Privacy Policy
Who we are
We are the European Spatial Biology Society, ESSB, based in Heidelberg.
Our website address is: https://spatialbiologysociety.eu/
Personal data will only be processed by us within the scope of necessity and for the purpose of providing a functional and user-friendly Internet presence, including its contents and the services offered there.
According to art. 4 point 1. Regulation (EU) 2016/679, i.e. the Basic Data Protection Regulation “General Data Protection Regulation”, (hereinafter referred to as the “GDPR”), shall be deemed to be “processing” any transaction carried out with or without the aid of automated procedures or any such series of transactions in connection with personal data, such as the collection, collection, organisation, sorting, storage, adaptation or modification, reading, querying, use, disclosure by transmission, dissemination or any other form of provision, comparison or linking, restriction, deletion or destruction.
With the following data protection declaration we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or together with others about the purposes and means of the processing. In addition, we inform you below about the third-party components we use for optimisation purposes and to increase the quality of use, insofar as third parties process data as a result of this on their own responsibility.
Person in charge
Responsible according to art. 4 para. 7 GDPR and other national data protection laws of the member states of the European Union as well as other data protection regulations is the
European Society for Spatial Biology (ESSB)
President
Denis Schapiro
Im Neuenheimer Feld 130.3
69120 Heidelberg
E-Mail: Denis.Schapiro@uni-heidelberg.de
General information on data processing
The ESSB takes the protection of personal data very seriously. We have taken technical and organisational measures to ensure that data protection regulations are always observed by us and by external service providers.
Data collection when visiting our website
If you use our websites for information purposes only, i.e. you do not register, conclude a contract with us or otherwise disclose information to us, we only collect the personal data that your browser transmits to our servers. When you visit our websites, we collect the following data, which is technically necessary for us to be able to display our websites to you and to guarantee stability and security.
- IP address of the user
- Date and time of the request
- Content of the request (specific page)
- Access Status/HTTP Status Code
- the amount of data transferred in each case
- Website from which the request comes
- User’s operating system
- Language and version of the browser software.
This data is temporarily stored in the log files of our system for a maximum of seven days. Further storage is possible, but in this case the IP addresses are partially deleted or distorted, so that an assignment of the calling client is no longer possible. In this context, the log files are not stored together with other personal data relating to you. The legal basis for these processing operations is Art. 6 para. 1 lit. f GDPR.
Since the collection of data for the display of the websites and the storage of data in log files is absolutely necessary for the operation of our websites and the maintenance of IT security, you have no possibility of objection in this respect.
Use of cookies
In addition to the data, cookies are stored on your terminal device when you use our websites during or after your visit to our online offers. These are small text packages that can be sent from a website to the browser, which saves them and sends them back. Various data can be stored in cookies, which can be read out by the location that sets the cookie. They usually contain a characteristic character string (ID) that allows the browser to be uniquely identified when the website is reopened, or a page break occurs. Their primary purpose is to make our online offerings more user-friendly and effective overall. The user data collected in cookies is pseudonymised by technical precautions, because of which it is generally no longer possible to assign the data to the calling user. If it is identifiable, such as a login cookie, whose session ID is necessarily linked to the user’s account, we will point this out to you at the appropriate point.
We use different types of cookies:
Transient cookies, also known as temporary or session cookies, are cookies that are deleted when you leave our website and close your browser. Such cookies are used, for example, to store language settings or the contents of a shopping basket.
Persistent or permanent cookies remain stored even after closing the browser. For example, the login status or search terms entered can be saved. We use such cookies, among other things, for range measurement or marketing purposes. Persistent cookies are automatically deleted after a specified period, which may vary depending on the cookie. However, you can delete these cookies at any time in the security settings of your browser.
Contact forms and e-mail contact
On our online offers you will find contact forms and e-mail links (mailto) which can be used for electronic contact. This enables us, among other things, to fulfil the legal requirement to enable rapid electronic contact with us. If you use this option, your data will be processed and automatically stored for the purpose of responding to the request in accordance with Art. 6 para. 1 lit. c GDPR. We delete the requests if they are no longer necessary and no legal archiving obligations apply.
Social Media Buttons
Plug-ins from social networks such as Facebook, Google+, X etc. are available on our online platform. (so-called third-party portals) (so-called social plug-ins). This makes it easier for you to share information with your friends and connections on the respective third-party portal that you find interesting on our online platform. The terms of use and data protection of the respective portals apply to the use of the third-party portals.
Only if you actively and voluntarily use the function, i.e. click on the plug-in, data about your respective online platform use can be retrieved from the relevant third-party portal via the social plug-in. The legal basis is therefore your consent to the provider of the third party portal, Art. 6 para. 1 lit. a GDPR. The provider of this portal (“portal operator”) has also made data protection information available to you during your registration with details of which data he processes for which purposes when using the social plug-in. We do not transmit any information that would enable us to identify you directly. As far as we receive data from the provider of the third party portal, these are only aggregated and do not allow any reference to a person.
According to Art. 7 para. 3 GDPR, you have the right to revoke your consent at any time with effect for the future.
The third-party portals are not offered by us, but by the respective portal operators. They are responsible for their portals and process data there on the basis of their terms of use. If you use these third party portals, you must therefore accept them when registering. The terms of use of the third-party portals also contain information about which data is transferred to us via so-called social plug-ins if you use these functions on a page outside the third-party portal and thus also on our portal. You can find more about the data protection conditions of the third-party portals on our online platform here:
- Facebook data protection conditions
- Youtube data protection conditions
- Google+ data protection conditions
- Twitter data protection conditions
- Instagram data protection conditions
- LinkedIn data protection conditions
Google Maps
This page uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.
The use of Google Maps is in the interest of an appealing representation of our online offers and at an easy findability of the places indicated by us on the website. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Data may be transferred to the USA in accordance with Art. 45 para. 1 DS-GMO if the EU Commission decides in an implementing act that the USA has an adequate level of data protection. In accordance with Commission Decision (EU) 2016/1250 of 12 July 2016, the EU Commission has determined that the US guarantees an adequate level of data protection on the basis of the agreements on the EU-US Privacy Shield Agreement. Google complies with the terms of the Privacy Shield Privacy Program between the European Union and the United States.
You can find more information on the handling of user data in Google’s data protection declaration: https://policies.google.com/privacy
YouTube
Our website uses plugins from Google’s YouTube site. This website is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA.
If you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. The YouTube server is informed which of our pages you have visited.
If you are logged into your YouTube account, you allow YouTube to associate your surfing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. The use of YouTube is in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR.
Data may be transferred to the USA in accordance with Art. 45 para. 1 DS-GMO if the EU Commission decides in an implementing act that the USA has an adequate level of data protection. In accordance with Commission Decision (EU) 2016/1250 of 12 July 2016, the EU Commission has determined that the US guarantees an adequate level of data protection on the basis of the agreements on the EU-US Privacy Shield Agreement. Google complies with the terms of the Privacy Shield Privacy Program between the European Union and the United States.
For more information on how we handle user data, please see YouTube’s privacy policy at: https://policies.google.com/privacy?hl=en&gl=en
„Zoom“: Privacy policy for online meetings, conference calls and webinars
We would like to inform you in the following about the processing of personal data in connection with the use of “Zoom”.
Purpose of the processing
We use the “Zoom” tool to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter: “Online Meetings”). “Zoom” is a service of Zoom Video Communications, Inc. which is based in the USA.
Responsible person
Note: If you access the “Zoom” website, the provider of “Zoom” is responsible for data processing. However, calling up the internet page is only necessary for the use of “Zoom” in order to download the software for the use of “Zoom”. You can also use “Zoom” if you enter the respective meeting ID and, if necessary, other access data for the meeting directly in the “Zoom” app. If you do not want to or cannot use the “Zoom” app, the basic functions can also be used via a browser version, which you can also find on the “Zoom” website.
Which data is processed?
Various types of data are processed when using “Zoom”. The scope of the data also depends on the information you provide before or during participation in an “online meeting”.
The following personal data are processed:
User details: first name, last name, telephone (optional), e-mail address, password (if “Single-Sign-On” is not used), profile picture (optional),
Department (optional)
Meeting metadata: Topic, description (optional), participant IP addresses, device/hardware information
For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
When dialing in by phone: information on incoming and outgoing phone number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be saved.
Text, audio and video data: You may be able to use the chat, question or survey functions in an “online meeting”. To this extent, the text entries you make are processed in order to display and, if necessary, log them in the “online meeting”. In order to enable the display of video and the playback of audio, the data from the microphone of your terminal device and from any video camera of the terminal device are processed for the duration of the meeting. You can turn off or mute the camera or microphone yourself at any time using the “Zoom” applications.
In order to participate in an “online meeting” or to enter the “meeting room”, you must at least provide information about your name.
Scope of processing
We use “zoom” to conduct “online meetings”. If we want to record “online meetings”, we will inform you transparently in advance and – if necessary – ask for your consent. The fact of the recording will also be displayed in the “Zoom” app.
If it is necessary for the purpose of recording the results of an online meeting, we will log the chat content. However, this will usually not be the case.
In the case of webinars, we may also process questions asked by webinar participants for the purposes of recording and follow-up webinars.
If you are registered as a user at “Zoom”, reports on “online meetings” (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars) can be stored for up to one month at “Zoom”.
Automated decision-making within the meaning of Art. 22 DSGVO is not used.
Legal basis of the data processing
If personal data of registered member are processed, § 26 BDSG is the legal basis for data processing but are nevertheless an elementary component in the use of “Zoom”, Art. 6 para. 1 lit. f) DPA is the legal basis for data processing. In these cases, we are interested in the effective conduct of “online meetings”.
In other respects, the legal basis for data processing when conducting “online meetings” is Art. 6 para. 1 lit. b) DSGVO, insofar as the meetings are conducted within the framework of contractual relationships.
If no contractual relationship exists, the legal basis is Art. 6 para. 1 lit. f) DSGVO. Here too, we are interested in the effective implementation of “online meetings”.
Recipient / passing on of data
Personal data processed in connection with the participation in “online meetings
Rights of persons concerned
If you process personal data, you are affected within the meaning of the GDPR. You have the following rights towards us as the person responsible:
Right to revoke a data protection declaration of consent
If the processing of personal data is based on a given consent, you have the right to revoke this consent at any time. The revocation shall not affect the legality of the processing carried out on the basis of the consent until revocation.
Right to information
You have the right to ask us to confirm whether we are processing personal data concerning you. If this is the case, you can request information about the following:
- the processing purposes;
- the categories of personal data being processed;
- the recipients or categories of recipients to whom the personal data have been or are still being disclosed, and in connection with the transfer to a third country or an international organisation you additionally have the right to be informed about the appropriate guarantees pursuant to Art. 46 GDPR;
- if possible, the planned duration for which the personal data will be stored or, if this is not possible, the criteria for determining this duration;
- the existence of a right to have your personal data concerning you rectified or deleted or to have us restrict or object to such processing;
- the existence of a right of appeal to a supervisory authority;
- if the personal data is not collected from you, all available information about the origin of the data;
- the existence of automated decision-making, including profiling in accordance with Article 22(1) and (4) DSBER and, at least in these cases, meaningful information on the logic involved and the scope and intended impact of such processing on the data subject.
Within one month of receiving your request for information, we will provide you with a copy of the personal data that is the subject of the processing. We may charge an appropriate fee based on administrative costs for any additional copies you request. If you submit the application electronically, we will provide you with the information in a common electronic format, unless you specify otherwise.
Right to correction
You have the right to request us to correct your personal data immediately if it is incorrect. Taking into account the purposes of the processing, you have the right to request the completion of incomplete personal data – also by means of a supplementary declaration.
Right to cancellation (“Right to be forgotten”)
You have the right to request us to delete personal data concerning you immediately and we are obliged to delete personal data immediately if one of the following reasons applies:
- The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
- They withdraw their consent on which processing was based and there is no other legal basis for processing.
- You object to the processing and there are no overriding legitimate grounds for processing or you object to the processing.
- The personal data have been processed unlawfully.
- The deletion of personal data is necessary to fulfil a legal obligation under Union law or the law of the member states.
- The personal data was collected in relation to information society services offered in accordance with Art. 8 para. 1 GDPR.
Information to third parties
If we have made the personal data concerning you public and we are obliged to delete it, we will take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform those responsible for data processing who process the personal data that they have requested the deletion of all links to this personal data or of copies or replications of this personal data.
Exemptions: The right to cancellation (“right to be forgotten”) does not exist if the processing is necessary:
- to exercise freedom of expression and information;
- to fulfil a legal obligation required for processing under the law of the Union
- or of the Member States to which we are subject,
- or to perform a task in the public interest or in the exercise of official authority conferred on us;
- for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
- for archiving purposes in the public interest, scientific or historical research purposes or for statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the right to erasure is likely to render impossible or seriously impair the attainment of the objectives of such processing,
- or to assert, exercise or defend legal claims.
Right to limitation of processing
You have the right to request us to restrict the processing of your personal data if one of the following conditions is met:
- You deny the accuracy of the personal data concerning you for a period of time that enables us to verify the accuracy of the personal data.
- The processing is unlawful and you request the restriction of the use of personal data instead of deletion.
- We no longer need the personal data for the purposes of processing, but you do need them to assert, exercise or defend legal claims, or you have filed an objection against the processing as long as it is not yet clear whether our justified reasons outweigh your reasons.
Where processing has been restricted in accordance with the above conditions, personal data will only be processed – apart from being stored – with your consent or for the purpose of asserting, exercising, or defending rights or protecting the rights of another natural or legal person or on grounds of an important public interest. If the restriction on processing has been restricted under the above conditions, we will inform you before the restriction is lifted.
Right to Data Transferability
You have the right to receive the personal data concerning you that you have provided to us in a structured, current and machine-readable format, and you have the right to transmit this data to another person in charge without our interference, provided that the processing is based on consent or on a contract and is carried out by means of automated procedures. In exercising your right to data transferability, you can request that the personal data be transferred directly from us to another person responsible, insofar as this is technically feasible. The exercise of the right to data transferability does not affect the right to deletion (“right to be forgotten”). This right shall not apply to processing necessary for the performance of a task entrusted to us, which is in the public interest, or which is carried out in the exercise of official authority.
Right of objection
You have the right to object at any time to the processing of personal data concerning you based on Art. 6 para. 1 lit. e or f GDPR for reasons arising from your situation. This also applies to profiling based on these provisions. We will then no longer process the personal data unless we can prove compelling reasons worthy of protection for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Right of appeal to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right of appeal to a supervisory authority, in the Member State of your place of residence, of work or of the place of suspected infringement, if you believe that the processing of personal data concerning you is contrary to the GDPR.
External links – Disclaimer
Our website contains links to other websites. We have no influence on whether their operators comply with the data protection regulations. Direct and indirect links to other providers are checked when they are set up. Web content is subject to constant change. However, constant monitoring of the content of linked external sites is not reasonable without concrete evidence of legal violations. The ESSB has no knowledge of illegal or offensive content on the linked pages of external providers. If the ESSB discovers or is informed by others that an external offer to which it has provided a link triggers civil or criminal liability, it will immediately remove the reference to this offer. The ESSB expressly distances itself from such content and rejects any responsibility.
Status and updating of this data protection declaration
This data protection declaration is valid as of 7. April 2024. We reserve the right to update the data protection declaration in due course to improve data protection and/or adapt it to changes in official practice or case law.
Copyright
The information processed on this website as well as the layout of the web pages, the graphics and films used are protected by copyright. Any duplication or distribution of this Internet offer or parts thereof, for example for reprinting, copying in other Internet pages or for passing on in electronic form, requires the written approval of the ESSB.
7.4.2024