Privacy Policy

Thank you for visiting our website.  The protection and security of your personal information is very important to us when visiting our website. Therefore, we would like to inform you about the collection of your personal data during the website visit and the purpose of its use.

This privacy policy applies to the website of medmissio Würzburg, which can be reached under the domain www.medmissio.de as well as the various subdomains (“our website”).

Contact details and entity responsible for personal data processing 

medmissio
Institute for global Health
Hermann-Schell-Strasse 7
D-97074 Würzburg, Germany

Tel: ++49 0931 80 48 539
Email: gf@medmissio.de

Responsible entity for processing of personal data according to KDR-OG

Data protection officer

The data protection officer Winfried Rau can be reached at: datenschutz@medmissio.de

Content of the privacy policy

This privacy policy complies with legal requirements regarding transparency in the processing of personal data. This includes all information relating to an identified or identifiable natural person. This includes, for example, information such as name, age, address, telephone number, date of birth, e-mail address, IP address or user behaviour when visiting a website. Information that does not relate to an individual personally (or only with disproportionate effort), e.g. through anonymization, are not considered personal data.  Processing of personal data (e.g. the collection, request, use, storage or transmission) always requires a legal basis and a defined purpose.

Personal data are deleted as soon as the processing purpose has been fulfilled and legitimate reasons do not apply for further retention of the data. The user will be informed about the specific storage periods and criteria for storage in the individual processing operations. Regardless, personal data will be stored in isolated cases to assert, exercise or defend legal claims and on the basis of statutory storage duties.

Who gets the data?

Personal data processed on our website and transferred to third parties if required for the fulfillment of set purposed and if, in isolated cases, falls within the legal basis (e.g. consent or protection of legitimate interests). In addition, personal data will be passed to third parties in isolated cases if this serves to assert, exercise or defend legal claims. Possible recipients may be law enforcement agencies, lawyers, auditors, courts, etc.

Insofar as service providers are used for the operation of our website who, as part of order processing on our behalf, provide personal data in accordance with. Process Art. 28 GDPR, these providers may be recipients of personal data. Please refer to the overview of these individual processing, For more detailed information on the use of processors and web services, please refer to  the overview of detailed individual processing operations.

Cookies

Cookies are text files with small pieces of data that are used to identify your computer when accessing our website. As an alternative to using cookies, information can also be stored in the local storage of a browser. Some functions of our website cannot be offered without the use of cookies or local storage (technically necessary cookies). Other cookies allow to perform various analyses, in order to recognize, e.g., the browser used when visiting our website again and to transmit various information (unnecessary cookies). Cookies help to make our website more user-friendly and effective for its user, e.g. by tracking the use of our website and by determining the user’s preferred settings (e.g. country and language settings). If third parties process information via cookies, information is collected directly through the individual browser. Cookies do not cause any damage to a device and cannot run programs or contain viruses.

The detailed processing operations will provide information on the use of cookies for respective services.  Detailed information on cookies used can be found in the Consent Manager of this website.

What rights do individuals have?

Under the conditions of the statutory provisions of the KDR-OG, individuals concerned have the following rights:

* Information in accordance with §19 KDG about the data stored in the form of meaningful information on the details of processing and a copy of the individual’s data;

* Correction in accordance with §18 KDG of inaccurate or incomplete data stored;

* Deletion in accordance with §19 KDG of the data stored, insofar as the processing is not necessary for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;

* Restriction of the processing in accordance with §20 KDG, insofar as the correctness of the data is disputed, the processing is unlawful, data is no longer required and refusal to delete it, because the user requires to assert, exercise or defend legal claims or the user has objected to the processing in accordance with §23 KDG.

* Data portability in accordance with §23 KDG, insofar as the user has provided personal data within the framework of consent pursuant to §6 sec. 1 lit. b KDG or on the basis of a contract pursuant to §6 Abs. 1 sec. b KDG and these were processed by us by means of automated procedures. The user will receive data in a structured, common and machine-readable format or data will be transmitted directly to another responsible person, as far as this is technically feasible.

* In accordance with §23 KDG, the user objects to the processing of personal data, insofar as they are carried out on the basis of §6 sec. 1 b KDG and there are reasons for doing so, which arise from the particular situation or if the objection is directed against direct marketing. The right to object does not exist if overriding, overriding reasons for processing are proven or if the processing is carried out for the assertion, exercise or defence of legal claims. Insofar as there is no right to object in individual processing operations, this is indicated therein.

* Revocation in accordance with §8 KDG of given consent with effect for the future.

* Complaint under §48 KDG to a supervisory authority if the user believes that the processing of your personal data violates the KDG. As a rule, the user may contact the supervisory authority.

How will data be processed in detail?

In the following, the user will be informed about the individual processing operations, the scope and purpose of the data processing, the legal basis, the obligation to provide data and the respective storage period. An automated decision in individual cases, including profiling, does not take place.

Provision of the website

Type and scope of processing

When visiting and using our website, personal data will be collected that the user’s browser automatically transmits to our server. The following information is temporarily stored in a so-called log file:

* IP address of the requesting computer
* Date and time of access
* Name and URL the retrieved file
* website from which access is made (referrer URL)
* browser used and, if applicable, the operating system of the user’s computer, as well as the name of the access provider

Our website is not hosted by us, but by a service provider who, for the purpose of website provision, will process the aforementioned data on our behalf in accordance with §29 KDG.

Purpose of data storage and legal basis

Processing is carried out to safeguard our overriding legitimate interest in displaying our website and ensuring security and stability on the basis of the §6 Abs. 1 lit. b KDG. The collection of data and storage in log files is essential for the operation of the website. There is no right to object to the processing due to the exception according to §23 KDG. Insofar as the further storage of the log files is required by law, the processing takes place on the basis of §6 Abs. 1 lit. b KDG. There is no legal or contractual obligation to provide the data, but it is technically not possible to call up our website without providing the data.

Storage period

The aforementioned data are used for the duration of the display of the website and for technical reasons beyond that for a maximum of [7 days]].

Consent with Usercentrics

This website uses the consent technology of Usercentrics to obtain your consent to the storage of certain cookies on your device or for the use of specific technologies, and to document the former in a data protection compliant manner. The party offering this technology is Usercentrics GmbH, Sendlinger Straße 7, 80331 München, Germany, website: https://usercentrics.com/ (hereinafter referred to as “Usercentrics”).
Whenever you visit our website, the following personal data will be transferred to Usercentrics:

  • Your declaration(s) of consent or your revocation of your declaration(s) of consent
  • Your IP address
  • Information about your browser
  • Information about your device
  • The date and time you visited our website

Moreover, Usercentrics shall store a cookie in your browser to be able to allocate your declaration(s) of consent or any revocations of the former. The data that are recorded in this manner shall be stored until you ask us to eradicate them, delete the Usercentrics cookie or until the purpose for archiving the data no longer exists. This shall be without prejudice to any mandatory legal retention periods.
Usercentrics uses cookies to obtain the declarations of consent mandated by law. The legal basis for the use of specific technologies is 6 Abs. 1 sec. d KDG.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

hCaptcha

We use “hCaptcha” (hereinafter referred to as “hCaptcha“) on this website. The provider is Intuition Machines Inc 2211 Selig Dr, Los Angeles, CA 90026, United States (hereinafter referred to as “IMI”).
hCaptcha is being used to determine whether the entry of data into this website (e.g., into a contact form) is being processed by a person or an automated program. For this purpose, hCaptcha analyzes the behavior patterns of website visitors on the basis of several characteristics.
This analysis begins automatically as soon as the website visitor enters a website with the activated hCaptcha feature. For the analysis, hCaptcha uses a wide range of information (e.g., the IP address, time spent on the website or mouse actions taken by the user). The data recorded during this analysis is forwarded to IMI.  If hCaptcha is used in the “invisible mode,” the analyses are completely conducted in the background. Website visitors are not alerted to the performance of an analysis.
The storage and analysis of the data occurs on the basis of 6 Abs. 1 lit. d KDG. The website operator has a legitimate interest in protecting the operator’s web presentations against abusive automatic spying and SPAM. In the event that respective consent has been obtained, the data will be processed exclusively on the basis of 6 Abs. 1 lit. d KDG and §27 KDG, if the consent comprises the storage of cookies or access to information on the user’s device (e.g., device fingerprinting) as defined in the TTDSG (German Telecommunications Act). Such consent may be revoked at any time.
The processing of data is based on Standard Contract Clauses, included in the Data Processing Supplement to the General Terms and Conditions of IMI or in the data processing agreements.
For further information on hCaptcha, please consult the Data Protection Policy and Terms of Use under the following links: https://www.hcaptcha.com/privacy and https://hcaptcha.com/terms.