With the following information, we would like to give you an overview over the processing of your personal data by us and your rights under data protection legislation. Which data is processed in detail and in which way it will be used depends on the requested or agreed services. Therefore, not all parts of this information will apply to you.
In general, we, the IVAM e.V. Microtechnology Network, take the protection of your personal data very seriously. We point out that this website is aimed exclusively at persons of legal age.
1. Who is responsible for data processing and who can I contact?
Responsible is
IVAM e.V. Microtechnology Network
Joseph-von-Fraunhofer-Str. 13
DE-44227 Dortmund
+49 231 9742 168
info@ivam.de
You can reach our company data protection officer at the above-mentioned address under the addition DATA PROTECTION or under the following e-mail contact: datenschutz@ivam.de
2. Which sources and data do we use at all?
We process personal data, received in the context of use of our website, including customers, applicants or interested parties (hereinafter: you).
3. Why do we process your data (purpose of processing) and on what legal basis?
We process personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG)
a) to fulfill contractual obligations (Article 6 (1) (b) GDPR)
The processing of data may occur in the context of the performance of contracts with you as our customer or to carry out pre-contractual actions.
b) in context of the balance of interests (Article 6 (1) (f) GDPR)
If necessary, we may process your data beyond the actual performance of the contract in order to protect our legitimate interests or the interests of third parties. Examples:
- to check and optimize requirements analysis actions for direct customer approach,
- advertising or market and opinion research as long as you have not objected to the use of your data,
- asserting legal claims and advocacy in legal disputes,
- ensuring IT security and IT operations of the company,
- measures for business control and further development of services and products,
c) based on your consent (Article 6 (1) (a) GDPR)
With your agreement to the processing of personal data for specific purposes (e.g. for marketing purposes, newsletter delivery), the lawfulness of this processing is based on your consent.
d) due to legal requirements (Article 6 (1) (c) GDPR) or in public interest (Article 6 (1) (e) GDPR)
In addition, we are subject to various legal obligations, i.e. legal requirements (e.g. tax laws). The purposes of processing include, but are not limited to, compliance with tax inspection, reporting obligations and much more.
e) in the context of the establishment of an employment relationship (Article 88 GDPR in connection with article 26 (1) BDSG)
If you apply to us, your personal data may also be processed.
4. What does this mean in detail with regard to the provision of this website with the services available therein and otherwise?
4.1 Provision of the website and creation of log files
Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer. The following data is collected here:
- information about the browser type and version used
- the user's operating system
- the Internet service provider of the user
- the IP address of the calling computer
- date and time of access
- websites from which the user's system reaches our website
- websites that are accessed from the user's system through our website
The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.
Legal basis for the temporary storage of data under log files is Art. 6 (1) (f) GDPR.
The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. Therefore, the user's IP address must be kept for the duration of the session. Log files are stored to ensure the functionality of the website. In addition, the data is used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. These purposes represent our legitimate interest in data handling according to Art. 6 (1) (f) GDPR.
The data will be deleted as soon as it is no longer needed for the purpose of its collection. In case of collecting data for providing the website, they will be deleted when the respective session is completed.
In the case of storing the data in log files, this is the case after no more than seven days. An extended storage is possible. In this case, the users IP addresses are deleted or anonymized, so that an assignment of the calling client is no longer possible.
The collection of data and the storage in log files is essential to provide and operate the website. There is consequently no right to object on the part of the user.
4.2 Use of cookies
When visiting our website, we occasionally use cookies to make our offer user-friendly, effective and secure.
The following data is stored and transmitted in cookies:
- language settings
- log-in information for persons who have received access data from us
In the context of the use of technically necessary cookies, we process your personal data in accordance with Art. 6 (1) (f) GDPR.
Technically necessary cookies are used for the purpose of making our website easier for you. Some features of our website cannot be offered without the use of cookies. For this, it is necessary that the browser is recognized even after requesting another page. We need your cookies for the following applications:
- adoption of language settings
- log-in information for persons who have received access data from us
The user data collected through technically necessary cookies will not be used to create user profiles.
Cookies are stored on your computer and transmitted by it to our site. Therefore, you as user have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing your internet browser’s settings. Already saved cookies can be deleted at any time. This can also be done automatically. Disabled cookies may prevent the full functioning of the website.
The data collected in this way will be pseudonymized by technical means. Therefore, an assignment of the data to the calling user is no longer possible. The data will not be stored together with other personal data of the users. The legal basis for the processing of personal data using cookies is Article 6 (1) (f) GDPR.
4.3 Newsletters
You can subscribe to a free newsletter on our website. The data from the input mask are transmitted to us when registering for the newsletter.
We ask for the following data for this purpose:
- user’s e-mail address
In addition, the following data is collected upon registration:
- the IP address of the calling computer
- date and time of registration
For data processing, your consent is obtained during the registration process and reference is made to this privacy policy.
In connection with the data processing for the sending of newsletters, there is no disclosure of the data to third parties. The data will be used exclusively for sending the newsletter.
Insofar as you have registered for the newsletter and thus have given your consent regarding the processing of your data, the legal basis for this is Art. 6 (1) (a) GDPR.
The collection of your e-mail address serves to deliver the newsletter. The collection of other personal data in context of the registration process serves to prevent misuse of the services or the used e-mail address.
The data will be deleted as soon as it is no longer needed for the purpose of its collection. Your e-mail address will therefore be saved as long as the subscription to the newsletter is active. The other personal data collected during the registration process will normally be deleted after a period of 7 days.
Subscription to the newsletter may be cancelled or changed by you at any time. For this purpose, there is a corresponding link in each newsletter.
This also allows a revocation of the consent to the storage of the personal data collected during the registration process.
4.4 Registration for events and ticket shop
You can register for events on our website. For this purpose, we use registration forms on our website, and for selling tickets, we use the ticket system pretix of the German service provider rami.io Softwareentwicklung, Raphael Michel, Rathausstr. 19/2, 69126 Heidelberg, Germany. You can find more information about pretix's privacy policy here: https://pretix.eu/about/de/privacy
We ask for the following data for this purpose:
- name, title and form of address
- e-mail address
- telephone number
- full postal address
In addition, the following data is collected upon registration:
- the IP address of the calling computer
- date and time of registration
The data is used exclusively for the conducting of the event and for invoicing. If an event is organized with other partners, your data can be passed on to them if this is necessary to carry out the event.
If an event is organized in a third country, personal data may be transferred to recipients in this country if this is necessary in order to conduct the event.
Your data is processed on the basis of Art. 6 (1) (a) GDPR (consent) and Art. 6 (1) (b) GDPR (processing to fulfill a contract).
The collection of your e-mail address and your name is necessary in order to send you a confirmation and further information about the event. The collection of other personal data as part of the registration process is used for invoicing and to prevent misuse of the services or the used e-mail address.
The data will be deleted as soon as it is no longer needed for the purpose of its collection. If you have consented to the further storage in the registration form for the purpose of being informed about further events, your data will be stored until you revoke this consent.
If you choose "credit card" as your payment method in the ticket shop, payment will be processed via Stripe Payments Europe Ltd, Block 4, Harcourt Center, Harcourt Road, Dublin 2, Ireland.
If you choose Stripe as your payment method, the payment data you entered will be transmitted to Stripe. Further information on Stripe's data protection can be found at https://stripe.com/de/privacy
The transmission of your data to Stripe is based on Art. 6 (1) (a) GDPR (consent) and Art. 6 (1) (b) GDPR (processing to fulfill a contract).
4.5 E-mail contact
If you contact us via e-mail, the personal data transmitted with your e-mail will be saved. In this context, there is no disclosure of data to third parties, except for the processing by our e-mail provider. The data is used exclusively for processing the conversation.
Please note that this data can also be stored by our e-mail provider Google in countries outside the European Union. For more information about Google and the GDPR, please visit https://www.google.com/intl/en_de/cloud/security/gdpr/
The legal basis for the processing of the data transmitted in the course of sending an e-mail is Article 6 (1) (f) GDPR. If the e-mail contact aims at concluding a contract, then additional legal basis for the processing is Art. 6 (1) (b) GDPR.
In the case of contact via e-mail, this also includes the required legitimate interest in data processing. Due to the legally prescribed retention periods, emails are archived. Personal data sent by e-mail will be saved as well.
You have the option to revoke your consent to the processing of personal data at any time. If you contact us by e-mail, you may object to the storage of your personal data. In such a case, the conversation cannot continue. All personal data stored in the course of contacting will be deleted in this case.
4.6 Applicant management
You would like to apply with us? We look forward to receiving your application by e-mail.
As part of applicant management, we process the personal data you have provided us to initiate an employment relationship based on Article 88 GDPR in connection with Article 26 (1) BDSG. Alternatively, collective agreements (group, general and company agreements as well as collective agreements) according to Article 88 GDPR in connection with Article 26 (4) BDSG as well as consent (e.g. photo record) according to Article 88 GDPR in connection with Article 26 (2) BDSG may be used.
In some cases, we process your data to safeguard legitimate interests, e.g. in the case of intra-corporate data exchange for administrative purposes (Article 6 (1) (f) GDPR in connection with recital 48).
If special categories of personal data (e.g. severe disability) are processed, Article 88 GDPR in connection with Section 26 (3) BDSG applies. In addition, the processing of health data for the assessment of your ability to work acc. Article 9 (2) (h) in connection with Article 22 (1) (b) BDSG may be required.
We process and store your personal data as long as it is necessary for the fulfillment of the purpose of the data processing or of lawful, contractual or legal obligations. Thereafter, the data is deleted or its processing is restricted. If no employment relationship is concluded after completing the application process, your data will be deleted not later than 3 years after completing the application process. After expiry of the regular 3-year limitation period under Article 195 BGB, any claims under the General Act on Equal Treatment (AGG) are time-barred. If we would like to save your application for a longer period in a so-called "applicant pool", we would ask you for your consent when the three-year period expires.
Of course, you are also free to withdraw your application at any time. In this case, your data will also be deleted if no longer necessary for the purpose of their collection. Submitting an e-mail to us with the appropriate content is sufficient. The revocation of any given consent is also possible at any time.
4.7 Matomo
This website uses the web analysis service Matomo to analyze the use of the website. With the statistics obtained, we can improve our offer and make it more interesting. The legal basis for the use of Matomo is Art. 6 (1) (f) GDPR.
The IP addresses collected by Matomo are processed in abbreviated form and are not merged with other data collected by us. You can prevent the collection of data with Matomo under the following link: https://www.ivam.de/matomo-optout
4.8 Twitter
This website uses the buttons and timelines of the Twitter service. These features are provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA.
By accessing a part of this website containing such buttons or timelines, the browser establishes a direct connection with the servers of Twitter. The content of the Twitter buttons and timelines is transmitted by Twitter directly to the user's browser. We therefore have no influence on the amount of data that Twitter collects with the help of this plugin and inform the users according to our knowledge. According to this, only the IP address of the user and the URL of the respective website when calling the button or timeline is transmitted. These are not used for purposes other than the appearance of the button or timeline.
Further information can be found in the privacy policy of Twitter at http://twitter.com/privacy.
4.9 Integration of services and content of third parties
Portions of this website include third-party content, such as YouTube videos, maps provided by Google Maps, Yumpu ePapers, RSS feeds, or graphics from other websites. This requires that the providers of this content (hereinafter referred to as "third party") process the IP address of the users, because without the IP address, the content cannot be sent to the browser of the respective user. We endeavor to use only such content whose respective providers use the IP address only for the delivery of the content. However, we do not have any influence on this if the third parties save the IP address e.g. for statistical purposes. As far as we know, we will inform our users.
4.10 Online meetings, telephone conferences and webinars
We use the tools Zoom and Google Meet to conduct telephone conferences, online meetings, video conferences and/or webinars (hereinafter referred to as "online meetings"). Zoom is a service provided by Zoom Video Communications, Inc., which is based in the USA.
Google Meet is a service of Google Ireland Limited, a service company of Google LLC, which is based in the USA.
The party responsible for data processing directly related to the conducting of online meetings is IVAM e.V.
If you access the website of Zoom or download the app from Zoom, the provider Zoom is responsible for the data processing. The data protection information of Zoom can be found at https://zoom.us/privacy. However, visiting the website is only necessary to download the software for the use of Zoom. You can also use Zoom if you enter the respective meeting ID and, if necessary, other access data for the meeting directly in the Zoom app. If you do not want to, or cannot use the Zoom app, the basic functions can also be used via a browser version, which you can also find on the Zoom website.
If we use the tool Google Meet or online meetings, the responsibility for data processing lies with Google. If you choose to attend one of our online meetings, you agree that we may share your email address with Google to invite you to attend. You can find Google's privacy policy at https://policies.google.com/privacy?hl=en
Various types of data are processed when using Zoom or Google Meet. The scope of the data also depends on the data you provide before or during participation in an online meeting.
The following personal data may be subject to processing:
- User details: first name, last name, telephone (optional), e-mail address, password (if "Single-Sign-On" is not used), profile picture (optional), department (optional)
- Meeting metadata: Topic, description (optional), participant IP addresses, device/hardware information
- For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of online meeting chat.
- When dialing in by phone: information on incoming and outgoing phone number, country name, start and end time. If necessary, further connection data such as the IP address of the device can be saved.
- Text, audio and video data (optional): You may be able to use the chat, question or survey functions in an online meeting. In this respect, the text entries you make are processed so they can be displayed in the online meeting and be logged if necessary. To enable the display of video and the playback of audio, data from the microphone of your terminal device and any video camera of the terminal device will be processed for the duration of the meeting. You can switch off or mute the camera or microphone at any time using the Zoom or Google Meet application.
To participate in an online meeting or to enter the meeting room, you must at least provide your name.
We use Zoom and Google Meet for the purpose of conducting online meetings. If we want to record online meetings, we will inform you in advance in a transparent manner and – if necessary – ask for your consent. Notification of the recording will also be displayed in the respective application.
Should it be necessary for the purposes of keeping records of the results of an online meeting, we will log the chat content. However, this will usually not be the case.
In the case of webinars, we may also process questions asked by webinar participants for the purposes of keeping records and follow-up of webinars.
The respective providers may store reports on online meetings (meeting metadata, telephone dial-in data, questions and answers in webinars, survey function in webinars).
Automated decision making as defined by Art. 22 GDPR is not used.
The legal basis for data processing when conducting online meetings is Art. 6 Sect. 1 lit. b) GDPR, insofar as the meetings are conducted within the framework of contractual relationships.
If no contractual relationship exists, the legal basis is Art. 6 Sect. 1 lit. f) GDPR. Here too, we are interested in the effective implementation of online meetings.
If personal data of employees of IVAM e.V. and IVAM Service GmbH are processed, § 26 BDSG respectively Art. 6 para. 1 lit. f) GDPR are the legal basis for data processing.
Personal data processed in connection with participation in online meetings are generally not passed on to third parties unless specifically intended for transfer. Please note that contents from online meetings as well as personal meetings are often used to communicate information to customers, interested parties or third parties and are therefore intended to be transferred, or that third parties may participate directly in the online meeting and thus gain knowledge of data.
Other recipients: The providers of Zoom and Google Meet necessarily obtain information regarding the above-mentioned data to the extent that this is provided for in our contract processing agreements with Zoom and Google.
Zoom and Google Meet are services provided by providers from the USA. Processing of personal data, therefore, takes place in a third country. We have concluded data processing agreements with the providers of Zoom and Google Meet that meet the requirements of Art. 28 GDPR.
An adequate level of data protection is guaranteed on the one hand by the Privacy Shield certification of Zoom Video Communications, Inc. and Google LLC and on the other hand by the conclusion of the so-called EU standard contract clauses.
4.11 Information mailings about events and offers of IVAM
We use the Sendinblue service to send our information mailings. The provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. Sendinblue is a service that can be used to organize and analyze the sending of mailings. Your data is processed on Sendinblue's servers in Germany.
Data analysis by Sendinblue
With the help of Sendinblue, we are able to analyze our information mailings. For example, we can see whether an information email has been opened and which links it contains have been clicked on. In this way, we can determine which links were clicked and how often.
We can also see whether certain predefined actions were performed after opening (conversion rate). For example, we can see whether you clicked on a link after opening the mailing.
If you do not want Sendinblue to analyze your data, you can opt-out of our e-mail distribution list. For this purpose, we provide a corresponding link in each mailing.
For detailed information on Sendinblue's features, please refer to the following link: https://de.sendinblue.com/newsletter-software/.
Legal basis
The data processing is carried out within the framework of the balancing of interests (Art. 6 para. 1 f DSGVO). You can revoke this consent at any time. The legality of the data processing operations already carried out remains unaffected by the revocation.
Storage period
The data you have deposited with us for the purpose of receiving information mailings will be stored by us or the mailing service provider until your revocation and will be deleted from the mailing distribution list after revocation. Data stored by us for other purposes will remain unaffected.
After your revocation, your e-mail address will be stored by us or the mailing service provider in a blacklist if necessary to prevent future mailings. The data from the blacklist will only be used for this purpose and will not be merged with other data. This serves both your interest and our interest in complying with legal requirements when sending mailings (legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO). The storage in the blacklist is not limited in time. You can object to the storage if your interests outweigh our legitimate interest.
For more details, please refer to Sendinblue's privacy policy at: https://www.sendinblue.com/gdpr/.
Data processing
We have concluded a data processing agreement (DPA) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.
5. Which rights can you claim?
Each data subject has the right of access under Article 15 of the GDPR, the right to rectification under Article 16 EUDATAP, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR. With regard to the right of access and the right to erasure, the restrictions under Article 34 and 35 BDSG apply. In addition, there is a right to lodge a complaint with a supervisory authority (Article 77 GDPR in connection with Article 19 BDSG).
You may revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent, which were issued to us before the validity of the GDPR, i.e. before May 25, 2018. Please note that the revocation is only effective for the future. Processing that occurred before the revocation is not affected.
Please feel free to contact our data protection officer.
6. Do I have to provide my personal data?
As part of our business relationship, you must provide the personal data that is necessary to enter into a business relationship and perform its contractual obligations, or that we are required to collect by law. Without this data, we will generally have to refuse to conclude the contract or to execute the order or may be unable to complete an existing contract and obliged to terminate it.
7. Is there an automated decision-making?
No. At present, we do not use fully automated decision-making according to Article 22 GDPR in order to establish and conduct business relations. A "profiling" does not take place.
8. Information about your right to object under Article 21 GDPR
8.1 Individual right to object
You have the right at any time, for reasons arising out of your particular situation, to object to the processing of personal data relating to you which takes place according to Article 6 (1) (e) GDPR (data processing in the public interest) and Article 6 (1) (f) GDPR (data processing on the basis of a balance of interests); this also applies to a profiling based on this provision in terms of Article 4 (4) GDPR.
In case you object, we will no longer process your personal data unless we can establish compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is necessary for the purpose of enforcing, pursuing or defending legal claims.
8.2 Right to object to the processing of data for direct marketing purposes
In individual cases, we process your personal data in order to conduct direct marketing campaigns. You have the right to object at any time to the processing of your personal data for the purposes of such advertising; this also applies to profiling insofar as it is associated with such direct marketing. If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes.
8.3 Recipient of the objection
The objection may occur form-free with the subject "objection", stating your name, your e-mail address and your address and should be addressed to:
IVAM e.V. Microtechnology Network
Joseph-von-Fraunhofer-Str. 13
DE-44227 Dortmund
+49 231 9742 168
datenschutz@ivam.de
9. Further information
If you want more Information that cannot be provided to you by this privacy policy or if you would like more information on a particular matter, please contact our data protection officer. He will be glad to help you.
