Privacy Policy

Last update: April, 2020

1. General

1.1.
We the United European Gastroenterology GmbH (hereinafter “UEG GmbH”, “We”, “us” or “UEG”) operate the website www.ueg.eu. This Privacy Policy is intended for your enlightenment and describes how we process your data and what rights you have as data subject.

1.2.
The protection of individuals with regard to the processing of personal data is a fundamental right which we take very seriously. All data processing is carried out in accordance with the EU General Data Protection Regulation (2016/679) and the relevant laws of the Republic of Austria.

1.3.
Your data will generally be transferred to UEG in encoded form to exclude access by unauthorized third parties. Your data will be stored and processed on secured servers in respect of this Privacy Policy.

2. Definitions

2.1. 
“Personal Data” means any information relating to an identified or identifiable natural person (hereinafter “Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (hereinafter “Personal Data”).

2.2. 
Non-Personal Data” is data which will be logged for internal system-related and statistical purposes, which cannot be tracked back to you (name of the file accessed, date and time of access, data volume transferred, notification of successful access and transfer, web browser and requesting domain). Data disclosing your identity will not be publicly used by UEG. UEG may, however, use any data collected in anonymized form, in particular for purposes of statistical analyses.

2.3.
“Processing”
means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

2.4. 
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the Controller or the specific criteria for its nomination may be provided for by Union or Member State law.

2.5.
“Processor”
means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.

2.6.
“Recipient”
means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with the laws of the European Union or any of its Member States shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

2.7.
“Third party”
means a natural or legal person, public authority, agency or body other than the Data Subject, Controller, processor and persons who, under the direct authority of the Controller or processor, are authorised to process personal data.

2.8. 
“Consent”
of the Data Subject means any freely given, specific, informed and unambiguous indication of the Data Subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2.9. 
Joint Controller” means two or more controllers who jointly determine the purposes and means of processing.

 

3. Processed Data

3.1.
In the course of your visit to our website, UEG will collect the following information:

  1. the date and time of accessing a page on our website,
  2. your Internet protocol address (IP address),
  3. brand name and version of your web browser, as well as your chosen language setting,
  4. your operating system,
  5. your Internet service provider,
  6. the website (URL) from which you were referred to our website,
  7. certain cookies (see section10 below),
  8. date / time (hereinafter “traffic data” and
  9. any information that you voluntarily enter in our registration form according to paragraph 3.2.

3.2.

UEG may collect, store and use your personal data when you register on our UEG website via “myUEG” (hereinafter “myUEG”) or on other online platforms of UEG, as well as when you fill out an offline form or provide data to us in any other form of interaction. When you register with our online platform myUEG, the following personal data will be collected, saved and processed by UEG when you register to myUEG (hereinafter “myUEG-Data”):

  1. full name
  2. email-address(es)
  3. title, salutation
  4. gender
  5. range of age;
  6. date and place of birth
  7. address(es)
  8. society memberships
  9. expertise / interests
  10. workplace / institution
  11. years of training
  12. training certificates
  13. health care professional status (prescriber/non-prescriber)
  14. motivation for using services
  15. credit card details
  16. passport details for congress invitation letters
  17. declaration of interests
  18. affiliation information (to an organisation) is required for all persons wishing to submit an abstract.

3.3.

If you sign up to one of our events, we will use your myUEG-Data to manage your registration. Please note that we may be taking pictures and record video footage of our events (hereinafter “Event Data”). We have no intention to photograph you directly without your explicit consent but we cannot exclude the possibility that you will be pictured in these photos. By participating in our events, you acknowledge that we have the right to use the Event Data for marketing purposes for free. 

3.4.

Before you disclose to UEG personal data of another person, you have to obtain that person's consent to both the disclosure and the processing of that person’s personal data in accordance with this Privacy Policy.

 

4. Purposes for which we process your data

4.1.

We will process your Personal Data for the following purposes:

  1. administer the website and its business (e.g. your personal myUEG profile);
  2. personalise the Website for you;
  3. enable your use of the services available on the website;
  4. supply to you services purchased through the website;
  5. send statements, invoices and payment reminders to you, and collect payments from you;
  6. send to you non-marketing commercial communications; to be able to respond to your inquiries; to send you statements, invoices and payment reminders, and collect payments from you;
  7. send to you email notifications that you have specifically requested;
  8. send to you our email newsletters respectively in case you have accepted such service, (you can inform us at any time if you want to unsubscribe from the newsletters);
  9. deal with enquiries and complaints made by or about you relating to the Website;
  10. keep the website secure and prevent fraud, to detect, prevent and investigate attacks on our website;
  11. verify compliance with the terms and conditions governing the use of the Website.
  12. to improve and develop the Website;
  13. to be able to compile usage statistics;
  14. preparation of reports on our events, 
  15. providing information about our events on our intranet and the internet, including an event gallery 
  16. manage our event attendees; 
  17. supply to you services purchased through the Website;
  18. contact you with regard to the event you have registered for;
  19. run statistics with regard to our event attendees; and
  20. improve our future events. 

 

5. Legal basis of the processing

5.1.

We process your data based on our overriding legitimate interest (Art. 6 para. 1 lit f GDPR), which lies in achieving the above-mentioned purposes.

5.2.

If you participate in one of our events, we process your data in the course of our fulfilment of the contract with you (purchase of an event registration). In this case, the lawfulness of the procession is based on Art. 6 para. 1 lit b GDPR.

 

6. Transfer of your Personal Data

6.1.

If you submit Personal Data for publication on the Website, UEG will publish and otherwise use that information in accordance with the rights granted to UEG under this Privacy Policy. By registering with myUEG, you acknowledge that your personal data (or the personal data of other persons, which you have provided to UEG) may be disclosed on to other users of the website (and other persons, who have transmitted their personal data offline to UEG). UEG will not sell your personal data to third parties.  

6.2.

To achieve the purposes set out above, we will transfer your personal data to the following categories of recipients:

  1. IT service providers that we use (such as but not limited to our website provider Körbler GmbH, our IT provider DATAplexx IT- und Telekommunikationslösungen GmbH, or Google Inc. for analytics);
  2. Distributors and postal service providers that we use;
  3. Payment service providers; and
  4. Subcontractors we retain for the organization of our events.

6.3.

When you register with myUEG we will save your myUEG-Data in our Customer Relationship Management System (hereinafter “CRM”). We cooperate with the non-profit organisation United European Gastroenterology (ZVR: 570340662) (hereinafter “UEG NPO”). As a result, thereof the CRM is also used for UEG NPO purposes. For this reason, we have concluded a "Joint Controller" contract with the UEG NPO. The purpose of this contract is to record which of the two processors assumes which legal obligation. However, Data Subjects can assert their rights mentioned below against each Controller.

6.4.

Other than that, your Personal Data will only be processed and/or disclosed or otherwise transferred to third parties if the disclosure or transfer

  1. is based on the consent of the Data Subject to the processing of his or her personal data for one or more specific purposes; or
  2. is necessary for the performance of the contract you have signed with us; or
  3. is necessary for compliance with a legal obligation to which the Controller is subject (e.g. tax obligations); or
  4. is necessary in order to protect the vital interests of the Data Subject or of another natural person; or
  5. is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.

 

7. Links to other websites

The Website contains links to other websites. UEG is not responsible for data privacy policies and/or practices on other websites and UEG has no influence as to whether the operators of other websites act in compliance with data protection provisions. UEG’s Privacy Policy is solely applicable to data collected by UEG itself.

 

8. Use of cookies

8.1.

We use “cookies” to improve the functionality of our website. Cookies are small text files that may be installed on your computer when you visit a website. Cookies are generally used to provide site visitors with additional functionality within the site. Cookies cannot access, read or modify any other data on your computer.

8.2.

We use cookies that

  1. will be deleted again when you close your browser (session cookies);
  2. remain stored on your end user device even after you close your browser (permanent cookies);
  3. originate from us (first party cookies) or from third parties.

8.3.

Through our cookies, we process data on the following legal bases and for the following purposes:

  1. We use cookies that are absolutely necessary for the operation of our website. The use of these cookies is lawful due to our overriding legitimate interest (Art. 6 para. 1 lit f GDPR).
  2. We use all other cookies (e.g. Tracking Cookies) on the basis of your consent. You give us your consent via our cookie banner.

8.4.

In order to withdraw your consent or to restrict it to certain cookies, you have inter alia the following options:

  1. Use the settings of your browser. Details can be found in the help function of your browser (usually accessible via the F1 key on your keyboard).
  2. At http://www.youronlinechoices.com/uk/your-ad-choices you can have the system analyse which cookies are used by you and deactivate them individually or in their entirety. This is an offer from the European Interactive Digital Advertising Alliance.

8.5.

Withdrawing your consent does not affect the lawfulness of processing based on your consent before your withdrawal. Please note that the functionality of our websites may be impaired if you withdraw or restrict your consent. 

 

9. Google Analytics

9.1.

This website uses Google Analytics, a web analytics service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). This service provider stores statistical data about your use of this website. Google LLC is based in the USA. On 12 July 2016, the European Commission adopted the EU-US Privacy Shield. If a US company has been certified in accordance with the EU-US Privacy Shield, the flow of data to this company is permitted without authorization in accordance with Art. 45 GDPR. Google LLC has a Privacy Shield certification, which ensures an adequate level of data protection and allows data flow to this company.

9.2.       

Google Analytics uses cookies to allow an analysis of your use of the website. The information generated by the cookie about your use of this website (including your IP address and the URLs of the web pages accessed) is transmitted to Google's servers in the USA and stored there. We do not store any of your data collected in connection with Google Analytics.

9.3.       

This website uses the possibility of IP anonymization provided by Google Analytics. Your IP address will therefore be shortened / anonymized by Google as soon as Google receives your IP address. Google will use this information on our behalf to evaluate your use of the website, to compile reports on website activity, and to provide us with other services related to website activity and internet usage. The IP address sent by your browser as part of Google Analytics will not be merged with other data on Google.

9.4.       

You can prevent the storage of cookies by a corresponding setting of your browser software. We point out, however, that in this case you may not be able to use all the functions of this website to the full extent. You may also prevent Google from collecting your data in connection with Google Analytics by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

9.5.

You can also prevent the collection of your data by Google Analytics on this website by clicking on the link below. An opt-out cookie will be set which prevents the future collection of your data when visiting this website:

9.6.

For more information about Google's Terms of Use and Google's Privacy Policy, please visit http://www.google.com/analytics/terms/de.html or https://www.google.at/intl/at/policies/.

 

10. Social Media Plug-ins

10.1.

We currently use the following social media plug-ins: Facebook, Google+, Twitter, LinkedIn, Reddit. If you visit our site initially, no personal data will be transmitted to the provider of the plug-in. The provider of the plug-in can be identified by the marking on the box above its initial letter or logo. We give you the opportunity to communicate directly with the provider of the plug-in via the button.

10.2.

By clicking on the button the social plug-in will be activated and the plug-in provider receives the information that you have visited our online service. In addition, the data mentioned under 1.1 of this declaration will be transmitted. In the case of Facebook the IP address is anonymized immediately after collection. By activating the plug-in, personal data will be transmitted by you to the respective plug-in provider and stored there (with US providers in the USA). Since the plug-in provider carries out the data collection in particular via cookies, we recommend that you delete all cookies via the security settings of your browser before clicking on the greyed-out box.

10.3.

We have no influence on the collected data and data processing operations, nor are we aware of the full extent of the data collection, the purpose of the processing, the storage periods. We also have no information to delete the data collected by the plug-in provider

10.4.

The plug-in provider saves the data collected about you as usage profiles and uses these for purposes of advertising, market research and / or personalized website design. Such an evaluation is carried out in particular (also for non-logged-in users) for the presentation of targeted advertising and to inform other users of the social network about your activities on our website. You have the right to object to the formation of these user profiles, whereby you must contact the respective plug-in provider to exercise it. Through the plug-ins we offer you the opportunity to interact with the social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for the use of the plug-ins is Art. 6 para. 1 sentence 1 lit. f GDPR.

10.5.

The data transfer takes place regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged into the plug-in provider, your data collected from us will be assigned directly to your existing account with the plug-in provider. If you press the activated button the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend logging out regularly after using a social network, but especially before activating the button, as this will prevent you from being assigned to your profile with the plug-in provider.

10.6.

For more information on the purpose and scope of the data collection and its processing by the plug-in provider, please refer to the privacy statements of these providers, which are provided below. There you will also find further information about your rights and settings options for the protection of your privacy.

10.7.

Addresses of the respective plug-in providers and URL with their privacy notices:

a)    Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; www.facebook.com/policy.php. More Information regarding the data processing by facebook you find under: www.facebook.com/help/186325668085084, www.facebook.com/about/privacy/your-info-on-other and: www.facebook.com/about/privacy/your-info. Facebook is part of the EU-US-Privacy-Shield: www.privacyshield.gov/EU-US-Framework.

b)    Google Inc., 1600 Amphitheater Parkway, Mountainview, California 94043, USA; www.google.com/policies/privacy/partners/. Google is part of the EU-US-Privacy-Shield: www.privacyshield.gov/EU-US-Framework.

c)    Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; twitter.com/privacy. Twitter is part of the EU-US-Privacy-Shield: www.privacyshield.gov/EU-US-Framework.

d)    LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; www.linkedin.com/legal/privacy-policy. LinkedIn is part of the EU-US-Privacy-Shield: www.privacyshield.gov/EU-US-Framework.

 

11. Retention period

11.1.

In principle, we will save your Traffic Data for a period of twenty-four months. Other personal data (e.g. email conversation) will be saved for seven years. We will only retain your Personal Data for a longer period (i) to the extent necessary to investigate attacks on our website or (ii) as long as are required under statutory retention obligations or (iii) as long as potential legal claims are not yet time-barred, where personal data is needed to raise or defend against the claim.

11.2.

If you register on myUEG we will retain your registration data at least for as long as your account is active.

 

12. Your rights regarding your personal data

12.1.

You have the right to:

  1. obtain confirmation as to whether and what kind of personal data we store about you and to request copies of such data,
  2. request rectification or erasure of your personal data,
  3. request us to restrict the processing of your personal data,
  4. object to the processing of your personal data,
  5. withdraw any consent previously granted for the processing (withdrawing your consent does not affect the lawfulness of processing based on your consent before your withdrawal), and
  6. request data portability.

12.2.

Furthermore, you have the right to lodge a complaint against our data processing with the Austrian data protection authority (“Datenschutzbehörde – www.dsb.gv.at”) or the data protection supervisory authority in another EU member state, especially at your place of residence or work.

 

13. Our contact details

UEG - United European Gastroenterology GmbH

House of European Gastroenterology
Wickenburggasse 1
1080 Vienna
Austria


T  +43 1 997 16 39
F  +43 1 997 16 39 10