like to inform you about the processing of your personal data at the following
Responsible person according to the
European General Data Protection Regulation (GDPR) is:
Dr. Notghi Contract Research GmbH
(herein after referred to as ”Dr. Notghi“
Phone: +49 30-206 225 0
You may contact
the Data Protection Officer of Dr. Notghi with all questions regarding data protection
directly via e-mail to datenschutz[at]notghi.com or via mail with the subject
an identified or identifiable individual, including
your name, e-mail or mailing address, phone number, or username with password.
How we Use your Data
General Usage of the Website
With every visit to our website your
browser will send certain information to our server. This includes information on
IP address, date and time of access, result code / HTTP status code, browser
information (like version, operating system, and language).
We use these data to ensure a smooth
operation of the website and to protect the stability and safety of our
systems. The legal basis for this data processing is the GDPR Art. 6 paragraph
1 sentence b.
The data mentioned above are temporarily
stored into internal log files to gather statistical usage data of our website
in order to enhance our website in regards to the usage patterns of our
visitors and to generally administer the website. This data processing is done
in accordance with GDPR Art. 6 paragraph 1 sentence f for the purpose of our
Data saved in the log files do not allow to
identify a person directly and will be completely anonymized after a short
To contact us
you can use our contact form. Here you can enter your name, your e-mail address,
your phone number as well as a free text. The sole purpose of saving and using
the entered data is to be responsive to your wishes, questions and critique. The legal basis for this data processing is the GDPR Art. 6
paragraph 1 sentence b, based on our legitimate interest in improving of our
products and services.
At the "Career
section you have the opportunity to apply for interesting jobs at Dr. Notghi by
using an online form or through our e-mail address firstname.lastname@example.org. The data and documents you submit are only
being saved and used for the selection of applicants.
reception and further processing of your application we ask for personal data
like name, surname, e-mail address, application documents (like certificates
and curriculum vitae), date of earliest beginning of job, salary amount
request. The legal basis for
this data processing is the GDPR Art. 6 paragraph 1 sentence b and Art. 8
paragraph 1 together with § 26 paragraph 1 sentence 1 BDSG
We will keep your
application documents for a period of 6 months after the end of the application
Application Form Dr. Notghi Academy
In order to apply for further
education programs offered at our website www.notghiacademy.com
The data and documents
you are transmitting will be saved and used by us during the application
process. When you start one of our further education programs, your data will
be saved in your personnel file and will be kept twelve more months after
ending the program for quality assurance purposes. In case of the cancellation
of your attendance your data will be permanently deleted after 6 months. The legal basis for this data processing is the GDPR Art. 6
paragraph 1 sentence b.
User Account at ILIAS (E-Learning)
If you want to
participate in one of the trainings offered at our website www.notghiacademy.com/ilias
this data you give us permission to register you for the participation in our
courses, to use the data for the proceeding of the courses and to keep you
informed about your progress and to support you within your training. The legal basis for this data processing is the GDPR Art. 6
paragraph 1 sentence b.
We also use your
e-mail and mailing address to provide other related services such as giving you
further news and information about other courses you could be interested in. The legal basis for this data processing is the GDPR Art. 6
paragraph 1 sentence f based on our legitimate interest in the conduct of our
After the participation
in one of our courses, we will ask you for an evaluation of the training. If
you provide us with your explicit consent, we may share your evaluation on our
website. The legal basis for this data processing is
the GDPR Art. 6 paragraph 1 sentence a.
The data stored
in your user account will be saved for 6 months in order to give you the chance
to purchase another training within this period. Afterwards the data will be
If you want to
modify your ILIAS account or if you want to delete it prematurely, please
If you order
our services or choose a training, you have to make an online payment. Your payment
data will be submitted to our payment service provider "PayPal" (PayPal
(Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg).
Paypal is handling this data on its own responsibility. Further information is
uses the map service Google Maps of Google LLC, 1600 Amphitheatre Parkway,
Mountain View, CA 94043, USA („Google“). In order to embed and display the map
data in your web browser the web server needs to contact a Google server, which
may be located in the USA. In case that this transfers personal data to the USA
Google adheres to the EU-US Privacy Shield.
Google will get the information that our website was contacted from the
particular IP address of your device. The legal basis
for this data processing is the GDPR Art. 6 paragraph 1 sentence f based on our
legitimate interest in embedding a map service for getting in contact with you.
If you use the
map service while being logged in into your Google profile, Google may connect
this event with your Google profile. If you do not wish this to happen please
log out of your Google profile before using the map service. Google stores your
data and uses it for advertising, market research and personalized rendering of
Google Maps. You can object to the processing of your personal data at Google.
Usage of our Cookies
In order to make
the visit on our website more convenient and to track the functionality and
saved on your computer and allow the identification of you as a user. Cookies
are not used to execute programs or to load viruses to your computer. The main
purpose, however, is to personalize our offers and to make the use of our
services as efficient as possible.
to store your preferences for our web site, e.g. language setting or the login
functionality for our password protected area at our web site. We would like to
realize a more comfortable and individual experience for you. These services are based on our legitimate interest. The legal base is the GDPR Art. 6 paragraph 1 sentence b.
analytics and marketing purposes. Details are described below.
Transmission of Data
A transmission of the personal data will
only be done if:
You explicitly expressed consent to this
transmission pursuant to GDPR Art. 6 paragraph 1 sentence a.
The transmission is necessary for the purposes of
our legitimate interests or by a third party, and such interests are not
overridden by the interests or fundamental rights and freedoms of the data
subject which require protection of personal data pursuant to GDPR Art. 6
paragraph 1 sentence f
We are obliged to transmit this information by
law pursuant to GDPR Art. 6 paragraph 1 sentence c
The transmission is allowed by law and necessary
for the performance of a contract to which you are a party or in order to take
steps at the request of you prior to entering into a contract pursuant to GDPR
Art. 6 paragraph 1 sentence b
Furthermore, a transmission may be done
after a lawful request of governmental authorities, court decisions or legal
acts of law enforcement.
A part of the
data processing may happen with our service providers. In addition to the
service providers mentioned in this data privacy document this may comprise
data centers, software providers, IT-service providers for maintenance, Help
Desks, agencies, market research companies, enterprises, and consulting
companies. If we transmit your personal data to these parties they are obliged
to use this data only to fulfil their tasks. The services providers were
carefully selected and authorized. If these service providers process your data
outside of the European Union it may happen that data are transmitted to a
location with a reduced data protection level compared to the European Union. In
this case we ensure that the respective service provider is contractually bound
or by other means able to guarantee a comparable data protection level (e.g. by
standard contract clauses or certification according to the EU-U.S. Privacy
A copy of these
guarantees is available from our Data Protection Officer (see section 1).
store personal data only as long as it is necessary to fulfil contractual or
lawful obligations we obtained the data in the first place. Afterwards we
immediately delete the data except if the data are needed after expiration of
the limitation of claim duration to gather evidence in civil claims or by law,
which may require longer retention periods.
You have the right to get information about your
personal data processed by us. In this case we will explain the data processing
and provide you with an overview of your stored personal data.
If the data stored is not correct or not current
you have the right to request rectification of your personal data.
You may also request erasure of your personal data.
If the erasure of your personal data is, in exceptional cases, not possible
because of obligations by law the data access will be further restricted so
that they are only available for this specific purpose.
You have the right to demand restriction of
processing of your personal data, e.g. if you have doubts about the correctness
of the data.
You have the right to data portability for your
personal data. This means we will provide you with a copy of the personal data
provided by you.
Furthermore, you have the right to object to
processing of your personal data if they are based on our legitimate interest
pursuant to GDPR Art. 6 paragraph 1 sentence f. In
newsletters you will find a link for opting out of the reception of the
To enforce your rights mentioned in the previous
paragraphs you can always get in contact with our Data Protection Officer (see
You also have the right to
lodge a complaint with the regulatory authority for
data protection. You can also contact the regulatory authority for data protection
in the member state of your residence – they will delegate this to the
authority in charge.
Consent given for
processing of your personal data can always be revoked for the future and
without explanation. The right of revocation can be enforced via the contacts
mentioned in section 1 or the legal info at our website.
was last updated in May 2018. As we strive to enhance the protection of your
data with our technical capabilities we recommend to regularly check our