Data Protection Notice for Visitors to DFG Events
We appreciate your interest in our event. The Deutsche Forschungsgemeinschaft (DFG, German Research Foundation) takes the protection of your personal data and its confidential treatment extremely seriously. The processing of your personal data takes place exclusively within the framework of the applicable statutory provisions of data protection laws, in particular the General Data Protection Regulation (GDPR). By means of this data protection declaration, we wish to inform you how your personal data is processed and about your data protection rights in connection with the event.
- 1. Data controller and contact details for the data protection officer
- 2. Purpose and legal basis of data processing
- 3. Pictures and sound recordings
- 4. Recipients of personal data
- 5. Data processing in third countries
- 6. Sources and categories of data when collected by third parties
- 7. Automated individual decision-making, including profiling
- 8. Duration of storage
- 9. Rights of data subjects
1. Data controller and contact details for the data protection officer
The data processing controller in accordance with data protection laws is:
- Deutsche Forschungsgemeinschaft e. V. (DFG)
Tel. +49 228 885-1
Link auf E-Mailpostmaster@dfg.de
Should you have any queries or concerns in relation to data processing, please feel free to get in touch with us.
You can contact our data protection officer as follows:
- Dr. Gregor Scheja
Scheja und Partner Rechtsanwälte mbB
Tel. +49 228 227 226-0
Encrypted contact form:
2. Purpose and legal basis of data processing
Below, you will find an overview of the purposes and legal basis of data processing in connection with our events.
2.1 Preparation and hosting of the event
We process personal data relating to you and your accompanying person(s) (where applicable) if this is necessary to prepare and carry out your participation in our event. The purposes include the following in particular:
- Creation of name badges
and for internal use
- Participant lists; VIP participant lists with publicly accessible pictures
- Registration process
When registering for the event, the following mandatory information will be requested, which is identified by a "*" symbol: Title, first name, surname, company/institution, e-mail address, first name and surname of accompanying person(s) (where applicable).
It is not possible to register without providing the mandatory information.
During the registration process, you also have the option of voluntarily providing additional information: [additional name information, company contact details]. Please note that this information is not required for the registration and it is your decision alone as to whether to provide us with this data or not.
The data processing takes place in accordance with point (b) of Article 6 Paragraph 1 GDPR.
2.2 Safeguarding legitimate interests
We also process your personal data in order to safeguard our legitimate interests or those of third parties. During this process, we pursue the following interests, which are also the respective purposes:
- Sending of invitations to DFG events
- Taking and publication of pictures and sound recordings (in particular group photos, unless the case stated in Number 3 applies) on the website of the DFG and in print publications for the purpose of reporting on the event.
The data processing takes place in accordance with point (f) of Article 6 Paragraph 1 GDPR.
Should you have given your consent for specific purposes, the purposes are stated in the content of the consent which has been given.
In cases where you provide data for this purpose, the data is processed in accordance with point (a) of Article 6 Paragraph 1 GDPR. You can withdraw your consent at any time, without the lawfulness of the processing which took place with your consent prior to the withdrawal being affected.
We erase the data under Numbers 2.1 to 2.3 when it is no longer necessary for the purposes pursued by us of preparing and carrying out your participation in our event and where no other legal basis is applicable. Should the latter situation apply, we erase the data once the other legal basis is no longer applicable.
3. Pictures and sound recordings
For pictures of individual persons or small groups of persons in which you are featured and which may be published in reports concerning our event on the website of the DFG and in print publications, the consent of you and your accompanying person(s) is generally necessary (see Number 2.3). This may be obtained expressly at our event by asking you or your accompanying persons(s) or may take place implicitly by means of the willing participation of you and your accompanying person(s). Should you or your accompanying person(s) not wish such pictures to be taken, you should make the photographers aware of this. More precise information concerning this will be made available at the relevant events.
4. Recipients of personal data
Internal recipients: Within the DFG, access is only available to those persons who require it for the purposes named under Number 2. These are the employees in the Central Events Management Department, as well as those employees with professional responsibility or co-responsibility for the event.
External recipients: We only pass your personal data on to external recipients outside of the DFG if this is necessary in order to prepare and carry out your participation in our event, if another legal authorisation exists or if we have received your consent for this.
Possible external recipients include:
External service providers whom we engage for the provision of services, for example the technical infrastructure and maintenance for the offer of the registration platform service. These processors are carefully selected by us and are regularly audited in order to ensure that your privacy remains protected. The service providers may only use the data for the purposes stated by us.
b) Public bodies
Authorities and state institutions, for example public prosecutor's offices, courts or financial authorities to whom we must provide personal data for legally compelling reasons.
c) Private bodies
Agents, cooperation partners or aids to whom data is transferred in order to carry out our event on the basis of consent or a legal basis, for example participant management systems.
5. Data processing in third countries
Should data be transferred to bodies whose place of business or data processing location is not in a Member State of the European Union or another Member State of the European Economic Area, we ensure prior to the handover that, except in exceptional cases permitted by law, either an adequate level of data protection is present on the part of the recipient (for example by means of an adequacy decision of the European Commission, by means of suitable guarantees such as the agreement of so-called EU standard contractual clauses of the European Union with the recipient) or your sufficient consent has been obtained. You can obtain from us an overview of the recipients in third countries and a copy of the concrete provisions which have been agreed to ensure an adequate level of data protection. Please use the address stated in Number 1 in order to get in touch with us.
6. Sources and categories of data when collected by third parties
We do not only process personal data which we obtain from you directly. We receive some personal data from third parties in advance.
Below, you will find an overview of the sources and the categories of data where this is collected by third parties:
- We receive first name, surname and address data from the following in particular:
- Alexander von Humboldt Foundation
- Winners of the Heinz Maier-Leibnitz Prize and Gottfried Wilhelm Leibniz Prize
- The universities which have been selected as hosts for the DFG annual general meeting
- The Foundation for Polish Science (FNP) in connection with the Copernicus Award
- German Academic Exchange Service (DAAD)
- German Climate Consortium (DKK)
- German University Cairo (GUC)
- German Marine Research Consortium (KDM)
- Max Planck Society (MPG)
7. Automated individual decision-making, including profiling
No automated decision-making in an individual case, including profiling as defined in Article 22 of the GDPR, takes place.
8. Duration of storage
Please see the relevant section concerning data processing in order to find out for how long personal data is stored.
In addition, the following generally applies: We only store your personal data for as long as is necessary for the fulfilment of the purposes or, in the case of consent, for as long as you have not withdrawn your consent. If you withdraw your consent, we will erase your personal data, unless the continued processing is permitted in accordance with the applicable statutory provisions.
We will also erase your personal data if we are obliged to do so for legal reasons.
9. Rights of data subjects
As a data subject, you have various rights. These include:
Right of access: You have the right to be informed what data relating to your person is stored by us.
Right to rectification and erasure: You can request that we rectify any incorrect data and, should the statutory requirements be fulfilled, you can request that we erase your data.
Restriction of processing: Should the statutory requirements be fulfilled, you can request that we restrict the processing of your data.
Data portability: Should you have provided data under a contract or with your consent, then provided that the statutory requirements are met, you can request to receive the data which you have provided in a structured, commonly used and machine-readable format or request that we transfer this data to another controller.
Objection to data processing in case of the “legitimate interest” legal basis:
You have the right to object, on grounds relating to your particular situation, at any time to data processing by us, should such processing be based on the “legitimate interest” legal basis. Should you exercise your right to object, we will suspend the processing of your data, unless we can demonstrate, in accordance with the legal regulations, compelling legitimate grounds for continued processing which outweigh your rights.
Withdrawal of consent: Should you have given us your consent to the processing of your data, you can withdraw this at any time with effect for the future. The lawfulness of the processing of your data prior to the withdrawal remains unaffected by this.
Right to complain to the supervisory authority: You can also lodge a complaint with the responsible supervisory authority, should you consider that the processing of your data breaches applicable laws. For this purpose, you can contact the data protection authority which is responsible for your place of residence or country or the data protection authority which has jurisdiction over us.
Getting in touch with us and exercising your rights: Should you have any queries concerning the processing of your personal data, your rights as a data subject and any consent which you have given, you can get in touch with us free of charge. In order to exercise any of the rights listed above, please send an email to Link auf E-Mailpostmaster@dfg.de or send a letter to the address provided under Number 1. Please ensure that we are able to clearly identify you. To withdraw your consent, you can also use the contact channel which you selected when giving consent.