EMBL Courses and Conferences are a major European platform for sharing and expanding research, knowledge, and contacts through face-to-face and virtual interaction
According to article 14 of the EMBL Internal Policy No. 68 on General Data Protection.
EMBL’s course and conference office is the data controller of personal data you provide to the European Molecular Biology Laboratory (EMBL) upon registering for or expressing interest in attending a course or a conference as a member of the audience or as an invited speaker. Your data will be processed for the purposes of participation management, for documenting these events through public communication and promotion of EMBL activities (for example: if you are a speaker, we may publish your name and your organisation’s name on our blogs, websites and social media), for provision of additional event services, for reports and surveys and to provide relevant information to your emergency contacts (for example: if you participate in an event, we may ask you to provide us with details of your emergency contact so we can notify the contact in case of any accident).
EMBL runs paid and unpaid social media campaigns to increase the visibility and participation of its courses and conferences. Note that EMBL does not directly process personal data for these campaigns. They are run by the Social Media platforms independently. However, to assess the effectiveness of these campaigns, EMBL collects information via Google Analytics on its website. I.e. in practice, when clicking on a Social Media / Google ad promoting EMBL’s events, you will be re-directed to EMBL’s website where some information will be processed. Additionally, data will also be collected when traffic reaches our website organically.
EMBL’s course and conference office maintains your data in systems described in ‘recipients’ section below and in our registration system. Some of this data is provided by the European Molecular Biology Organization (EMBO), some is provided by you, while others are produced through our interactions with you or collected from publicly accessible sources.
We collect various categories of your personal data, depending on the recipients (service providers) we use. Those categories include (where known):
We rely on the following legal basis while processing your data:
Some of your personal data may be disclosed to the following external data processing recipients from various categories. Those categories are:
If you want to obtain a list of all the names of the recipients, please contact us.
Personal data of your emergency contacts will be shared only with the events software providers under point 1 above. Your data may also be processed internally by EMBL’s departments other than EMBL’s course and conference office.
Your personal data will be stored for as long as you may have an account on the controller’s registration system, however the data of your emergency contacts will be deleted after the event. Your published data on EMBL website, EMBL intranet site, EMBL social media accounts, EMBL Mediasite and EMBL Blog will be kept for as long as the controller has the account open. Photos and video recordings will be stored for as long as it is necessary for the purpose of the CCO activity.
You can also exercise following rights, granted under the Article 16 of the EMBL Internal Policy No 68:
Please note that those rights can be subject to limitations, as described in Article 16 (2) of the EMBL Internal Policy No 68.
If you wish to exercise your rights or wish to contact the data controller regarding any other data protection related matters, you can contact us by email or by sending a letter to:
EMBL Heidelberg
Course and Conference Office
Meyerhofstraße 1
69117 Heidelberg
Germany
Advice on data protection matters can also be obtained from the EMBL Data Protection Officer (DPO), under Article 20(2) of the EMBL Internal Policy No 68. The DPO can be reached by email at dpo@embl.org.
If you wish to complain under Article 25(1) of the EMBL Internal Policy No 68, you may do so with the DPO by email at dpo@embl.org.
If you believe that the response of the DPO is unsatisfactory or if the DPO has failed to respond within three months from receipt of the complaint, you may complain in writing to the Data Protection Committee. It can be reached by email at dpc@embl.org or by post at:
EMBL Heidelberg
Data Protection Committee
Meyerhofstraße 1
69117 Heidelberg
Germany