Data protection policy
Bio2Brain is a project coordinated by the Fraunhofer Institute for Interfacial Engineering and Biotechnology IGB aiming to create a trans-European network of industrially oriented specialists fully trained and experienced, a significant driving force in innovating novel technologies to deliver biopharmaceuticals safely and via the nasal route of administration to the central nervous system (CNS). This project has received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska-Curie grant agreement No 956977.
As the party responsible for the data processing (controller), we process the personal data collected via our website and store them for the period, which is required to achieve the specified purpose and to comply with the statutory requirements. The following text informs you of the data we collect and the way we process the collected data. We also inform you on your data privacy rights as they pertain to the use of our website.
Pursuant to Article 4 No. 1 GDPR, personal data are all data referring to a specific or identifiable natural person.
1. Scope of this Agreement
This data protection information shall apply to the project website located at https://www.bio2brain.eu and all services we offer in context with this project as web services or mobile app providing we refer to this data protection information.
2. Name and contact information of the person who signs responsible for processing and the appointed data security officer
Controller as defined in Article 4 No. 7 GDPR:
zur Förderung der angewandten Forschung e.V.
Hansastraße 27 c,
80686 München [Munich, Bavaria, Germany]
for its Fraunhofer Institute for Interfacial Engineering and Biotechnology IGB, Nobelstrasse 12, 70569 Stuttgart, Germany
(in the following referred to as ‘Fraunhofer IGB’)
Telephone: +49 711 970-4401
Fax: +49 711 970-4200
You can reach the data protection representative of the Fraunhofer-Gesellschaft at the above address, c/o Data Protection Officer or at email@example.com and the representative of Fraunhofer IGB at firstname.lastname@example.org.
Please feel free to contact the data protection officers directly at any time with your questions concerning your data protection rights and/or your rights as affected person.
3. Processing of Personal Data and Purposes of the Data Processing
a. During Your Website Visit
You may access our website without having to disclose any details of your identity. The browser installed on your terminal device automatically transmits information to the server of our website (e.g. browser type and version, date and time of access) to enable connection with the website, including the IP address of your requesting terminal device. This information is temporarily stored in a so-called log file and deleted after no more than 30 days.
Your IP address is processed for technical and administrative purposes regarding connection set-up and stability, to guarantee the security and functioning of our website and to be able to track any illegal attacks on the website, if required.
The legal basis for processing the IP address is Art. 6 (1) lit. f GDPR. Our legitimate interest ensues from said security interest and the necessity of the unobstructed availability of our website.
We cannot draw any direct conclusions about your identity from processing the IP address and other information in the log file.
b. Registration to the Bio2Brain Newsletter
Once you have given your explicit consent pursuant to 6 para. 1, page 1 lit. a GDPR, we will use your email address to send our regular newsletters to you. The newsletters contain information on the Bio2Brain project, and related research activities or events. The subjects and contents of the selected information are determined by the list you subscribed to.
Once you have subscribed, you will receive a registration notification by email, which you need to confirm to be added to the mailing list (so-called double opt-in). Your email response serves as confirmation that you are in fact the person who issued the subscription.
You may unsubscribe at any time, e.g. via a link at the end of each email. Alternatively, you may also unsubscribe by sending us an email to email@example.com.
Once we have received your cancellation request, we will immediately delete your email address from our mailing list.
4. Transfer of Personal Data to Third Persons
We will only disclose your personal data to third parties if:
- You have given consent pursuant to Art. 6 (1) lit. a GDPR,
- There is a legal obligation for disclosure pursuant to Art. 6 (1) lit. c GDPR.
Third parties may use the transferred data for the above-mentioned purposes only.
We use server-side cookies. Cookies are small files, which are automatically created by the browser of the user device and stored in your device (PC, laptop, tablet, smart phone or similar device) when you visit our website. Cookies do not harm your computer, and they do not contain viruses, Trojans or other malware.
Cookies store information associated with the specific device used. That does not mean that we can directly identify you.
We also use temporary cookies to optimize user-friendliness; these cookies are stored on your device for a specific fixed time interval. When you visit our site again to use our services, these cookies will automatically detect that you have visited in the past and will reapply your previous entries and settings so that you do not have to enter them again.
The data processed by the cookies are necessary for the above-mentioned purposes to protect our legitimate interests and those of third parties pursuant to Art. 6 (1) lit. f GDPR.
Most browsers automatically accept cookies. However, you can configure your browser to not save any cookies on your computer or to display a notice before new cookies are saved. Completely disabling cookies may mean that you cannot fully use all functions of our website.
6. Your Rights as Affected Person
You have the following rights:
- pursuant to Art. 7 (3) GDPR, to withdraw your consent at any time. This means that we may not continue the data processing based on this consent in the future;
- pursuant to Art. 15 GDPR, to obtain access to your personal data processed by us. In particular, you may request information about the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the personal data have been or will be disclosed, and the envisaged period for which the data will be stored. Moreover, you have the right to request rectification, erasure, or restriction of processing, to object to processing, the right to lodge a complaint, and to obtain information about the source of your data if they were not collected by us, as well as about the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the logic involved;
- pursuant to Art. 16 GDPR, to obtain the rectification of inaccurate data or the completion of your personal data without undue delay;
- pursuant to Art. 17 GDPR, to obtain the erasure of personal data saved by us unless processing is necessary to exercise the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest, or to establish, exercise or defend legal claims;
- pursuant to Art. 18 GDPR, to obtain restriction of processing of your personal data if you contest the accuracy of the data, the processing is unlawful but you oppose the erasure of the personal data, or if we no longer need the personal data while you still require it for establishing, exercising or defending legal claims, or if you have filed an objection to the processing pursuant to Art. 21 GDPR;
- pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us, in a structured, commonly used and machine-readable format or to transmit those data to another controller and
- pursuant to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. Generally, you may contact the supervisory authority of your habitual residence, place of work or the registered offices of our organization.
Information on your Right of Objections according to Article 21 GDPR
You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data pursuant to Art. 6 (1) lit. e GDPR (data processing carried out in the public interest) and Art. 6 (1) lit. f GDPR (data processing for purposes of legitimate interests).
If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms, or unless the processing serves the establishment, exercise or defense of legal claims.
If your objection is directed against the processing of data for the purpose of direct marketing, we will stop the processing immediately. In this case, citing a special situation is not necessary. This includes profiling to the extent that it is related to such direct marketing.
If you would like to assert your right to object, please send an email to firstname.lastname@example.org will suffice.
9. Data Security
All your personal data are transmitted in encrypted format, using the widely used and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard that is also used, for instance, in online banking. You will recognize a secure TLS connection by the additional s after http (i.e., https://..) in the address bar of your browser or by the lock icon in the lower part of your browser.
In all other regards, we use suitable technical and organizational security measures to protect your data against accidental or intentional manipulations, partial or complete loss, destruction, or the unauthorized access of third parties. We continuously improve our security measures in accordance with the state of the art.
10. Amendments to the Data Security Information and its Timeliness
The further development of our website and the products and services offered or changed due to statutory or regulatory requirements, respectively, may make it necessary to amend this data protection information. You may access and print out the latest data protection information at any time from our website.
You may read or print this updated and amended version at any time.