Privacy policy

 

The protection of your personal data is a top priority at European Dermatology Forum. The data you enter is transmitted in encrypted form and stored on protected servers. We will keep your data secure and take measures to protect your personal data from loss, access, misuse or alteration. Our employees and contractual partners who have access to your data are contractually bound to secrecy and compliance with data protection regulations.

 

 

Data collection


When you call up our website, the following data is determined by your terminal device or the browser used and stored in a log file:

  • IP address of the end device
  • Date and time (incl. time zone difference to CET) of access
  • Name and URL of the retrieved page/file
  • The website from which you accessed our site (referrer URL) and the search engines you used to find our site
  • Browser used, operating system of the end device
  • Name of the Internet provider
  • User click tracking on the website


We initially use this data for technical purposes in order to deliver the contents of our website to you and to ensure the secure operation of our services. Furthermore, we do use this data for statistical purposes so that we can trace which terminal devices with which characteristics and settings are used for visiting our website in order to optimise them if necessary. These statistics do not contain any personal data. If you are within the scope of the GDPR, the legal basis for the use of data for the compilation of statistics is Art. 6 Para. 1 f) GDPR.


The complete IP address will be stored for the purposes of detecting and preventing attacks (e.g. preventing access, spying on data, spreading malware (e.g. viruses) or other unlawful purposes) against the systems used for our website. Such attacks would impair the proper functioning of the technology, the use of our website or its functionality and the security of visitors to our website. We hereby pursue the legitimate interest of ensuring the operability of our website and to ward off illegal attacks against us and the visitors to our website.


If you are within the scope of the GDPR, you can execute your right to deletion, in this case the IP address of your terminal device will be deleted (by anonymization) if it is not needed for the recognition or defence of an attack.

 

 

Storage of user data


We store your user data exclusively on servers in the European Union.

 

 

Use of cookies
 

Cookies are used for the operation of our website to ensure the technical functionality of our website and to understand how visitors use our website.
A cookie is a small text file that is stored on your terminal device by your browser when you visit our website. If you call up our website again later, we or the service provider can read out the respective cookie again.

There are two types of cookies:
 

  1. First-party cookies: are set by the website you are visiting.
  2. Third-party cookies: are created by third-party vendors and set by the website owner for different purposes.
     

Cookies are also stored for different periods of time. A distinction must be made between so-called session cookies and persistent cookies. Session cookies are deleted from your browser when you leave our website or when you exit the browser. Persistent cookies are stored for the duration specified when they are stored.

You can set your browser to deny cookies at any time, but this may result in our website no longer functioning properly. You can also delete cookies yourself at any time.

 

What cookies do we use?
 

We use cookies for the following purposes:

Technically necessary cookies, which are absolutely necessary for the use of the functions of our website. Without these cookies, certain functions could not be provided. These are session cookies.

 

Cookie   Type Description   Functionality          Duration   Expiration
(persistent)  
Stored data  

Session ID

First-party  

Session ID is a randomly generated number by a server that temporarily stores the session cookie 

 

Necessary for the website to function

Session

NA

Session ID

CSRF (Cross Site Request Forgery)

First-party

CSRF token is a unique, secret value that is generated on the server-side application and that checks the validity of the token and rejects the request if the token is missing or invalid

To prevent CSRF attacks/protection against hackers

Session

NA

Random CSRF token

 

Statistics cookies are persistent cookies that are used to analyse user behaviour and the use of website and provide statistics. For details please read the information on "Using Matomo and Google analytics to analyze the use of our website".

 

Cookie  

Type  

Functionality      

Duration 

Expiration
(persistent) 

Stored data  

Statistics_cookie 

First-party

To know if a user has accepted the statistics cookies

Persistent  

1 year

User consents statistics cookies

_pk_ses (Matomo) 

First-party

Save information about the user visit 

Persistent

30 minutes

Data about user's visit

_pk_id (Matomo)

First-party

Save details about the user

Persistent

13 months

User's data (unique id, browser, ip, etc)

_ga (Google Analytics)

Third-party (Google)  

Used to distinguish users

 

Persistent

2 years

Anonymous ID

__gid (Google analytics)

Third-party (Google)

Used to distinguish users

Persistent

2 years

Anonymous ID

 

Using Matomo and Google analytics to analyze the use of our website


For the compilation of statistics and evaluations, for the optimization and for the recognition of errors we use the tool Matomo; https://matomo.org. (this tool runs directly on our server and is operated by us) and Google Analytics technology.


With this processing we pursue the justified interest to improve our offer and to be able to operate stable. If you are in the area of application of the GDPR is legal basis of the processing art. 6 Abs. 1 f) GDPR.

 

Matomo

In order to collect data, the tool uses a so-called "cookie". This is a small text file that is stored by your browser on your terminal device. By means of this cookie, the tool receives, for example, information about which pages you have visited, the duration of your stay on the pages, which country and city you are browsing from, technical data of the browser you are using and of the respective terminal device. The IP address of your terminal device is only processed anonymously. At no time does the tool create profiles to which we can assign certain users, but always uses pseudonyms.

 

To opt out from Matomo tracking, please click here:

 

 

Google Analytics
Google Analytics uses “cookies” which are text files placed on your computer, to help the website analyse how you use the site. The information that is generated by the cookie about your use of our website (including your IP address) is transmitted to a Google server in the USA where it is stored. Google will use this information to evaluate your use of the website, to compile reports on website activity for its operators and to provide other services related to website activity and internet usage. Google may also transfer this information to third parties as required by law or if said third parties process this data on behalf of Google. Google will never associate your IP address with any other data held by Google.

 

More information and instructions for opting out of Google Analytics tracking

 

Third party websites
 

There might be third party websites connected with our website through hyperlinks or buttons including social media sites. When using any such websites, certain information may be collected by such third parties. This information may be subject to their privacy statements and terms and conditions. We encourage you to review third party privacy policies before making use of their websites.


Contact inquiries


If you send us a message via one of the contact options offered, we will use the data you provide to us to process your request. The legal basis for this is our legitimate interest in responding to your request. If you are in the area of application of the GDPR, the legal basis for the corresponding processing is Art. 6 Para. 1 f) GDPR. The data will be deleted if you execute your right to deletion. If we are obliged by law to store the data for a longer period of time, it will be deleted after expiry of the corresponding period.

 

Email newsletters

 

We use Sendy to create and deliver our newsletters, and to obtain data regarding open rates and other metrics related to the engagement. In Sendy, we only store the data you provide via the subscription form (email address and name, if filled out). You can unsubscribe at any point by clicking on "unsubscribe" in the email you receive. To view Sendy's privacy policy, please click here: https://sendy.co/privacy-policy

 

Last updated: 21 February 2021

In connection with your personal data, you are entitled in particular to the rights listed below. Please refer to the legal regulations for details. If you are within the scope of the GDPR, the GDPR is the legal basis.

 

 

Right to information


You have the right to request confirmation from us as to whether personal data relating to you will be processed by us. If this is the case, you have the right to be informed about this personal data and to receive further information. If you are within the scope of the GDPR, the legal basis is Art. 15 GDPR.

 

 

Right to rectification


You have the right to demand from us immediately the correction of incorrect personal data concerning you. You also have the right to request the completion of incomplete personal data - also by means of a supplementary declaration - taking into account the purposes of the processing. If you are within the scope of the GDPR, the legal basis is Art. 16 GDPR.

 

 

Right to deletion


You have the right to demand that we delete any personal data concerning you immediately. We are obliged to delete personal data immediately if the corresponding requirements are met. If you are within the scope of the GDPR, the legal basis is Art. 17 GDPR.

 

 

Right to limitation of processing


Under certain circumstances you have the right to demand that we restrict the processing of your personal data. If you are within the scope of the GDPR, the legal basis is Art. 18 GDPR.

 

 

Right to data transferability


If you are within the scope of the GDPR you have the right under Art. 20 GDPR to receive the personal data relating to you which you have provided to us in a structured, common and machine-readable format and you have the right to transfer this data to another responsible person without hindrance by us, provided that the processing is based on consent in accordance with Article 6 Para. 1 a) GDPR or Article 9 para. 2 a) GDPR or on a contract pursuant to Article 6 para. 1 b) GDPR and the processing is carried out using automated procedures.

 

 

Existence of a right of appeal to the supervisory authority


If you are within the scope of the GDPR, Art. 77 GDPR gives you the right to complain to the supervisory authority without prejudice to any other administrative or judicial remedy. This right exists in particular in the Member State of your place of residence, your place of work or the place of the alleged infringement if you are of the opinion that the processing of your personal data violates the GDPR.

 

 

Right of objection


You have the right to object to the processing of personal data concerning you, including processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.

If you are within the scope of the GDPR, the legal basis is Art. 21 GDPR. The statement of objection then applies to personal data that is based on Article 6 paragraph 1 letters e or f of the GDPR Regulation.