Privacy Policy
I) General information
When you visit the website www.iways.eu, personal data is collected and processed confidentially and in accordance with the statutory data protection regulations of the General Data Protection Regulation (GDPR) in accordance with this data protection declaration.
When you visit this website, various personal data are processed depending on the type and extent of use. Personal data is information that relates to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified directly or indirectly (e.g., by means of association with an online identifier). This includes information such as the name, address, telephone number and date of birth, IP address.
This data protection declaration informs you in accordance with Art. 12 ff. GDPR about how we handle your personal data when you use our website. In particular, it explains which data we collect and what we use it for. It also informs you about how and for what purpose this is done.
This data protection declaration explicitly refers to the website-specific data processing procedures when visiting our website at www.iways.eu.
II) Person responsible
The responsible party for the website within the meaning of the GDPR and the applicable national data protection laws as well as other data protection regulations is the:
European Science Communication Institute (ESCI) gGmbH, Lindenstr. 87, 26123 Oldenburg, Germany.
III) Scope, purpose and legal basis of the collection of personal data when visiting the website www.iways.eu
1. calling up and visiting our website – server log files
For the purpose of the technical provision of the website, it is necessary for us to process certain information automatically transmitted by your browser so that our website can be displayed in your browser and you can use the website. This information is automatically collected each time our website is called up and stored in so-called server log files. These are:
– browser type and browser version
– Operating system used
– Website from which the access is made (referrer URL)
– Host name of the accessing computer
– Date and time of access
– IP address of the requesting computer
The storage of the aforementioned access data is necessary for technical reasons to provide a functional website and to ensure system security. This also applies to the storage of your IP address, which is necessary and, under further conditions, can at least theoretically enable an allocation to your person or the owner of the internet connection of the requesting computer. In addition to the above-mentioned purposes, we use server log files exclusively for the needs-based design and optimisation of our website, purely statistically and without any inference to your person.
The access data collected in connection with the use of our website is only stored for the period of time for which this data is required to achieve the above-mentioned purposes. Your IP address is stored on our web server for a maximum of 7 days for IT security purposes.
If you visit our website to find out about our range of services the basis for the temporary storage and processing of access data is Art. 6 (1) sentence 1 lit. b GDPR(legal basis), which permits the processing of data for the fulfilment of a contract or for the implementation of pre-contractual measures. In addition, Art. 6 I lit. f GDPR serves as the legal basis for the temporary storage of technical access data. Our legitimate interest here is to be able to provide you with a technically functioning and user-friendly website and to ensure the security of our systems.
2. Data collection when contacting us via contact form and e-mails
If you send us enquiries via the contact form or by e-mail, your message, including the contact data you provide there, will be stored and processed by us for the purpose of processing and answering the enquiry and in the event of follow-up questions. We do not pass on this data to third parties unless this is necessary within the scope of processing and answering your contact enquiry or you have given us your corresponding consent.
If you contact us within the framework of an existing contractual relationship or contact us in advance for information about our range of services or our other services, the data and information you provide will be processed for the purpose of processing and answering your contact enquiry in accordance with Art. 6 (1) sentence 1 lit. b GDPR(legal basis), and otherwise to safeguard our legitimate interests in accordance with Art. 6 (1) sentence 1 lit. f GDPR for the proper answering of enquiries.
3. Use of cookies and significance for data processing
A cookie is a small file that stores internet settings. Many websites use cookies. Cookies are downloaded by your internet browser the first time you visit a website. In the case of cookies that require consent, the files are only stored on your terminal device after you have given your consent via the cookie consent banner that appears when you first visit the website. The next time this website is opened with the same terminal device and the same browser, the cookie and the information stored in it will be sent either to the website that created it (first-party cookie) or to another website (third-party cookies).
Cookies can improve the user experience when you visit a website that you have visited several times before. Provided that you use the same terminal device and the same browser as before, cookies remember, for example, your preferences on how you use a website and adapt the offers displayed to your personal interests and needs.
Depending on their function and purpose, cookies on this website can be divided into two categories:
– consent-free cookies / necessary cookies
– cookies requiring consent or technically unnecessary cookies
a) essential cookies – necessary cookies
Essential cookies (are also referred to differently as “absolutely necessary” or “necessary”) can, ensure functions without which you could not use this website as intended or safely. Such cookies are generally used by the operator of the respective website or technical service providers within the scope of order processing bound by instructions (so-called first-party cookies).
Essential cookies cannot be deactivated on our website itself. In general, however, you can completely deactivate cookies in your browser settings or delete the cookies. However, you must then expect limited functionality of the site (e.g. shopping cart function is not available).
aa) Legal basis and legitimate interest:
In the case of necessary cookies, the processing is carried out in accordance with Art. 6 (1) sentence 1 lit. f GDPR on the basis of our legitimate interest in a user-friendly design of our website and in ensuring the security and functionality of the website. Your consent is not required for the use of essential cookies.
bb) Recipients
Recipients of the data are service providers used in accordance with the individual information on the display, tracking, remarketing and web analysis technologies employed.
cc) Third country transfer:
Please refer to the listings of the individual display, tracking, remarketing and web analysis providers for information on this.
dd) Revocation of consent:
You can revoke your consent at any time via our Cookie Consent Tool, which you will find at the end of this Privacy Policy.
IV) Tracking Measures – Matomo
The tracking measures listed below and used by us are carried out on the basis of Art. 6 para. 1 p. 1 lit. a GDPR. You can revoke your consent and your personal cookie settings at any time for the future via the “Cookie setting” link at the bottom of our website.
With the tracking measures used, we want to ensure a needs-based design and the ongoing optimisation of our website. On the other hand, we use the tracking measures to statistically record the use of our website and to evaluate it for the purpose of optimising our offer for you.
By means of the targeting measures used, we want to ensure that you are only shown advertising on your end devices that is oriented to your actual or presumed interests.
The respective data processing purposes and data categories can be found in the corresponding tracking and targeting tools.
We use the open source service Matomo from InnoCraft Ltd, 7 Waterloo Quay PO625, 6140 Wellington, New Zealand on our website to analyse user behaviour when visiting our site and to optimise our site and its content accordingly based on this. In doing so, we do not receive any information that directly identifies you. New Zealand is a so-called third country. The GDPR does not apply directly in New Zealand. The EU Commission has issued an adequacy decision for New Zealand. With this, the EU Commission confirms that an adequate level of data protection is provided in New Zealand.
In connection with the use of Matomo, cookies are used to enable a statistical analysis of the use of this website by your visits. Information – including personal information – about your visitor behaviour is stored in the cookie and processed using a pseudonym in a usage profile for the purpose of analysis (including operating system, browser name, plug-ins used, language settings). Since Matomo is hosted on our own server, processing by third parties is not necessary for the analysis. We automatically delete your data after 180 days.
The data obtained in the process will not be used to identify you personally without your separately granted consent and the data will not be merged with personal data about you as the bearer of the pseudonym.
Insofar as IP addresses are collected, they are anonymised immediately after collection by deleting the last number block.
The data processing is carried out in accordance with Art. 6 Para. 1 lit. a GDPR for the optimisation of our online offer and our web presence. You can revoke your consent and your personal cookie settings at any time for the future via the “Cookie setting” link at the bottom of our website.
V) Integration of social media services and other third-party content
Within our online offer, we use content or service offers from social media service providers and other third-party providers on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and economic operation of our online offer) in order to integrate their content and services, such as videos (hereinafter uniformly referred to as “content”). This always requires that the third-party providers of this content are aware of the IP address of the user, as without the IP address they would not be able to send the content to their browser. The IP address is thus necessary for the display of this content.
In doing so, we ensure that data transmission only takes place when you use these services.
Unless otherwise stated below, the legal basis for the transmission of your data is Art. 6 para. 1 p. 1 lit. f GDPR.
The following presentation provides an overview of third-party providers and their content, together with links to their data protection declarations, which contain further information on the processing of data and, in part already mentioned here, options for objection (so-called opt-out).
Please note that no adequate level of data protection can currently be guaranteed for the social media providers from the USA listed below.
a) YouTube:
This website uses the so-called “extended data protection mode” of the provider YouTube to embed videos. This means that a cookie is only saved on your computer when the video is played. According to YouTube, however, no personal cookie information is stored for playbacks of embedded videos with extended data protection. When you click on the video, data is sent to YouTube over which we have no control.
By activating the video, you consent to the collection, processing and use of the data collected and entered by Google, one of its representatives or third-party providers (consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR).
Further data protection information on YouTube can be found on the YouTube provider page of the third-party provider Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Privacy policy: https://www.google.com/policies/privacy/, Opt-Out: https://www.google.com/settings/ads/ .
b) Vimeo
Some of our web pages contain videos from Vimeo. We ensure that a connection to the Vimeo servers is only established when a video is activated. This transmits to the Vimeo server which of our Internet pages you have visited. If you are logged in as a Vimeo member, Vimeo assigns this information to your personal user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo.
In addition, Vimeo can use cookies or tracker itself via an iFrame in which the video is called up. This is Vimeo’s own tracking, to which we have no access.
The provider and, where applicable, recipient is: Vimeo LLC with headquarters at 555 West 18th Street, New York, New York 10011.
By activating the video, you consent to the collection, processing and use of the data collected and entered by you by Vimeo (consent pursuant to Art. 6 para. 1 p. 1 lit. a GDPR).
Further information on data processing and notes on data protection by Vimeo can be found at https://vimeo.com/privacy .
c) Twitter
Plugins from the short message network of Twitter Inc. (Twitter) are integrated on our website with your prior consent. You can recognize the Twitter plugins by the Twitter timeline on our website.
When you visit a page of our website that contains such a plugin, a direct connection is established between your browser and the Twitter server. Twitter thus receives the information that you have visited our site with your IP address. If you click the Twitter Timeline while you are logged into your Twitter account, you can link the content of our pages to your Twitter profile. This enables Twitter to associate your visit to our website with your user account. We would like to point out that, as the provider of the website, we have no knowledge of the content of the data transmitted or of how it is used by Twitter.
Twitter: social network; service provider: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland, parent company: Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA;)
https://developer.twitter.com/en/docs/twitter-for-websites/privacy
Legal Basis for using the Twitter Timeline ist your Consent in accordance with Art 6 I lit a GDPR
VI) Data subject rights
You have the right to:
- To request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
- In accordance with Art. 16 GDPR, demand the correction of incorrect or incomplete personal data stored by us without delay;
- In accordance with Art. 17 GDPR, demand the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;
- To request the restriction of the processing of your personal data in accordance with Art. 18 GDPR, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 GDPR;
- In accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
- Revoke your consent at any time in accordance with Art. 7 (3) GDPR. This has the consequence that we may no longer continue the data processing based on this consent in the future; and
- Complain to a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence for this purpose. In particular, you can address a complaint to the supervisory authority responsible for us, the State Commissioner for Data Protection of Lower Saxony in Hanover, Prinzenstraße 5, 30159 Hanover.
- Right of appeal: if your personal data is processed on the basis of legitimate interests in accordance with art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your data in accordance with art. 21 GDPR TO OBJECT TO THE PROCESSING OF YOUR PERSONAL DATA IF THERE ARE GROUNDS FOR DOING SO WHICH ARISE FROM YOUR PARTICULAR SITUATION.
IF YOU WOULD LIKE TO EXERCISE YOUR RIGHT OF REVOCATION OR OBJECTION, PLEASE SEND AN E-MAIL TO: mb(at)esci.eu
VII. Data security
We use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. Our site has state-of-the-art SSL encryption.
Other concerns: For further data protection questions and concerns, please contact our data protection officer. Appropriate enquiries as well as the exercise of your aforementioned rights should, if possible, be sent in writing to our address given above or by e-mail to mb(at)esci.eu.
This privacy policy is current as of May 2022.