As at: 25th May 2018
Collection of Access Data
In accordance with Art. 6(1)(f) of the GDPR , the Provider collects data on each access to website content (so-called “server log files”). The data record contains the following information: name of the web page visited, the file, date and time of access, the amount of data transferred, notification of successful retrieval, browser type and version, the User’s operating system, the referrer URL (the page previously visited), the IP address and the requesting provider.
In accordance with the statutory provisions, the Provider uses the log data, without associating it with the individual User or creating any other sort of profile, for statistical evaluations for the purposes of operating and optimising its online service and to maintain its security. However, the Provider reserves the right to check the log data retrospectively if there are specific grounds for reasonable suspicion of unlawful use. This data is therefore stored for a maximum of 6 months, in order to resolve possible abuse or fraudulent activity, and then deleted, unless it has to be stored for longer in order to preserve evidence.
Collection and Use of Personal Data
Personal data is collected and used by the Provider only when permitted by law or when the User has given consent to the collection of data.
The Provider has organisational, contractual and technical security measures in place to ensure that the provisions of data-protection laws are respected, and to prevent accidental or intentional manipulation, loss, destruction or access to the data by unauthorized persons.
When contacting the Provider (via contact form or e-mail), the User’s information is saved for the purposes of processing the request and answering further questions.
Communication of Data to Third Parties
The User’s data will only be communicated to third parties when permitted by law or if a User has given consent to its communication.
In no circumstances will Users’ personal data be sold or communicated to third parties for advertising purposes or in order to create user profiles.
The Provider uses so-called “cookies” as part of its online service. Cookies are small text files that are downloaded to a User’s computer which can store information for providers. Temporary cookies are deleted after closing your browser; permanent cookies are kept for a predetermined period and can provide access to the stored information when the online service is accessed again.
Web Analytics Tools
This website does not use any web analytics tools.
Rights of access and rectification; right to restrict processing; right to object; data portability; right to complain
In accordance with the provisions of Articles 15 et seq. of the GDPR, you have the right to:
information about the categories of your data which are stored with us, the purpose for which it is processed and, if possible, how long it will be stored
correction or deletion of your data; deletion of data is possible only if no statutory retention periods apply,
object to the processing of your data and/or to restrict the processing of your data, subject to the conditions laid down in Articles 18 and 21 of the GDPR,
receive your data in a structured, machine-readable format (e.g. as a CSV, Word or Excel file),
withdraw your consent at any time free of charge.
If you wish to exercise any of these rights, please send an email to firstname.lastname@example.org. Users also have the right to raise a complaint with a regulatory authority. The competent regulatory authority for our organisation is the Berlin Beauftragte für Datenschutz und Informationsfreiheit [Berlin Data Protection and Freedom of Information Agency] (https://www.datenschutz-berlin.de).
Duration of Storage
We will delete your data if you inform us that you wish it to be deleted and the data is not subject to a statutory retention period. We shall also delete your data pursuant to §147 Tax Code [Abgabenordnung] ten years after submission to you of the most recent invoice for participating at a seminar.
Under Art. 6(1)(b) of the EU GDPR, our legal basis for processing personal data for registration for an online seminar is the participant’s personal consent. This is also deemed to have been given if the registration was carried out by the employer’s personnel department or a personal assistant.
Collection and Use of Data; Data Protection
As part of the online registration process, data is stored for the purpose of processing the personal information required to register for events.
When registering for an event, you will be asked to indicate your salutation, title, first and last name, institution (i.e. the firm through which you are registering, if applicable), function and your postal and invoice address, as well as your telephone number and email address. You will also be asked to select whether you are a vdp member or HypZert valuer eligible for a reduced participation fee or an external full-paying participant. Your first and last name and postal and email address are mandatory data. Without this information, we will not be able to accept your online registration.
This data is collected separately for each registration and stored only for the purposes of processing the registration. It will be stored for the purpose of providing you with information about the Provider’s other offerings if you have given your consent to this by ticking in the appropriate place on the online registration form or separately via email or by phone.
The registration process uses software from an external supplier, Dr. Weidelt & Partner, In der Schleene 27, 37136 Göttingen-Waake, www.weidelt.de. We have concluded a processing agreement with this supplier for this purpose, under which the data cannot be used for purposes other than those set out in this policy. The personal data collected during the online registration process is stored on the external supplier’s secure server.
The connection between your web browser (registration form) and the server is encrypted (HTTPS), as is the connection between the server and the external supplier (TLS/HTTPS).
The external supplier works with data networks protected by firewalls.
Data Transfer to Third Parties
Neither vdpPfandbriefAkademie nor the supplier of the external registration software will transfer any data collected from you to third parties. When attending an event, the participant’s name and the participant’s institutional affiliation will be made available to the other seminar participants. These participant lists are intended only for use by the seminar participants and for the internal use of the Provider for statistical purposes. Please inform us in advance if you do not want your name to be included in the participant list.
Under no circumstances will this data be communicated to third parties outside vdpPfandbriefAkademie without the express consent of the person to whom the data pertains.
There is no integration with social networks such as Facebook, Xing or Twitter.