Data protection

1. General information and mandatory information

a) General information

The following information gives you a simple overview of what happens to your personal data when you visit this website. Personal data means all data by which you can be identified personally. For detailed information about data protection, please refer to our data privacy statement listed below this text.

b) Name and contact details of the responsible data controller

This data protection information applies to data processed by:
Responsible: Studiengesellschaft für Gesundheitsberatung e. V., Fischertwiete 2, 20095 Hamburg, Germany
E-mail: info@academic-society.de
Tel: + 49 40 32005250
Fax: + 49 40 32005200

2. Hosting

This website is hosted by an external service provider (web host). Personal data collected on this website is stored on the web host’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contract data, contact details, names, website accesses and other data generated by a website.

The use of the web hosting service provider is for the purpose of fulfilling a contract with our potential and existing clients (Article 6(1)(b) GDPR) and in the interest of providing our online service securely, quickly and efficiently via a professional provider (Article 6(1)(f) GDPR).

Our web host will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions regarding this data.

To ensure that the processing complies with data protection regulations, we have concluded a contract for order processing with our web host.

3. Collection and storage of personal data and the nature and purpose of their use

a) When you visit the website

When you call up our website www.academic-society.de, information is automatically sent to the server of our website by the browser used on your end device. This information is temporarily stored in a so-called log file. The following information is recorded without any action on your part and stored until it is automatically deleted:

  • IP address of the requesting computer
  • date and time of access
  • name and URL of the file retrieved
  • website from which the access takes place (referrer URL)
  • the browser used and, if applicable, the operating system of your computer and the name of your access provider.

The above-mentioned data will be processed by us for the following purposes:

  • to ensure a smooth connection to the website
  • to guarantee comfortable use of our website
  • to evaluate system security and stability
  • for other administrative purposes.

The legal basis for data processing is Article 6(1)(f) GDPR. Our legitimate interest follows from the above listed purposes for data collection. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

Furthermore, we use cookies and analysis services when you visit our website. You will find more detailed explanations on this under sections 5 and 6 of this data protection declaration.

b) When registering for our newsletter

If you have expressly given your consent pursuant to Article 6(1)(a) GDPR, we will use your e-mail address to send you our newsletter on a regular basis. To receive the newsletter, it is sufficient to provide an e-mail address.

It is possible to unsubscribe at any time. You can unsubscribe at any time by sending an informal e-mail to info@academic-society.de.

c) When using our contact form

If you send us enquiries via the contact form, your details from the enquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the enquiry and in the event of follow-up questions. We will not pass on this data without your consent.

The processing of the data entered in the contact form is thus exclusively based on your consent (Article 6(1)(a) GDPR). You can revoke this consent at any time. For this purpose, an informal notification by e-mail to us is sufficient. The legality of the data processing operations carried out up to the time of revocation remains unaffected by the revocation.

The data you provide via the contact form will remain with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored ceases to apply (e.g. after your request has been processed). Mandatory legal provisions – in particular retention periods – remain unaffected.

d) Enquiry via e-mail, telephone or fax

If you contact us via e-mail, telephone or fax, your enquiry including all personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.

This data is processed based on Article 6(1)(b) GDPR, provided that your enquiry is related to the fulfilment of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, processing is based on your consent (Article 6(1)(a) GDPR) and/or on our legitimate interests (Article 6(1)(f) GDPR), because we have a legitimate interest in the effective processing of the enquiries addressed to us.

The data you provide via contact enquiries will remain with us until you request us to delete it, revoke your consent to its storage or the purpose for which it was stored ceases to apply (e.g. after your request has been processed). Mandatory legal provisions - in particular retention periods - remain unaffected.

4. Disclosure of data

Your personal data will not be transferred to third parties for purposes other than those listed below.

We only pass on your personal data to third parties if:

  • you have given your express consent pursuant to Article 6(1)(a) GDPR
  • pursuant to Article 6(1)(f) GDPR, the disclosure is necessary for the enforcement, exercise or defence of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data
  • if there is a legal obligation to pass on the data pursuant to Article 6(1)(c) GDPR, and
  • this is legally permissible and required under Article 6(1)(b) GDPR for the processing of contractual relationships with you.

5. Cookies

6. Analysis tools

a) Tracking tools

The tracking measures listed below and used by us are carried out based on Article 6(1)(f) GDPR. With the tracking measures we use, we want to ensure that our website is designed to meet the needs of our customers and is continuously optimised. On the other hand, we use the tracking measures to record the use of our website statistically and evaluate it for the purpose of optimising our offer for you. These interests are to be regarded as legitimate in the sense of the aforementioned regulation.

The respective data processing purposes and data categories are given under the corresponding tracking tools.

b) Matomo

We use the Matomo open source software for analysis and statistical evaluation of the use of the website. Cookies are used for this purpose (see section 5). The information generated by the cookie about the use of the website is transferred to our servers and summarised in pseudonymous user profiles. The information is used to evaluate the use of the website and to enable us to design our website in line with requirements. The information is not transferred to third parties.

Under no circumstances is the IP address linked to other user-related data. The IP addresses are rendered anonymous so that it is not possible to assign them (IP masking).

Matomo cookies remain on your device until you delete them. The storage of Matomo cookies and the use of this analysis tool are based on Article 6(1)(a) GDPR. The corresponding consent is requested by a cookie banner when visiting the website and is granted by the user of the website actively checking the Statistics box. Consent can be changed or revoked at any time (see section 5).

7. Social media plug-ins

We use plug-ins from social media networks on our website based on Article 6(1)(f) GDPR to thus promote awareness of our company. The advertising purpose behind this is to be regarded as a legitimate interest within the meaning of the GDPR. The respective providers are responsible for ensuring that their operations comply with data protection regulations. The integration of these plug-ins by us takes place by means of the so-called double-click method to protect visitors to our website in the best possible way.

a) Facebook

Social media plug-ins from Facebook are used on our website to make its use more personal. You can recognise the Facebook plug-ins by the Facebook logo or the SHARE button. It is a service provided by Facebook Inc., Hacker Way, Menlo Park, California 94025, USA.

If you call up a page of our website that contains such a plug-in, your browser establishes a direct connection with the Facebook servers. The content of the plug-in is transmitted by Facebook directly to your browser, from where it is integrated into the website.

By integrating the plug-ins, Facebook receives the information that your browser has called up the corresponding page of our website, even if you do not have a Facebook account or are not currently logged in to Facebook. This information (including your IP address) is transmitted by your browser directly to a Facebook server in the USA and stored there.

If you are logged in to Facebook, Facebook can assign your visit to our website directly to your Facebook account. If you interact with the plug-ins, for example by clicking the SHARE button, the corresponding information is also transmitted directly to a Facebook server and stored there. The information is also published on Facebook and shown to your Facebook friends.

Facebook may use this information for the purposes of advertising, market research and designing the Facebook pages to meet your needs. To do this, Facebook creates usage, interest and relationship profiles, e.g. to evaluate your use of our website with regard to the advertisements that Facebook shows you, to inform other Facebook users about your activities on our website and to provide other services associated with the use of Facebook.

If you do not want Facebook to assign the data collected via our website to your Facebook account, you must log off from your Facebook account before visiting our website.

Please refer to Facebook’s privacy policy for the purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as your rights and the setting options to protect your privacy (https://de-de.facebook.com/privacy/explanation).

b) Twitter

Plug-ins from the short message network of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA (Twitter) are integrated into our website. You can recognise the Twitter plug-ins (tweet button) by means of the Twitter logo on our site.

If you call up a page of our website that contains such a plug-in, your browser establishes a direct connection with the Facebook servers. The content of the plug-in is transmitted by Facebook directly to your browser, from where it is integrated into the website.

If you call up a page on our website that contains such a plug-in, a direct connection is established between your browser and the Twitter server. Twitter thereby receives the information that you have visited our site, together with your IP address. If you click on the Twitter tweet button while you are logged in to your Twitter account, you can link the contents of our pages to your Twitter profile. This allows Twitter to correlate your visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the data transmitted or its use by Twitter.

If you do not want Twitter to be able to link your visit to our pages, please log off from your Twitter user account.

You can change your privacy settings on Twitter in the account settings under https://twitter.com/account/settings.

You can find more information on this in Twitter’s data privacy statement (https://twitter.com/de/privacy).

8. Plug-ins und tools

a) Vimeo

This website uses plug-ins from the Vimeo video portal. The provider is Vimeo Inc., 555 West 18th Street, New York 10011, USA.

When you visit one of our sites that has a Vimeo plug-in you will be connected to the Vimeo servers. This tells the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transferred to the Vimeo server in the USA.

If you are logged in to your Vimeo account, you allow Vimeo to correlate your surfing behaviour directly with your personal profile. You can prevent this by logging off from your Vimeo account.

Vimeo is used to present our online services in an attractive manner. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. The storage and use of Vimeo cookies is based on Article 6(1)(a) GDPR. The corresponding consent is requested by a cookie banner when the user visits the website and is granted by actively checking the Statistics box. Consent can be changed or revoked at any time (see section 5).

Further information on the handling of user data can be found in Vimeo’s data privacy statement (https://vimeo.com/privacy).

b) Google Fonts

This site uses so-called Google Fonts, which are fonts provided by Google to ensure that fonts are displayed uniformly. When you call up a page, your browser loads the required Google Fonts into your browser cache to display texts and fonts correctly.

To do this, the browser you are using must connect to Google’s servers. This enables Google to know that this website has been accessed via your IP address. The use of Google Fonts is in the interest of a uniform and attractive presentation of our online offers. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR.

If your browser does not support Google Fonts, your computer will use a standard font.

Further information about Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy declaration (https://policies.google.com/privacy?hl=de).

c) YouTube

Our website uses plug-ins from the YouTube website operated by Google. The operator of the site is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

When you visit one of our sites that has a YouTube plug-in you will be connected to the YouTube servers. This tells the YouTube server which of our pages you have visited.

Furthermore, YouTube can store various cookies on your end device. YouTube can obtain information about visitors to our website with the help of these cookies. This information is used, among other things, to gather video statistics, improve the user experience and prevent fraud. The cookies remain on your device until you delete them.

If you are logged in to your YouTube account, this will allow YouTube to correlate your surfing behaviour directly with your personal profile. You can prevent this happening by logging off from your YouTube account.

YouTube is used to present our online offers in an attractive manner. This constitutes a legitimate interest within the meaning of Article 6(1)(f) GDPR. The storage and use of YouTube cookies is based on Article 6(1)(a) GDPR. The corresponding consent is requested by a cookie banner when visiting the website and is granted by the user of the website actively checking the Marketing box. Consent can be changed or revoked at any time (see section 5).

Further information on the handling of user data can be found in YouTube’s privacy policy declaration (https://policies.google.com/privacy?hl=de).

9. Rights of affected parties

You have the right:

  • to request information about your personal data processed by us pursuant to Article 15 GDPR. In particular, you may request information on the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of or objection to processing, the existence of a right of appeal, the origin of your data, if not collected by us, as well as the existence of automated decision making including profiling and, where applicable, meaningful information on the details thereof;
  • pursuant to Article 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
  • pursuant to Article 17 GDPR, to demand the deletion of your personal data stored with us, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • pursuant to Article 18 GDPR, to demand the restriction of the processing of your personal data if you dispute the accuracy of the data, if the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it for the enforcement, exercise or defence of legal claims or if you have lodged an objection to the processing pursuant to Article 21 GDPR;
  • pursuant to Article 20 GDPR, to receive your personal data that you have provided us with in a structured, common and machine-readable format or to request its transfer to another responsible party;
  • pursuant to Article 7(3) GDPR, to revoke the consent you have given to us at any time. As a result, in the future we may no longer continue to process the data that was based on this consent;
  • pursuant to Article 77 GDPR, to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority at your usual place of residence or workplace or at the seat of our association.

10. Right to object

If your personal data are processed on the basis of legitimate interests pursuant to Article 6(1)(f) GDPR, you have the right to object to the processing of your personal data pursuant to Article 21 GDPR if there are reasons for doing so that arise from your special situation or if the objection is directed against direct marketing. In the latter case, you have a general right to object, which will be implemented by us without indicating any special situation.

If you wish to exercise your right to withdraw consent or to object, simply send an e-mail to info@academic-society.de.

11. Data security

This site uses SSL (Secure Socket Layer) or TLS encryption for security reasons and to protect the transmission of confidential content that you send to us as site operator. You can tell whether an individual page of our website is being transmitted in encrypted form by the fact that the address line of the browser changes from http:// to https:// and the key or padlock icon displayed in the lower status bar of your browser is closed. This encryption prevents data that you transmit to us from being read by third parties.

We also use suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are improved continuously in line with technological developments.

12. Up-to-dateness and changes to this data privacy statement

This data privacy statement is currently valid and is the status as of September 2019.

It may become necessary to amend this data privacy statement as a result of the further development of our website and related services or due to changes in legal or statutory requirements. You can access and print out the current data protection declaration at any time on the website at http://academic-society.de/datenschutz.html.