Data Protection at a Glance
Who is responsible for the data collection on this website?
Information on the data controller and our data protection officer is provided in the imprint.
Data collection on our website
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in so-called ‘server log files’. These include:
- Browser type and browser version
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address
This data will not be combined with data from other sources. This data is recorded on the basis of Art. 6 (1) (f) GDPR. The operator of the website has a legitimate interest in the technically error-free depiction and optimisation of its website, which requires server log files to be recorded.
If you email us or use the contact form to send us enquiries, your information from the form, including the contact data provided by you on the form, will be stored by us to process the enquiry and deal with follow-up questions. We will not disclose such data without your consent. The data in the contact form is therefore processed solely on the basis of your consent (Art. 6 (1) (a) GDPR).
Please use the email address link provided if you wish to email us your questions. The link accesses your email programme, and data input is carried within your jurisdiction. The data shall be processed on the basis of your consent (Article 6 (1) (a) GDPR).
You may revoke your consent at any time. An informal email sent to us making this request is sufficient. The data processing operations carried out before we receive your request may still be legally processed.
We will retain the data provided by you until you request us to erase the data, revoke your consent to storage or if the purpose for data storage no longer applies (e.g. after you enquiry has been fully processed). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Registration on this website
You can register for various events, seminars, webinars, etc. on our website. We use the data you provide only for the purpose of using the respective offer or service you have registered for. In some cases, you will be redirected to a third-party portal. The required mandatory information must be given in full. Otherwise, registration shall be rejected. To inform you of any important changes to the scope of our portfolio or in the event of technical modifications, we shall use the email address provided during the registration process to notify you.
We shall process the data provided during the registration process on the basis of your consent (Art. 6 (1) (a) GDPR). You may revoke previously given consent at any time. An informal email sent to us making this request is sufficient. The data processed before we receive your request may still be legally processed. The data recorded during the registration process shall be stored by us as long as you are registered on this website. Subsequently, such data shall be deleted. This shall be without prejudice to mandatory statutory retention obligations.
Our job board advertises company job offers to which people can apply. Users are forwarded to a company’s applicant portal when they click on an advertised offer. No data is entered on our website.
A job offer is advertised in an input mask on our website. The advertisement requires at least a valid email address. Companies may also specify a contact person. This is carried out on the basis of your consent (Article 6 (1) (a) GDPR).
If you wish to subscribe to the newsletter offered on our website, we require a valid email address from you as well as information that allows us to verify that you are the owner of the specified email address and that you agree to receive this newsletter. No additional data is collected or is only collected on a voluntary basis. We only use this data to send the requested information and do not disclose it to third parties.
Any data provided in the newsletter subscription form shall only be processed based on your consent (Art. 6 (1) (a) GDPR). You can revoke consent previously given to the storage of data, email address as well as their use for sending the newsletter at any time, for example, via the ‘unsubscribe’ link in the newsletter. The data processing operations carried out before we receive your request may still be legally processed.
We will store the data provided by you for the purpose of receiving the newsletter until you unsubscribe from the newsletter. It will then be erased when you unsubscribe. Data we have stored for other purposes (e.g. email addresses for the members area) remain unaffected.
Hosting and contract processing
This website is hosted by an external service provider (host). The personal data collected on this website is stored on the host’s servers. Such data may include, but is not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a website. The host is used in the interest of secure, fast and efficient provision of our online services by a professional provider (Art. 6 (1) (f) GDPR). Our host will only process your data to the extent necessary to fulfil its performance obligations and to follow our instructions with respect to such data. In order to guarantee processing in compliance with data protection regulations, we have concluded an order processing contract with our host.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons, in particular for the protection of the transmission of confidential content, such as your personal data. You can recognise an encrypted connection in your browser’s address line when it changes from ‘http://’ to ‘https://’ and the lock icon is displayed in your browser’s address bar. If SSL or TLS encryption is enabled, the data you transfer to us cannot be read by third parties.
Our website uses so-called ‘cookies’. Cookies are small text files that do not cause any damage to your end device. They are either stored temporarily for the duration of a session (session cookies) or they are permanently archived on your end device (permanent cookies). Session cookies are automatically deleted once you terminate your visit. Permanent cookies remain stored on your end device until you actively delete them or they are automatically deleted by your web browser.
In some cases, it is possible for third-party cookies to be stored on your end device once you access our site (third-party cookies). These cookies enable you or us to take advantage of certain services offered by the third party (e.g. cookies for the processing of webinars).
Cookies, which are required for the performance of electronic communication transactions or for the provision of certain functions you want to use, shall be stored on the basis of Art. 6 (1) (f) GDPR. The operator of the website has a legitimate interest in the storage of cookies to ensure the technically error-free and optimised provision of its services. If your consent to the storage of the cookies has been requested (e.g. consent to save cookies), processing is carried out on the basis of Art. 6 (1) (a) GDPR; this consent may be revoked at any time.
Plugins and Tools
Cookie consent with CookieFirst
This website uses CookieFirst to obtain your consent to store certain cookies on your terminal device and to document this consent in accordance with data protection law. The provider of this technology is Digital Data Solutions B.V., Plantage Middenln 42a, 1018 DH Amsterdam, website: https://cookiefirst.com/ (hereinafter "CookieFirst").
When you use our website, the following personal data is transferred to CookieFirst:
- Your consent(s) or withdrawal of your consent(s).
- Your IP address
- Information about your browser
- Information about your terminal device
- Time of your visit to the website
Furthermore, CookieFirst stores a cookie in your browser in order to be able to assign the consent(s) given to you or their revocation. The data collected in this way is stored until you request us to delete it, delete the CookieFirst cookie yourself or the purpose for storing the data no longer applies. Mandatory legal storage obligations remain unaffected. The user can prevent or terminate the storage of the cookie and thus his cookie consent by settings of his browser at any time.
The legal basis for this is Art. 6 (1) f DSGVO. The legitimate interest of the provider is the user-friendliness of the website as well as the fulfillment of the legal requirements from the DSGVO.
Further information on the handling of the transferred data can be found in the privacy statements of CookieFirst
You can prevent the collection as well as the processing of your data by Cookiefirst by disabling the execution of script code in your browser or by installing a script blocker in your browser (this can be found, for example, at www.noscript.net or www.ghostery.com).
Contract on order processing
We have concluded an order processing contract with CookieFirst. You can find information about this here: https://cookiefirst.com/legal/data-processing-agreement/
Use of ajax.googleapis.com/ jQuery
This website also uses Google’s Ajax and jQuery technologies to help optimise loading speeds. Programme libraries are accessed by Google servers in this regard. Google’s Content Delivery Network (CDN) is used. If you previously used jQuery on another Google CDN page, your browser will retrieve the copy stored in the cache. If this is not applicable, it will request a download, at which point data will be transferred by your browser to Google. Your data will be transferred to the USA. Further information on how Google processes data is available on the developer’s website (https://developers.google.com/speed/libraries), and Google Privacy Policies are currently available at: https://policies.google.com/privacy?hl=en&gl=en.
jQuery technologies are used in the interest of ensuring the technically error-free and optimised provision of its online services. This represents a legitimate interest within the meaning of Art. 6 (1) (f) GDPR.
Our website uses plug-ins of the social network Facebook provided by Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. An overview of the Facebook plug-ins can be found here: https://www.facebook.com/policy.php
When you access our site with Facebook plug-ins, a direct connection is established between your browser and the Facebook server by clicking on the Facebook icon. Facebook is thereby sent information, which includes the fact that you have visited our site with your IP address. If you are logged into your Facebook account, you can link the content of our pages to your Facebook profile. Facebook can thus assign your visit to our website to your user account. We would like to point out that we as the operators of this website are not aware of the content of the data transmitted or the purposes for which it is used by Facebook.
Please log out of your Facebook user account first if you do not want Facebook to be able to assign your visit to our site to your Facebook user account.
Features of the service Twitter are integrated on our website. These features are provided by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the ‘Retweet’ feature, the websites you have visited are linked to your Twitter account and made known to other users. Data is also transmitted to Twitter during this process. We would like to point out that we as the operators of this website are not aware of the content of the data transmitted or the purposes for which it is used by Twitter.
You can change your data privacy settings on Twitter in the account settings at: https://twitter.com/account/settings.
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our sites containing LinkedIn functions is accessed, your browser establishes a direct connection to the LinkedIn servers. LinkedIn is informed that you have visited our website from your IP address. If you use the LinkedIn ‘Recommend’ button and are logged into your LinkedIn account, it is possible for LinkedIn to associate your visit to our website and to your user account. We would like to point out that we as the operators of this website are not aware of the content of the data transmitted or the purposes for which it is used by LinkedIn.
Our website uses functions of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time one of our sites containing XING functions is accessed, your browser establishes a connection to the XING servers. To the best of our knowledge, no personal data is stored in the process. In particular, no IP addresses are stored nor is usage behaviour evaluated.
On our website visitors can subscribe to a newsletter. Which personal data is transmitted to us when subscribing to the newsletter can be seen from the form used, the mandatory fields are marked. Further data is not collected or only on a voluntary basis. We use this data exclusively for sending the newsletter and for notices or invitations to cluster-relevant events. We do not pass on this data to third parties.
The processing of the data submitted in the newsletter registration form is based exclusively on your consent (Art. 6 (1) a DSGVO). You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time, for example via an unsubscribe link in the newsletter. Furthermore, it is also possible to unsubscribe from the newsletter mailing directly on the website at any time or to communicate this in another way. The legality of the data processing operations already carried out remains unaffected by the revocation.
The data you have provided us with for the purpose of receiving the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted after you have unsubscribed. Data that has been stored by us for other purposes (e.g. e-mail addresses for customer communication) remains unaffected by this.
Video conferences, online meetings, webinars and screen sharing
We use third-party platforms and applications to conduct video and audio conferences, webinars and other types of video and audio meetings. We observe all legal requirements when selecting third-party providers and their services.
As such, participant data is processed and stored on the servers of third-party providers if these are used as part of the communication processes with us. This data includes registration and contact details. However, visual and vocal contributions as well as entries in chats and shared screen content can also be included, depending on the purpose of communication and configuration of the services.
If you do not want to be seen and/or heard, participation is only possible without sound and image approval. You should not use the chat function either.
Third-party providers can process usage data and metadata for security purposes, service optimisation or marketing purposes. Please observe the privacy policies of respective third-party providers.
The legal basis for processing shall be their consent if we ask participants for their consent to use third-party providers or certain functions (e.g. consent to record conversations). Their use can also be part of our (pre)contractual services, provided that the use of third-party providers has been agreed in this context. Otherwise, user data shall be processed based on our legitimate interest in ensuring secure and efficient communication with our communication partners.
We offer webinars and carry out video conferences via zoom, which is offered by the provider: Zoom Video Communications, Inc., 55 Almaden Blvd., Suite 600, San Jose, CA 95113, USA;
we have concluded an order processing contract with Zoom. Data transmission via the EU server is selected as the default in the settings. Data processing in the USA is possible. Zoom is certified under the Privacy Shield.
Zoom has privacy-friendly default settings. No tests of attention are conducted, for example. We generally do not record video conferences. Please see below for information on the recording of webinars.
Recording of webinars and publication on Vimeo
If we record webinars and want to publish them, you will be notified separately when you register. We will once again notify you of the recording and publication of webinars at the beginning of a session. As a regional sector network for medical technology, biotechnology and pharmaceuticals in the states of Hamburg and Schleswig-Holstein, Life Science Nord Management GmbH has a legitimate interest in recording and publishing webinars in the context of advocacy and public relations. Recorded webinars are uploaded to and published on Vimeo.
When you visit the Vimeo website, a connection is made to the servers of Vimeo Inc., Legal Department, 555 West 18th Street New York, New York 10011, USA. The Vimeo server is informed which pages you have visited. Vimeo also acquires your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account. The information recorded by Vimeo shall be transferred to a Vimeo server located in the USA.
If you are logged into your Vimeo account, you allow Vimeo to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Vimeo account.
Analysis tools and advertising
Web analytics (also known as ‘reach measurement’) is used to evaluate the streams of visitors to our online offering and may include behaviour, interests or demographic information about visitors. With the help of the range analysis, we can, for example, identify at what time our online offering or its functions or content are most frequently used or invite reuse. We can also understand which areas require optimisation.
Matomo Analytics Cloud
This website uses functions of the open-source web analytics service Matomo Analytics Cloud, provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769. Matomo uses so-called ‘Cookies’. These are text files that are stored on your computer and enable analysis of your use of the website. The information generated by the cookie about your use of this website is usually transferred to Matomo servers. Matomo cookies remain on your device until they are deleted.
The storage of Matomo cookies is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising.
We take the protection of your data seriously. We have therefore also configured Matomo so that your IP address is only recorded in truncated form. We therefore process your personal usage data anonymously. It is not possible for us to draw any conclusions about your person. The service is managed exclusively by the provider of this website; according to Matomo, the information generated by the cookie cannot be viewed and will not be disclosed to third parties. The servers used are in Germany.
You can prevent these cookies being stored by selecting the appropriate setting in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website.
If you do not agree with the storage and use of your data, you can disable this feature here. In this case, an opt-out cookie will be stored in your browser to prevent Matomo from storing your usage data. If you delete your cookies, this will mean that the opt-out cookie will also be deleted. You will then need to reactivate the opt-out when you return to our site.
Life Science Nord Management GmbH, Germany, is responsible for the content of the Facebook page https://www.facebook.com/LifeScienceNord. The legal basis for the processing of Facebook Insights Data by Life Science Nord Management GmbH is Article 6 (1) (f) GDPR. We use this data to make posts on the page more attractive or to find the right time for publication.
When visiting our Facebook fan page, Facebook (as the data controller) collects the personal data of users, for example, by using cookies. Facebook can even collect data of visitors to this page who are not logged in or registered with Facebook.
According to the judgement of the European Court of Justice, there is a joint liability according to Article 26 GDPR between Facebook and Life Science Nord Management GmbH; you can see the page controller addendum here: https://www.facebook.com/legal/terms/page_controller_addendum
If you would like to know more about Insights Data on Facebook, please visit the following page: https://www.facebook.com/legal/terms/information_about_page_insights_data
Life Science Nord Management GmbH does not know which user data Facebook collects. In addition, Life Science Nord Management GmbH does not have full access to the collected data or your profile data. Life Science Nord Management GmbH can only see the public information of your profile. You decide which information it can see in your Facebook settings. You also have the option of actively hiding your ‘likes’ or stopping following the page in your Facebook settings (https://www.facebook.com/settings?tab=privacy). Then your profile will no longer appear in the list of fans of this Facebook page.
Facebook provides Life Science Nord Management GmbH with anonymous statistics on use and use of the page. The following information is provided here, for example:
- Follower: number of people following https://www.facebook.com/LifeScienceNord – including growth and development over a defined time frame.
- Range: Number of people who see a specific post. Number of interactions on a post. From this, it is possible to deduce, for example, which content is better received by the community than others.
- Ad performance: How much does a click cost Life Science Nord Management GmbH? How many people saw an ad?
- Demography: Average age of visitors, gender, place of residence, language.
We use these statistics, from which we cannot draw any conclusions about individual users, to constantly improve our online offering on Facebook and to better respond to the interests of our users. We cannot link statistical data with the profiles of our fans or individual users. You can use your Facebook settings to decide how you want targeted advertising to appear.
Facebook sends Life Science Nord Management GmbH personal data if you actively transmit this data by sending a personal Facebook message. We use the provided data (e.g. first name, last name) to respond to your enquiry. We will not save your data. Facebook also provides Life Science Nord Management GmbH with your personal data if you use a form previously filled out based on your profile information to send us data and if you actively click on the button to send us data.
Your rights as the data subject
As far as your personal data is processed during the visit to our website, you have the following rights as the ‘data subject’ within the meaning of the GDPR:
You can request information from us as to whether we will process your personal data. The right to information is excluded if the data is only stored because it may not be deleted due to legal or statutory retention periods or serves exclusively purposes of data backup or data protection control, provided that the provision of information would require a disproportionately high effort and processing for other purposes by appropriate technical and organisational measures is excluded. If in your case the right to information is not excluded and your personal data is processed by us, you can request information from us about the following information:
- purposes of processing,
- categories of your personal data processed,
- recipients or categories of recipients to whom your personal data are disclosed, in particular to recipients in third countries,
- if possible, the planned duration for which your personal data will be stored or, if this is not possible, the criteria for determining the duration of retention,
- the existence of a right of rectification, or of erasure, or of restriction of processing of your personal data, or of a right to object to such processing,
- the existence of a right of lodge a complaint to a data protection supervisory authority,
- if the personal data has not been collected from you as the data subject, the available information on the origin of the data,
- where appropriate, the existence of automated decision-making, including profiling and meaningful information on the logic involved and the scope and intended impact of automated decision-making,
- where appropriate, in the case of transfers to recipients in third countries, unless a decision of the EU Commission on the adequacy of the level of protection pursuant to Art. 45 (3) GDPR exists, information on which suitable guarantees are provided pursuant to Art. 46 (2) GDPR for the protection of personal data.
Rectification and completion
If you discover that we have incorrect personal data about you, you can demand that we correct this incorrect data without delay. If your personal data is incomplete, you may request that it be completed.
You have the right to erasure (‘right to be forgotten’), unless the processing is necessary to exercise the right to freedom of expression, the right to information or to fulfil a legal obligation or to perform a task that is in the public interest and one of the following reasons applies:
- The personal data is no longer necessary in relation to the purposes for which it was collected.
- The justification for the processing was exclusively your consent, which you have withdrawn.
- You have objected to the processing of your personal data which we have made public.
- You have objected to the processing of personal data not made public by us and there are no overriding legitimate reasons for the processing.
- Your personal data has been processed unlawfully
There is no right to erasure if, in the case of lawful non-automated data processing, the erasure is not possible or only possible with disproportionately high effort due to the special type of storage and your interest in the erasure is low. In this case, the restriction of processing takes the place of erasure.
Right to restriction of processing
You have the right to request we restrict the processing your personal data, if one of the following reasons applies:
- You contest the accuracy of the personal data stored. You insist in restriction of processing your data during the period enabling us to verify the accuracy of your data.
- Processing of your data is unlawful and instead of erasure you ask for the use of your personal data to be restricted.
- Your personal data is no longer required for the purposes of processing, but you require it for the assertion, exercise or defence of legal claims.
You have objected to processing pursuant to article 21 (1) GDPR. You can insist on restriction of processing for the time pending the verification whether our legitimate grounds override your legitimate grounds.
Restriction of processing means that we only process your personal data if we have your consent, or for assertion, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest. Before lifting the restriction of processing, we have a duty to inform you of such.
You have the right to data portability in case processing is based on your consent (GDPR Art. 6 (1) (1) (a) or Art. 9 (2) (a) GDPR) or based on a contract to which you are a contracting party and the processing is carried out by automated means. In this case, the right to data portability includes the following rights, insofar as they do not adversely affect the rights and freedoms of others: Right of data portability means that you have the right to receive personal data, which you previously provided to us, in a structured, commonly used and machine-readable format. You have the right to transmit such data to another controller without hindrance from us. Where technically feasible, you may request that we transmit personal data directly to another controller.
Revocation of consent
You have the right to revoke previously given consent at any time with effect for the future. The revocation of consent can be communicated informally by telephone, by email or by postal mail. The revocation does not affect the legality of the data processing, which took place on the basis of the consent up until the point revocation was received. After receipt of the revocation, the data processing, which was based exclusively on your consent, will be discontinued.
Right to lodge a complaint
If you believe that the processing of your personal data is contrary to the law, you have the right to lodge a complaint with the data protection supervisory authority, which is responsible for your place of residence or work or with jurisdiction for the place of the alleged infringement. The responsible supervisory authority for data protection matters is the Hamburg Representative for Data Protection and Freedom of Information (https://datenschutz-hamburg.de/).
If processing is based on Art. 6 (1) (1) (e) GDPR (performance of a task carried out in the public interest or subject to the exercise of public authority) or on Art. 6 (1) (1) (f) GDPR (legitimate interests of the controller or of a third party), you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation. This also applies to profiling based on Art. 6 (1) (1) (e) or (f) GDPR. After exercising the right of objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
You may at any time object to the processing of your personal data for direct marketing purposes. This also applies to profiling in connection with such direct advertising. After exercising this right of objection, we will no longer use the personal data concerned for direct marketing purposes.
You have the option of informing our company of your objection by telephone, email or by postal mail. Our contact details are provided here.