Data protection

Data protection


We would like to take this opportunity to inform you about data protection when you visit our website. The protection of your privacy and your personal data is important to us. We only want to collect and process personal data about you with your knowledge or consent. You will find out what information we may store and for what purposes we use it. We are committed to complying with data protection in accordance with the EU General Data Protection Regulation (EU GDPR) and the Berlin Data Protection and Freedom of Information Act.


In accordance with the data protection regulations, this privacy policy provides information on the collection of data from the data subject, in particular with regard to Art. 13 GDPR and the associated processing of personal data when visiting our website.


Name and address of the controller


The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is


SEPSIS Foundation c/o Charité - Universitätsmedizin Berlin Hindenburgdamm 27 D-12203 Berlin office@sepsis-stiftung.de


Represented by: Prof. Dr. Konrad Reinhart Chairman of the Board Sepsis Foundation c/o Charité - Universitätsmedizin Berlin Hindenburgdamm 27 D-12203 Berlin konrad.reinhart@sepsis-stiftung.de


The Board of Directors is authorized to represent: - Prof. Dr. Konrad Reinhart, Chairman - Dr. Charles Löhnitz, Deputy Chairman - Dr. Carolin Fleischmann-Struzek - Joachim Greuner - Prof. Dr. Michael Bauer - Prof. Dr. Thomas Kamradt - Prof. Dr. Achim Kaasch


Contact details of the data protection officer


You can reach our data protection officer at the following contact details: Prof. Dr. Konrad Reinhart Chairman of the Board Sepsis Foundation c/o Charité - Universitätsmedizin Berlin Hindenburgdamm 27 D-12203 Berlin konrad.reinhart@sepsis-stiftung.de


Any data subject can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.


Handling of personal data


Definition: Personal data is all information that can be used to clearly identify a person. It is therefore data that can be traced back to a specific person. It is generally possible to use our website without providing personal data. Insofar as personal data (e.g. name, address, place of residence or e-mail addresses) is collected on our website, this is always done on a voluntary basis as far as possible. In accordance with the principle of data minimization, we only process personal data if this is absolutely necessary for the purposes described in this data protection declaration or to fulfill a purpose requested by you. Your data will not be passed on to third parties unless this is required by law and you have given us your consent.


Protection of minors


Children and young people under the age of 16 should not transmit any personal data to us without the consent of their parents or legal guardians. We do not request personal data from children, do not collect it and do not pass it on to third parties.


Access data/server log files


When you visit the website, data is collected about every access to the website (so-called server log files). The access data includes: - IP address of the computer from which the request was sent, in anonymized (shortened) form, - browser information (web browser used, operating system, language setting, etc.), - information about the server service used, - protocol version, - name of the file or offer page accessed (URL), - date and time of access, - data volumes transferred, - status information (e.g. error messages).


We use this technical access information on the basis of Art. 6 para. 1 letter f GDPR (legitimate interest) exclusively for statistical purposes in order to improve the attractiveness and usability of our websites and, if necessary, to detect technical problems and malfunctions on our website at an early stage. The Internet address of the end device you are using is anonymized after a short time by skipping the last byte (e.g. 83.243.48.xxx). No personal user profile is created and the data is not passed on to third parties.


Use of the contact form/contacting us


You can contact us easily and conveniently using a form. When using the contact form, personal data is only collected to the extent provided by you. If the form contains mandatory fields, these are marked and explained in each individual case. All information is therefore provided voluntarily and is collected directly from you as the data subject. Transmission of this information via our contact form is encrypted.


Please note that further data resulting from the selected communication channel (contact by e-mail, telephone or post) may be collected when processing the inquiry.


Your voluntarily provided personal data will be stored for the purpose of processing your request and any follow-up questions that may arise and for any contact that may be required in this context. The data is processed on the basis of Art. 6 (1) (a) GDPR (consent). This personal data will not be passed on to third parties.


We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.


E-mail contact


If you contact us by email, we will process your personal data transmitted with the email to process the request and in the event that follow-up questions arise.


The legal basis for processing the data is Art. 6 (1) (f) GDPR (legitimate interest). There is a necessary legitimate interest in using the data to process your request. If the data processing takes place in the context of further contact after using the contact form, the previous section must be observed. If the data processing is carried out in order to take steps at your request prior to entering into a contract, the legal basis for this data processing is Article 6(1)(b) GDPR (performance of a contract). We only process other personal data if you explicitly consent to this. No data will be passed on to third parties in this context. The data will only be used to process your request.


The personal data transmitted with the e-mail will remain with us until the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions - in particular retention periods - remain unaffected. Please note that encrypted and/or signed communication may not be possible via the contact channels provided. We recommend that you send sensitive information by post.


Integration of third-party services and content


It may happen that third-party content, such as graphics from other websites, is integrated into our website. This always assumes that the providers of this content (hereinafter referred to as "third-party providers") are aware of the user's IP address. This is because without the IP address, they would not be able to send the content to the respective user's browser. The IP address is therefore required to display this content. We endeavor to only use content whose respective providers only use the IP address to deliver the content. However, we have no influence on whether the third-party providers store the IP address, e.g. for statistical purposes. Insofar as we are aware of this, we will inform users of this. This processing is carried out on the basis of legitimate interest within the meaning of Article 6(1)(f) GDPR.


Cookies


Cookies are set when you visit our website. Cookies are small text files that are stored on your computer and saved by your browser.


Session cookies are only stored for the duration of your visit and are automatically deleted when you close your browser. If you then access our website again, the cookie will be set again. The same happens if you have deleted the cookies in your browser separately or access our website via a different device. These cookies do not contain any personal data, but merely identify the browser used to access the website. They serve to make our website more user-friendly, effective and secure.


Other cookies make it possible to store specific, device-related information on the user's access device (PC, smartphone, etc.), even beyond a single session. They are used, for example, to retain page settings for future website visits. These cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser on your next visit.


Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested are stored on the basis of Art. 6 para. 1 letter f (legitimate interest) GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. Insofar as other cookies (e.g. cookies to analyze your surfing behavior) are stored, these are treated separately in this privacy policy. When using third-party content via our website, e.g. in the case of a link, cookies from third-party providers may be used without us being able to expressly point this out to you.


The most common browsers are set to accept cookies automatically. However, they allow you to specify the processing of such cookies so that you can deactivate the storage of these cookies or set the type of processing by your browser or delete these cookies (for information on handling cookies, see https://www.verbraucher-sicher-online.de/thema/cookies)


Use of the website without JavaScript


If you have deactivated JavaScript in your browser, you will not be able to use certain content (e.g. videos) and certain notices, e.g. the above-mentioned cookie notice, will not be displayed. You can use extensions such as NoScript to allow JavaScript for certain pages (e.g. our website).


Security of your data


We use suitable technical and organizational means to protect the data you transmit to us against accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security measures are continuously monitored and improved in line with technological developments and organizational possibilities.


To protect the security of your personal data and other confidential content during transmission on our website (e.g. contact form), we use SSL or TLS encryption. You can recognize an encrypted connection by the character string "https" and the lock symbol in your browser line.


Deletion of personal dataYour personal data will be deleted or blocked in accordance with the statutory provisions as soon as the respective purpose of storage (see above) no longer applies. Data may also be stored if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject, or if it is necessary for the assertion, exercise or defense of legal claims.


Social mediaIn addition to this website, we also maintain a presence on social media, which you can also access via the corresponding buttons on our website. There we inform users about our clinics and offer them the opportunity to communicate with us via the respective social network. By accessing our website on a corresponding platform, the general terms and conditions and the data processing guidelines of the respective provider of the social network apply. The foundation named under Controller and the respective provider of the social network are controllers pursuant to Art. 26 GDPR. Links to the relevant documents are provided below in this section.


On the part of the respective operator of the social media platform, data of the users or visitors of the respective media portal are sometimes also processed outside the European Union. Data processing outside the EU may result in disadvantages for the users concerned (e.g. due to obstacles in connection with the assertion or enforcement of data protection concerns). The operators of social media portals create profiles and regularly use the data collected from users of their platform for the purposes of market research and advertising. For example, data from user behaviour is stored and evaluated for the purpose of "target advertising" or personalized advertising. Cookies are stored on the end devices of the respective users of the media platform in order to obtain information in advance of context-related advertising measures.


As we, just like the operator of the social network, are responsible for the data processing measures carried out when you access our website, you can assert your rights both against us and against the operator of the portal. However, only the portal operator has comprehensive access to the data of the users of its platform. We therefore recommend that requests for information and claims for the assertion of data subject rights should be submitted directly to the respective operator of the respective media platform (listed below). The specific scope of the processing of personal data and possible disclosure of your data to third parties by the operator of the respective social media portal can be found in the operator's privacy policy (see below). We are also happy to answer any further questions and provide support.


If you communicate with us via our website on a social media platform, interact with us or leave a comment there, we will process your data. By way of exception, this does not apply if this privacy policy states otherwise.


Data processing is carried out to protect our legitimate interest in providing comprehensive information to users of the respective social media presence and our legitimate interest in communicating with users in accordance with Art. 6 (1) (f) GDPR. Insofar as the platform user has given the respective operator of the media portal effective consent to data processing by means of a button to be activated (and has not revoked the consent), the data processing is legitimized by Art. 6 para. 1 letter a GDPR.


Google / YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) Privacy Policy: https://policies.google.com/privacy Opt-Out: https://adssettings.google.com/authenticated. Google has given an assurance that it respects the European minimum standard of data protection.Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland) Privacy Policy: https://www.facebook.com/privacy/explanation We can access statistical data of various categories via the so-called "Insights" of the Facebook page. (https://www.facebook.com/business/a/page/page-insights) These statistics are generated and provided by Facebook. As the operator of the page, we have no influence on the generation and presentation of these statistics. We cannot deactivate this function or prevent the generation and processing of the data. Facebook provides us with the following data relating to our Facebook page for a selectable period of time and for the categories fans, subscribers, people reached and people interacting: Total number of page views, "Like" information, page activity, post interactions, reach, video views, post reach, comments, shared content, replies, proportion of men and women, origin based on country and city, language, views and clicks in the store, clicks on route planners, clicks on telephone numbers. Data on the Facebook groups linked to our Facebook page is also provided in this way. Due to the constant development of Facebook, the availability and processing of the data changes, so we refer you to the above-mentioned Facebook privacy policy for further details. The processing of personal data is based on Article 6(1)(f) GDPR. Our legitimate interest is to make our posts and activities on our Facebook page more attractive to users. For example, we use the distribution by age and gender for an adapted approach and the preferred visiting times of the users for a time-optimized planning of our posts. Information about the type of devices used by visitors helps us to adapt the design of our posts accordingly.Instagram (Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland) Privacy Policy: https://help.instagram.com/519522125107875?helpref=page_content


Rights of data subjects


The applicable data protection law grants you comprehensive data subject rights vis-à-vis the controller with regard to the processing of your personal data, about which we inform you below: - Right to information pursuant to Art. 15 GDPR: You have the right to obtain information about your personal data stored and processed by us at any time. Please note that your right to information may be restricted by the provisions of Section 26 (2) and Section 33 HDSIG.


- Right to rectification, erasure, restriction, information pursuant to Art. 16-19 GDPR: You have a right to rectification of inaccurate data and to erasure or restriction of processing of personal data (provided your request does not conflict with a legal obligation to retain data). If you have asserted your right to rectification, erasure or restriction against the controller, the controller is obliged to inform all recipients to whom your data has been disclosed of your request. Please note that your right to erasure may be restricted by the provision of Section 34 HDSIG. - Right to data portability pursuant to Art. 20 GDPR: You have the right to receive your personal data stored by us in a structured, commonly used and machine-readable format, provided that the processing is based on consent pursuant to Art. 6 (1) (a), Art. 9 (2) (a) GDPR or on a legal basis. 2 letter a GDPR or on a contract pursuant to Art. 6 para. 1 letter b GDPR - Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR: You have the right to withdraw consent granted (Art. 6 para. 1 letter a GDPR or Art. 9 para. 2 letter a GDPR) at any time with effect for the future, without affecting the lawfulness of processing based on consent before its withdrawal. Please note that your right to object may be restricted by the provision of Section 35 HDSIG - right to lodge a complaint pursuant to Art. 77 GDPR: If you believe that the processing of personal data concerning you infringes the GDPR, you have the right - without prejudice to any other administrative or judicial remedy - to lodge a complaint with a competent supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.


To exercise these rights, please contact the above-mentioned controller or data protection officer. The data protection supervisory authority responsible for us is: Berliner Beauftragte für Datenschutz und Informationsfreiheit, Alt-Moabit 59-61, 10555 Berlin (https://www.datenschutz-berlin.de).


Online dispute resolution:


The European Commission provides a platform for online dispute resolution (OS), which you can find on the Internet at ec.europa.eu/consumers/odr/. Notice pursuant to Section 36 of the Consumer Dispute Resolution Act (VSBG)


The Foundation is not obliged to participate in a dispute resolution procedure before a consumer arbitration board and does not participate in such a procedure.


Changes to our privacy policy


In order to ensure that our privacy policy always complies with the current legal requirements, we reserve the right to make changes at any time. This also applies in the event that the privacy policy has to be adapted due to new or revised services, for example new services. The new privacy policy will then apply the next time you visit our website.