1. Name and contact details of the controller and its Data Protection Officer
This data protection information applies to data processing by:
Ascenion GmbH (hereafter: Ascenion),
Telephone: +49 (0)89 – 318814-0
Fax: +49 (0)89 – 318814-20
Ascenion’s Data Protection Officer is
Secure Consult GmbH & Co. KG
Telefon: +49 (0)8252 – 9094110
2. Collection and storage of personal data, and the purpose and manner of their use
a) If you visit our website
If you visit our website www.biovaria.org, the browser in use on your device will automatically send data to our web server. These data are temporarily saved in a so-called log file. The following data are collected and stored, without any action on your part, until they are automatically deleted:
- IP address of the enquiring computer
- date and time of access
- name and URL of the requested file
- website from which access was made (referrer URL) browser used and, as required, your computer’s operating system and the name of your access provider.
These data are processed by us for the following purposes:
- to guarantee trouble-free connection to the website
- to guarantee easy use of our website
- to evaluate system security and stability, and for further administrative purposes.
The legal basis for this data processing is Article 6 para. 1 (f) of the EU General Data Protection Regulation (GDPR). Our legitimate interest is confined to the data-collection purposes listed above. Under no circumstances do we use the data collected to draw conclusions about you yourself.
b) If you register for our newsletter
We use your email address to send you our newsletter on a regular basis if you have explicitly agreed to this under GDPR Article 6 para. 1 (a). The submission of your email address is sufficient in order to receive the newsletter.
You may unsubscribe at any time, for example via a link at the bottom of every newsletter. Alternatively you may also unsubscribe at any time by sending an email to email@example.com.
3. Disclosure of data
Your personal data will not be disclosed to third parties except for the purposes described below.
We only disclose your personal data to third parties if this permitted by law, in particular if:
- you give your express consent according to GDPR Article 6 para. 1 (a)
- disclosure is required according to GDPR Article 6(1)(f) of the to safeguard legitimate interests, and there is no reason to believe that you have an overriding and legitimate interest in the non-disclosure of your data
- in the event that under GDPR Article 6 para. 1 (c) we are legally obliged to disclose your personal data and/or
- this is required under GDPR Article 6 para. 1 (b) in order to enter into or perform a contractual relationship with you.
The cookies are used to store information relating to the specific device being used. They do not enable us to directly become aware of your identity.
In addition, we also use temporary cookies to increase user friendliness. These are saved on your device for a specific period of time. If you visit our website again within this time period, the inputs and settings you made at your last visit are recalled, so that you do not have to enter them again.
The data processed by cookies for the purposed named are required according to GDPR Article 6 para. 1 (f) to safeguard our legitimate interests and those of third parties.
Most browsers automatically accept cookies. You can, however, configure your browser so that cookies are not saved on your computer, or so that you receive an alert before a new cookie is stored. Please note that complete deactivation of cookies can result in you not being able to use all the website functions.
5. Analysis tool: Google Analytics
We use Google Analytics, a web analysis tool from Google LLC (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereafter: Google). This tracking procedure is carried out according to GDPR Article 6 para. 1 (f). The use of Google Analytics allows us to ensure a need-based design and the continuous optimization of our website. We also use this tracking procedure to obtain and analyse statistical data on the use of our website for the purposes of optimization. These interests are considered legitimate under the aforementioned provision.
In this context, user profiles are created (anonymized in the case of anonymizeIP (see next paragraph), otherwise pseudonymized) and cookies are used (see Section 4). The information generated by the cookie concerning your use of the website, for example
- browser type/version
- operating system used
- referrer URL (of the previously visited page)
- IP address of the accessing computer
- time of the server request
- time spent on the website and
- number of page views within our website
is transmitted to and saved on a Google server in the USA.
Ascenion uses the Google Analytics function ‘anonymizeIP’ on its website. This function automatically removes the last octet (for IPv4) or the last 80 bits (for IPv6) of the IP address of visitors to our website in the European Union and in member states of the European Economic Area, thus preventing Google from unambiguously identifying the IP addresses of users visiting our website (IP Masking).
Information generated by the cookie is used to evaluate website use, to compile reports on website activities and to provide further services connected to website and internet use for the purposes of market research and the need-based design of these web pages. This information may also be transmitted to third parties if legally required or if third parties are contracted to process these data. According to Google, your IP address will not under any circumstances be linked to other Google data.
You can prevent the installation of cookies using the appropriate setting in your browser software. We advise you, however, that this may prevent you from using all the website functions to their full extent.
Furthermore, you can prevent the data generated by the cookie concerning your use of the website (including your IP address) from being recorded, and prevent them from being processed by Google, by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=en).
As an alternative to the browser add-on, particularly for browsers on mobile devices, you can prevent data being gathered by Google Analytics by clicking this link. An opt-out cookie will be set to prevent your data from being gathered on future visits to this website. The opt-out cookie applies only to this browser and to our website and will be stored on your computer. If you delete cookies in this browser, you have to reset the opt-out cookie.
Further information concerning data protection in connection with Google Analytics can be found, for example, on the Google Analytics help page (https://support.google.com/analytics/answer/6004245?hl=en).
6. Rights of persons affected
You have the right:
- to obtain information about your personal data processed by us (GDPR Article 15). In particular, you can obtain information regarding: the purposes of the processing; the categories of personal data concerned; the categories of recipient to whom your data have or will be disclosed; the planned period of storage; the existence of the right to rectification or deletion of personal data, and to limitation of, or objection to, processing; the existence of the right of appeal; the origin of data not collected by us, and the existence of automated decision-making, including profiling and, as applicable, meaningful information regarding the details
- to obtain the immediate rectification of incorrect personal data stored by us or to have incomplete data completed (GDPR Article 16)
- to obtain the erasure of personal data stored by us, in so far as the processing is not required to exercise the right to freedom of speech and information, to fulfil a legal obligation, for reasons of public interest, or to establish, exercise or defend legal claims (GDPR Article 17)
- to obtain restriction of processing of your personal data in the following cases: you contest the accuracy of the data; the processing is unlawful and you oppose the erasure of the data and request limitation of processing instead; we no longer require the data, but you require it to establish, exercise or defend legal claims; or you have objected to processing according to Article 21 GDPR (GDPR Article 18)
- to obtain the personal data you have provided us with in a structured, commonly used and machine-readable format or to have them transmitted to another controller (GDPR Article 20)
- to withdraw your consent previously granted to us (GDPR Article 7(3)). This means that we may no longer carry out data processing based on this consent in future and
- to lodge a complaint with a supervisory authority (GDPR Article 77). This is usually the supervisory authority in the member state of your habitual residence, place of work or our registered office.
7. Right to object
In as far as your personal data are processed according to GDPR Article 6 para. 1 (e) or (f), you have the right under GDPR Article 21 to object to this processing on grounds relating to your particular situation and the right to object to data processing for the purposes of direct marketing. In the latter case, you have a general right to object, and we will cease processing without you having to state a particular situation.
If you wish to make use of your right to object, you may do so at any time and an email to firstname.lastname@example.org is sufficient.
8. Data security
We use the widespread SSL method (Secure Socket Layer) during your visit to our website, together with the highest encryption level supported by your browser. This is generally 256 bit encryption. If your browser does not support 256 bit encryption, we use 128 bit v3 technology instead. You can recognize if a page on our website is being transmitted with encryption by the closed key or lock icon on your browser’s status bar.
We also use appropriate technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are constantly being improved in line with technological developments.
9. The validity and revision of this Data Protection Policy
This Data Protection Policy is valid as of May 2018.
It may be necessary to revise this Data Protection Policy due to the continued development of our website or changes to legal or official guidelines. You can view and print out the current version at any time under http://www.biovaria.org/index.php?id=238.