Thank you for your interest in our project. We collect and process personal data only to the extent necessary to provide a functional website, our contents and our services, and we do so only to the extent permitted by the provisions of the EU General Data Protection Regulation (GDPR) and German national data protection legislation. Please find below information about your rights and the type and scope of the data collected and processed by us.
1. Data controller
Data controller responsible for processing the data within the meaning of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):
Institut für Molekulare Diagnostik und Bioelektronik (IMDB) gGmbH
c/o Netzwerk Diagnostik Berlin-Brandenburg e.V.
Veltener Str. 12 | 16761 Hennigsdorf b. Berlin
Tel.: +49 3302 2309160
2.1 Personal data is any information relating to an identified or identifiable natural person (hereinafter referred to as »data subject«). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, on-line identification, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2.2 A data subject is any person whose personal data are being processed by the controller.
2.3 Processing is any operation or set of operations, performed on personal data, whether or not by automatied means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
2.4 Pseudonymisation is the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that this additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
2.5 Controller is the person who decides on the purposes and means of the processing of personal data and who carries it out accordingly.
2.6 Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
2.7 The recipient is a natural or legal person, public authority, agency or another body to which the personal data are disclosed.
2.8 Consent of the data subject means any freely given specific, informed and unambiguous expression of his or her wishes, in the form of a declaration or any other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.
2.9 A personal data breach is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
2.10 Health data are personal data relating to the physical or mental health of a natural person, including the provision of health services, which reveal information about his or her health status.
2.11 Supervisory authority is an independent public authority set up by an EU Member State in accordance with Article 51 GDPR which is responsible for monitoring compliance with the data protection laws, rules and regulations.
3. Information on the processing of personal data
We process your personal data by means of various technical means and, if necessary, also with the involvement of other service providers (order processing). The following paragraphs contain the concrete details of data processing.
3.1 Visit to our website: When you view our website for information purposes only, i.e., if you do not register or otherwise provide us with information, we only collect the personal data that your browser sends to our server. When you access our website, we collect the following data which are technically required for us to present content on our website and to ensure its stability and security:
- IP address and service provider
- Date and time of the request
- Content of the request (specific page)
- Access status/HTTP status code
- Amount of data transmitted in each case
- Website from which the request originates (referrer URL)
- Browser including language and software version
- Operating system and its interface
3.2 Log files: The data listed in 3.1 are also automatically stored in the log files (log files) of our server. These logged data are stored separately from other data and can only be viewed by the host. The storage period is seven days. The legal basis for the processing of your data when visiting our website is Article 6 paragraph 1 sentence 1 letter f GDPR and Article 15 German Telemedia Act (TMG).
3.3.1 Transient cookies are automatically deleted when you close your browser. This includes the session cookies, in particular. These store a so-called session ID by means of which various requests from your browser can be assigned to the shared session. The session cookies are deleted when you log out or close the browser.
3.3.2 Persistent cookies serve to recognize your terminal device when you return to our website. These cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies at any time in the security settings of your browser.
3.4 Rejection of cookies: You can configure your browser settings to your preferences and also refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all the functions of this website if you do so.
3.5 Contact by email: When you contact us from the email address provided on our website, the data you enter (your email address and regularly your name as well as other data you provide) will be stored by us to answer your enquiry and process your request. You may object to the processing of your personal data at any time by sending an email to email@example.com, or you can declare your objection to the processing of your personal data by contacting the data controller as described above under »Data controller «. We will delete the data collected in this context after storage is no longer required, or restrict processing if there are legal storage obligations. The legal basis is Article 6 paragraph 1 sentence 1 letter f GDPR. If the purpose of your contact is to conclude a contract, the additional legal basis for the processing of your personal data is Article 6 paragraph 1 sentence 1 letter b GDPR.
You may object to the processing of your personal data at any time by sending an email to firstname.lastname@example.org or by declaring your objection to the processing of your personal data to the person listed above under »Data controller«. If you contact us directly by email, you may object to the processing of your personal data at any time in this manner.
4. Your rights
You have the following rights with regard to the processing of personal data concerning you, which you can assert at any time informally against the contact person listed above under »Data controller«.
4.1 Right to information, Article 15 GDPR: Upon request, we will provide you with information on what personal data we have stored about you, for what purpose, for how long, from what source and on what legal basis, and whether we have disclosed this data to third parties.
4.2 Right to rectification, Article 16 GDPR: Should it transpire that the personal data held by us is incorrect or incomplete, we will correct or supplement it immediately upon request.
4.3 Right to deletion (»right to be forgotten«), Article 17 GDPR: You have the right to the immediate deletion of your personal data, provided that there is no legal obligation to retain them.
4.4 Right to limit processing, Article 18 GDPR: You can ask us to limit the processing of your personal data.
4.5 Right to object to processing, Article 7 paragraph 3 GDPR: You may object to the processing of your personal data at any time. This applies in particular if the legal basis for the processing is Article 6 paragraph 1 sentence 1 letter f GDPR.
4.6 Right to data transferability, Article 20 GDPR: You have the right to receive the personal data we hold on you in a universally readable format.
4.7 Right to complain to a supervisory authority, Article 77 GDPR: You also have the right to complain to the competent data protection supervisory authority about the processing of your personal data by us. The data protection authority of the Federal state in which we have our headquarters is responsible. Click here for further details (in German). Please note that the exercise of your rights may in individual cases be subject to certain conditions.