Data protection and cookie declaration
I. DATA PROTECTION DECLARATION
1. Data processing
1.1 Processing of your data on this website
The use of our website is also only possible for informative purposes. When you call up this website, your browser automatically transmits the following data to our site provider and stores them as "server log files": IP address, time zone difference to Greenwich Mean Time (GMT), access status/HTTP status code, amount of data transferred in each case, website from which the request comes, page visited on our domain, date and time of the server request, browser type and browser version as well as browser language, operating system used, the reference address and host name of the accessing computer.
This is technically necessary in order to display our website and to ensure the stability and security of the website. The data collected is only used for statistical analysis and to improve the website. We can only link your IP address to your user data by "manual" research. We only use this in exceptional cases when we need to deny access to individual IP addresses to prevent abuse and fraud.
The legal basis for this processing is our legitimate interest (Art 6 Paragraph 1 lit f GDPR) in being able to operate our website. We store your data for this purpose for the period of your access as well as for up to 14 months beyond this period, if technically necessary.
You have the possibility to donate via our website. For this purpose, we have to process the following personal data from you: Master data (name, address), contact data (telephone, e-mail address), any other information you may have provided, communication history, donation history, classifications (such as type of membership, sponsorship).
We process this data for the preparation and implementation of fundraising campaigns to fulfill the organisational purposes in accordance with the statutes - by post, telephone call or e-mail - and for the administration of donations, for birthday greetings, for the administration of donations made and for the administration of active and former members and the fulfilment of tax obligations. To select target groups for any of the above activities, we use a process that groups our supporters according to the amount of their donation, the frequency of donation and the time of the last donation.
The legal basis for the processing of your personal data is the fulfilment of our contractual obligations arising from the donation contract (Art. 6 para. 1 lit b GDPR) as well as our legal obligations based on tax regulations and money laundering provisions (Art. 6 para. 1 lit c GDPR in conjunction with other relevant legal provisions).
Furthermore, we process this data, which we collect in connection with your donations, in order to provide you with information about our activities. This processing is carried out on the basis of our legitimate interest (Art 6 Paragraph 1 lit f GDPR) in pursuing the objectives of our organisation in accordance with our statutes and in promoting further donations for our association's purposes.
If you would like your donation to be tax deductible, you can enter the required data on our tax deductible form as part of your donation. This data will be transmitted to us via our own secure server to register your data with the Austrian tax office, processed and stored by us. We record and transmit this data to the Austrian tax office on the basis of your order for this purpose (Art 6 Paragraph 1 lit b GDPR).
We also process data that we have legitimately received from address publishers. These are basic personal data such as your name and address. These address publishers are authorized to collect data for the purpose of preparing and carrying out third-party marketing campaigns or for list broking (§ 151 GewO).
We process your personal data, if available and if necessary for the purposes mentioned above, until you object, and beyond that in accordance with the statutory storage and documentation obligations, which result from the Austrian Federal Fiscal Code (BAO), among others.
1.3 Research Funding
Within the scope of fulfilling the purpose of our association, we also award research grants. If you apply for or receive such a grant from us, we will process your personal data for the purpose of examining the application and fulfilling the grant agreement (Art 6 Paragraph 1 lit b GDPR). In doing so, we will process the following personal data: First name and surname, title, professional contact details (telephone number, e-mail address), user account data (e-mail address, password), data in the curriculum vitae (current position, qualification, previous employment, publications, other research projects currently being funded, attempted submissions that were not completed or were unsuccessful), country of origin, specialist area, employer of the applicant (university, research institute, clinic, etc.). Account details of the organisation (in the case of a grant), project information including publications, known collaborators (who were part of a research proposal submitted to the responsible person and are also in the database), requested and completed reviews of other, third-party research proposals (peer review), participation in meetings and e-mail correspondence with you.
We store this data as long as this is necessary for the fulfillment of the contract as well as in the context of the tax and accounting law retention obligations (7 years) and, if necessary, further, insofar as this data is necessary for the establishment, exercise or defense of legal claims, for the duration of the applicable Limitation period.
As part of the review of your application, we may pass on your personal data to an advisory body, the "DEBRA International Medical and Scientific Advisory Panel" (MSAP). Furthermore, your data could be passed on to other members of the EB-ResNet network as well as other bodies that finance funding (external financiers), if you apply for funding that is financed by several bodies. Members of the MSAP are experts from science from all over the world, so that your data may be transferred to countries without adequate data protection. The same applies to data transfers to external financiers. This data transfer is necessary for the examination of your application and any financing of your funding and thus for the fulfillment of our contract with you (Art 49 Paragraph 1 lit b GDPR). More information about this, as well as about current members of the MSAP, can be obtained from us via our contact (point 4 below).
In addition, we transmit your data to our contract processors, who support us with the processing of your application and who are located in Great Britain. In order to secure your rights and to ensure adequate data protection, we have concluded contracts with these processors in accordance with EU standard contractual clauses.
1.4 Google Maps
This website uses Google Maps to display interactive maps. Google Maps is a map service of Google Inc, 1600 Amphitheatre Parkway, Mountain View, California 94043, USA. When using Google Maps, Google also collects, processes and uses data on the use of the Maps functions by visitors to the website. Further information on data processing by Google can be found in Google's data protection information at https://policies.google.com/privacy?hl=en. There you can also change your settings in the data protection centre so that you can manage and protect your data.
2. Data transfers
As part of the data processing activities described above, we use external service providers or contract data processors for certain activities, to whom we may share your personal data or who may have access to your personal data. We have entered into commissioned data processing contracts with our commissioned data processors under which they are obliged to process your data only in accordance with our instructions. Service providers who are not contract data processors are responsible for their own compliance with data protection laws in respect of your personal data. We have also selected both the data processors and other service providers on the basis of their reliability with regard to data protection.
The service providers and contract data processors we use include
- the technical operator(s) of our website;
- other technical service providers who provide us with tools and plug-ins used, in particular: CC Technologies, Google Inc., Google LLC, Facebook Inc. and YouTube LLC
- under certain circumstances, external consultants such as lawyers and tax advisors, if we need to pass on your data to them in the course of providing their services.
3. Your rights
According to the GDPR, you as a data subject have the following rights:
to check whether and which personal data we have stored about you and to receive copies of this data;
to demand the correction, completion or deletion of your personal data which is incorrect or not processed in accordance with the law;
require us to limit the processing of your personal data under certain conditions;
object to the processing of your personal data where we process it for direct marketing purposes or on the basis of our legitimate interests;
require data transferability;
if we process your personal data on the basis of your consent, you may withdraw your consent at any time;
lodge a complaint with the Austrian data protection authority (for further information see www.dsb.gv.at).
In order to exercise the above rights, you must contact us in person, by telephone or in writing at the (e-mail) address/telephone number listed below.
You can reach us at the following contact details:
Dr. Rainer Riedl, chairman and data protection officer
DEBRA Austria, Am Heumarkt 27/1, 1030 Vienna
+43 1 876 40 30, email@example.com
II. COOKIE DECLARATION
So-called "cookies" are used on our website. In this cookie declaration we inform you which cookies are used on our website and how these cookies are used to process your personal data and other information. Further general information about the processing of your personal data on this website, including in particular your rights, can be found in the general part of the data protection declaration.
1. What are cookies?
Cookies are small text files that are stored on your end device with the help of the browser. They do not cause any damage. When using certain cookies, however, information about your device is collected, which may be able to be assigned to you, as well as any other personal information that may be read at a later date. In addition, some cookies remain stored on your device until you delete them. Cookies may originate from us and possibly also from third parties.
2. Your options when using cookies
Internet Explorer: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
You can also specifically prevent certain third-party cookies (see "Third-Party Cookies" below) by using special plug-ins; these are available as follows:
Google Analytics: https://tools.google.com/dlpage/gaoptout?hl=en
Google AdWords: http://optout.networkadvertising.org/?c=1#!
Internet Exlorer: https://support.microsoft.com/de-at/help/278835/how-to-delete-cookie-files-in-internet-explorer
If you disable cookies, the functionality of our website may be limited. More details about which cookies we use on which legal basis (your consent or our legitimate interests) can be found below.
3. Processing of personal data through cookies
Cookies on our website are used to process the following information, which may be related to your person and thus represent personal data:
- Your IP address
- Time and duration of the visit
- the website (URL) you are visiting and the website (URL) from which you were redirected by clicking on a link
4. Purposes and types of cookies we use
- Necessary cookies: These are cookies that are necessary for the functioning and security of the website and your safety. These cookies are used on the basis of our legitimate interest in operating our website, as well as on the basis of the exemption provision of § 96 para. 3 sentence 3 of the Austrian Telecommunications Act 2003 for necessary cookies.
- Analysis cookies: These are cookies that enable us to carry out statistical evaluations of how the website is used, e.g. from which page is accessed how often, which devices are used to access which page, the average duration of the visit to the website, etc. We do not process this information in any personal form, but under certain circumstances it can be assigned to you. Therefore the basis for the use of these cookies is your consent.
- Advertising cookies, including third-party cookies: These are cookies that we use to show you advertisements in order to partially fund our website. Most of these cookies are from third parties. The basis for the use of these cookies is your consent. You can find out which third-party cookies are actually used in the section "Third party cookies".
For more detailed information about individual cookies that we use, including the default retention period, please refer to the "Cookies List" section below.
5. Third party cookies
Our website also uses the following third-party cookies for analysis and marketing purposes. The basis for the use of these cookies is your consent.
5.1 Google Analytics
This website uses Google Analytics, a web analysis service of Google Inc. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). Google Analytics uses text files (cookies) which are stored on the user's computer and which enable an analysis of the use of the website by the user. The information thus generated about the use of this website (including the user's IP address) is transferred to a Google server in the USA and stored there. Further information on data use by Google Inc.: https://support.google.com/analytics/answer/6004245?hl-en.Further information about which cookies are used exactly for Google Analytics can be found below in the section "Cookies List" under Analysis Cookies.
On our website, so-called social plug-ins (hereinafter "plug-ins") of the social network Facebook, which is operated by Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA, hereinafter Facebook).
Videos from the YouTube service are embedded on our website. These videos are provided by YouTube LLC (901 Cherry Ave., San Bruno, CA 94066, USA) and are stored on www.YouTube.com and can be played directly from our website. They are all embedded in "enhanced privacy mode", which means that no information about you as a user will be transferred to YouTube if you do not play the videos. Only when you play the videos will the data mentioned below be transmitted. We have no influence on this data transfer.
When you visit the website, YouTube receives the information that you have accessed the corresponding subpage of our website, as well as your system data (IP address, page visited on our domain, date and time of the server request, browser type and version, operating system used, the reference -Address and host name of the accessing computer.)
This happens regardless of whether YouTube provides a user account through which you are logged in or whether no user account exists. If you are logged in to Google, your data will be assigned directly to your account. If you do not want your profile to be associated with YouTube, you must log out before activating the button. YouTube stores your data as user profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such evaluation is carried out in particular (even for users who are not logged in) for the purpose of providing advertising tailored to your needs and to inform other users of the social network about your activities on our website. You have a right of objection to the creation of these user profiles, whereby you must contact YouTube in order to exercise this right.
6. Cookie list
6.1 Necessary cookies
|Designation||Purpose and description||Duration of storage|
|These cookies store the user's decision to consent or not to use the other cookies and are also used to determine the display of the cookie pop-up.||1 year|
|These are security cookies that are used to prevent attacks on our website through the transmission of unauthorised commands by a mala fide third party via a bona fide user (cross-site request forgery). These cookies are necessary for the security of the website as well as for your safety.||1 day|
|PHPSESSID||This cookie is used to manage the PHP session. It allocates the user's actions on the website to the correct package of information and executes the respective services appropriately.||Duration of the visit|
6.2 Analysis Cookies
|Designation||Purpose and description||Duration of storage|
|• _ga |
|These are "Google Analytics" cookies, which are used to collect statistical data on the use of the website, to differentiate between users and reduce the frequency of access. For more details about Google Analytics, please see the "Google Analytics" section under "Third Party Cookies" above.||• 2 years |
• 1 day
• 1 day
|collect||This cookie is used by Google for Google Analytics to transmit data about the user's device and use of the website to Google, and to track the user through various devices and marketing channels. For more details about Google Analytics, please see the "Google Analytics" section under "Third Party Cookies" above.||Duration of the visit|
|_dc_gtm_UA-28477870-1||This cookie is used by Google to control the loading of the Google Analytics script tag and is placed when Google Analytics cookies are included via the Google Tag Manager.||1 day|
6.3 Advertising cookies
|Designation||Purpose and Description||Duration of storage|
|• _fbp |
|These cookies are used by Facebook to display advertising from third-party advertisers (such as real time bidding) or other advertising products.||• 3 months |
• 3 months
• Duration of the visit
|ads/ga-audiences||This cookie is used by Google AdWords to address users who may become customers based on their behaviour on the Internet. For more details about Google AdWords, see the "Google Analytics" section under "Third party cookies" above.||Duration of the visit|
|GPS||This cookie is used by YouTube to assign a specific ID number to a device to enable geographical tracking using GPS.||1 day|
|IDE||This cookie is used by Google DoubleClick to record the actions of the user after viewing (clicking) an advertisement in order to measure the effectiveness of an advertisement.||1 year|
|test_cookie||This cookie is used to check whether the user's browser allows cookies.||1 day|
|VISITOR_INFO1_LIVE||This cookie is used by YouTube to estimate the bandwidth available to the user on pages with integrated YouTube videos.||179 days|
|YSC||This cookie is used by YouTube to assign a specific ID number to the user in order to statistically record which YouTube videos the user has already viewed.||Duration of the visit|
|These cookies are used by YouTube to store a user's preferred settings when using embedded YouTube videos.|| |
• Duration of the visit
• Duration of the visit
• Duration of the visit
• Duration of the visit