Privacy Policy
Introduction
This Data Protection Declaration tells you which types of personal data (hereinafter also referred to as "data") we process for which purposes and to what extent. The Data Protection Declaration applies to all the processing of personal data which we undertake, both in connection with the provision of our services and also in particular on our websites, in mobile applications and for our online presence (collectively referred to as our "online services").
We strive to use gender-neutral language but unfortunately do not always succeed. We would nevertheless like to address all persons equally and on an equal basis.
Last updated: 7 June 2022
Table of Contents
- Introduction
- Controller
- Contact details data protection officer
- Overview of data processing
- Relevant legal bases
- Security measures
- Transmission of personal data
- Erasure of data
- Performance of tasks according to statutes or rules of procedure
- Presence in social networks (social media)
- Plug-ins, embedded functions and content
- Rights of the data subjects
- Cookies
Controller and contacts for further information
Deutsche Veterinärmedizinische Gesellschaft e.V.
An der Alten Post 2
35390 Gießen/Germany
Email address: info@dvg.de
Telephone: +49 (0) 641 9844460
Legal information: https://www.dvg.net/index.php?id=2261
DVG Service GmbH is a body within the DVG e.V. whose tasks include planning and holding training courses and conferences as well as publishing conference proceedings via its own publishing press.
DVG Service GmbH
An der Alten Post 2
35390 Gießen/Germany
Email address: info@dvg.de
Telephone: +49 (0) 641 9844460
Information about the data processing undertaken by the foundations can be obtained from the DVG e.V. Specific information about data protection when proposals for prizes are submitted can be found at the following link: https://www.dvg.net/ueber-uns/preise/datenschutz/
Contact details data protection officer
Ingenieurbüro Quast | Büro für Datenschutz und Qualitätsmanagement
Birkenweg 20, 35447 Reiskirchen/Germany
Telephone: +49 (0)6408 9686689
Email: post@Ingenieurbuero-Quast.de
Overview of data processing
The overview below summarises the types of data processed and the purposes for which they are processed and states the data subjects.
Types of data processed
- Basic personal data
- Payment data
- Contact data
- Content data
- Contract data
- Usage data
- Meta/communication data
Categories of data subjects
- Users
- Members
- Business and contractual partners
Purposes of the processing
- Provision of contractual services and customer/member services
- Contact requests and communication
- Administration and responding to enquiries
- Feedback
- Marketing
- Provision of our online services and user friendliness
Relevant legal bases
Below is an overview of the legal bases of the General Data Protection Regulation (GDPR) on whose basis we process personal data. Please note that, in addition to the provisions of the GDPR, national data protection provisions may apply in your or our country of residence or registration. Furthermore, if more specific legal bases are relevant in individual cases, we inform you of these in the Data Protection Declaration.
- Consent (Article 6(1)(a) GDPR) – The data subject has given their consent to the processing of their personal data for a specific purpose or for several specific purposes.
- Performance of contract and pre-contract requests (Article 6(1)(b) GDPR) – Processing is necessary for the performance of a contract to which the data subject is a party or in order to take steps at the request of the data subject prior to entering into a contract.
- Legal obligation (Article 6(1)(c) GDPR) – Processing is necessary to comply with a legal obligation to which the controller is subject.
- Legitimate interests (Article 6(1)(f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data.
Security Measures
To ensure a level of protection commensurate with the risk, we take suitable technical and organisational measures.
These include controlling the physical and electronic access to the data, as well as the access to the data relating thereto, the input, transfer, safeguarding of availability and separation. We have furthermore established procedures to ensure the rights of data subjects are exercised, data are erased, and data threats are responded to. In addition, we take the protection of personal data into account when first developing or selecting hardware, software and procedures, in accordance with the principle of data protection, through technology design and data protection-friendly defaults.
SSL encryption (HTTPS): To protect your data which is transmitted via our online services, we use an SSL encryption. You can recognise such encrypted connections by the prefix "https://" in the address bar of your browser.
Transmission of personal data
When we process personal data, the data may be transmitted or disclosed to other bodies, companies, legally independent organisational units or persons. The recipients of these data may include service providers tasked with IT work, or service and content providers integrated into a website. In such a case, we observe the statutory provisions and in particular conclude appropriate contracts or agreements with the recipients of your data which serve to protect your data.
Data transmission within the organisation: We may transmit personal data to other bodies within our organisation or grant them access to it. Where such transmission is done for administrative purposes, the transfer of data shall be based on our legitimate company and economic interests or be undertaken when it is necessary to fulfil our contractual obligations or where consent of the data subject or a legal authorisation has been obtained.
Erasure of data
The data we process will be erased in accordance with the statutory provisions as soon as the consents given to permit the processing of the data are withdrawn or other permissions cease to apply (e.g. if the purpose of processing these data has ceased to apply or it is not necessary for the purpose).
If the data are not erased because they are required for other and legally permissible purposes, their processing shall be limited to these purposes. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax reasons, or whose storage is necessary to assert, exercise or defend legal claims or to protect the rights of another natural or legal person.
Our data protection information can furthermore include further information on the retention and erasure of data which is overriding for the processing in question.
Performance of tasks according to statutes or rules of procedure
We process the data of our members, supporters, interested parties, business partners or other individuals (collectively termed “data subjects”) when we have a membership or other business relationship with them and perform our tasks on this basis, and when we are the recipients of services and payments. We furthermore process the data of data subjects on the basis of our legitimate interests, e.g. when administrative tasks or public relations work is involved.
The data processed in such cases, the type, scope, purpose and necessity for their processing, are determined by the underlying membership or contractual relationship which gives rise to the necessity to provide the data (furthermore we state which data are required).
We erase data that are longer required to fulfil the purposes of our statutes and business purposes. This is determined according to the tasks and contractual relationships in question. We retain the data for as long as they can be relevant for business transactions, also with regard to any warranty or liability obligations on the basis of our legitimate interests in their settlement. The necessity for retaining the data is reviewed on a regular basis; in all other respects, the statutory retention obligations apply.
- Types of data processed: basic personal data (e.g. names, addresses); payment data (e.g. bank details, invoices, payment history); contact details (e.g. email, telephone numbers); contract data (e.g. subject of the contract, term, customer/member category).
- Data subjects: users (e.g. website visitors, users of online services); members; business and contractual partners.
- Purposes of the processing: provision of contractual services and customer/member services; contact requests and communication; administration and response to enquiries.
- Legal bases: contract fulfilment and pre-contract requests (Article 6(1)(b) GDPR); legitimate interests (Article 6(1)(f) GDPR).
Presence in social networks (social media)
We maintain an online presence within social networks and process user data in this context in order to communicate with the users active there or to provide information about us.
We would like to point out that this might lead to user data being processed outside the European Union, which can pose risks for users because this might hinder the enforcement of users' rights, for example.
User data are also generally processed within social networks for market research and advertising purposes. For example, usage profiles can be created on the basis of the usage behaviour and the user interests deduced therefrom. The usage profiles can in turn be used, for example, to display advertisements which are assumed to correspond to the interests of the users both within and outside the networks. For these purposes, cookies are usually stored on the users’ computers, and the usage behaviour and interests of the users are stored therein. Furthermore, the usage profiles can also store data regardless of the devices used by the users (especially if the users are members of the respective platforms and are logged in).
For a detailed description of the particular forms of processing and the options for objecting (opt-out), we refer you to the privacy policies and information of the respective network operators.
We would also like to point out that requests for information and the assertion of user rights are also directed most effectively to the providers. Only the providers have access to the user data in question and can take appropriate measures and provide information directly. Should you still require assistance, you are welcome to contact us.
- Types of data processed: contact data (e.g. email, telephone numbers); content data (e.g. entries in online forms); usage data (e.g. websites visited, interest in content, access times); meta/communication data (e.g. device information, IP addresses).
- Data subjects: users (e.g. website visitors, users of online services).
- Purposes of the processing: contact requests and communication; feedback (e.g. collection of feedback via online form); marketing.
- Legal bases: legitimate interests (Article 6(1)(f) GDPR).
Further information on processing procedures, methods and services:
- Instagram: social network; service provider: Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA; legal bases: legitimate interests (Article 6(1)(f) GDPR); website: https://www.instagram.com; Privacy Policy: https://instagram.com/about/legal/privacy.
- Facebook pages: Profiles within the Facebook social network - We, together with Meta Platforms Ireland Limited, are jointly responsible for the collection (but not the further processing) of data of those visiting our Facebook page (so-called "fan page"). These data include information about the types of content users view or interact with, or the actions they take (see "Things that you and others do and provide" in Facebook's Privacy Policy: https://www.facebook.com/policy), as well as information about the devices used by the users (e.g. IP addresses, operating system, browser type, language settings, cookie data; they can be found under "Device information" in Facebook’s Privacy Policy: https://www.facebook.com/policy). As is explained in Facebook’s Privacy Policy at “How do we use your information?”, Facebook also collects and uses information to provide analytical services, so-called "page insights", for website operators so that they can obtain information about how people interact with their pages and with the content associated with them. We have concluded a special agreement with Facebook (“Information about Page Insights”,
https://www.facebook.com/legal/terms/page_controller_addendum), which particularly stipulates which security measures Facebook must observe, and wherein Facebook undertook to comply with the rights of the data subjects concerned (i.e. users can address information or erasure requests, for example, directly to Facebook). The rights of users (in particular to information, erasure, objection and complaint to the competent supervisory authority) are not restricted by the agreements with Facebook. Further information can be found at “Information about Page Insights”
(https://www.facebook.com/legal/terms/information_about_page_insights_data); service provider: Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland; legal bases: legitimate interests (Article 6(1)(f) GDPR); website: https://www.facebook.com;
Privacy Policy:
https://www.facebook.com/about/privacy;
Standard contract clauses (ensure data protection level when processing takes place in third countries):
https://www.facebook.com/legal/EU_data_transfer_addendum
Further information:
Joint Responsibility Agreement:
https://www.facebook.com/legal/terms/information_about_page_insights_data.
- LinkedIn: social network; service provider: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland; legal bases: legitimate interests (Article 6(1)(f) GDPR); website:
Privacy Policy:https://www.linkedin.com/legal/privacy-policy;
Data processing agreement: https://legal.linkedin.com/dpa; Standard contract clauses (ensure data protection level when processing takes place in third countries):
https://legal.linkedin.com/dpa;
Opt-out option:
https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.
Plug-ins, embedded functions and content
We integrate functional and content elements into our online services which are obtained from the servers of their respective providers (hereinafter referred to as "third-party providers"). These may, for example, be graphics, videos or city maps (hereinafter uniformly referred to as “content").
The integration always presupposes that the third-party providers of this content process the IP address of the user, since they could not send the content to their browser without the IP address. The IP address is therefore required to present this content or these functions. We strive to only use content whose respective providers use the IP address solely to deliver the content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as "web beacons") for statistical or marketing purposes. "Pixel tags" can be used to evaluate information such as visitor traffic on the pages of this website. The pseudonymised information may also be stored in cookies on the user’s device and contain technical information about the browser and the operating system, websites to be referred to, visiting times and other information about the use of our online services, for example, and may also be linked to such information from other sources.
- Types of data processed: usage data (e.g. websites visited, interest in content, access times); meta/communication data (e.g. device information, IP addresses); basic personal data (e.g. names, addresses); contact data (e.g. email, telephone numbers); content data (e.g. entries in online forms)
- Data subjects: users (e.g. website visitors, users of online services)
- Purposes of the processing: provision of our online services and user friendliness
- Legal bases: legitimate interests (Article 6(1)(f) GDPR)
Further information on processing procedures, methods and services:
- YouTube videos: video contents; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; legal bases: legitimate interests (Article 6(1)(f) GDPR); website:https://www.youtube.com; Privacy Policy:https://policies.google.com/privacy; Opt-out: opt-out plugin: https://tools.google.com/dlpage/gaoptout?hl=de, settings to display advertisements: https://adssettings.google.com/authenticated.
Rights of the data subjects
As a data subject, you have various rights under the GDPR, which arise in particular from Articles 15 to 21 of the GDPR.
- Right to object: You have the right, for reasons that arise from your particular situation, to object at any time to the processing of your personal data which is based on Article 6(1)(e) or (f) GDPR; this also applies to profiling based on these stipulations. If the personal data relating to you is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data relating to you for the purposes of such marketing; this also applies to profiling insofar as it is associated with such direct marketing.
- Right to withdraw consents: You have the right to withdraw consents given at any time.
- Right to obtain information: You have the right to obtain confirmation as to whether personal data are being processed and for information about these data as well as for further information and a copy of the data in accordance with the statutory provisions.
- Right of rectification: You have the right, in accordance with the statutory provisions, to demand the completion of personal data concerning you or the rectification of personal data concerning you which is incorrect.
- Right to erasure and restriction of processing: In accordance with the statutory provisions, you have the right to demand that personal data concerning you be erased immediately, or alternatively to demand that the processing of the data be restricted in accordance with the statutory provisions.
- Right to data portability: You have the right to receive personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format in accordance with the statutory provisions, or to demand that they be transferred to another controller.
- Right to lodge a complaint with a supervisory authority: Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, particularly in the Member State where you usually reside, work or where the infringement is suspected, if you believe that the processing of personal data concerning you is in contravention of the provisions of the GDPR.
The information requests of the foundations are processed and answered via the DVG e.V.
Cookies
Our organisation does not use any unnecessary cookies. We use the following cookies on our website:
Necessary cookies
The DVG website uses so-called cookies. None of these cookies contains personal data.
Cookies are small text files which are exchanged between web browser and the hosting server. Cookies are stored on the user’s computer, which transmits them to the website called up. Users can restrict or fundamentally prevent the use of cookies by an appropriate setting in the particular web browser used. Cookies that have already been stored can be erased at any time.
Our organisation uses cookies to ensure the technically secure and correct provision of websites. They are intended to enhance the security and functionality of the web applications provided. The cookies do not contain any personal data. No IP address or other information is recorded which makes it possible to trace back to the actual user.
NAME | DESCRIPTION | VALIDITY |
Klaro | Stores the consent status of the user for cookies on the current domain | 1 year |
fe_typo_user | Session cookie to administer the shopping cart for our online shop. When the shopping cart system is used, a temporary cookie is set; this administers the functionality of the order transaction but does not contain any personal data and is automatically deleted at the end of the session. | End of session |
PHPSESSID | Session cookie to administer the shopping cart for booking our events online. Description as above. | End of session |
Elementor storage | Elementor local storage and session storage. Elementor is a design tool which makes it easy to design WordPress websites. Elementor does not set any HTTP cookies. Instead, Elementor works with the local storage and the session storage. It is an entry in the local storage and in the session storage of the browser. The data recorded are only stored in the local browser of the visitor and not forwarded to Elementor or the server of the website operator or to third parties. | Session storage: |
OpenStreetMap | OpenStreetMap simply displays a map, it does not process any data of the website visitor. | No data |
We aim to maintain our Data Protection Declaration as current and as complete as possible. Please note that event-related webpages in particular may deviate technically from the basic architecture stated here because of the latest adjustments. Please do not hesitate to use your right to obtain information should some aspects of this Data Protection Declaration seem to be unclear. We will be delighted to provide you with individual information on all procedures and technologies used.