Data Protection Declaration
We at Sercos International e.V. are pleased that you are visiting our website and thank you for your interest. The protection of our users' personal data is a primary concern for us. Therefore, please note the following information:
These provisions provide you with information on the collection, processing and use of your personal data in connection with your visit to and use of the services offered on our website.
This Data Protection Declaration can be printed out and saved.
The operator of the www.sercos.de website is the Controller responsible for data collection, data processing and data use:
Sercos International e.V.
Represented by its Board: Dr. Thomas Bürger (1st Chairman of the Board), Klaus Weyer (2nd Chairman of the Board), Matheus Bulho (2nd Chairman of the Board) and Prof. Alexander Verl (2nd Chairman of the Board)
(hereinafter referred to as “Sercos”)
2. Basic Principles
We collect and process your personal data in compliance with relevant statutes, in particular the General Data Protection Regulation (hereinafter referred to as “GDPR”) and the Bundesdatenschutzgesetz [Federal Data Protection Act] (hereinafter referred to as “BDSG”) as well as in accordance with the provisions below.
3. Personal Data
Personal data is any information relating to an identified or identifiable natural person. Such information shall include, for example, name, address, telephone number, e-mail address, IP address, user name, password, preferences, hobbies, memberships or websites viewed by a user.
4. Collection, Processing and Use of Your Personal Data
Every time you access our website, certain usage data will be transmitted by the respective Internet browser and stored in server log-files:
- date and time of your access to our website
- IP address of the requesting computer, anonymized by removing the last three digits
- name and URL of the file retrieved
- data volume transmitted
- information as to whether retrieval was successful
- identification data on the browser and operating system used
- website from which access takes place
- name of your Internet access provider
The collection and processing of such data is performed for the purposes of enabling you to use our website (connection set-up), ensuring system security, technically administrating the network infrastructure, providing law-enforcement authorities with information in the event of a cyber attack or misuse and optimizing our offering.
The data will be deleted three months after you leave our website.
Error logs which record erroneous page accesses will be deleted seven days after the attempted access.
The legal basis for the collection, storage and use of such data is our legitimate interest in providing you with the information on our website without restriction and ensuring the required security level (Art. 6 (1) sentence 1 lit. f) GDPR).
If you contact us via the contact form provided under the “Contact” section, we will collect and store your chosen form of personal address, your name, the company to which you belong, your e-mail address and the contents of the message which you transmit to us. The above information represents mandatory data to be included in our contact form. On the contact form, you can voluntarily include your academic degree, your first name or your telephone number if you would like us to reply to your message by phone and if you would like to be addressed with your full name. Please note that such voluntary data is not required in order to reply to your message and consider carefully whether you wish to communicate such data to us.
If you contact us by e-mail, we will collect and store your e-mail address, your name and the contents of your message. We store and use your personal data for the purpose of replying to your questions or for processing your messages or any subsequent questions or communication.
After our communication with you has finished, we will delete such data, subject to any statutory or official retention obligations or the lawfulness of the processing of such data on other legal grounds. This shall take place no later than one year after our communication with you has finished.
The legal bases for the processing of your personal data shall be your consent (Art. 6 (1) sentence 1 lit. a) GDPR) and our legitimate interest in being able to communicate with you to reply to your messages (Art. 6 (1) sentence 1 lit. f) GDPR).
You can subscribe to our free newsletter. The newsletter informs you about our user organization, our offers, our activities and products as well as about country-specific events at irregular intervals. We use the so-called double opt-in process for newsletter distribution. First, we collect your e-mail address, your chosen form of personal address, your name, the company for which you work as well as the country in which it is established. This information is mandatory. We need the information about the company and the country to which you belong in order to provide you with country-specific information. After you declare your consent to distribution of our newsletter on our website by clicking on the “Subscribe” button and stating your e-mail address, you agree that we send you a confirmation e-mail to the e-mail address set forth, containing a link with relevant explanations. We will be authorized to send you our electronic newsletter only after you click on this link after receiving the e-mail. Thus, your consent and your e-mail address will be verified again through your second click on the link.
For the distribution of our newsletter, we will use your name, your form of personal address and the company in which you work as well as the country in which the company’s registered office is located. If you have subscribed to our newsletter, you will have provided the following declaration of consent which we state here for your information:
I declare my consent to receiving information and/or advertising from Sercos in the form of newsletters.
You can object to such consent to use of your data for the purpose of distributing the newsletter at any time. A notice in text form (letter, facsimile, e-mail to the address email@example.com) or clicking on the unsubscribe link included in every newsletter is sufficient. For electronic or facsimile transmission, no fees apply except for the transmission fees in accordance with the base rates.
The legal bases for the processing of your personal data shall be the implementation of the existing use relationship with you regarding the newsletter (Art. 6 (1) sentence 1 lit. b) GDPR) as well as our legitimate interest in regularly informing you, upon your request, on our organization, our offers, our products and events etc. (Art. 6 (1) sentence 1 lit. f) GDPR) as well as your consent (Art. 6 (1) sentence 1 lit. a) GDPR).
4.4. Event Registration
You can register for our events online (e.g. user conferences, seminars, webinars). For this purpose, we require the following data: The preferred form of address, your name, the company in which you are employed, your e-mail address, if applicable, your company’s membership in one of our organizations and your function within the company. Furthermore, the booked event as well as the event venue and date will be stored and processed. We store and use such data in order to fulfill our contractual obligation to hold the event, to process and invoice the contract and to communicate with you by e-mail with regards to the event. We require information on the company in which you work and on your function in order to verify membership of your company in our organization and for the professional classification of the event. You can voluntarily state your personal title in the form of address if you wish to be addressed correctly. Please note that such voluntary data is not required in order to fulfill our contractual obligations, so please consider carefully whether you wish to communicate such data to us.
The legal bases for such use and processing of your data is the fulfillment of the contract on the participation in the event entered into with you and the implementation of respective pre-contractual measures (Art. 6 (1) sentence 1 lit. b) GDPR) as well as our legitimate interest in communicating with you about the booked event and being able to inform you in this regard (Art. 6 (1) sentence 1 lit. f) GDPR). Furthermore, your consent in accordance with Art. 6 (1) sentence 1 lit. a) GDPR is the legal basis.
4.5. Access to the Protected Member Area
If you belong to a Sercos member company, you can obtain access to our closed area for member information via our website. For this purpose, you need to enter your user name and your password which we communicated to you after you became a member. We store this data together with your member data and use them to provide you with access to the member information.
The legal bases for the use and processing of such data shall be the fulfillment of our obligations arising from your membership (Art. 6 (1) sentence 1 lit. b) GDPR), our legitimate interest as association in providing you with the information which is not supposed to be publicly accessible (Art. 6 (1) sentence 1 lit. f) GDPR) and, in addition, your consent (Art. 6 (1) sentence 1 lit. a) GDPR).
When you access our website for the first time, a session cookie assigns a character sequence generated randomly (session ID) which is allocated to your terminal device for connection control and clear distinction from other visitors accessing the website at the same time, thus marking the respective visit to the site. This cookie contains the session ID in which the accessing Internet server as well as the time of access are encrypted. We use session cookies to maintain the connection during your visit to our website.
We use temporary cookies only to customize our offering to your needs and make it convenient and to facilitate your use of our offering, If you repeatedly use our services, you do not have to provide certain information again and will be quickly forwarded to our offering. Temporary cookies are deleted automatically after a certain time of inactivity (defined session timeout). Inactivity means that you have not visited our website in the meantime. The defined session timeout is generally three years after your first identification by the temporary cookie.
The legal bases for the processing of your data shall be our legitimate interest in the technical functionality of our website as well as improvement of our service offering on the website (Art. 6 (1) sentence 1 lit. f) GDPR) as well as, in addition, your consent (Art. 6 (1) sentence 1 lit. a) GDPR).
In your browser settings, you can reject, delete from your computer or block cookies or activate the function that you wish to be asked every time a cookie is to be stored. You do not have to accept cookies in order to use our website. However, we point out that logging onto the member area is not possible if you do not accept the cookies. Below, we show you an example of how to deactivate cookies:
Example for Internet Explorer:
1. Open Internet Explorer.
2. Select “Internet Options” in the “Extras” menu.
3. Click on the “Privacy” tab.
4. You can now determine whether cookies will be accepted, selected or rejected.
5. Confirm your settings with “OK.”
Example for Firefox:
1. Open the Firefox browser.
2. Select “Settings” in the “Extras” menu.
3. Click on the “Privacy” tab.
4. Select the “Use custom settings for history” option in the drop-down menu.
6. Confirm your settings with “OK.”
Example for Safari:
1. Open the Safari browser.
2. Select “Settings” in the toolbar (pictogram: gray gearwheel in the upper right corner) and click on “Privacy.”
3. Under “Accept cookies”, you can determine whether and when Safari will accept cookies of websites. For additional information, click on “Help” (?).
4. If you wish to receive more information on cookies which are stored on your computer, click on “Show cookies.”
4.7. Web Analysis
We use tracking tools in order to ensure customized design and ongoing optimization of our website and to document the use of our website statistically and to evaluate it for the purpose of optimizing our offering for you.
This website uses Google Analytics, a web analysis service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter referred to as “Google”).
In this context, pseudonymized user profiles are created and cookies are used. The information generated by the cookie on your use of our website such as browser type/browser version, operating system used, referring URL (the website you previously visited), host name of the accessing computer (IP) address and time of the server request is transmitted to a Google server in the USA and stored there. This information is used in order to evaluate the use of the website, to compile reports on the website activities and to render additional services connected with the use of the website and of the Internet for market research purposes and the need-based design of these websites. This information may also be transmitted to third parties to the extent this is required under applicable law or to the extent third parties process such data.
Your IP address will not be combined with other data of Google under any circumstances. The IP addresses will be anonymized so that allocation is not possible (IP masking). To ensure an anonymous collection of IP addresses, Google Analytics has been extended to the code “gat._anonymizeIp();” so that IP addresses are processed only shortened to exclude a direct personal identification.
You may reject the installation of cookies by selecting the appropriate settings in the browser software. Please note, however, that in this case you may not be able to use all functions of this website to their full extent (see No. 4.6).
Furthermore, you can prevent the data generated by the cookie relating to your use of the website (including your IP address) from being collected and processed by Google by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).
As an alternative to the browser add-on, in particular for browsers on mobile terminal devices, you can prevent the collection of data by Google Analytics by clicking on the following link in order to activate an opt-put cookie: Including the function to activate the opt-out cookie… An opt-out cookie is set which prevents future collection of your data when you visit this website. The opt-out cookie is only active in this browser and for our website and is stored on your device. If you delete the cookies from your browser, you have to set the opt-out cookie again.
You can find further information on data protection in connection with Google Analytics in the help section of Google Analytics (https://support.google.com/analytics/answer/6004245?hl=de).
The legal bases for the processing of your personal data by Google Analytics shall be our legitimate interest in receiving information which enables us to analyze the use of our website statistically and to optimize our website (Art. 6 (1) sentence 1 lit. f) GDPR) as well as, in addition, your consent in accordance with Art. 6 (1) sentence 1 lit. a) GDPR.
4.8. Social Media Plugins
Via the usual social plugins of social networks such as Facebook and Twitter, the individual social networks can receive precise information on the surfing behavior of the users (so called user tracking): When accessing websites which have an embedded plugin, the browser of the user establishes a direct connection to the servers of the respective social network. This results in the user data, in particular, the IP address, being sent to the network; thus, the network is informed that the user visited the corresponding website. If the user is logged on to the social network at the same time, it can allocate the visit to the website to the account of the user. If the user wishes to prevent this, s/he has to log out from his social network before visiting websites which have embedded social plugins.
However, even in cases in which the user is not a member of a network, data transmission to the respective networks takes place if the usual social plugins are embedded. For the websites which have an integrated active social plugin a cookie is set every time you access the websites. This cookie is automatically sent along every time connection to a server of the network is established so that in principle, the network is able to compile all websites which the user visited, thus creating a profile. Therefore, it is not excluded that the data stored with the respective network are allocated to an individual if such individual registers with one of the social networks later on.
As numerous networks are based outside Europe, for example in the USA, in the cases described above, your data is transmitted to the social networks in such third countries, such as the USA. In this connection, we point out the following facts: Even if companies in the USA are subject to the EU-US Privacy Shield (see list of the companies under www.privacyshield.gov/list) and thus obliged to comply with the data protection regulations stipulated in the agreement, the transmission of data outside Europe, in particular to the USA, entails data protection risks.
Further details on the purpose and scope of data collection, processing and use by the social networks and the respective rights of the user and the options for the protection of privacy via the profile/account settings are set forth in the privacy notices of the respective networks. Regarding our website, the following are relevant in this connection:
The Facebook social network is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. Information on data protection can be found at https://de-de.facebook.com/about/privacy.
The Twitter social network is operated by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. Information on data protection can be found at https://twitter.com/privacy.
The LinkedIn social network is operated by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Information on data protection can be found at https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv.
The YouTube platform and the network is operated by YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. Information on data protection can be found at https://policies.google.com/privacy?hl=de&gl=de.
We use plugins in order to provide you with the option to share your interests with your contacts in the social networks and to communicate with us and your network using social media. However, at the same time, we would like to provide you, as a user of our website, with the best possible protection from transmission of your data without your consent. The specific transmission of your data to the network shall only be possible if you consent to data transmission to the respective network. Therefore, as a standard and for the protection of your data, we use the Shariff c’t project developed by the magazine publisher Heise. By means of Shariff, you can use our services without your surfing behavior being visible for the social networks.
The legal bases for placing plugins and transmission of your data to the social networks shall be our legitimate interest in enabling you to communicate in the social media with your network and in increasing our brand awareness in social media (Art. 6 (1) sentence 1 lit. f) GDPR) as well as, in addition, your consent (Art. 6 (1) sentence 1 lit. a) GDPR). In this regard, we have implemented the required measures of protection to protect your fundamental rights and fundamental freedoms.
The Shariff button establishes connection to the social network only if you become active and click on the button. It is only from that point in time that your user data is transferred to the respective network in the USA or other countries and stored there if applicable, as described above. Before that, the social networks cannot obtain any data from you. For further information on the Shariff c’t project, please click here.
4.9. Processing/Disclosure of Data
Notwithstanding any other provisions, we reserve the right to transmit your data to third parties acting on our behalf (processors) based upon the above-mentioned legal grounds (e.g. in the course of IT support or newsletter distribution). In each case, there are agreements on the processing with the service providers engaged in this context. Such agreements ensure that the data disclosed in this context is used by our processors only for the fulfillment of the tasks required by us in accordance with the above purposes and in compliance with the required technical and organizational measures for data security and data protection.
4.9.2. Disclosure of Data to Third Parties
Apart from the above, disclosure of your personal data for purposes other than those set forth below shall not take place. We disclose your personal data to third parties only if:
- you expressly granted your consent thereto in accordance with Art. 6 (1) sentence 1 lit. a) GDPR;
- disclosure is required under Art. 6 (1) sentence 1 lit. f) GDPR for the establishment, exercise and defense of legal claims and there is no reason to assume that you have an overriding interest worth protection in non-disclosure of your data;
- there is a legal obligation for such disclosure under Art. 6 (1) sentence 1 lit. c) GDPR as well as
- this is legally permissible and necessary for the performance of contractual relationships with you in accordance with Art. 6 (1) sentence 1 lit. b) GDPR;
5. Encryption/Data Security
5.1. Collection, processing and use of your data via our website is only performed in encrypted form via SSL encryption (so-called Secure Socket Layer – Certificate: DST Root CA X3). SSL is used in order to encrypt the continuous data stream between the server and the browser of a user to prevent “secret interception and reading out” of data to the extent this is technically possible. Among other aspects you can recognize an SSL connection by the fact that the URL in the address bar of your browser is marked with “https://” and/or a “lock symbol” (icon) appears next to the address bar of our web browser. Depending on the browser you use, you can receive additional information on the encryption and/or the SSL certificate used by clicking on the icon.
5.2. We point out that it is not possible to guarantee full data security in the course of e-mail communication. For the transmission of confidential information, using ordinary mail or delivery by courier might be preferable.
5.3. Apart from that, we use all appropriate technical and organizational security measures in order to protect your data against accidental or intentional manipulations, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are improved and further developed on an ongoing basis in accordance with technical development.
6. Erasure of the Data/Restriction of Data Processing
In principle, your data will be deleted if your consent is withdrawn or if it is not necessary anymore for the purpose of data processing and if there is no legitimate interest in further storage and processing. However, if such data has to be stored due to existing legal, official or contractual obligations (e.g. warranty, financial accounting), the data processing is restricted by marking and blocking such data.
7. Rights of Data Subjects
As a data subject affected by data processing, you have the following rights:
Right of Access (Art. 15 GDPR)
You are entitled to request access to the stored personal data relating to you. This shall particularly include information on the purposes of processing, the categories of the personal data processed, the categories of recipients to whom your data was or is disclosed, duration of storage, existence of a right to rectification, erasure, restriction of processing or object, the existence of a right to lodge complaints, the origin of your data to the extent such data was not collected by us as well as on the existence of automated decision-making systems including profiling and, if applicable, meaningful information on the details thereof. Furthermore, you are entitled to receive a copy of the personal data which is processed by us.
Right to Rectification (Art. 16 GDPR)
You shall have the right to request from us without undue delay the rectification of inaccurate personal data and to have incomplete personal data completed.
Right to Erasure/”Right to be Forgotten” (Art. 17 GDPR)
You shall have the right to request from us the erasure of your personal data in accordance with the legal provisions. To the extent erasure is prevented by legal and official retention obligations or the processing is needed to exercise the right of freedom of expression and information, fulfillment of a legal obligation, for reasons of public interests or for the establishment, exercise or defense of legal claims, the processing of the data is restricted (see below).
Right to Restriction of Processing (Art. 18 GDPR)
You shall have the right to request from us subject to the legal conditions that we restrict processing of your personal data, i.e. that we mark the data and restrict their future processing (blocking).
Right of Data Portability (Art. 20 GDPR)
You shall have the right to request from us subject to the legal conditions that we transmit to you or a controller designated by you the personal data provided by you in a structured, commonly used and machine-readable format.
Right to Object to Direct Marketing (Art. 21 GDPR)
You shall have the right to object to processing of your personal data for advertising purposes (“objection to advertising”).
Right to Object to Data Processing if “Legitimate Interest” is the Legal Ground (Art. 21 GDPR)
You shall have the right to object to data processing by us at any time to the extent such processing is based upon “legitimate interest” as the legal basis. We will then cease processing of your data, unless we can prove - in accordance with the legal provisions - compelling reasons for further processing worth protecting which override your rights.
Right to Withdraw Consent (Art. 7 (3) GDPR)
To the extent you provided us with a consent to collect and process your data, you can withdraw such consent at any time with effect for the future. The lawfulness of processing of your data in the future up to the point in time of withdrawal shall remain unaffected thereby.
Right to Lodge a Complaint with a Supervisory Authority (Art. 77 GDPR)
You can lodge a complaint with the competent supervisory authority if you are of the opinion that the processing of your data infringes applicable law. For this purpose, you can contact the data protection authority competent for your place of residence or your country or to the data protection authority competent for us.
8. Up-to-Datedness of and Change to the Data Protection Declaration
This Data Protection Declaration is currently in force and is the version of May 25, 2018.
Due to the further development of our website and offers or due to changed legal or official conditions, it may become necessary to change this Data Protection Declaration.
You can access the respective valid Data Protection Declaration at https://www.sercos.de/datenschutz at any time and print it out and store it.
Sercos International e.V.
The Board of Sercos International e.V has representation authority:
Dr. Thomas Bürger (1st Chairman)
Klaus Weyer (2nd Chairman)
Matheus Bulho (2nd Chairman)
Prof. Alexander Verl (2nd Chairman)
Register of Associations: Frankfurt Register of Associations No. 9582
VAD ID: DE 156120726
Version: May 25, 2018