We are pleased that you are visiting our website “www.clayconference2024.de” (hereinafter referred to as “Website”) and thank you for your interest in the activities of the Bundesgesellschaft für Endlagerung mbH (hereinafter BGE) and the Bundesanstalt für Geowissenschaften und Rohstoffe (hereinafter BGR). We (BGE and BGR) act as joint data controllers.
In the following, we would like to inform you about the measures we take to protect your privacy as well as how and for what purposes your data is processed on our websites. We delete personal data as soon as possible.
Data is processed in accordance with the relevant legal provisions, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data, on the free movement of such data, and the repeal of Directive 95/46/EC (General Data Protection Regulation, GDPR) and the Federal Data Protection Act (BDSG).
If you feel that the following information is not sufficient or not clear enough, you can always contact our data protection officer.
1. Responsible bodies/data protection officer/supervisory authority
a) Joint Data Controllers
Bundesgesellschaft für Endlagerung mbH (BGE)
Eschenstraße 55
D-31224 Peine
Fax: 05171 43-1218
E-Mail: poststelle(at)bge.de
Website: www.bge.de
Bundesanstalt für Geowissenschaften und Rohstoffe (BGR)
Authorized to represent:
Prof. Dr. Ralph Watzel
Stilleweg 2
D-30655 Hannover
Telefon: +49 (0)511-643-0
E-mail: poststelle@bgr.de
b) Data Protection Officer
Bundesgesellschaft für Endlagerung mbH (BGE)
-Datenschutzbeauftragter-
Eschenstraße 55
31224 Peine
E-Mail: datenschutz(at)bge.de
c) Supervisory authority responsible for data protection
The data protection supervisory authority of the joint controllers is the Federal Commissioner for Data Protection and Freedom of Information:
Bundesbeauftragter für den Datenschutz und die Informationsfreiheit
D-53117 Bonn
Telefon: +49 (0) 228 99 7799 – 0
E-Mail: poststelle(at)bfdi.bund.de
Internet: www.bfdi.bund.de
2. Basis for the processing of personal data
Personal data is processed in the following contexts:
Personal data refers to any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person (Article 4, No. 1 GDPA).
Data is processed only
Consents
Consent is usually obtained electronically (e.g. if a check mark is placed in the box regarding the use of cookies). The consent and its content will be recorded electronically.
You have the right at any time to revoke a consent once granted, in whole or in part, with effect for the future. Revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revocation.
3. Your rights as a data subject
a) Right to information (Article 15 GDPR)
You have the right at any time to demand information from us as to whether we are processing personal data from you. If this is the case, you are entitled to receive the following information free of charge:
If information has been transferred to a third country outside the scope of the GDPR, you have the right to find out whether and, if so, on the basis of which guarantees in accordance with Articles 45, 46 GDPR an adequate level of data protection is ensured in this third country.
We will provide you with a copy of the personal data that is the subject of processing. If you submit the application electronically, the information shall be provided by us in a standard electronic format unless you request otherwise. The copy is made subject to the rights of third parties who may be affected by this data.
If you wish to receive the information electronically, we reserve the right to demand proof of identity from you so that we do not release data in good faith to unauthorised third parties and thereby violate the protection of your personal data.
b) Right to rectification
You have the right to demand that we correct any incorrect personal data concerning you without delay. In consideration of the purposes of processing, you also have the right to request the completion of incomplete personal data – also by means of a supplementary declaration.
c) Right of deletion (Article 17 GDPR)
You have the right to demand that the joint controllers delete any personal data relating to you immediately; the joint controllers are obliged to delete it immediately if:
In particular, the right to the deletion of personal data relating to you does not exist if we process the data on the basis of a legal obligation (e.g. to fulfil legal storage obligations or to perform public tasks under the law of the European Union or its member states) or if we process the data for data backup and data control purposes. The same applies if the personal data is necessary for us to assert legal claims or to defend against legal claims.
d) Right to restrict processing (Article 18 GDPR)
You can demand that we restrict the processing of your personal data. This applies in the following cases:
e) Right of data transferability (Article 20 GDPR)
You have the right, subject to the following provisions, to request the provision of data relating to you in a common electronic, machine-readable format. The right of data transfer includes the right to transfer the data to another data controller; on request, we will therefore – as far as technically possible – transfer data directly to a responsible person named or to be named by you. The right of data transfer exists only for data provided by you and presupposes that the processing is based on consent or for the execution of a contract and is carried out using automated procedures. The right of data transfer according to Article 20 GDPR does not affect the right to delete data in accordance with Article 17 GDPR. The data transfer is subject to the rights and freedoms of other persons whose rights may be affected by the data transfer.
f) Right of objection (Article 21 GDPR)
If the joint controllers process personal data on the basis of tasks in the public interest (Article 6, paragraph 1, sentence 1, letter e) GDPR), you can object to the processing of personal data concerning you at any time with effect for the future.
In the event of objection, we must refrain from any further processing of your data for the aforementioned purposes, unless
You may at any time object to the processing of your personal data with effect for the future.
g) Right of appeal to the supervisory authority (Article 77 GDPR)
According to Article 77 GDPR, you have the right to submit a complaint to the supervisory authority if you believe that your personal data are being processed unlawfully. The supervisory authority responsible for us as the joint controllers (BGE and BGR) is mentioned in point 1 letter c).
4. Data processing when using this website
a) Calling up the website in the browser
We process personal data when you call up this website in a browser. Data processing only takes place to the extent necessary for the provision of this website. We automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The data includes
This data is not merged with other data sources. Nor are any conclusions drawn about the person concerned.
The information from the above-mentioned data is used to optimise the content of our website and to ensure its continuous functionality and that of our IT systems. In the event of a cyber attack on our systems, it may be used to provide law enforcement authorities with necessary information.
Legal basis
The basis for the processing of the data results from Art. 6 para. 1 S 1. e) DSGVO, as the aforementioned purposes are in the public interest.
Hosting
We host this website with the following third-party provider: HostPress GmbH, Bahnhofstr. 34, 66571 Eppelborn, Germany. The server location is Germany.
Storage period
The data is deleted when it is no longer required to achieve its processing purpose. In the case of data processing when the website is called up in the browser, this is the case when the respective session has ended. The log files, including the IP address, are stored for a maximum period of 15 days for the purpose of protecting system security.
b) Setting cookies and other technologies
Basics
We use cookies on our website. Cookies are small text files that are stored on your computer and saved by your browser. Cookies that are necessary for the operation of the site are set. Necessary cookies help make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies. In all cases, information is processed anonymously. No data is passed on to third parties. Below we outline the cookies used on this website.
Cookies
Your consent applies to the following domains: www.clayconference2024.de
Necessary Cookies (2)
Name |
Anbieter |
Zweck |
Ablauf |
Typ |
---|---|---|---|---|
be_typo_user |
www.clayconference2024.de |
Retains the user’s states for all page requests. |
Session |
HTTP Cookie |
CookieConsent |
www.clayconference2024.de |
Speichert den Zustimmungsstatus des Benutzers für Cookies auf der aktuellen Domäne. |
1 year |
HTTP Cookie |
Necessary cookies help make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Removal option for cookies
The cookies are stored on your respective terminal device in the browser. You can also delete the cookies at any time before their storage period indicated above expires by deleting them via the corresponding function of your web browser. You can also set your browser so that no cookies are stored at all. Your browser gives you full control.
Legal basis for the use of cookies
For technically necessary cookies, Art. 6 para. 1 p.1 e) DSGVO is the legal basis as they are necessary for the operation of the website and the functionality of the website is in the public interest.
For statistics/analysis cookies and third-party cookies, the legal basis results from your consent pursuant to Art. 6 para. 1 p. 1 letter a) DSGVO. You give your consent electronically the first time you visit this website via our cookie consent tool Cookiebot, which appears in the foreground of the page. Information about the tool is available at https://www.cookiebot.com/de/.
c) Use of analysis tools
This website uses the open source web analytics service Matomo. The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymised before storage. With the help of Matomo, we are able to collect and analyse data about the use of our website by website visitors. This enables us to find out, among other things, when which page views were made and from which region they come. We also collect various log files (e.g. anonymised IP address, referrer, browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks etc.).
IP anonymisation
We use IP anonymisation for the analysis with Matomo. This means that your IP address is shortened before analysis so that it can no longer be clearly assigned to you.
Hosting
We host Matomo with the following third-party provider: Amazon Web Services EMEA SARL 38 avenue John F. Kennedy, L-1855 Luxembourg, server location Germany.
Legal basis
The use of this analysis tool is based on Art. 6 para. 1 lit. e DSGVO. Analysing user behaviour is in public interest in order to optimise our website for the visitors.
5. Registration on this website
You have the option to register on this website to be able to use additional website functions such as registering for the Clay Conference. We shall use the data you enter only for the purpose of using the respective offer or service you have registered for. The required information we request at the time of registration must be entered in full. Otherwise, we shall reject the registration.
To notify you of any important changes to the scope of our portfolio or in the event of technical modifications, we shall use the e-mail address provided during the registration process.
We shall process the data entered during the registration process in order to take steps to entering into a contract (Art. 6(1)(b) GDPR).
The data recorded during the registration process shall be stored by us as long as you are registered on this website or if the purpose of processing the data no longer applies. Subsequently, such data shall be deleted. This shall be without prejudice to mandatory statutory retention obligations.
Please note that we work together with a service provider, the company F&U confirm GbR
Permoserstraße 15, 04318 Leipzig, Germany, for all registration processes.
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
6. Payment service providers
Processing of Customer and Contract Data
We collect, process, and use personal customer and contract data for the establishment, content arrangement and modification of our contractual relationships. Data with personal references to the use of this website (usage data) will be collected, processed, and used only if this is necessary to enable the user to use our services or required for billing purposes. The legal basis for these processes is Art. 6(1)(b) GDPR.
The collected customer data shall be deleted upon completion of the order or termination of the business relationship and upon expiration of any existing statutory archiving periods. This shall be without prejudice to any statutory archiving periods.
Data transfer upon closing of contracts for services
We share personal data with third parties only if this is necessary in conjunction with the handling of the contract; for instance, with the financial institution tasked with the processing of payments.
Any further transfer of data shall not occur or shall only occur if you have expressly consented to the transfer. Any sharing of your data with third parties in the absence of your express consent, for instance for advertising purposes, shall not occur.
The basis for the processing of data is Art. 6(1)(b) GDPR, which permits the processing of data for the fulfilment of a contract or for pre-contractual actions.
Payment services
We integrate payment services of third-party companies on our website. When you make a purchase from us, your payment data (e.g. name, payment amount, bank account details, credit card number) are processed by the payment service provider for the purpose of payment processing. For these transactions, the respective contractual and data protection provisions of the respective providers apply. The use of the payment service providers is based on Art. 6(1)(b) GDPR (contract processing) and in the interest of a smooth, convenient, and secure payment transaction (Art. 6(1)(f) GDPR). Insofar as your consent is requested for certain actions, Art. 6(1)(a) GDPR is the legal basis for data processing; consent may be revoked at any time for the future.
We use the following payment services / payment service providers within the scope of this website:
Stripe
The provider for customers within the EU is Stripe Payments Europe, Ltd,1 Grand Canal Street Lower, Grand Canal Dock, Dublin, Ireland (hereinafter “Stripe”).
Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: https://stripe.com/de/privacy and https://stripe.com/de/guides/general-data-protection-regulation. Details can be found in Stripe’s Privacy Policy at the following link: https://stripe.com/de/privacy.
7. Photo and film references for events
Due to our legal mandate, we, as the joint controllers, are obliged to carry out extensive public relations work. At events organised by us or at events co-organised by us, photographs and film recordings of speakers, participants, and guests may be taken and distributed for the purposes of documentation and public relations work. Such recordings may be used on this website, in publications or internal presentations, or may be forwarded to the media.
This fact will be pointed out in the invitations sent out and at the venue itself.
Legal basis
These records are based on Article, 6 paragraph 1, sentence 1, letter e) GDPR. There is a public interest in the Clays in Natural and Engineered Barriers for Radioactive Waste Confinement. The interests of the persons concerned are safeguarded. For example, photographs are taken without consent in accordance with Article 6, paragraph 1, sentence 1, letter a) GDPR only if they are large group or overview photographs. Targeted portraits or close-ups of individual persons or children are taken only with their consent.
8. Online-based Audio and Video Conferences (Conference tool)
Data processing
We use an online conference tool, among other things, for communication with our partners. The tool we use is explained in detail below. If you communicate with us by video or audio conference using the Internet, your personal data will be collected and processed by the provider of the respective conference tool and by us. The conferencing tool collects all information that you provide/access to use the tool (email address and/or your phone number). Furthermore, the conference tool processes the duration of the conference, start and end (time) of participation in the conference, number of participants and other “context information” related to the communication process (metadata).
Furthermore, the provider of the tool processes all the technical data required for the processing of the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker and the type of connection.
Should content be exchanged, uploaded, or otherwise made available within the tool, it is also stored on the servers of the tool provider. Such content includes, but is not limited to, cloud recordings, chat/ instant messages, voicemail uploaded photos and videos, files, whiteboards, and other information shared while using the service.
Please note that we do not have complete influence on the data processing procedures of the tools used. Our possibilities are largely determined by the corporate policy of the respective provider. Further information on data processing by the conference tools can be found in the data protection declarations of the tools used, and which we have listed below this text.
Purpose and legal bases
The conference tool is used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6(1)(b) GDPR). Furthermore, the use of the tool serves to generally simplify and accelerate communication with us or our company. Insofar as consent has been requested, the tools in question will be used on the basis of this consent; the consent may be revoked at any time with effect from that date.
Duration of storage
Data collected directly by us via the video and conference tool will be deleted from our systems immediately after you request us to delete it, revoke your consent to storage, or the reason for storing the data no longer applies. Stored cookies remain on your end device until you delete them. Mandatory legal retention periods remain unaffected.
We have no influence on the duration of storage of your data that is stored by the operators of the conference tools for their own purposes. For details, please directly contact the operators of the conference tools.
Conference tool used
We use Webex. The provider of this service is the Webex Communications Deutschland GmbH, Hansaallee 249 c/o Cisco Systems GmbH, 40549 Düsseldorf, Germany.
It cannot be ruled out that data processed via Webex will be transferred to third-party countries (e.g. USA). Webex has Binding Corporate Rules (BCR) which have been approved by the Dutch, Polish, Spanish, and other relevant European Data Protection Authorities. These are binding corporate rules that legitimize the transfer of data within the company to third countries outside the EU and EEA: https://www.cisco.com/c/de_de/about/trust-center/data-protection-and-privacy-policy.html and https://konferenzen.telekom.de/fileadmin/Redaktion/conference/cisco-webex/Webex_Compliance_Deutsch_V1.0.pdf.
For details on data processing, please refer to Webex’s privacy policy: https://www.cisco.com/c/de_de/about/legal/privacy-full.html.
Data processing
We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.
9. Newsletter
Newsletter data
If you would like to subscribe to the newsletter offered on this website, we will need from you an e-mail address as well as information that allow us to verify that you are the owner of the e-mail address provided and consent to the receipt of the newsletter. No further data shall be collected or shall be collected only on a voluntary basis. We shall use such data only for the sending of the requested information and shall not share such data with any third parties.
The processing of the information entered into the newsletter subscription form shall occur exclusively on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke the consent you have given to the archiving of data, the e-mail address, and the use of this information for the sending of the newsletter at any time, for instance by clicking on the “Unsubscribe” link in the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place to date.
The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter or after the purpose has ceased to apply. We reserve the right to delete or block e-mail addresses from our newsletter distribution list at our own discretion within the scope of our legitimate interest in accordance with Art. 6(1)(f) GDPR.
Data stored for other purposes with us remain unaffected.
After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist, if such action is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.
10. Notice of possible changes to this data protection declaration
The data protection regulations may have to be adapted because of technical developments, jurisdiction, or legal changes.
In order to keep yourself informed about the current status of our data use conditions, you should visit this page regularly.