Privacy Policy

Privacy Policy

Controller

The controller responsible for data processing on this website is:

cc-NanoBioNet e.V.
Science Park 1
66123 Saarbrücken
Germany

Phone: +49 (0)681 68 57-364
Fax: +49 (0)681 68 57-795
Email: info@nanobionet.de

Managing Director: Dr. Ralph Nonninger

Further information can be found in the Legal Notice (Imprint). 

 

General Information on Data Processing

This Privacy Policy informs you about the nature, scope, and purpose of the processing of personal data within our online services, including the associated websites, functions, and content.

Personal data refers to any information that can be used to identify you personally. Data processing is carried out exclusively in accordance with applicable data protection regulations, in particular the General Data Protection Regulation (GDPR).

As a rule, this website can be used without providing personal data. Where personal data is collected, this is generally done on a voluntary basis wherever possible. 

 

Types of Data Processed

When using this website, the following categories of data may be processed in particular:

  • Master data (e.g., names) 
  • Contact data (e.g., email addresses, telephone numbers) 
  • Content data (e.g., messages submitted via contact forms) 
  • Usage data (e.g., pages visited, access times) 
  • Metadata and communication data (e.g., IP addresses, browser information) 

 

Categories of Data Subjects

The following groups of individuals may be affected by data processing:

  • Website visitors and users 
  • Members and prospective members 
  • Participants in events and projects 
  • Cooperation partners and contact persons 

 

Purposes of Processing

Personal data is processed for the following purposes in particular:

  • Provision of the website and its content 
  • Handling contact requests 
  • Communication with users 
  • Security measures 
  • Technical administration and website stability 
  • Association, network, and public relations activities 
  • Organization of events and projects 
  • Distribution of information and newsletters 

At present, data is not used for advertising purposes or comprehensive tracking activities.

 

Legal Bases for Processing

Personal data is processed on the basis of the GDPR, in particular:

  • Article 6(1)(a) GDPR (consent) 
  • Article 6(1)(b) GDPR (performance of a contract or pre-contractual measures) 
  • Article 6(1)(c) GDPR (legal obligation) 
  • Article 6(1)(f) GDPR (legitimate interests) 

Our legitimate interest lies particularly in the secure, stable, and user-friendly operation of this website as well as in carrying out our statutory association and networking activities. 

 

Security Measures

In accordance with Article 32 GDPR, we implement appropriate technical and organizational measures to protect personal data against accidental or intentional manipulation, loss, destruction, or unauthorized access.

Particular consideration is given to:

  • Data confidentiality and integrity 
  • System availability 
  • Protection against unauthorized access 
  • Privacy-friendly technical default settings 

For security reasons, this website uses SSL/TLS encryption. You can recognize an encrypted connection by the "https://" prefix in your browser’s address bar and the lock icon displayed by your browser. 

 

Cooperation with Processors and Third Parties

Where personal data is disclosed, transferred, or otherwise made accessible to other persons or organizations, this is done exclusively:

  • on the basis of a legal authorization, 
  • for the performance of a contract, 
  • on the basis of your consent, or 
  • on the basis of legitimate interests. 

Where external service providers process personal data on our behalf, this is carried out under a Data Processing Agreement pursuant to Article 28 GDPR.

Recipients of personal data may include internal departments, hosting providers, technical service providers, and external processors. 

 

Transfers to Third Countries

When using certain services, particularly those provided by Google LLC (e.g., YouTube or Google Maps) or, in the future, Brevo, personal data may be transferred to countries outside the European Union.

According to their own statements, these providers implement appropriate safeguards pursuant to Articles 44 et seq. GDPR, particularly the European Commission’s Standard Contractual Clauses.

Further information can be found in the privacy policies of the respective providers. 

 

Rights of Data Subjects

You have the right to:

  • Obtain information about your stored personal data 
  • Request correction of inaccurate data 
  • Request deletion of your data 
  • Request restriction of processing 
  • Request data portability 
  • Object to processing 
  • Withdraw consent with future effect 

You also have the right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR. 

 

Right to Withdraw Consent

Where the processing of personal data is based on your consent, you may withdraw that consent at any time with effect for the future.

The lawfulness of processing carried out before the withdrawal remains unaffected. 

 

Right to Object

You may object at any time to the future processing of your personal data in accordance with Article 21 GDPR. 

 

Cookies

This website primarily uses technically necessary cookies.

Cookies are small text files stored on your device that enable or facilitate the technical operation of the website.

The following types of cookies may be used:

  • Session cookies 
  • Technically necessary functional cookies 
  • Security cookies 

Cookies are currently not used for advertising or marketing purposes.

You may configure your browser to notify you when cookies are set or to disable cookies altogether. However, disabling cookies may limit certain website functions. 

 

Data Retention and Deletion

Personal data is stored only for as long as necessary to fulfill the respective purposes or as required by statutory retention obligations.

Afterwards, the data is deleted or its processing is restricted. 

 

Provision of Our Statutory and Business Activities

We process personal data of members, prospective members, cooperation partners, customers, event participants, and other contacts where necessary to fulfill our statutory tasks, association activities, networking and public relations work, or contractual and pre-contractual obligations.

The following categories of data may be processed:

  • Master data (e.g., name, address) 
  • Contact data (e.g., email address, telephone number) 
  • Communication data 
  • Contract and event-related data 

Processing is based on Article 6(1)(b) and Article 6(1)(f) GDPR.

Data is deleted once it is no longer required for the respective purposes and no statutory retention obligations apply. 

 

Contact Requests

If you contact us via contact form, email, or telephone, the information you provide will be processed for the purpose of handling your inquiry.

This may include:

  • Name  
  • Email address 
  • Telephone number (if provided) 
  • Content of your message 

Processing is based on Article 6(1)(b) or Article 6(1)(f) GDPR.

Your data will be used solely for processing your request and will not be disclosed without your consent. 

 

Newsletter / Brevo

The Brevo service may be used in the future for sending newsletters.

If you subscribe to a newsletter, the data you provide will be used exclusively for newsletter distribution.

Registration takes place using the double opt-in procedure. After registration, you will receive an email requesting confirmation of your subscription.

Further information:
https://www.brevo.com/legal/privacypolicy/

 

Hosting

This website is hosted by jweiland.net.

Hosting services include:

  • Infrastructure and platform services 
  • Computing capacity 
  • Storage space 
  • Database services 
  • Security services 
  • Technical maintenance services 

Processing is based on our legitimate interest in the secure and efficient operation of this website pursuant to Article 6(1)(f) GDPR. 

 

Collection of Access Data and Log Files

The hosting provider automatically collects information in server log files.

This may include:

  • Pages accessed 
  • Date and time of access 
  • Browser type and version 
  • Operating system 
  • Referrer URL 
  • IP address 
  • Requesting internet service provider 

Processing is based on Article 6(1)(f) GDPR for ensuring technical operation and IT security.

Log files are generally deleted after no more than seven days. 

 

Integration of Third-Party Services and Content

Within our online services, we may integrate content and services from external providers in order to provide certain functionalities and content.

For technical reasons, these providers may process users’ IP addresses. 

 

YouTube

Some pages may contain embedded videos from YouTube.

Operator:

Google LLC
1600 Amphitheatre Parkway
Mountain View, CA 94043
USA

Further information:
https://policies.google.com/privacy

 

Google Maps

Google Maps may be integrated to provide directions and location information.

Provider: Google LLC

Further information:
https://policies.google.com/privacy

 

Changes to This Privacy Policy

We reserve the right to amend this Privacy Policy in the event of changes to this website or applicable legal requirements. 

 

Cookie Settings

You can view and change your cookie preferences at any time here.

Regionally Rooted. Globally Connected.