Legal Basis

We collect and process personal data based on the following legal grounds:

1. Consent in accordance with Article 6, paragraph 1 (a), General Data Protection Regulation (GDPR). Consent is understood as a voluntary, informed and unambiguous declaration of intention in relation to a specific case, given in the form of a statement or any other unambiguous act of confirmation with which the person concerned indicates agreement to the processing of his or her personal data.
2. Necessity for the performance of a contract or for preparatory steps according to Article 6, paragraph 1 (b), GDPR, i.e. when the data is required in order for us to fulfil our contractual obligations towards you or to prepare the conclusion of a contract with you.
3. Processing in order to comply with a legal obligation in accordance with Article 6, paragraph 1 (c), GDPR, e.g. when the processing of data is required by law or other provisions.
4. Processing in order to protect legitimate interests in accordance with Article 6, paragraph 1 (f), GDPR, i.e. when processing is necessary to protect our legitimate interests or those of a third party, in so far as such interests are not overridden by fundamental rights and freedoms protecting your personal data.

Rights of Data Subjects

We guarantee the following rights when processing your data:

1. The right to lodge a complaint with a supervisory authority in accordance with Article 13, paragraph 2 (d), GDPR, and Article 14, paragraph 2 (e), GDPR.
2. Right of access in accordance with Article 15, GDPR.
3. Right to rectification in accordance with Article 16, GDPR.
4. Right to erasure (‘right to be forgotten’) in accordance with Article 17, GDPR.
5. Right to restriction of processing in accordance with Article 18, GDPR.
6. Right to data portability in accordance with Article 20, GDPR.
7. Right to object in accordance with Article 21, GDPR.

Note: Users may object to the processing of their personal data in accordance with legal provisions at any time and with future effect. In particular, objection may be directed against processing for the purposes of direct marketing.

Notwithstanding other administrative or judicial remedies, you have the right to complain to a supervisory authority, in particular in the Member State of your place of residence, employment or of the alleged infringement, if you believe that the processing of your personal data violates the GDPR.

Erasure of Data and Archiving Obligations

Your personal data will be erased or blocked as soon as the purpose of its storage becomes redundant. Storage of data beyond this may occur if required by the European or national legislator in EU regulations, laws or other regulations to which we are subject. Blocking or erasure of data will also take place with the expiry of the mandatory retention period set by the mentioned standards, unless the continued storage of data is required for the conclusion of a contract or the fulfilment of contractual obligations.

Security of Data Proccessing

1. We have implemented appropriate technical and organisational security measures (TOMs) in line with the newest technical standards. Thus, data processed by us is protected against accidental or intentional manipulation, loss, destruction and unauthorised access.
2. These security measures include, in particular, the encrypted transfer of data between your browser and our server.

Transfer of Data to Third Parties, Subcontractors and Third Party Providers

1. A transfer of personal data to third parties will only occur within the framework of legal requirements. We only disclose the personal data of users to third parties if this is required e.g. for billing or other purposes, or if its disclosure is necessary to ensure the fulfilment of contractual obligations towards users.
2. Should we engage subcontractors for our online service, we will have made appropriate contractual arrangements with these companies and taken adequate technical and organisational measures.
3. Should we use content, tools or other resources from other companies (hereafter collectively referred to as ‘third party providers’) whose registered offices are located in a third country, it must be assumed that data transfer to the home countries of such third party providers will occur. We will only undertake the transfer of personal data to third countries if an adequate level of data protection, your consent, or another form of legal permission, is available.

Newsletter

The following sections explain the contents of our newsletter as well as the registration, dispatch and statistical analysis processes, and your rights of revocation. By subscribing to our newsletter, you consent to receipt of the newsletter and to the processes outlined below.

1. Double opt-in and logging

Registering for our newsletter involves a so-called double opt-in process. This means you will receive an e-mail after registration asking you to confirm your registration. This confirmation is necessary to prevent people from registering from another person’s e-mail account. The newsletter registrations are logged so that evidence of the registration process can be produced in accordance with legal obligations. These records include the times of registration and confirmation, as well as the IP address.

2. Registration data

In order to register for our newsletter, you must enter your e-mail address, your academic or professional title, first name, surname and country of residence.

3. Statistical survey and analysis

The newsletters contain a so-called ‘web beacon’, i.e. a pixel-sized file which is accessed by the dispatch service provider’s server when the newsletter is opened. When accessed, technical information such as information about the browser and your system, as well as your IP address and the time at which it is accessed, is logged. This information is used for the technical improvement of the services based on the technical data or the target groups and their reading behaviour, the places from which it is accessed (determined with the aid of the IP address) or the times at which it is accessed.

The statistics logged also include details determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be attributed to individual newsletter recipients. However, it is not our intention, nor that of the dispatch service provider, to monitor individual users. Rather, analysis allows us to identify the reading habits of our users and to adapt our contents accordingly or to send different contents based on our users’ interests.

4. Legal basis

The use of the dispatch service provider, the conducting of statistical surveys and analysis as well as the logging of the registration process is based on our legitimate interests in accordance with Article 6 (1) (f), GDPR. We are interested in the use of a user-friendly and secure newsletter system that serves both our business interests and the expectations of our users.

5. Termination/Revocation

You may cancel the receipt of our newsletter at any time, i.e. revoke your consent. You will find a link where you can cancel the newsletter at the end of each newsletter. If you cancel the newsletter subscription, your personal data processed for the dispatch of the newsletter will be deleted.