rectification

Users have the right to rectification and/or completion vis –a- vis FCRE if the processed personal data concerning the user is incorrect or incomplete. FCRE must make the correction without delay.

3. Right to restriction of processing

Users may request the restriction of the processing of personal data concerning the user under the following conditions:

(1) If the user contests the accuracy of the personal data the period of restriction can be extended allowing for FCRE to verify the accuracy of the personal data;
(2) The processing is unlawful and the user opposes the deletion of the personal data and requests the restriction of their use instead;
(3) FCRE no longer requires the personal data for the purposes of the processing, but they are required by the user for the establishment, exercise or defense of legal claims or
(4) If the user has objected to processing pursuant to article 21(1) pending the verification whether the legitimate grounds of FCRE override those of the user.

Where processing has been restricted, such data shall, with the exception of storage, only be processed with the user’s consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State.

If the processing of data has been restricted according to the above conditions, users will be informed by FCRE before the restriction is lifted.

4. Right to delete

a) Deletion obligation

Users have the right to obtain from FCRE the deletion of his personal data without undue delay and FCRE is obligated to delete this personal data without undue delay where one of the following grounds applies:

(1) The personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed.
(2) The user withdraws consent on which the processing is based according to Art 6 (1) (a) or Art 9 (2) (a) GDPR and where there is no legal ground for the processing.
(3) User objects to the processing pursuant to Art 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or the user objects to the processing pursuant to Art 21(2) GDPR.
(4) The personal data has been unlawfully processed.
(5) The personal data has to be erased for compliance with a legal obligation in Union or Member State law to which FCRE is subject.
(6) The personal data has been collected in relation to the offer of information society services referred to in art 8(1) GDPR.

b) Passing information to third parties

If FCRE has made public the personal data relating to the User and if FCRE is obliged to delete such data pursuant to Art 17(1) GDPR, FCRE shall take appropriate measures, including technical measures, considering the available technology and the implementation costs, to inform those responsible for data processing who process the personal data, that user as data subject has requested FCRE to delete all links to such personal data or copies or replications of such personal data.

c) Exceptions

The right to deletion does not exist insofar as the processing is necessary

(1) for exercising the right of freedom of expression and information;
(2) for compliance with a legal obligation which requires processing by the European Union or Member State law to which FCRE is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in FCRE;
(3) For the establishment, exercise or defense of legal claims.

If users have exercised the right to correct, delete or limit the processing vis-à-vis FCRE, FCRE is obliged to inform all recipients to whom the personal data relating to the user has been disclosed of this correction or deletion of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

Users have the right vis-à-vis FCRE to be informed about these recipients.

5. Right to data transferability

Users have the right to receive user-related personal data provided to users in a structured, common, and machine-readable format. In addition, users have the right to transfer this data to another person without hindrance by FCRE, provided that

(1) Processing is based on consent pursuant to art 6(1) (a) GDPR or art 9 (2) (a) GDPR or on a contract pursuant to Art 6 (1) (b) GDPR and
(2) The processing is done by automated means.

In the exercise of this right, users also have the right to request that the personal data relating to the user is transmitted directly by a responsible person to another responsible person, insofar as this is technically feasible. The freedoms and rights of other persons must not be affected by this.

6. Right of objection

The users have the right to object, on grounds relating to his or her particular situation, at any time to processing of personal data concerning him or her which is based on art 6 (1) (e) or (f) including profiling based on those positions.

FCRE shall no longer process the personal data unless FCRE demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the user or for the establishment, exercise of defense of legal claims.

Where the user’s personal data is processed for direct marketing purposes, the user has the right to object at any time to processing of personal data concerning him or her for such marketing, which includes profiling to the extent that it is related to such direct marketing.

Where the user objects to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes.

Users have the possibility in connection with the use of information society’s services- not withstanding Directive 2002/58/EC to exercise their right of objection by means of automated procedures using technical specifications.

7. Right to revoke consent with data protection relevance

Users have the right to revoke their data protection relevant consent at any time. The revocation of consent does not affect the legality of processing carried out based on the consent until revocation.

8. Automated individual decision-making, including profiling

The user has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects him or her. This not applicable if the decision

(1) is necessary for entering into, or performance of, a contract between the user and FCRE,
(2) is authorized by European Union or Member State law to which FCRE is subject and which also lays down suitable measures to safeguard the User’s rights and freedoms and legitimate interests; or
(3) is based on the user’s explicit consent.

However, these decisions may not be based on special categories of personal data pursuant to Art 9 (1) GDPR, unless art 9 (2) (a) or (g) GDPR applies and appropriate measures have been taken to protect the user’s right and freedoms and the user’s legitimate interests.

9. Right to raise a complain to a supervisory authority

Without prejudice to any other administrative or judicial remedy users have the right to raise a complaint at a supervisory authority, in particular in the member state of residence, place of work, or place of suspected infringement, if users consider that the processing of personal data relating to the user is in violation of the GDPR.

The supervisory authority at which the complaint has been raised shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under art 78 GDPR.

FCRE reserves the right to change this Privacy Policy any time at its sole discretion.

_______________________________________________________________

DATENSCHUTZERKLÄRUNG

Die Foundation for Cardiovascular Research and Education (FCRE) nimmt den Schutz Ihrer persönlichen Daten sehr ernst. Wir behandeln Ihre personenbezogenen Daten vertraulich und entsprechend der gesetzlichen Datenschutzvorschriften sowie dieser Datenschutzerklärung.
Die Nutzung unserer Webseite ist in der Regel ohne Angabe personenbezogener Daten möglich. Soweit auf unseren Seiten personenbezogene Daten (beispielsweise Name, Anschrift oder E-Mail-Adressen) erhoben werden, erfolgt dies, soweit möglich, stets auf freiwilliger Basis. Diese Daten werden ohne Ihre ausdrückliche Zustimmung nicht an Dritte weitergegeben.
Wir weisen darauf hin, dass die Datenübertragung im Internet (z.B. bei der Kommunikation per E-Mail) Sicherheitslücken aufweisen kann. Ein lückenloser Schutz der Daten vor dem Zugriff durch Dritte ist nicht möglich.

Verantwortlicher

Firma: Foundation for Cardiovascular Research and Education GmbH

Adresse: Duisburger Straße 375

PLZ, Ort, Land: 46049 Oberhausen, Deutschland

Handelsregister-Nr.: 37842 – Amtsgericht Oberhausen

Geschäftsführer: Dr. Marc Bosiers

Telefonnummer: +32 477 31 36 81

E-Mail: Info@fcre.eu

Stand: 05.06.2024

Rechte der Betroffenen

Das geltende Datenschutzrecht gewährt Ihnen gegenüber dem Verantwortlichen hinsichtlich der Verarbeitung Ihrer personenbezogenen Daten umfassende Betroffenenrechte (Auskunfts- und Interventionsrechte), über die wir Sie nachstehend informieren:

Auskunftsrecht gemäß Art. 15 DSGVO: Sie haben insbesondere ein Recht auf Auskunft über Ihre von uns verarbeiteten personenbezogenen Daten, die Verarbeitungszwecke, die Kategorien der verarbeiteten personenbezogenen Daten, die Empfänger oder Kategorien von Empfängern, gegenüber denen Ihre Daten offengelegt wurden oder werden, die geplante Speicherdauer bzw. die Kriterien für die Festlegung der Speicherdauer, das Bestehen eines Rechts auf Berichtigung, Löschung, Einschränkung der Verarbeitung, Widerspruch gegen die Verarbeitung, Beschwerde bei einer Aufsichtsbehörde, die Herkunft Ihrer Daten, wenn diese nicht durch uns bei Ihnen erhoben wurden, das Bestehen einer automatisierten Entscheidungsfindung einschließlich profiling und ggf. aussagekräftige Informationen über die involvierte Logik und die Sie betreffende Tragweite und die angestrebten Auswirkungen einer solchen Verarbeitung, sowie Ihr Recht auf Unterrichtung, welche Garantien gemäß Art. 46 DSGVO bei Weiterleitung Ihrer Daten in Drittländer bestehen.

Recht auf Berichtigung gemäß Art. 16 DSGVO: Sie haben ein Recht auf unverzügliche Berichtigung Sie betreffender unrichtiger Daten und/oder Vervollständigung Ihrer bei uns gespeicherten unvollständigen Daten.

Recht auf Löschung gemäß Art. 17 DSGVO: Sie haben das Recht, die Löschung Ihrer personenbezogenen Daten bei Vorliegen der Voraussetzungen des Art. 17 Abs. 1 DSGVO zu verlangen. Dieses Recht besteht jedoch insbesondere dann nicht, wenn die Verarbeitung zur Ausübung des Rechts auf freie Meinungsäußerung und Information, zur Erfüllung einer rechtlichen Verpflichtung, aus Gründen des öffentlichen Interesses oder zur Geltendmachung, Ausübung oder Verteidigung von Rechtsansprüchen erforderlich ist.

Recht auf Einschränkung der Verarbeitung gemäß Art. 18 DSGVO: Sie haben das Recht, die Einschränkung der Verarbeitung Ihrer personenbezogenen Daten zu verlangen, solange die von Ihnen bestrittene Richtigkeit Ihrer Daten überprüft wird, wenn Sie eine Löschung Ihrer Daten wegen unzulässiger Datenverarbeitung ablehnen und stattdessen die Einschränkung der Verarbeitung Ihrer Daten verlangen, wenn Sie Ihre Daten zur Geltendmachung, Ausübung oder Verteidigung von Rechtsansprüchen benötigen, nachdem wir diese Daten nach Zweckerreichung nicht mehr benötigen oder wenn Sie Widerspruch aus Gründen Ihrer besonderen Situation eingelegt haben, solange noch nicht feststeht, ob unsere berechtigten Gründe überwiegen.

Recht auf Unterrichtung gemäß Art. 19 DSGVO: Haben Sie das Recht auf Berichtigung, Löschung oder Einschränkung der Verarbeitung gegenüber dem Verantwortlichen geltend gemacht, ist dieser verpflichtet, allen Empfängern, denen die Sie betreffenden personenbezogenen Daten offengelegt wurden, diese Berichtigung oder Löschung der Daten oder Einschränkung der Verarbeitung mitzuteilen, es sei denn, dies erweist sich als unmöglich oder ist mit einem unverhältnismäßigen Aufwand verbunden. Ihnen steht das Recht zu, über diese Empfänger unterrichtet zu werden.

Recht auf Datenübertragbarkeit gemäß Art. 20 DSGVO: Sie haben das Recht, Ihre personenbezogenen Daten, die Sie uns bereitgestellt haben, in einem strukturierten, gängigen und maschinenlesebaren Format zu erhalten oder die Übermittlung an einen anderen Verantwortlichen zu verlangen, soweit dies technisch machbar ist.

Recht auf Widerruf erteilter Einwilligungen gemäß Art. 7 Abs. 3 DSGVO: Sie haben das Recht, eine einmal erteilte Einwilligung in die Verarbeitung von Daten jederzeit mit Wirkung für die Zukunft zu widerrufen. Im Falle des Widerrufs werden wir die betroffenen Daten unverzüglich löschen, sofern eine weitere Verarbeitung nicht auf eine Rechtsgrundlage zur einwilligungslosen Verarbeitung gestützt werden kann. Durch den Widerruf der Einwilligung wird die Rechtmäßigkeit, der aufgrund der Einwilligung bis zum Widerruf erfolgten Verarbeitung nicht berührt.

Recht auf Beschwerde gemäß Art. 77 DSGVO: Wenn Sie der Ansicht sind, dass die Verarbeitung der Sie betreffenden personenbezogenen Daten gegen die DSGVO verstößt, haben Sie – unbeschadet eines anderweitigen verwaltungsrechtlichen oder gerichtlichen Rechtsbehelfs – das Recht auf Beschwerde bei einer Aufsichtsbehörde, insbesondere in dem Mitgliedstaat Ihres Aufenthaltsortes, Ihres Arbeitsplatzes oder des Ortes des mutmaßlichen Verstoßes.

Cookies

Die Internetseiten verwenden teilweise so genannte Cookies. Cookies richten auf Ihrem Rechner keinen Schaden an und enthalten keine Viren. Cookies dienen dazu, unser Angebot nutzerfreundlicher, effektiver und sicherer zu machen. Cookies sind kleine Textdateien, die auf Ihrem Rechner abgelegt werden und die Ihr Browser speichert.

Die meisten der von uns verwendeten Cookies sind so genannte „Session-Cookies”. Sie werden nach Ende Ihres Besuchs automatisch gelöscht. Andere Cookies bleiben auf Ihrem Endgerät gespeichert, bis Sie diese löschen. Diese Cookies ermöglichen es uns, Ihren Browser beim nächsten Besuch wiederzuerkennen.

Sie können Ihren Browser so einstellen, dass Sie über das Setzen von Cookies informiert werden und Cookies nur im Einzelfall erlauben, die Annahme von Cookies für bestimmte Fälle oder generell ausschließen sowie das automatische Löschen der Cookies beim Schließen des Browser aktivieren. Bei der Deaktivierung von Cookies kann die Funktionalität dieser Website eingeschränkt sein.

Datenübermittlung und -protokollierung zu systeminternen und statistischen Zwecken

Ihr Internet-Browser übermittelt beim Zugriff auf unsere Webseite aus technischen Gründen automatisch Daten an unseren Webserver. Dies sind u.a.:

o Browsertyp und Browserversion

o verwendetes Betriebssystem

o Referrer URL

o Hostname des zugreifenden Rechners

o Uhrzeit der Serveranfrage

Eine Zuordnung dieser Daten zu einer bestimmten Person ist uns nicht möglich. Eine Zusammenführung dieser Daten mit anderen Datenquellen wird nicht vorgenommen. Wir behalten uns vor, diese Daten nachträglich zu prüfen, wenn uns konkrete Anhaltspunkte für eine rechtswidrige Nutzung bekannt werden.

Last Update: 30.11.2023