Privacy Policy

Data protection
With this data protection declaration we would like to inform you about the type, scope and purpose of the processing of personal data on our website. Personal data are all data that have a personal relationship with you, e.g. B. Name, address, email address or user behavior.

Who is responsible for data processing at our company?

Responsible for data processing is:
European Federation for Pharmaceutical Sciences e.V.
Prof. Maria Blanco-Prieto
Kirchwaldstr. 68
68305 Mannheim
Germany
0621/32484318
secretariat@eufeps.org
https://www.eufeps.org/Legal-details.html

Processing your data as part of our company's core activities
We process your personal data transferred to us within the framework of the contractual and pre-contractual relationships that exist between us. The scope, type, purpose and necessity of processing depends on the underlying contractual relationship. For this purpose, we store and process your data in the computer systems we use. The data processed by us includes all the data which you have provided for the purpose of using the contractual or pre-contractual services and which are required to process your request or the contract between us.
This can include the following data in particular:
• Name and adress
• Email address and phone number
• Contract data
• Payment details.
Processing is limited to those data that are necessary and expedient to answer inquiries and / or to fulfill a contract concluded between you and us. The personal data will only be passed on to third parties if this is necessary for the purpose of rendering the service or as part of the organization of our company for the handling of financial accounting and compliance with legal obligations. In this case, only those data will be transferred to external service providers that are necessary and appropriate for the fulfillment of the contract or for the execution of the financial accounting as well as the compliance with legal obligations. The processing by us takes place according to your instructions or the legal regulations. Legal basis: The processing of your personal data and the transfer to third parties is carried out in accordance with Art. 6 Para. 1 lit. b) GDPR and serves to fulfill the contract between you and us. Otherwise, we only pass on data to third parties if there is a legal obligation to do so, Art. 6 para. 1 lit. c) GDPR or if there is a legitimate interest in this, Art. 6 para. 1 lit f. GDPR. This is the case, for example, if this is necessary to pursue our claims. Deletion: Your data will be deleted as soon as the data is no longer required to fulfill contractual or statutory care obligations and to deal with any warranty and comparable obligations. The statutory retention requirements remain unaffected.

Web hosting
In order to maintain our online presence, we use an Internet service provider whose server the website is stored on (hosting) and who makes our website available on the Internet. The Internet service provider processes contact data, content data, contract data, usage data, inventory data as well as meta and communication data on our behalf. Name and address of the internet service provider: Strato AG Pascalstraße 10 10587 Berlin Germany You can see the data protection regulations here: https://www.strato.de/datenschutz/ Legal basis: The internet service provider processes the aforementioned data in our Order, Art. 28 GDPR. Data processing takes place on the basis of our legitimate interest in the efficient and secure provision of our website, Art. 6 Para. 1 lit. f) GDPR.

If you only use our website for information purposes, our internet service provider will only collect the personal data that the browser you are using transmits to its server. This is the following data:
• IP address
• the date and time of access to our website
• Time zone difference to Greenwich Mean Time (GMT)
• Access status (HTTP status)
• the amount of data transferred
• the Internet service provider of the accessing system
• The type of browser you are using and its version
• The operating system you are using
• The website from which you may have accessed our website
• The pages or sub-pages that you visit on our website.
The aforementioned data is saved as log files on the servers of our Internet service provider. This is necessary in order to be able to display the website on the device you are using and to ensure stability and security. Our legitimate interest in data processing lies in the above purposes. Legal basis: Data processing is based on our legitimate interest in the efficient and secure provision of our website, Art. 6 para. 1 lit. f) GDPR. Duration: The above data for the provision of our website are stored for a period of 7 days and then deleted.

 

Information on the contact options that we provide
As far as you contact us via email, social media, telephone, fax, post, our contact form or otherwise and provide us with personal data such as your name, your telephone number or your email address or further information about yourself or Do your request, this data will be stored and processed in our company for processing your request. Legal basis: If you make your request in the context of contractual or pre-contractual relationships with us, the legal basis for the processing of your data is Art. 6 Para. 1 lit. b. GDPR. If your request does not fall into one of the above categories, our legitimate interest in processing your data is to answer your request properly and in your interest, Art. 6 Para. f GDPR. Deletion: The personal data we collect will be deleted if it is no longer required. We check the necessity every 2 years. You can also revoke the data processing at any time.

 

Registration
You have the option of registering on our website and creating a user account in order to be able to access specific content on our website. This requires the specification of personal data that result from the input mask. The data requested there include in particular your name, password and your e-mail address. This data is stored and processed by us to give you access to your user account. You can change or delete the data at any time. The data will not be passed on to third parties unless they serve to process the contract. In order to protect you and us from improper registrations, we save the IP address used during registration, as well as the date and time of registration. This data will not be disclosed to third parties. Legal basis: We process your data on the basis of Art. 6 Para. 1 lit. b GDPR for the purpose of providing your user account. Deletion: The personal data, as well as IP address, date and time are stored until the purpose for this no longer applies. The data that was collected as part of the registration will be deleted as soon as the associated account on our website is deleted or changed: You can delete your account at any time or request the deletion by the controller mentioned above.

 

Your rights under the GDPR
According to the GDPR, you are entitled to the rights listed below, which you can assert at any time from the person named in section 1 of this data protection declaration:

Right to information: According to Art. 15 GDPR, you can request confirmation as to whether and which personal data we process from you. In addition, you can get free information from us about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or opposition , the existence of a right to lodge a complaint and the origin of your data, unless it was collected from us. You also have a right to information as to whether your personal data has been transferred to a third country or to an international organization. If this is the case, you have the right to obtain information about the appropriate guarantees in connection with the transmission.
Right to correction: According to Art. 16 GDPR, you can request the correction of inaccurate or incomplete personal data stored by us and concerning you.
Right to deletion: According to Art. 17 GDPR, you have the right to request the deletion of your personal data stored by us, insofar as we do not need their processing for the following purposes:
   o to fulfill a legal obligation,
   o to assert, exercise or defend legal claims,
   o to exercise the right to freedom of expression and information or
   o for reasons of the public interest mentioned in Art. 17 Para. 3 lit c and d GDPR.
Right to restriction: According to Art. 18 GDPR you have the right to request the restriction of the processing of your personal data if
   o the accuracy of the data is contested by you for a period of time that enables us to check the accuracy of the personal data,
   o the processing of your data is unlawful, but you refuse to delete it and instead request that the use of the data be restricted,
   o we no longer need the personal data for the purposes of processing, but you need the data to assert, exercise or defend legal claims
   o You have lodged an objection to the processing of your data in accordance with Art. 21 GDPR, but it has not yet been determined whether the legitimate reasons that entitled us        to further processing despite your objection outweigh your rights.
Right to information: If you have asserted the right to correction, deletion or restriction of processing against us, we are obliged to provide all recipients to whom the personal data concerning you have been disclosed, the correction or deletion of the data requested by you or to inform about their restriction of processing, unless this proves to be impossible or involves a disproportionate effort. You have the right to be informed by us about these recipients.
Right to data portability: According to Art. 20 GDPR, you can request that we receive the personal data relating to you that you have provided to us in a structured, common and machine-readable format or that it be transmitted to another person responsible.
Right to lodge a complaint: According to Art. 77 GDPR, you have the right to complain to a supervisory authority. For this you can contact the supervisory authority of your usual place of residence, your place of work or our company headquarters.

 

Right of withdrawal
According to Art. 7 Para. 3 GDPR you have the right to revoke your consent to the processing of your data at any time. The revocation you have made does not change the legality of the processing of your personal data that took place before the revocation.

 

Right to object
You have the right to object at any time to the processing of your personal data based on a balance of interests (Art. 6 Para. 1 lit. f GDPR) for reasons arising from your particular situation. This is particularly the case if data processing is not necessary to fulfill a contract. If you exercise your right to object, we ask you to explain the reasons. We will then no longer process your personal data unless we can prove to you that compelling legitimate reasons for data processing outweigh your interests and rights.
Regardless of the above, you have the right to object to the processing of your personal data for advertising and data analysis purposes at any time.
Please direct your objection to the responsible person's contact address given above.

 

Our online presence on social networks
We operate online presences within the social networks listed below. If you visit one of these presences, your usage data will be collected and processed by the respective provider. This is usually done using cookies that are stored on the device you are using. For the concept of cookies, see above under the corresponding heading. Cookies are used to save your usage behavior and interests and to create corresponding usage profiles. In addition, data can be saved in the usage profiles regardless of the device you are using. This is particularly the case if you are a member of the respective platform and logged in to it.

We have plugins on our website in the form of. "Social media buttons" of the providers we use are embedded. You can tell which plugin belongs to which provider by the respective logo with which the plugin is identified. We have deactivated the social media plugins on our website by default, so that when our pages are accessed, data is not automatically transferred to the provider of the plugin. For this we use the so-called Shariff solution. Only when you click on the “social media button” of the respective provider will the collection of information and its transmission to the provider be triggered. If you click on one of these buttons, data can be sent to the operator of the social network even if you do not have an account there or have an account there but are not logged in there at the time of visiting our website.

The data collected is generally used by the provider for the purposes of advertising and market research by creating usage profiles based on your usage behavior. These in turn can be used by the providers to play out interest-based advertising for you. You have a right of withdrawal against the creation of user profiles. To exercise this, you must contact the respective provider. If you have an account with the provider, your usage data can be linked to it. To prevent such a connection of your data, you can log out of the provider's service before visiting our website.
For what purpose and to what extent data is collected from the provider can be found in the respective data protection declarations of the providers, which are communicated below. We ourselves have no influence over which data is collected and how this data is used by the provider. If you request detailed information here or want to exercise your rights as a data subject, you can do this most effectively with the respective provider, since only the respective provider has access to your data.
We would like to point out that your user data can be transferred and processed outside of the European Union. In this case, there is a risk that it may be difficult to enforce your rights as a data subject. Those US providers that are certified under the Privacy Shield have committed to comply with EU data protection standards. Information on whether the respective provider has such a certificate can be found in the information on the providers listed below.
Legal basis: If you have been asked for consent to data processing by one of the providers mentioned below, the legal basis for the processing is Art. 6 (1) lit. a GDPR. Otherwise, your data will be processed on the basis of our legitimate interests to contact you and communicate with you, Art. 6 para. 1 lit. f. GDPR. Prevention: With regard to the respective options for objection (opt-out), we refer to the information provided below by the provider.

 

We maintain online presences on the following social networks:

Twitter
Twitter is a service of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107 - USA
Based in the EU: Twitter Inc., 26 Fernian St, Dublin - Ireland
• Data protection declaration available at: https://twitter.com/de/privacy
• Opt-Out: https://twitter.com/personalization
• Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.

Instagram
Instagram is a service of Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025 - USA
• Data protection declaration available at: https://help.instagram.com/155833707900388
• Opt-Out: http://instagram.com/about/legal/privacy

LinkedIn
LinkedIn is a service of the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043 - USA
Headquarters in the EU: LinkedIn, Hofstatt 4th Floor, Sendlinger Str. 12, 80331 Munich - Germany
• Data protection declaration available at: https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy
• Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
• Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

Facebook
Facebook is a service of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304 - USA.
Headquarters in the EU: Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbor, Dublin 2 - Ireland
• Data protection declaration available at: https://www.facebook.com/about/privacy/
• Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com
• Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

PayPal

On our website, we offer payment processing through the payment service provider PayPal (PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxemburg).

If you have decided to pay via PayPal, the following of your data will be transmitted to PayPal as part of the order: first and last name, address, date of birth, email address, telephone number, IP address and the data necessary for processing the respective order . This data is transmitted so that PayPal can carry out an identity check to process your purchase. This enables, among other things, the detection of fraudulent activities and the prevention of misuse of data. In addition, the data is transmitted so that PayPal can estimate your creditworthiness or PayPal can pass the data on to credit agencies to assess your creditworthiness in the form of a credit check. PayPal uses the result of the credit check with regard to the statistical probability of default for the purpose of deciding on the provision of the respective payment method. The data collected can also be used by PayPal for analysis purposes, in particular for customer analysis, risk analysis, data analysis for the purpose of developing and improving the services offered by PayPal. Legal basis: The legal basis for the above-described use of the data is Art. 6 Para. 1 lit b GDPR. Deletion: The data we collect and transfer in this way will be automatically deleted after 26 months. Revocation: You can revoke your consent to the use of personal data at any time with PayPal. Despite the revocation, PayPal may still be entitled to process, use and transmit the personal data that are absolutely necessary for contractual payment processing.

Third Party Information:

Terms of Use and Privacy Policy: https://www.paypal.com/de/webapps/mpp/ua/privacy-full#

 

Safety measures
We also take state-of-the-art technical and organizational security measures to comply with data protection law regulations and to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties.

 

Up-to-dateness and change of this data protection declaration

This data protection declaration is currently valid and has the status of April 2020. Due to changes in legal or official requirements, it may be necessary to adapt this data protection declaration.

This data protection declaration was created with the help of SOS Law. The privacy statement generator can be found here. SOS Law is an offer of the Mueller.legal lawyers partnership based in Berlin.