Privacy Policy



Privacy Policy

 

With this Privacy Policy we would
like to inform you about the processing of your personal data at the following
sites:

 

www.notghi.com

www.notghiacademy.com

www.notghiacademy.com/ilias

www.pharmaperspektive.de

www.dr-notghi-cro.de

www.proband-potsdam.de

 

1         
Contact

Responsible person according to the
European General Data Protection Regulation (GDPR) is:

Dr. Notghi Contract Research GmbH

Beuthstraße 7

10117 Berlin

(herein after referred to as ”Dr. Notghi“
or ”We“)

 

Phone: +49 30-206 225 0

E-Mail: contact[at]notghi.com

You may contact
the Data Protection Officer of Dr. Notghi with all questions regarding data protection
directly via e-mail to datenschutz[at]notghi.com or via mail with the subject
"Data Protection".

2         
Personal Data

Personal data according to this privacy policy shall mean any information concerning the personal or material circumstances of
an identified or identifiable individual
, including
your name, e-mail or mailing address, phone number, or username with password.

 

3         
How we Use your Data

 

3.1        
General Usage of the Website

With every visit to our website your
browser will send certain information to our server. This includes information on
IP address, date and time of access, result code / HTTP status code, browser
information (like version, operating system, and language).

We use these data to ensure a smooth
operation of the website and to protect the stability and safety of our
systems. The legal basis for this data processing is the GDPR Art. 6 paragraph
1 sentence b.

The data mentioned above are temporarily
stored into internal log files to gather statistical usage data of our website
in order to enhance our website in regards to the usage patterns of our
visitors and to generally administer the website. This data processing is done
in accordance with GDPR Art. 6 paragraph 1 sentence f for the purpose of our
legitimate interests.

Data saved in the log files do not allow to
identify a person directly and will be completely anonymized after a short
while.

 

3.2        
Contact Form

To contact us
you can use our contact form. Here you can enter your name, your e-mail address,
your phone number as well as a free text. The sole purpose of saving and using
the entered data is to be responsive to your wishes, questions and critique.
The legal basis for this data processing is the GDPR Art. 6
paragraph 1 sentence b, based on our legitimate interest in improving of our
products and services.

3.3        
Career

At the "Career
section you have the opportunity to apply for interesting jobs at Dr. Notghi by
using an online form or through our e-mail address
jobs@notghi.com. The data and documents you submit are only
being saved and used for the selection of applicants.

For the
reception and further processing of your application we ask for personal data
like name, surname, e-mail address, application documents (like certificates
and curriculum vitae), date of earliest beginning of job, salary amount
request.
The legal basis for
this data processing is the GDPR Art. 6 paragraph 1 sentence b and Art. 8
paragraph 1 together with § 26 paragraph 1 sentence 1 BDSG
("Bundesdatenschutzgesetz").

 

We will keep your
application documents for a period of 6 months after the end of the application
process.

 

3.4        
Application Form Dr. Notghi Academy

In order to apply for further
education programs offered at our website
www.notghiacademy.com, you have to fill in certain personal data on the application form. Besides
your name, surname, mailing address, phone number and e-mail address as well as
a free text, you have the option to upload specific documents (cover letter, CV
and reference letters) that might reveal even more personal data.

 

The data and documents
you are transmitting will be saved and used by us during the application
process. When you start one of our further education programs, your data will
be saved in your personnel file and will be kept twelve more months after
ending the program for quality assurance purposes. In case of the cancellation
of your attendance your data will be permanently deleted after 6 months.
The legal basis for this data processing is the GDPR Art. 6
paragraph 1 sentence b.

3.5        
User Account at ILIAS (E-Learning)

If you want to
participate in one of the trainings offered at our website
www.notghiacademy.com/ilias, you need to register by creating a user account. For this purpose you
have to provide us with personal data, such as your name, company name, e-mail address,
phone number and mailing address.

By entering
this data you give us permission to register you for the participation in our
courses, to use the data for the proceeding of the courses and to keep you
informed about your progress and to support you within your training.
The legal basis for this data processing is the GDPR Art. 6
paragraph 1 sentence b.

 

We also use your
e-mail and mailing address to provide other related services such as giving you
further news and information about other courses you could be interested in.
The legal basis for this data processing is the GDPR Art. 6
paragraph 1 sentence f based on our legitimate interest in the conduct of our
courses.

 

After the participation
in one of our courses, we will ask you for an evaluation of the training. If
you provide us with your explicit consent, we may share your evaluation on our
website.
The legal basis for this data processing is
the GDPR Art. 6 paragraph 1 sentence a.

 

The data stored
in your user account will be saved for 6 months in order to give you the chance
to purchase another training within this period. Afterwards the data will be
permanently deleted.

 

If you want to
modify your ILIAS account or if you want to delete it prematurely, please
contact
elearning@notghi.com.

3.6        
Purchase

If you order
our services or choose a training, you have to make an online payment. Your payment
data will be submitted to our payment service provider "PayPal" (PayPal
(Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg).
Paypal is handling this data on its own responsibility. Further information is
available at the
Privacy Policy of Paypal.

 

3.7        
Google Maps

Our website
uses the map service Google Maps of Google LLC, 1600 Amphitheatre Parkway,
Mountain View, CA 94043, USA („Google“). In order to embed and display the map
data in your web browser the web server needs to contact a Google server, which
may be located in the USA. In case that this transfers personal data to the USA
Google adheres to the
EU-US Privacy Shield.
Google will get the information that our website was contacted from the
particular IP address of your device.
The legal basis
for this data processing is the GDPR Art. 6 paragraph 1 sentence f based on our
legitimate interest in embedding a map service for getting in contact with you.

 

If you use the
map service while being logged in into your Google profile, Google may connect
this event with your Google profile. If you do not wish this to happen please
log out of your Google profile before using the map service. Google stores your
data and uses it for advertising, market research and personalized rendering of
Google Maps. You can object to the processing of your personal data at Google.

 

For further
information see the
Privacy Policy of
Google and the
additional
terms of use
of Google Maps.

 

4         
Usage of our Cookies

In order to make
the visit on our website more convenient and to track the functionality and
activity of our websites, we use cookies. These are small text files that are
saved on your computer and allow the identification of you as a user. Cookies
are not used to execute programs or to load viruses to your computer. The main
purpose, however, is to personalize our offers and to make the use of our
services as efficient as possible.

We use Cookies
to store your preferences for our web site, e.g. language setting or the login
functionality for our password protected area at our web site. We would like to
realize a more comfortable and individual experience for you. These services
are based on our legitimate interest. The legal base is the GDPR Art. 6 paragraph 1 sentence b.

Additionally, we
use Cookies and similar technologies (e.g. Web-Beacons) of partners for
analytics and marketing purposes. Details are described below.

 

5         
Transmission of Data

A transmission of the personal data will
only be done if:

·        
You explicitly expressed consent to this
transmission pursuant to GDPR Art. 6 paragraph 1 sentence a.

·        
The transmission is necessary for the purposes of
our legitimate interests or by a third party, and such interests are not
overridden by the interests or fundamental rights and freedoms of the data
subject which require protection of personal data pursuant to GDPR Art. 6
paragraph 1 sentence f

·        
We are obliged to transmit this information by
law pursuant to GDPR Art. 6 paragraph 1 sentence c

·        
The transmission is allowed by law and necessary
for the performance of a contract to which you are a party or in order to take
steps at the request of you prior to entering into a contract pursuant to GDPR
Art. 6 paragraph 1 sentence b

Furthermore, a transmission may be done
after a lawful request of governmental authorities, court decisions or legal
acts of law enforcement.

A part of the
data processing may happen with our service providers. In addition to the
service providers mentioned in this data privacy document this may comprise
data centers, software providers, IT-service providers for maintenance, Help
Desks, agencies, market research companies, enterprises, and consulting
companies. If we transmit your personal data to these parties they are obliged
to use this data only to fulfil their tasks. The services providers were
carefully selected and authorized. If these service providers process your data
outside of the European Union it may happen that data are transmitted to a
location with a reduced data protection level compared to the European Union. In
this case we ensure that the respective service provider is contractually bound
or by other means able to guarantee a comparable data protection level (e.g. by
standard contract clauses or certification according to the EU-U.S. Privacy
Shield).

A copy of these
guarantees is available from our Data Protection Officer (see section 1).

6         
Storage Duration

Generally, we
store personal data only as long as it is necessary to fulfil contractual or
lawful obligations we obtained the data in the first place. Afterwards we
immediately delete the data except if the data are needed after expiration of
the limitation of claim duration to gather evidence in civil claims or by law,
which may require longer retention periods.

 

7         
Your Rights

·        
You have the right to get information about your
personal data processed by us. In this case we will explain the data processing
and provide you with an overview of your stored personal data.

·        
If the data stored is not correct or not current
you have the right to request rectification of your personal data.

·        
You may also request erasure of your personal data.
If the erasure of your personal data is, in exceptional cases, not possible
because of obligations by law the data access will be further restricted so
that they are only available for this specific purpose.

·        
You have the right to demand restriction of
processing of your personal data, e.g. if you have doubts about the correctness
of the data.

·        
You have the right to data portability for your
personal data. This means we will provide you with a copy of the personal data
provided by you.

·        
Furthermore, you have the right to object to
processing of your personal data if they are based on our legitimate interest
pursuant to
GDPR Art. 6 paragraph 1 sentence f. In
newsletters you will find a link for opting out of the reception of the
newsletter.

·        
To enforce your rights mentioned in the previous
paragraphs you can always get in contact with our Data Protection Officer (see
section 1).

 

You also have the right to
lodge a complaint with the regulatory authority for
data protection. You can also contact the regulatory authority for data protection
in the member state of your residence – they will delegate this to the
authority in charge.

 

Consent given for
processing of your personal data can always be revoked for the future and
without explanation. The right of revocation can be enforced via the contacts
mentioned in section 1 or the legal info at our website.

 

8         
Status of the Privacy Policy

This Privacy Policy
was last updated in May 2018. As we strive to enhance the protection of your
data with our technical capabilities we recommend to regularly check our
Privacy Policy and to inform yourself about changes.