Privacy Notice pursuant to Article 13 GDPR

This English-language notice is provided as a courtesy for your convenience. In case of doubt or discrepancy, our Datenschutzerklärung (in German) takes precedence.

Controller

NEST Initiative e.V. Mühlenweg 5 52428 Jülich Germany info@nest-initiative.org

For any questions regarding data protection, you can contact us at info@nest-initiative.org or by post at the above address.

Data processing on our website and other online services

Log files when visiting our website

When you visit our website, log files are created for the purpose of analysing errors and security incidents. These are stored only for a few days to weeks and then automatically deleted.

For hosting our website, we use Webschleppdienst as an external service provider. The log files are stored there.

Our websites www.nest-initiative.org and www.nest-simulator.org do not use cookies and do not embed third‑party trackers.

Email list

To pursue our association’s objectives, we offer the mailing list users@nest-initiative.org. The mailing list is provided on our behalf by the company Webschleppdienst. The email address and, optionally, the name of all subscribers to the mailing list are stored for the duration of the subscription. In addition, all messages sent by subscribers to the mailing list are permanently stored in a publicly accessible archive.

We expressly point out that the purpose and function of the mailing list is to distribute every email sent by subscribers to the mailing list to all other subscribers, and that NEST Initiative e.V. has no control over emails once they have been forwarded in this way. The legal basis is our association’s legitimate interest pursuant to Article 6(1)(f) GDPR in promoting the dissemination of and exchange on scientific software.

Documentation

To pursue our association’s objectives, we provide documentation for software developed in the context of NEST Initiative e.V. on the online platform Read the Docs (including https://nest-simulator.readthedocs.io). Use of these services does not require registration and is subject to the control of the provider Read the Docs in accordance with their privacy policy (https://about.readthedocs.com/privacy-policy) and terms of service (https://about.readthedocs.com/terms-of-service/). NEST Initiative e.V. only has access to non-personal usage statistics for the past 90 days for these services. The legal basis is our association’s legitimate interest pursuant to Article 6(1)(f) GDPR in promoting the dissemination of and exchange on scientific software.

Data processing in the context of our association’s activities

Membership administration

Member data (name, email address, membership status, where applicable username and postal address) are processed by the respective office‑holders of our association only to the extent necessary for the performance of their assigned duties. In detail this means:

  • Where the Executive Board requires member data in order to perform its tasks, it may access all member data necessary for this purpose. This includes, in particular, applications for admission and the status as an active member.
  • Board members responsible for membership administration process those member data that are relevant for collecting membership fees and for auditing the accounts. These are first name, surname, where applicable address and bank account details with payment data as well as, where applicable, access to the direct debit authorisation including signature, if the member has granted the association a direct debit mandate.

The purpose of processing member data is to pursue the association’s objectives and to manage the association. The legal basis is the association membership (Article 6(1)(b) GDPR).

Current member data are stored for the duration of membership and for a further three years thereafter. Data that must be stored for longer periods for legal reasons are stored for as long as required by law.

Photographs at events

Photographs documenting our association’s activities are published on our website for the purpose of external presentation.

For the publication of the following photographs of adults on our website, the legal basis is the legitimate interest of our association described below pursuant to Article 6(1)(f) GDPR:

  • group photos, based on our legitimate interest in providing information about the association’s activities;
  • photos relating to association activities, based on our legitimate interest in reporting on these activities;
  • photos of the audience attending an event or photos in which individuals only appear incidentally, based on our legitimate interest in reporting on the event and its success.

You have the right to object, in accordance with Article 21(1) GDPR, to the use of a photograph in which you can be seen. The association will then assess whether there are compelling legitimate grounds for the processing which override your interests, rights and freedoms. If this is not the case, the relevant photograph will be deleted.

Other photographs in which an adult (association member or member of the public) is the main subject or has been specifically photographed individually will only be published with that person’s consent (Article 6(1)(a) GDPR). This consent may be withdrawn at any time with effect for the future.

Processing by processors

For association administration we use the cloud‑based solution easyVerein, which is operated as a processor by SD Software-Design GmbH, Freiburg. All member data are stored on the systems of SD Software-Design GmbH, whose data protection provisions can be accessed at https://software-design.de/agentur/datenschutz?domain=easyVerein.com.

Rights of data subjects

If we process personal data relating to you, you have the following rights as a data subject:

  • the right of access to the data processed and to obtain a copy of that data;
  • the right to rectification if we process incorrect data about you;
  • the right to erasure, unless exceptions apply which require us to continue storing the data, for example statutory retention obligations or limitation periods;
  • the right to restriction of processing;
  • the right to withdraw consent to data processing at any time;
  • the right to object to processing carried out in the public interest or on the basis of legitimate interests;
  • the right to data portability;
  • the right to lodge a complaint with a data protection supervisory authority if you believe that we are not processing your data properly. The competent authority for our association is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia. If you are resident in another federal state or outside Germany, you may also contact the data protection authority responsible there.

_This text was translated using SIKT KI from a German text partially generated using the privacy notice generator provided by Stiftung Datenschutz.