Accessibility Tools

Skip to main content

Privacy Policy

Overview

With this privacy policy, we inform you about our handling of your personal data and about your rights under the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). The Leibniz Center Infection (hereinafter referred to as "we" or "us") is responsible for data processing (unless otherwise stated below).

Our data protection information consists of two parts. Part A provides you with general information on data protection at our company and explains, among other things, what rights you have and where you can assert them. Part B is dedicated to the various groups of data subjects and explains in detail what data we collect and process about you. We address you in your role as:

  1. Visitors to our websites;
    b. Event visitors
    c. Journalists/press representatives.

A. General information

1. Our contact details

If you have any questions or suggestions regarding this information or would like to assert your rights, please send your request to:

Leibniz Institute of Virology
 - Civil law foundation -
Martinistraße 52
20251 Hamburg

2. On what basis do we process your data?

The data protection term "personal data" refers to all information relating to an identified or identifiable person. We process personal data in compliance with the relevant data protection regulations, in particular the GDPR and the BDSG. Data processing by us only takes place on the basis of legal permission. We process personal data only with your consent (Art. 6 para. 1 lit. a GDPR), for compliance with a legal obligation (Art. 6 para. 1 lit. c GDPR) or if the processing is necessary to safeguard our legitimate interests or the legitimate interests of a third party, unless your interests or fundamental rights and freedoms, which require the protection of personal data, prevail (Art. 6 para. 1 lit. f GDPR).

If you apply for an open position at our institute, we will also process your personal data to decide on the establishment of an employment relationship (Section 26 (1) sentence 1 BDSG).

3. Your rights

You decide on your data. As a data subject, you therefore have the right to assert your data subject rights against us. You have the following rights within the scope of the data protection laws applicable to you:

  • In accordance with Art. 15 GDPR and Section 34 BDSG, you have the right to request information as to whether or not we process personal data relating to you and, if so, to what extent.
  • You have the right to demand that we rectify your data in accordance with Art. 16 GDPR.
  • You have the right to demand that we erase your personal data in accordance with Art. 17 GDPR and Section 35 BDSG.
  • You have the right to restrict the processing of your personal data in accordance with Art. 18 GDPR.
  • In accordance with Art. 20 GDPR, you have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller.
  • If you have given us separate consent to process your data, you can withdraw this consent at any time in accordance with Art. 7 (3) GDPR. Such a revocation does not affect the legality of the processing that was carried out on the basis of the consent
    until the revocation.
  • If you believe that the processing of your personal data violates the provisions of the GDPR, you have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR.

In accordance with Art. 21 para. 1 GDPR, you have the right to object to processing based on the legal basis of Art. 6 para. 1 lit. e or f GDPR on grounds relating to your particular situation. If we process personal data about you for the purpose of direct marketing, you can object to this processing in accordance with Art. 21 para. 2 and 3 GDPR.

If you exercise your rights in accordance with Art. 15 to 22 GDPR, we process the personal data transmitted for the purpose of implementing these rights by us and to be able to provide proof of this. We will only process data stored for the purpose of providing and preparing information for this purpose and for the purposes of data protection monitoring and will otherwise restrict processing in accordance with Art. 18 GDPR.

This processing is based on the legal basis of Art. 6 para. 1 lit. c GDPR in conjunction with. Art. 15 to 22 GDPR and § 34 para. 2 BDSG.

4. Where do we process your data?

In principle, we process your data on European servers with the highest security standards. In providing our services, we are supported by external service providers to whom we send your data. Some data processing may involve the transfer of certain personal data to third countries, i.e. countries in which the GDPR is not applicable law. Such a transfer is permitted if the European Commission has determined that an adequate level of data protection is required in such a third country. This applies to all transfers to countries in this list: https://commission.europa.eu/law/law-topic/data-protection/international-dimension-dataprotection/adequacy-decisions_en
If there is no such adequacy decision by the European Commission, personal data will only be transferred to a third country if there are suitable guarantees in accordance with Art. 46 GDPR or if one of the requirements of Art. 49 GDPR is met.

Unless there is an adequacy decision and unless otherwise stated below, we use the EU standard data protection clauses as appropriate safeguards for the transfer of personal data from the scope of the GDPR to third countries. You have the option of obtaining or viewing a copy of these EU standard data protection clauses. Please contact us at the address given under Contact.

If you consent to the transfer of personal data to third countries, the transfer takes place on the legal basis of Art. 49 para. 1 lit. a GDPR.

5. To whom and why do we pass on your personal data?

In order to provide our services and operate as an alliance, we use various external companies to which we transfer personal data in some cases. If other specific recipients contain personal data for some groups of data subjects, we will inform you about this in Part B.

  • Hosting provider: We commission certified service providers to host our data who have the highest security standards.
  • IT service providers and SaaS providers: We use the services of various service providers who support us as processors and simplify and optimize our processes.
  • Administration and authorities: In order to comply with legal regulations or to respond to court orders or other similar official requests, further transfers may take place.

6. How long do we store your data?

Unless otherwise stated in the following information, we only store the data for as long as is necessary to achieve the purpose of processing or to fulfill our contractual or legal obligations.

7. How do we use "cookies" and other tracking technologies?

We use cookies and similar technologies on our websites. We have compiled more information about how we use these technologies in our cookie banner. The banner can be accessed via the "Privacy settings" link in the footer of our websites. There you will also find a list of other companies that place cookies on our websites and process data on the basis of your consent in accordance with Art. 6 para. 1 lit. a GDPR, a list of cookies that we place and an explanation of how you can refuse certain types of cookies.

8. How can you contact our data protection officer?

You can reach our data protection officer using the following contact details:
Arne Düsedau
c/o
Leibniz Institute of Virology
Martinistraße 52, 20251 Hamburg
This email address is being protected from spambots. You need JavaScript enabled to view it.


B. Special section - How and why we process your data

a. Visitors to our website

1) We process pseudonymous information about the device and browser you are using, server log files, your network connection and your IP address for the following purposes:

  • Ensuring the security, operability and stability of our websites, including defense
    against attacks;
  • Integration of third-party content, such as videos or other media content;
  • Obtain and manage your consents via our Consent Management Tool.

Legal basis: Legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR in the flawless functionality and stability of the website or consent to the use of data for the display of third-party content.

2) We process information about how you behave on the website. This includes the IP address and user IDs, some of which are assigned by third-party providers, and is used for the following purposes:

  • Reach measurement and analysis of visitor behavior to optimize our websites, increase customer satisfaction and error analysis.

Legal basis: Consent in accordance with Art. 6 para. 1 lit. a GDPR, which we obtain via the consent banner on our website and which you can revoke or adjust at any time via the "Privacy settings" link in the footer of the website.

b. Event visitors

1) When you attend an event with us, we process data that you provide about yourself, such as your name, e-mail address, attendance details and comments, for the following purposes:

  • Planning and implementation of the respective event;
  • Sending information about or following the event.

Legal basis: Legitimate interest according to Art. 6 para. 1 lit. f) GDPR and fulfillment of the contract according to Art. 6 para. 1 lit. b) GDPR.

e. Journalists/press representatives

1) If you have registered for our e-mail distribution list, we will process your contact data for the following purpose:

  • Sending of press releases with current information from the Leibniz Center Infection.

The legal basis for data processing is your consent in accordance with Art. 6 para. 1 lit. a GDPR, which you can revoke at any time by contacting us using the contact details above.