We take the issue of privacy very seriously on our website. This Policy provides you with all the relevant information about privacy on our site, www.ecpcp.eu.

Controller for the purpose of data protection legislation:

ECPCP - European Confederation of Primary Care Paediatricians
11, Quai General-Sarrail, F-69006 Lyon, France

President
Dr. Angel Carrasco Sanz
Email: mail@ecpcp.eu

It is possible to use our website without sharing any of your personal data. Some of the services on our site may, however, be subject to different rules, in which case they are explained separately below. Data are personal if they can be uniquely attributed to a specific natural person. The following regulations provide information about the nature, scope and purpose of our collection, use and processing of personal data.

Personal data

Definition of “personal data”
According to the German Data Protection Act (BDSG), personal data are all the details concerning the personal or material circumstances of an identified or identifiable natural person. In other words, it is information that says something about a person, e.g. their name, occupation, age, etc.

Your personal data (e.g. name, address, email address, telephone number, etc.) will only be processed by us in accordance with German data protection laws.

However, this does not include details that have been anonymised sufficiently well, so that they cannot easily be assigned to any specific person, e.g. statistics on user behaviour (such as anonymised IP addresses).

Data collection method
We only collect data relating to you as a person, e.g. your name, phone number and email address, if you expressly share them with us, for example, by sending us an email or registering for one of our services.

We store those data for as long as we need them to provide the relevant service or reply to your email, whereupon we erase them. We treat your personal data as confidential and will not disclose them to third parties under any circumstances You can request information about the data stored about you at any time (for more on this see “Right of access”).

When providing our services, we only ask for personal data that are required for the provision of each specific service. In some cases we may ask you to provide an additional voluntary declaration of consent.

It is then your decision whether or not to enter the relevant data. We store your details on special protected servers, which can only be accessed by specially authorised persons who handle the technical or editorial management of those servers.

We only use your personal data to deal with your specific enquiry or to provide the relevant service. We do not process your data for any other purposes. In particular, we will not disclose your personal data to third parties.

The legal basis for such processing is GDPR Article 6 (1) point b.

Data security/storage
SSL encryption
To protect the security of your data during transmission, we use state-of-the-art encryption methods (e.g. SSL) via HTTPS.

Nevertheless, we must point out in this context that it is not possible to guarantee complete security in electronic communication.

We cannot accept any responsibility or liability for instances of faulty data transmission or unauthorised access by third parties. Unless otherwise specified, all data are stored and processed on servers in Germany, without exception.

Server data
The following data – known as server log files – are examples of data we collect for technical reasons and which are sent to us or to our web space provider by your internet browser:

• Your IP address
• The website from which you visited us (the referrer)
• The pages you visit on our website
• Date, time and duration of your visit
• HTTP status code
• Volume of data sent
• Browser type
• Browser settings
• Operating system

These data will be used by us exclusively for the purpose of ensuring the proper operation of our website and will be erased automatically after 60 days.

None of the data in the log files are directly related to your personal data and will not be combined with other personal data under any circumstances. We record your access to our website for data security reasons, to warrant the stability and reliability of our systems and to defend against unauthorised attack. We use these log files entirely for internal purposes, and we do not share them with third parties.

The legal basis for such processing is GDPR Article 6 (1) point f. Processing is based on our legitimate interest in analysing the movement of data on our website, so that we can enhance your user experience and generally improve our website.

Contact form and email contact
Our website offers the option of communicating with us by email and/or via a contact form. When you do so, the details you provide will be saved for the purpose of processing, so that we can contact you. Your data will not be disclosed to third parties. Also, we will not align such data with any data that may have been collected on other parts of the site.

Our legal basis for processing your data is our legitimate interest according to GDPR Article 6 (1) point f, and also GDPR Article 6 (1) point b if your enquiry is about the conclusion of a contract. As soon as your enquiry has been processed, we will erase your data, unless such erasure contravenes statutory retention duties.

Cookies
We use cookies on our website which are saved to your device by your browser and which contain certain settings for the use of our website (e.g. on the current session). The purpose of cookies is to make our website more user-friendly, efficient and secure. Cookies are small text files that are stored on your computer and saved by your browser. Most of the cookies we use are session cookies which are automatically deleted when you leave our site. Other cookies stay on your device until you delete them or until their storage period has expired. Those cookies allow us to recognise your browser next time you visit the website.

One purpose of cookies is to simplify processes on a website (e.g. to continue giving you previously selected options). This is done by saving certain settings. Where some cookies we have implemented also process personal data, such processing takes place under GDPR Article 6 (1) point b and serves the implementation of our agreement. In other cases it takes place under GDPR Article 6 (1) point f, enabling us to realise our legitimate interests in ensuring the best possible functioning of our website and a customer-friendly and effective user experience when you visit our site.

You can set your browser so that cookies are always rejected, or so that you need to accept the saving of cookies each time. If you completely opt out of cookies, you may not be able to use certain features on the website. The help function in the menu bar of most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you before a new cookie is set, and how to disable cookies altogether. You will also find further information below.

In addition to the above-mentioned webtracking cookies used by analysis providers, we use a range of differently classified cookies on our website, see below.

• Session cookies:
  These are deleted when you close your browser, and their validity is limited to each browser session.
• Persistent cookies:
  They stay permanently on your device after you close the browser, saving, for instance, access codes.
• Third-party cookies:
  Such cookies are controlled by third-party providers showing, for example, advertising banners on a website.

If you do not want a website to save cookies, you can control this through settings in your browser.  The settings section of your browser also give you a list of cookies saved.

The following external links give you further information on customising each browser:

• Firefox – how to manage and delete cookies
• Firefox – how to clear the cache
• Chrome – how to manage and delete cookies
• Chrome – how to clear browser data
• Safari – web settings
• Internet Explorer – how to delete and manage cookies

Data disclosure and recipients

Your personal data will not be disclosed to third parties, unless

• we have expressly pointed out such disclosure in our description of the relevant data processing,
• you have given your express consent according to GDPR Article 6 (1) point a,
• Disclosure according to GDPR Art. 6 (1) point f is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,
• we are under a legal obligation to disclose data under GDPR Article 6 (1) point c, or
• disclosure is necessary for managing the contractual relationships with you under GDPR Article 6 (1) point b.

Also, to manage our services, we use external service providers whom we have carefully selected and instructed in writing. They are bound by our instructions and are regularly checked by us. Moreover, where required, we have concluded contract data processing agreements with them as required under GDPR Article 28. These are service providers for web hosting, the sending of emails and the servicing and maintenance of our IT systems, etc. Such service providers will not disclose your data to third parties.

Length of storage of personal data

The length of storage of personal data depends on the relevant statutory retention periods (specified, for instance, in commercial and tax law). Once the relevant period has expired, the data will be routinely deleted. If data are necessary for contractual performance or to initiate a contract, or if we ourselves have a legitimate interest in their continued storage, the data will be deleted as soon as they are no longer required for such purposes or until you make use of your right of revocation or your right to object.

Your rights

Below you will find information on your rights as a data subject towards the controller under current data protection legislation concerning the processing of your personal data:

The right to request information about your personal data that we process in accordance with Art. 15 GDPR. In particular, you may obtain information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to object, the origin of your data if they have not been collected by us, and the existence of automated decision-making processes, including profiling, and, where applicable, meaningful information about those details.

The right under GDPR Article 16 to obtain the immediate rectification of any inaccurate or incomplete personal data stored by us.

The right under GDPR Article 17 to obtain the erasure of your personal data stored by us unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, to satisfy public interest or to assert, exercise or defend legal claims.

The right, under GDPR Article 18, to obtain the restriction of the processing of your personal data, if you have disputed the accuracy of the data, or if processing is unlawful but you refuse their deletion and we no longer need the data but you need those data to assert, exercise or defend legal claims or if you have objected to processing under GDPR Article 21.

The right under GDPR Article 20 to the return of your personal data which you have previously disclosed to us and to receive them in a structured, commonly used and machine-readable format or to request their transfer to a different controller.

The right under GDPR Article 7 (3) to revoke the consent you have given us. You may do so at any time with future effect.

The right to complain to a supervisory authority under GDPR Article 77. You can usually contact the supervisory authority of the federal state in which we have our place of business, as specified above, or, if applicable, the supervisory authority at your usual place of residence or workplace.

The right to withdraw consent under GDPR Article 7 (3). The right to withdraw previously given consent to the processing of data and to exercise this right at any time with effect for the future. In the event of revocation, we will erase the relevant data without undue delay, unless there is a legal basis for further processing without consent. Revocation of consent does not affect the lawfulness of processing that took place on the basis of consent until the date of withdrawal.

Right to object

If your personal data are processed on the basis of legitimate interests according to GDPR Article 6 (1) point 1, you have the right to object to the processing of your personal data under GDPR Article 21 if there are compelling reasons relating to your particular situation. If your objection concerns the processing of personal data for direct marketing purposes, you have a general right to object without the need to describe a particular situation.

If you wish to exercise your right of revocation or your right to object, simply send an e-mail to webmaster@noSpam.ecpcp.eu

Use of Google Maps
This website uses Google Maps API to display geographical information. When Google Maps is used, Google also collects, processes, and uses data about your use of map functions. For more information about how Google processes your information, please see the Google Privacy Policy with a privacy section where you can also edit your specific privacy controls.

Using Script libraries (Webfonts, jQuery etc.)
In order to present our contents correctly and in a graphically appealing way across all browsers, we use script libraries and font libraries such as Google Web Fonts (https://www.google.com/webfonts/) on this website. Google Web Fonts are loaded into your browser’s cache to avoid multiple loading. If your browser does not support Google Web Fonts or does not allow access, content will be displayed in a default font.

Calling up script libraries or font libraries automatically triggers a connection to the library operator. Theoretically therefore, operators of such libraries may collect data (although it is currently not clear whether they do so and, if so, for what purposes).

The library operator Google has the following privacy policy: https://www.google.com/policies/privacy/

Changes to our Privacy Policy

We reserve the right to change or update this Privacy Policy where necessary and in accordance with applicable data protection regulations. This enables us to align our Privacy Policy with the latest legal requirements and to cover any changes to our services, including the introduction of new services. When you visit our website, the applicable version is always the latest one.

Questions about data protection
Please send us an email if you have any questions about data protection:

webmaster@noSpam.ecpcp.eu

This Privacy Policy was last updated on  25 May 2018