Data Protection

Data Protection Information

Fraunhofer Institute for Laser Technology ILT

When you use this website, we process your personal data as data controllers and save them for the duration required to fulfill the defined purposes and legal obligations. The sections below provide further details about the data this involves, how they will be processed and which rights you have in this regard.

Personal data, as defined by Article 4 (1) General Data Protection Regulation (GDPR) include all information related to an identified or identifiable natural person.

1. Scope of Application
2. Name and Contact Information of Controller and Corporate Data Protection Office
3. Personal Data Processing and Purposes of Data Processing
4. Transfer of Data
5. Cookies
6. Webanalyse/Tracking
7. Social-Media-Plugins
8. Rights of the Data Subject
9. Data Security
10. Timeliness and Amendments to this Data Protection Information

1. Scope of Application

This data protection information applies to data processing all project websites of our project lasercongress.org, as well as to all associated project service offers in the form of web utilities or mobile apps (hereinafter: Website to facilitate readability), in each case whenever reference is made to this data protection information. The controller is:

2. Name and Contact Information of Controller and Corporate Data Protection Office

Fraunhofer-Gesellschaft
zur Förderung der angewandten Forschung e.V.
Hansastrasse 27 c,
80686 München, Germany

on behalf of its Fraunhofer Institute for Laser Technology ILT,
Steinbachstraße 15, 52075 Aachen, Germany
E-Mail: info@ilt.fraunhofer.de
Telefphone: +49 241 8906-0
Fax: +49 241 8906-121

The corporate data protection officer at Fraunhofer can be reached at the above-mentioned address in Munich, c/o Data Protection Officer or at datenschutz@zv.fraunhofer.de.

Please feel free to contact the data protection officer directly at any time with your questions concerning your data protection rights and/or your rights as data subject.

3. Processing of Personal Data and Purposes of the Data Processing

a) During your Website Visit

Every time you visit our web pages, our website servers save a protocol of your device accessing our website. This storage is temporary and lasts only until the automated deletion. Our website server saves the following access data until their automated deletion:

The IP address of the requesting device
Access date and time
Name and URL of the accessed data
The transmitted data volume
The message whether the access was successful
The used browser and operating system
Name of the Internet Provider (ISP)
The referring website (referring URL)

The server processes these data for the following purposes:

To enable the use of the website ((link connection)
Administration of the network infrastructure
Appropriate technical and organisational measures to ensure IT systems and data security commensurate with the available state of the art technology
To offer user-friendly service
To optimize the Internet offering

Legal foundations for the above processing purposes:

Processing in response to a website visitor according to numbers 1-2 Article 6 para. 1, page1, lit. b (Requirement for compliance with provisions of the website user contract)
Processing pursuant to numbers 3, Article 6 para. 1, page 1, lit. c GDPR (legal obligation to implement technical and organisational measures to ensure secure data processing according to Article 32 GDPR and Article 6 para. 1, page 1, lit. f GDPR (legitimate interests in data processing for the network and information security) as well as
Data processing pursuant to numbers 4 – 5, Article 6 para. 1, page1 lit. f GDPR (legitimate interests) – our legitimate interests in the processing of data are based in our desire to offer user-friendly optimised web pages.

After the specified period of 30 days, our web server automatically deletes the above-mentioned data. To the extent that data are processed longer for purposes according to numbers 2 – 5, we will anonymise or delete the data as soon as their storage no longer serves the respective purpose(s).

Furthermore, we place cookies on the devices of our website visitors and use analytical services. For more information on the use of cookies and analytical services, please see Sections 4 and 5 of this Data Protection Statement.

b) Visitor Registration for Events

Paid Event
In the course of accepting the registration for events, we collect the following required data:

Gender
Last name, first name
Email address
Address
Company Data
Payment information, dependent on the selected payment procedure (e.g. credit card, bank account)

We collect the required data in order to identify you as participant of the event, to check the provided information for plausibility, to reserve a place for the participant in the event and to establish a contract with you. We also want to supply the participant with information during and after the event, offer the participant an optimal participation and allow us to plan and execute a smooth running event.

We need the payment data to collect the participation fees.

Collecting the voluntary information allows us to plan and conduct the event according to the interests of the participants in an age-appropriate fashion.

We process the data based on your enquiry and for the declared purposes as prescribed by Article 6 para. 1, page 1, lit. b GDPR to perform the contractual obligations toward the participants and meet the conditions precedent to entering into the contract.

We will store the personal data collected in context with the event until the end of the regular limitation period of three (3) years following the end of the year of the event. We will then delete the data unless we are obligated by law to store the data for a longer period according to compulsory safekeeping and documentation obligations pursuant to Article 6 para. 1, page 1 lit. c GDPR and in particular according to § 147 AO [General German Fiscal Code]) or unless you have agreed to a longer data storage according to Article 6 para. 1, page 1 lit. a GDPR. In case of longer data storage, we shall process the data solely to the extent mandated by law or according to your permission. As for all else, the further processing of the data shall be barred.

In the context with event registrations via Internet form, we work with our service providers

cubos Internet GmbH, Goethestraße 5, 52064, Aachen, Germany
BS PAYONE GmbH, Niederlassung Kiel, Fraunhoferstraße 2-4, 24118 Kiel, Germany
Concardis GmbH, Helfmann-Park 7, 65760 Eschborn, Germany

The purpose of this collaboration is the professional management of online registrations to our events. In the process, our service provider cubos Internet GmbH, BS PAYONE Gmbh and Concardis GmbH in Germany stores the provided data.

We entered into an order processing contract with cubos Internet GmbH. In this contract, cubos Internet GmbH agrees to process the data on our behalf in compliance with the General Data Protection Regulation (GDPR) and guarantees to comply with the rights of the affected person.

c) Subscriptions to our PR Distribution List

We will send regular press releases and media information to your email address providing you consent explicitly to joining our PR distribution list and the use of your email address for this purpose according to Article 6 para. 1, page 1, lit. a GDPR. We ask you for the following required data to complete your PR distribution list subscription:

Salutation
Last name, first name
Press medium / Company
Departement
Street, House Number
ZIP, City, Country
Email address
Press Mailing List Language

You may also volunteer your title.

We need your title and name to address our communications to you personally.

We use your company name and/or the name of your communication medium to identify you as member of the media and to send you invitations by mail.

Once we receive your subscription, we will send you a subscription confirmation email. We need you to reply to this email to confirm that you are indeed the person who wants to subscribe to our PR distribution list (double opt-in procedure). Only after this confirmation will we include you in our mailing list.

You may unsubscribe at any time either by using the unsubscribe link at the end of every press release or announcement or alternatively by email presse@ilt.fraunhofer.de.

Upon receiving your unsubscribe notification, we will immediately delete your email address from our subscriber list.

4. Transfer of Data

With exception of the above-mentioned cases of data processing by service providers on our behalf (see Registration for Events, Subscriptions to our PR Distribution List, …), we give your personal data only to third parties (i.e. to natural and legal persons other than you, the affected person), the controller or the service provider or his/her vicarious agents under the following circumstances:

You consented explicitly to the data transfer to a third party according to Article 6 para. 1, page 1 lit. a GDPR
The data transfer is required for the contractual performance of the contract with you according to Article 6 para. 1 page 1, lit. b GDPR
Data transmission to the mail order firm which will deliver the goods you ordered
Payment data transmission to payment service providers and credit institutes for payment transactions
We are legally obligated to surrender the data to financial or judicial authorities according to Article 6 para. 1, page 1 lit. c GDPR
Giving your data to third parties is required to exercise, enforce or defend legal claims, and there is no reason to assume that you as affected person could have an overriding interest worth protecting in the non-transfer of your personal data according to Article 6 para. 1 S. 1 lit. f GDPR. Such a data transfer to government and/or law enforcement authorities may occur in cases of attacks on our IT systems.

Third parties may use the transferred data only for the above-mentioned purposes.

If you have registered for an event, it may be necessary in the course of the contractual performance that your personal data are transmitted to an external organiser. The confirmation of your event registration will name the event organiser and tell you whether he/she is an external organiser. This event organiser will not only organise and manage the event but also process the registration data.

According to Article 28 GDPR, our service providers host our websites on servers located in Germany exclusively.

cubos Internet GmbH, Goethestraße 5, 52064, Aachen, Germany
BS PAYONE GmbH, Niederlassung Kiel, Fraunhoferstraße 2-4, 24118 Kiel, Germany
Concardis GmbH, Helfmann-Park 7, 65760 Eschborn, Germany

The transfer/transmission of personal data to countries outside the EU or an international organisation shall be excluded.

5. Cookies General This website uses cookies. Cookies are small files that your browser automatically generates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device nor do they contain viruses, Trojans or other malware. Cookies store information associated with the specific device used. That does not mean that we can directly identify you.. Overview of the cookies we use:

Cookie name	Purpose of use	Cookie content	Lifetime	Responsible	Cookie type
pll_language	Saving the language selection	Language code DE, EN	1 year	Polylang	Necessary

Cookies that are not absolutely technically necessary for you to use a web service expressly requested by you are only set after you have consented. You can give this consent via the cookie banner that is displayed when you visit the website. This consent then becomes the legal basis for the storage of and access to the content of the cookies (Sec. 15 (3) TMG in conjunction with Art. 5 (3) clause 1 of Directive 2002/58/EC). Necessary cookies The processing of personal data in the context of technically necessary cookies is based on our legitimate interest in providing our web services that you have expressly requested (Art. 6 (1) clause 1 lit. f GDPR, if applicable in conjunction with Art. 95 GDPR, Art. 5 (3) of Directive 2002/58/EC). For example, we use so-called session cookies to allow session controls or to store data entries in forms or shopping carts during the session. Session cookies are deleted no later than when you close your browser. Right of withdrawal You may revoke your consent to the storage of and access to the content of the cookies at any time with effect for the future pursuant to Art. 7 (3) GDPR or object to the use in whole or in part of cookies that are not technically necessary. If you revoke your consent or object to the use, we will set a cookie (an opt-out cookie) that documents your decision and allows us to implement it. The opt-out cookie works only in this browser and only for our website. It is stored on your device. If you delete the cookies in this browser, you will have to set the opt-out cookie again. Most browsers automatically accept cookies. However, you can configure your browser to not store any cookies on your computer or to display a notice before new cookies are set. Completely disabling cookies may mean that you cannot make full use of all functions of our website. Your revocation has no effect on the lawfulness of the processing activities we perform on the basis of our legitimate interests (Art. 6 (1) clause 1 lit. f) GDPR).

6. Webanalyse/Tracking

LeadLab (Wiredminds GmbH)
Our website uses the Leadlab service by Wiredminds GmbH and its tracking pixel technology to analyze user behavior and optimize our site accordingly. The service particularly allows us to identify which companies have visited our site. In so doing we do not obtain any information that may identify you directly.

The use of Leadlab involves cookies and tracking pixels which allow statistical analysis of the use of this website based on your visits. Information, including personal information, about your visiting behavior is stored in the cookie and sent to Wiredminds or is directly obtained by Wiredminds. Wiredminds uses a pseudonym to process the information in a usage profile for the purpose of analysis. The data are anonymized to the extent possible.

Without your specific permission, we neither use the data collected to identify you personally nor will we match the data with personal data pertaining to the pseudonym associated with you.

If IP addresses are collected, they are immediately anonymized after collection by deleting the last number block.

For more information about data protection at Wiredminds, please visit the company’s website.

We process statistical data based on our legitimate interest pursuant to Article 6 (1) lit. f GDPR for the purpose of optimizing our online offering and our web presence. Wiredminds processes the data on our behalf based on a data processing agreement between us and Wiredminds. This agreement ensures that the data processing on our behalf is compliant with the General Data Protection Regulation and guarantees the protection of the data subjects’ rights.

7. Social Plugins

We use so-called social media buttons (also called social media plug-ins) on our website. These are small icons you can use to publish contents from our website on social networks under your own profile.

If you activate such an icon, a connection is established between our website and the social network. In addition to the contents in question, the operator of the social network obtains further, in part also personal information. For example, this includes the fact that you are currently visiting our site.

The social media buttons are integrated using the so-called Shariff solution. This solution prevents your device from establishing a link to the social network merely because you visit a website featuring a social media plug-in button without you having clicked on that button. This means that information is only transmitted to the social network when you activate the button.

We integrate the following social plug-ins on our website:

LinkedIn Corporation: Sharing on LinkedIn
In part, information is transmitted to the parent company LinkedIn Corporation, headquartered in the USA, to other LinkedIn-companies and external partners of LinkedIn, each of which may be located outside the European Union. LinkedIn utilizes standard contractual clauses approved by the European Commission.

Further information on data protection on LinkedIn can be found in the company’s privacy policy at https://www.linkedin.com/legal/privacy-policy.

Pinterest Europe Ltd.: Sharing on Pinterest
In part, information is transmitted to the parent company Pinterest Inc., headquartered in the USA, to other Pinterest-companies and external partners of Pinterest, each of which may be located outside the European Union. Pinterest utilizes standard contractual clauses approved by the European Commission and relies on the European Commission’s adequacy decisions about certain countries.

Further information on data protection on Pinterest can be found in Pinterest’s privacy policy at https://policy.pinterest.com/en/privacy-policy.

8. Rights of the Data Subject

You have the right:

pursuant to Art. 7(3) GDPR, to withdraw your consent at any time. This means that we may not continue the data processing based on this consent in the future;
pursuant to Art. 15 GDPR, to obtain access to your personal data processed by us. In particular, you may request information about the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the personal data have been or will be disclosed, and the envisaged period for which the data will be stored. Moreover, you have the right to request rectification, erasure, or restriction of processing, to object to processing, the right to lodge a complaint, and to obtain information about the source of your data if they were not collected by us as well as about the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the details involved;
pursuant to Art. 16 GDPR, to obtain without undue delay the rectification of inaccurate data or the completion of your personal data stored by us;
pursuant to Art. 17 GDPR, to obtain the erasure of personal data stored by us unless processing is necessary to exercise the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest, or to establish, exercise or defend legal claims;
pursuant to Art. 18 GDPR, to obtain restriction of processing of your personal data if you contest the accuracy of the data, the processing is unlawful but you oppose the erasure of the personal data, or if we no longer need the personal data while you still require it for establishing, exercising or defending legal claims, or if you have filed an objection to the processing pursuant to Art. 21 GDPR;
pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us, in a structured, commonly used and machine-readable format or to demand the transfer of those data to another controller and
pursuant to Art. 77 GDPR, the right to lodge a complaint with a supervisory authority. Generally, you may contact the supervisory authority of your usual residence, place of work or the registered offices of our organization.

Information on your right to object pursuant to Art. 21 GDP

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data pursuant to Art. 6 (1) lit. e GDPR (data processing carried out in the public interest) and Art. 6 (1) lit. f GDPR (data processing for purposes of legitimate interests). This also applies to any profiling as defined in Art. 4 (4) GDPR that is based on said provision in Art. 6.

If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or unless the processing serves the establishment, exercise or defense of legal claims.

If your objection is directed against the processing of data for the purpose of direct advertising, we will stop the processing immediately. In this case, citing a special situation is not necessary. This includes profiling to the extent that it is related to such direct advertising.

If you would like to assert your right to object, simply send an email to datenschutzkoordination@zv.fraunhofer.de.

9. Data Security

All your personal data are transmitted in encrypted format, using the widely used and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard that is also used, for instance, in online banking. You will recognize a secure TLS connection by the additional s after http (i.e., https://…) in the address bar of your browser or by the lock icon in the bottom part of your browser window.

In all other regards, we use suitable technical and organizational security measures to protect your data against accidental or intentional manipulations, partial or complete loss, destruction, or the unauthorized access of third parties. We continuously improve our security measures in accordance with the state of the art.

10. Timeliness and Amendments to this Data Protection Information

The further development of our website and the products and services offered or changed due to statutory or regulatory requirements, respectively, may make it necessary to amend this data protection information. You may access and print out the latest data protection information at any time from our website.