1. An overview of data protection
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator's contact details can be found in the website's required legal notice.
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
2. General information and mandatory information
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
European Research and Project Office GmbH
Telephone: +49 6894 388 130
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Revocation of your consent to the processing of your data
Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser's address line when it changes from "http://" to "https://" and the lock icon is displayed in your browser's address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
3. Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
Telephone: +49 89 800 65 78 0
4. Data collection on our website
Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
These data will not be combined with data from other sources.
This constitutes a justified interest pursuant to Art. 6 (1) (f) GDPR.
Our webpage contains videos from YouTube, LLC 901 Cherry Ave., 94066 San Bruno, CA, USA, a company of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
For this we apply the YouTube option “Advanced Data Protection Mode”.
If, however, you are logged in to your YouTube account, then this information will be attributed to your YouTube account. In order to prevent this, you need to sign out of your YouTube account before visiting this website. Further information about YouTube Privacy Protection is provided by Google here: https://www.google.de/intl/de/policies/privacy/
6. Data processing: Registration and Participation – Annual meeting
The following information answers the questions of how we will process your personal data within the scope of public events and workshops organized within the scope of the IMI2 JU project 3TR (GA no. 831434).
Which sources and data are used?
We process personal data (Art. 4 no. 2 GDPR), i.e. full name, institution, e-mail address, pictures on which individual persons might be identifiable, audio-visual recordings, which we receive from you within the scope of your registration for an event.
In addition, we process personal data – provided that you have given your consent before – that we collect within the scope of your participation to the event (pictures on which individuals may be identifiable).
Why do we process your data (purpose of processing) and what is the legal basis?
We process personal data in accordance with the provisions under the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG)).
a. To meet contractual obligations (Art. 6 para. 1b GDPR)
Your registration data is processed for the purpose of the initiation, performance and conclusion of a contract and the related secondary obligations (Art. 6 para. 1 GDPR). These data are processed with the purpose of identifying you as a participant to the event, for reserving a place for you, preparing a participants’ list and for enabling the planning and guarantee of a smooth operation of the event. Subsequent to the event, a participants’ list is needed to document towards the European Commission that the event actually took place and will be stored for a period of five years after the payment of the balance according to the 3TR Grant Agreement article 18.1.
b. Based on your consent (Art. 6 para. 1a GDPR)
To the extent that you have given your consent for the processing of personal data with regard to taking pictures in the course of the event and the publishing of such pictures, the processing is considered lawful on the basis of your consent (Art. 6 para 1a GDPR). Pictures are taken for the purpose of documenting the event as well as for preparing communication material (for e.g. news entries, flyer, leaflets) to promote project activities. A consent that has been given can be withdrawn at any time by sending an e-mail with your claim to GDPR@3tr-imi.eu. However, please note that any withdrawal is only applicable to the future use of your personal data. Processing of data that has been performed before your withdrawal is not affected.
Who will receive my data?
Within EURICE, your data will be transferred to those persons that need them to fulfill their contractual obligations (e.g. Project Manager of the project and IT support). In addition, we may involve other service providers to fulfill our contractual and legal obligations.
In addition, we may transfer your personal data to other recipients outside EURICE if this is required to fulfill our contractual and legal obligations. This includes but is not limited to:
- Financial authorities, courts
- Millepondo services GmbH & Co. KG, the host of the 3TR project management tool (a German software provider located in Cologne)
- IMI2 JU as funding body of the project 3TR
- Coordinator, Project Lead and Project Co-lead of the IMI2 JU project 3TR as representative of the project
- Person responsible for organizing the event
For how long are my data stored?
Periods for retention result from the applicable IMI2 JU provisions (GA Art. 18). In accordance thereto, the data must be retained for up to five years after receipt of the project’s final payment.
In addition, we are obliged to respect various obligations to retain information and furnish evidence in accordance with, among other things, the German Commercial Code (Handelsgesetzbuch (HGB)) and the German Tax Code (Abgabenordnung (AO)). According to these provisions, the periods for storage amount to a maximum of ten years. Finally, the period of storage is also subject to statutory periods of limitation which, for instance in accordance with §§ 195 et seq. of the German Civil Code (Bürgerliches Gesetzbuch (BGB)), in general for up to three years but, in certain cases, up to a maximum of thirty years.
Transmission to a third country
Please note that your personal data is being transferred to Switzerland, Norway and the United Kingdom in the framework of the participation in the project. The processing of your personal data in Switzerland will take place on the basis of the Commission Decision of 25 July 2000 (Published in the OJEU, L 27, p. 39.). The processing of personal data in the United Kingdom will take place on the basis of the Commission Decision of 28 June 2021. Such decisions confirm that a country outside the EU offers an adequate level of data protection. Norway is assimilated to intra-EU transmissions of data according to GDPR and EEA provisions.
The transmission of your data is not repeated, mass or structural and is carried out within the limits established by the Grant Agreement and Consortium Agreement.
Which data protection rights do I have?
Each individual has the right of access in accordance with Art. 15 GDPR, the right to rectification in accordance with Art. 16 GDPR, the right to erasure (right to be forgotten) in accordance with Art. 17 GDPR, the right to restriction of processing in accordance with Art. 18 GDPR, the right to data portability in accordance with Art. 20 GDPR as well as the right to object in accordance with Art. 21 GDPR. Limitations in accordance with §§ 34 and 35 of the German BDSG apply to the right to access and the right to erasure. In addition, individuals have a right to lodge complaints with us. In this case, please contact our data protection officer verimax GmbH as well as the competent data protection supervisory authority (Art. 77 GDPR in conjunction with § 19 BDSG).
The competent supervisory authority is
Unabhängige Datenschutzzentrum Saarland
Die Landesbeauftragte für Datenschutz und Informationsfreiheit
Telephone: +49 681 94781-0
Am I obliged to provide my data?
Providing your personal data within the scope of registering for and participating in events relating to the IMI2 JU project 3TR is voluntary. However, if you do not provide your data (with your registration, we cannot register you as participant to the event.