Privacy Notice

The European Society of Clinical Microbiology and Infectious Diseases, (Europäische Gesellschaft für klinische Mikrobiologie und Infektionskrankheiten) (hereinafter "ESCMID", "we", "us" or "our") is committed to protecting the privacy and security of the personal information that is provided to us or collected by us during the course of our business. We store and process personal information in accordance with the Swiss Data Protection Act and, to the extent applicable, the EU General Data Protection Regulation.

This privacy notice (hereinafter "Privacy Notice") explains how we collect and use any personal information that we obtain about you, and your rights in relation to that information when you visit our websites, enter into a business or other relationship with us, and participate in any of our events, including our on-site or virtual conferences (hereinafter "Event(s)"). We may provide you with additional privacy notices where we believe that it is appropriate to do so. Those additional notices supplement, and should be read together with, this Privacy Notice.

1. Who is responsible for your personal information?

ESCMID, Aeschenvorstadt 55, 4051 Basel, Switzerland, is responsible for your personal information provided to us or collected by us during the course of our business and through our Event websites.

2. How we collect and use your personal information

We collect and process your personal information as follows:

2.1 Organization, development and execution of the Events and administration of memberships

We collect personal information about attendees, participants, speakers, chairpersons, sponsors, endorsers and other third parties, as part of the organization, development and execution of the Events.

In order to provide you with our services for registered users and members, ESCMID collects and stores personal data from its registered users and members, in particular when you apply for a membership. We only collect information that is required to become a member or for the specific Events ESCMID offers. Mandatory information is marked with an asteriks or a similar marking in the respective form. ESCMID stores this information in secured databases and makes sure to delete outdated user data ultimately.

The types of personal information we may collect for this purpose include your name, contact details (such as your address, e-mail address, telephone and mobile numbers), your date of birth, the name of the organisation you work for, the contact details of your organisation, your curriculum vitae, references, and other information with which you provide us to participate, attend, speak, chair, sponsor, endorse or otherwise support the Events, as well as information of all kind from correspondence, and interactions with us relating to the Events.

We will also process information of all kind that is revealed to us in the course of the Events organized, developed and executed by us, which may include questions you ask or comments or other content and material you post or upload during video presentations, discussions or virtual and Q&A sessions and your participation in the Events. If you are not sure whether your interaction with us falls under one of the items mentioned before or you have interacted with us in another way, and you would like to know whether we have collected any personal information about you in this regard, feel free to contact us at info(at)escmid.org to know more.

We collect personal information directly from you, related organisations, or other persons and their respective representatives or employees. We may receive or collect personal information from third persons such as your employer, other organisations that you have dealings with, or regulators or government agencies. We may also collect personal information from publicly available sources.

We may use this information to provide all services in connection with the organization, development and execution of the Events, to fulfil our mission, to conduct, monitor, or analyse our business (e.g. administrative or operational processes), to improve our services in connection with present and future Events, to administer memberships and more generally to offer additional educational services.

2.2 Business development and business acceptance

We collect personal information about attendees, participants, speakers, chairpersons as well as other business contacts of the sponsors or endorsers of the Events as part of the development of other initiatives, conferences, or our mission.

The types of personal information we may collect include your name, contact details (such as your address, e-mail address, telephone and mobile numbers), your date of birth, the name of the organisation you work for, the contact details of your organisation, your curriculum vitae, references, feedback, comments, questions and other content with which you provide us, relating to the Events, or other interactions you have with us. Mandatory information, if any, is marked with an asteriks or a similar marking in the respective form.

We obtain this information directly from you, from third parties (such as our affiliates, sponsors, IT providers, vendors and service providers), or from publicly available sources.

We may use your personal information to maintain and develop our relationship with you, identify services you may be interested in, pursue certain mission development initiatives, send you publications and marketing communications, and invite you to other Events.

You can control the information you receive through our marketing communications by using the corresponding option at the bottom of our e-mails. If you no longer wish to receive e-mails relating to our mission, services or Events, you can unsubscribe at any time by using such option at the bottom of the e-mail or by replying to info(at)escmid.org.

2.3 Use of Websites or platforms

We collect, store and process certain personal information when you visit our general website as well as the Event websites or platforms (hereinafter "Websites") in so-called log-files, contact us through a contact form or by e-mail, on our Websites. The types of personal information we may collect include your name, e-mail address, address, affiliation with a scientific organisation, or IP-address. Relating to your interaction with our Websites, we gather information on what you click on, from where you were directed to the Websites, a history of your visits, and other information you voluntarily share with us when using these Websites. Please note that some of that information is indispensable for processing your requests. Mandatory information, if any, is marked with an asteriks or a similar marking in the respective form on the Websites.

We obtain this information either directly from you or through the use of cookies.

2.4 Cookies, tracking-tools and social media

2.4.1 Cookies and tracking-tools

Cookies are small text files that are placed in browser directories on your computer or mobile device when you visit our Websites. Our Websites use session cookies and persistent cookies. Session cookies enable our Websites to remember any information you have already entered when you move from page to page within one of our Websites. A session cookie is deleted either when you close your browser or after a short time. Persistent cookies allow the Websites to remember your preferences and settings when you visit the Websites in the future. Persistent cookies expire after a set period of time.

We use cookies or similar technologies to collect information when you access our Websites. Particularly, we obtain the navigation path followed by you on the site (inclunding content viewed), time spent on the Website or sub-page, the last sub-page viewed before leaving the Website, the country, region or city from where access is made, end device (type, version, colour depth, resolution, width and height of the browser window), and returning or new visitor. In particular, we use cookies to process your requests, when you contact us, when you subscribe to a newsletter and for the analysis of our website traffic. Moreover, the respective provider will use this information on our behalf to evaluate the use of the Website, to compile reports on Website activities for us and to provide other services related to Website and internet use for the purposes of market research and needs-based design of these internet pages. For these processing operations, we and the providers may to a certain extent be considered joint data controllers.

You can set your cookie preferences when you visit our website for the first time, and change them later by clicking on the "Cookies" link in the footer navigation.

When you consent to the use of cookies other than the functional cookies when entering into our website for the first time, we use cookies in the following ways: 

  • Matomo: We use the open source software tool Matomo, a service of the provider InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, ("Matomo") to analyze surfing behavior on our Websites. This enables us to learn how the Websites are used and to constantly improve our Websites and content. If individual pages on our Websites are accessed, the following data is stored anonymously: Two bytes of the IP address of the accessing system (user's system), the website from which the user accessed the website (referrer), the sub-pages that are accessed on the website, the length of time spent on the website, the frequency of visits to the website and information on operating system, browser type, screen resolution. The Matomo software is set so that IP addresses are not stored in full, but 2 bytes of the IP address are masked. This prevents the unique assignment of the IP address to the accessing computer. This means that your IP address is always anonymized even before it is evaluated. The data is not disclosed to third parties. More information about Matomo is available at https://matomo.org/docs/privacy-how-to. The cookie is used for the purpose of constantly improving the quality of the Websites and its content as well as the user-friendliness. Cookies show how the website is used, which enables optimization of the content. The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this Websites and is not combined with personal data about the bearer of the pseudonym. The Matomo privacy policy is available at https://matomo.org/privacy-policy.
  • Google Marketing Services (Google Ads): We use the marketing and remarketing services ("Google Marketing Services") of Google LLC, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). We or Google will only process your personal data in this context if you have given your consent. Google Marketing Services allow us to display advertisements for and on our Websites in a more targeted manner to present users only with advertisements that potentially match their interests. If, for example, a user is shown ads for services that they have shown an interest in on other websites, this is referred to as remarketing. For these purposes, when our and other websites on which Google Marketing Services are active are called up, a code is executed directly by Google and so-called (re)marketing tags are integrated into the Websites. With their help, an individual cookie is stored on the user's device. The cookies store which websites the user has visited, what content they are interested in, and which offers they have clicked on, as well as technical information about the browser and operating system, referring websites, time of visit and other information about the use of the online offer. The IP address is not merged with the user's data within other Google offers. Google may combine the aforementioned information with such information from other sources. If the user subsequently visits other websites, it can be shown ads tailored to its interests. User data is processed pseudonymously as part of Google Marketing Services. This means that Google does not store and process the user's name or email address, for example, but processes the relevant data in relation to cookies within pseudonymous user profiles. Hence, from Google's perspective, the ads are not managed and displayed for a specifically identified person, but for the cookie owner, regardless of who the cookie owner is. This does not apply if a user has expressly allowed Google to process the data without pseudonymization. The information collected by Google Marketing Services about users is transmitted to Google and stored on Google's servers in the USA. Further information on the use of data for marketing purposes by Google can be found on the overview page: https://policies.google.com/technologies/ads. Google's privacy policy is available at https://policies.google.com/privacy. If you do not wish to receive interest-based advertising from Google Marketing Services, you can use the settings options provided by Google: hhttps://adssettings.google.com/authenticated or make the respective choice in the cookie banner.
  • LinkedIn Insight Tag: We use the LinkedIn Insight Tag from LinkedIn Unlimited Company (Wilton Place, Dublin 2, Ireland) to track conversions on our Websites. The LinkedIn Insight Tag allows us to statistically track the use of our Websites in order to optimize it. Conversion tracking involves LinkedIn placing a cookie on your device when you visit our site by clicking on a LinkedIn advertisement. Conversion tracking is used to compile statistics and does not identify you personally. We only want to know which LinkedIn ads or interactions bring users to our Websites. This information allows us to better control the placement of banner ads, for example, and to target them to specific sites on the Internet. You may refuse the use of cookies by selecting the appropriate settings in your browser, or by clicking on the opt-out button on the cookie banner. For more information about LinkedIn's collection and use of your information, please see their privacy policy: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
  • Tag Management: We use the tag management system of Tealium Inc. (11095 Torreyana Road San Diego, CA 92121; "Tealium") on our Websites. Tags are short snippets of code used to track visitors' activity on a website. We use tags to automate the use of our Websites and to tailor it to your needs in real time. For this purpose, the following information is collected, for example: articles, advertisements, number of visitors, topic of the page, etc. The information generated by the cookie about your visit to our Websites is stored exclusively in Germany. You can find more information in the privacy policy of Tealium here: http://tealium.com/privacy/.You can find the opt-out option here: https://tealium.com/cookie-policy/.
  • E-mail updates: Our marketing communication may contain a so-called web beacon or 1x1 pixel (tracking pixel) or similar technical tools. A web beacon is an invisible graphic that is linked to the user ID of the respective newsletter subscriber. For each marketing communication sent, we receive information on which addresses have not yet received the email, to which addresses it was sent and for which addresses the sending failed. We also see which addresses have opened the email, for how long and which links they have clicked on. Finally, we receive information about which addresses have unsubscribed. We use this data for statistical purposes and to optimise our promotional emails in terms of frequency, timing, structure and content. This allows us to better tailor the information and offers in our emails to the individual interests of recipients. The web beacon is deleted when you delete the email. To prevent the use of the web beacon in our marketing emails, please set the parameters of your email program so that HTML is not displayed in messages if this is not already the case by default. In the help section of your email software you will find information on how to configure this setting. By subscribing to our marketing communication, you also consent to the statistical evaluation of user behaviour for the purpose of optimising and adapting the newsletter.

On the ESCMID website we use the following cookies that process personal data:

You can change your browser settings to block cookies or to alert you when cookies are being sent to your device. Please note that if you decide to disable cookies, you may not be able to access certain functions of our Websites or marketing communications.

2.4.2 Social media presences

On our Websites, we have included links to our profiles in the social networks of the following providers:

  • Facebook of Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, USA;
  • X of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA;
  • LinkedIn of Linkedin Unlimited Company, Wilton Place, Dublin 2, Ireland;
  • YouTube of Google LLC, D/B/A YouTube, 901 Cherry Ave., San Bruno, CA 94066, USA;
  • Mastodon of Mastodon gGmbH, Mühlenstrase 8 A, 14167 Berlin, Germany.

When you click on the icon of a social network on our Websites, you are automatically redirected to our profile in the respective network. This establishes a direct connection between your browser and the server of the respective social network. This provides the network with the information that you have visited our website with your IP address and clicked on the link.
 

If you click on a link to a network while you are logged into your user account with the network in question, the content of our website may be linked to your profile so that the network can assign your visit to our website directly to your account. If you want to prevent this, you should log out before clicking on the relevant links. A connection between your access to our Websites and your user account takes place in any case if you log in to the respective network after clicking on the link. The respective provider is responsible under data protection law for the associated data processing. Please note the information on the relevant network's website.

2.4.3 Social media plugins

On our Websites, you can use social plugins from the providers listed below:

  • Facebook of Meta Platforms Inc, 1601 S California Ave, Palo Alto, CA 94304, USA, Privacy Policy;
  • X of X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA, Privacy Policy;
  • LinkedIn of Linkedin Unlimited Company, Wilton Place, Dublin 2, Ireland, Privacy Policy;
  • Sina Weibo of Weibo Corporation, No.8 Sina Plaza, Courtyard 10, the West, XiBeiWang E. Road, HaiDian District, Beijing 100080, China, Privacy Policy.

We use social plugins to make it easier for you to share content from our Websites. The social plugins help us to increase the visibility of our content on social networks and thus contribute to better promotion of our offerings.

The plugins are deactivated by default on our Websites and therefore do not send any data to the social networks when you simply call up our Websites. To increase data protection, we have integrated the plugins in such a way that a connection is not automatically established with the network’s servers. Only when you activate the plugins and thus give your consent to the transmission and further processing of data by the providers of the social networks, your will browser establish a direct connection to the servers of the respective social network.

The content of the plugin is transmitted directly to your browser by the social network and integrated into the Website by it. This provides the respective provider with the information that your browser has accessed the corresponding page of our Websites, even if you do not have an account with this social network or are not currently logged in to it. This information (including your IP address) is transmitted from your browser directly to a server of the provider and stored there. We have no influence on the scope of the data that the provider collects with the plugin, although from a data protection perspective we can to a certain extent be considered jointly responsible with the relevant social network provider.

If you are logged in to the social network, it can assign your visit to our Websites directly to your user account. If you interact with the plugins, the corresponding information is also transmitted directly to a server of the provider and stored there. The information may also be published on the social network and possibly displayed to other users of the social network. The provider of the social network may use this information for the purpose of placing advertisements and designing a respective offering according to your interests. For this purpose, usage, interest and relationship profiles could be created, e.g. to evaluate your use of our website with regard to the advertisements displayed to you on the social network, to inform other users about your activities on our website and to provide other services associated with the use of the social network. The purpose and scope of the data collection and the further processing and use of the data by the providers of the social networks, as well as your rights in this regard and options for changing your settings to protect your privacy can be found directly in the data protection information of the respective provider.

If you do not want the provider of the social network to assign the data collected via our Websites to your user account, you must log out of the social network before activating the plugins.

2.5 Registration for our newsletter and information on the Events

We collect, store and process certain personal information that you provide us with such as your name and e-mail address when you register for our newsletter or sign up to receive further information on the Events. We use this personal information to provide you with our newsletter or any other information you registered to recieve. Mandatory information, if any, is marked with an asteriks or a similar marking in the respective form on the Websites.

We use an email marketing software provided by mensemedia Gesellschaft für Neue Medien mbH, Achenbachstrasse 73, 40237 Düsseldorf, data-privacy-escmid(at)mensemedia.net for marketing communications. Your data will be stored in a database of this company, which allows it to access your data if this is necessary for the provision of the software and for support in the use of the software.

2.6 Other contacts

Further, we collect and process information about you if you offer or provide products or services to us, if we evaluate your products or services, and generally when you request information from us or provide information to us.

2.7 Job applications

If you are a member or a registered user, you can upload your profile or your CV to our website. Mandatory information, if any, is marked with an asteriks or a similar marking in the respective form on the Websites. Your personal data will not be made public. Employers interested in your profile can contact you without knowing your name and e-mail address. Your profile will be active for 6 months.

2.8 Advertising a job

If you are a member or a registered user, you can publish a job advert on our job platform, which includes your contact details. Mandatory information, if any, is marked with an asteriks or a similar marking in the respective form on the Websites. The contact details of you or your institution/company given as part of the user registration will be published on the Website if no other address is provided. Your job advert will be active for 2 months.

2.9 Central data storage and analysis in our CRM system

If it is possible to clearly identify you, we will store and link the data described in this Privacy Notice, in particular your personal details, your contact details, your mambership details and your surfing behaviour on our Websites, in a central database. This serves the efficient administration of customer data, allows us to adequately respond to your requests and enables the efficient provision of the services you have requested. We evaluate this data in order to further develop our offers in a needs-oriented manner and to display and suggest the most relevant information and offers to you. We also use methods that predict possible interests and potential future orders based on your website use. For this purposes we use the software Tealium of Tealium Inc, 11095 Torreyana Road, San Diego, CA 92121, USA. The servers are located in Frankfurt, Germany.

3. Our basis for processing your personal information

We will only use your personal information if and to the extent that applicable law allows us to do so. We will therefore process your personal information only if:

  • it is necessary for the performance of a contract with you or the organisation you work for or in order to take steps at your request or at the request of the organisation you work for prior to entering into a contract (art. 6 para. 1 lit. b GDPR), such as for the organization, development and execution of Events (section 2.1), use of Event websites or platforms (section 2.3), in connection with products or services you provide to us (section 2.6), when you use the possibility to apply for jobs (section 2.7) or when you upload a job advert (section 2.8);
  • it is necessary in connection with a legal obligation (art. 6 para. 1 lit. c GDPR), such as data retention obligations in connection with products or services you provide to us (section 2.6);
  • you have given your consent (where necessary) to such use or the organisation you work for has obtained your consent (where necessary) to share your information with us (art. 6 para. 1 lit. a GDPR), such as for business development and business acceptance (section 2.2), or the use of certain tools on the websites (section 2.4.1), or the use of the cookies (section 2.4.1), or the registration to our newsletter and information on the Events (section 2.5); or
  • we have a legitimate interest in processing your personal information which is not overridden by your interests or your rights and freedoms (art. 6 para. 1 lit. f GDPR), such as in order to fulfil our mission, to conduct, monitor, or analyse our business (e.g. administrative or operational processes), to improve our services in connection with present and future Events (section 2.1), for the analysis of our website traffic (section 2.4.1), the use of social media (section 2.4.2 and 2.4.3) or the central storage and analysis in our CRM system (section 2.9). When we rely on such a legitimate interest and you would like to know more about how we balanced our and your interests, you can contact us at info(at)escmid.org.

4. How and why we may share your personal information

Without the support of other companies, we would not be able to provide our services in the desired form. In order for us to be able to use the services of these companies, it is also necessary to pass on your personal data to a certain extent. Such a transfer takes place to the extent that it is necessary for some of our services related to the ESCMID membership, awards, research funding and so forth we work with our partners (such as our affiliates, sponsors and agencies like CodeRed GmbH or mensemedia GmbH). Your data is processed by these partners exclusively for the purpose of providing the aforementioned services.

In accordance with the applicable data protections laws, we conclude data processing agreements with each of our partners. Our partners are located in Germany, France, United Kingdom, The Netherlands and Switzerland and are bound to the applicable data protection laws, in particular the FADP and the GDPR, and ESCMID’s security requirements.

We may share your personal information collected in the course of the Events with Code Red., Düsseldorf, Germany; Key4Events, Nice, France; Multilearning, Amsterdam, The Netherlands if required or useful for providing our products and services. Further, we may share your personal information with third persons where:

  • you have consented to us doing so (where necessary) or the organisation that you work for has obtained your consent for us to do so on your behalf (where necessary);
  • we are legally or regulatory obliged to do so (for example, to comply with anti-money laundering or sanctions requirements); or
  • it is necessary in connection with legal proceedings or in order to exercise or defend legal rights.

We use third parties who provide products and services on our behalf and may share your information with them. These third parties include banks, insurance companies, advertising agencies, consultancies or technology suppliers. They may have access to your personal information when providing support. In accordance with the applicable data protection laws, we conclude data processing agreements with each of our partners. All of our partners are bound to the applicable data protection laws and ESCMID’s security requirements.

We are entitled to transfer your personal data to third parties abroad if this is necessary to carry out the data processing mentioned in this Privacy Notice. In doing so, we will of course comply with the statutory provisions on the disclosure of personal data to third parties. If the country in question does not have an adequate level of data protection, we guarantee through contractual regulations that your data is adequately protected by the recipients.

5. How we protect your personal information

We have put in place appropriate security measures to hold your personal information securely in electronic and physical form, to protect it from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss. The participation in the Events is access controlled by your personal login and password authentication.

Our employees and third party service providers who have access to confidential information (including personal information) are subject to confidentiality obligations.

Our security measures are continuously adapted in line with technological developments. However, the transmission of information via the Internet and electronic means of communication always involves certain security risks and we cannot provide an absolute guarantee for the security of information transmitted in this way.

6. How long we keep your personal data

We will retain your personal information at least for as long as it is necessary for the purpose for which it was collected. We will further retain your personal information to comply with legal and regulatory obligations, for as long as claims could be brought against us and for as long as legitimate interests, including data security, require us to do so. In the case of contractual data, storage is required by statutory retention obligations. Requirements that oblige us to retain data result from the provisions on accounting and from tax law regulations. According to these regulations, business communications, concluded contracts and accounting vouchers must be stored for up to 10 years. As far as we no longer need this data to perform the services for you, the data will be blocked. This means that the data may then only be used if this is necessary to fulfil the retention obligations or to defend and enforce our legal interests. The data is deleted as soon as there is no longer any obligation to retain it and we no longer have any legitimate interest in retaining it.

7. Your rights

Provided that the relevant legal requirements are met, as a person affected by data processing you have the following rights:

Right of access: You have the right to request access to your personal data stored and processed by us at any time and free of charge. This gives you the opportunity to check what personal data we process about you and that we use it in accordance with applicable data protection regulations.

Right to rectification: You have the right to have inaccurate or incomplete personal data rectified and to be informed of the rectification. In this case, we will inform the recipients of the data concerned of the adjustments made, unless this is impossible or involves disproportionate effort.

Right to deletion: You have the right to have your personal data deleted under certain circumstances. In individual cases, especially in the case of legal retention obligations, the right to deletion may be excluded. In this case, we may block your data instead, provided the conditions are met.

Right to restrict processing: You have the right to request that the processing of your personal data be restricted.

Right to data transfer: You have the right to obtain from us, free of charge, the personal data you have provided to us in a readable format.

Right to object: You can object to the processing of your data at any time, in particular for data processing in connection with direct advertising (e.g. advertising emails).

Right of withdrawal: In principle, where you have given consent you have the right to withdraw that consent at any time. However, processing activities that have already taken place based on your consent do not become unlawful because of your revocation of consent.

Right of complaint: You have the right to lodge a complaint with a competent supervisory authority, for example against the way your personal data is processed.

If you would like to exercise these rights, please contact us in writing by e-mail at info[at]escmid.org or by letter to:

ESCMID Office
Aeschenvorstadt 55
4051 Basel
Switzerland

You will not, in general, have to pay a fee to exercise any of your individual rights. However, we may charge a fee for access to your personal information if the relevant data protection legislation allows us to do so, in which case we will inform you as required by the law.

If you feel we have not handled your query or concern to your satisfaction, you can contact the competent data protection authority in Switzerland, the Federal Data Protection and Information Commissioner (https://www.edoeb.admin.ch) or another competent authority.

8. Representative in the EU

Our representative in the EU is:

BINDER GRÖSSWANG
Rechtsanwälte | Attorneys-at-Law
1010 Wien, Sterngasse 13, Österreich

https://www.bindergroesswang.at

________________________________________

9. Updates to this Privacy Notice

We reserve the right to update and change this Privacy Notice from time to time in order to reflect any changes to the way in which we process your personal information or changing legal requirements. Any changes we may make to the Privacy Notice in the future will be posted on this website. Please check back frequently to see any updates or changes to the Privacy Notice.

Basel, 19 December 2023