Data protection declaration

Subject of the data protection declaration

This Privacy Policy provides information about the nature, scope, and purpose of the processing of personal data on this website.

The entity responsible for this is:

Arbeitsgemeinschaft medikamentöse Tumortherapie gemeinnützige GmbH
Gentzgasse 60/21, 1180 Wien
ATU63467108
Tel.: +43 662 640 44 12
E-Mail: office@agmt.at

AGMT Data Protection Officer:
E-Mail: datenschutz@agmt.at

  1. 1
    Privacy Policy for the Website

    1. Controller

    AGMT Arbeitsgemeinschaft Medikamentöse Tumortherapie gemeinnützige GmbH
    Gentzgasse 60/21
    1180 Vienna, Austria

    Phone: +43 (0) 662 640 44 12
    E-Mail: datenschutz@agmt.at

    Data Protection Contact:
    Dr. Daniela Wolkersdorfer
    E-Mail: datenschutz@agmt.at

    2. General Information on Data Processing

    The protection of your personal data is of particular importance to us. We process your personal data exclusively on the basis of the applicable legal provisions, in particular the General Data Protection Regulation (GDPR), the Austrian Data Protection Act (DSG) and the Austrian Telecommunications Act (TKG).

    Personal data is processed only to the extent necessary:

    • for providing a functional website,
    • for providing our services,
    • for communication with interested parties, members and event participants,
    • or on the basis of your consent.

    3. Provision of the Website and Server Log Files

    When visiting our website, information is automatically collected and stored in server log files.

    Processed Data

    • IP address
    • date and time of access
    • accessed pages
    • browser type and browser version
    • operating system used
    • referrer URL
    • hostname of the accessing device

    Purpose of Processing

    • technically secure provision of the website
    • system security and stability
    • error analysis and prevention of misuse

    Legal Basis

    Art. 6(1)(f) GDPR
    (legitimate interest in a secure and functional website)

    Retention Period

    Server log files are generally stored for a maximum of 14 days.

    Recipients

    Hosting service providers within the European Union.

    4. Contact Forms and Communication

    If you contact us via contact form or e-mail, the information you provide will be processed for handling your request.

    Processed Data

    • name
    • e-mail address
    • message content
    • voluntarily provided additional information

    Purpose of Processing

    Handling your request and communicating with you.

    Legal Basis

    • Art. 6(1)(b) GDPR (pre-contractual measures)
    • Art. 6(1)(f) GDPR (legitimate interest in communication)

    Retention Period

    Data will be deleted no later than 12 months after completion of processing unless statutory retention obligations apply.

    5. Membership and Online Member Administration

    In the context of membership administration, we process personal data of our members.

    Processed Data

    • name
    • contact details
    • membership status
    • participation in projects or events
    • newsletter status
    • technical identifiers used in online forms

    Purpose of Processing

    • maintaining the membership register
    • communication related to membership
    • organizational administration and documentation

    Legal Basis

    • Art. 6(1)(b) GDPR (membership relationship)
    • Art. 6(1)(c) GDPR (legal obligations)

    Retention Period

    Data is stored in accordance with statutory retention obligations for up to 7 years after termination of membership.

    Recipients

    • hosting service providers within the European Union
    • Mailchimp for newsletter administration

    6. Newsletter (Mailchimp)

    We use “Mailchimp”, a service provided by Intuit Inc., USA, to distribute newsletters.

    Processed Data

    • e-mail address
    • name (optional)
    • IP address
    • date and time of registration
    • usage data (e.g. opening and click behaviour)

    Purpose of Processing

    Distribution of newsletters and statistical evaluation to improve our information services.

    Legal Basis

    Art. 6(1)(a) GDPR (consent)

    Consent may be withdrawn at any time via the unsubscribe link contained in each newsletter.

    International Data Transfers

    Data may be processed in the USA. Mailchimp uses Standard Contractual Clauses pursuant to Art. 46 GDPR.

    Retention Period

    Until consent is withdrawn.

    7. Cookies

    Our website uses cookies to provide certain functions and improve user experience.

    Cookies are small text files stored on your device. They do not cause any damage.

    Technically necessary cookies are used on the basis of our legitimate interest pursuant to Art. 6(1)(f) GDPR.

    Where external services or optional functions use cookies, this takes place only after your consent pursuant to Art. 6(1)(a) GDPR.

    You may configure your browser to notify you about cookies or to allow cookies only in individual cases or disable them entirely.

    Disabling cookies may limit the functionality of the website.

    8. Google Maps

    Our website uses Google Maps to display geographical information and event locations.

    Provider:
    Google Ireland Limited
    Gordon House, Barrow Street
    Dublin 4, Ireland

    When Google Maps is accessed, personal data may be processed, including:

    • IP address
    • browser and device information
    • location data (if enabled)
    • usage data

    Google Maps is integrated only after your consent via our cookie banner.

    Legal Basis

    Art. 6(1)(a) GDPR (consent)

    International Data Transfers

    Data transfers to the USA cannot be excluded. Google uses Standard Contractual Clauses pursuant to Art. 46 GDPR.

    Further information:
    https://policies.google.com/privacy

    9. Microsoft Teams

    For online meetings, video conferences and webinars, we use Microsoft Teams, a service provided by Microsoft Ireland Operations Limited, Dublin, Ireland.

    The following data may be processed:

    • name and contact details
    • meeting metadata
    • IP address and technical device information
    • audio, video and chat data

    Purpose of Processing

    Conducting online meetings, webinars and digital communication.

    Legal Basis

    • Art. 6(1)(b) GDPR
    • Art. 6(1)(f) GDPR

    Where recordings are made, participants will be informed separately and consent obtained where required.

    International Data Transfers

    Processing outside the European Union, particularly in the USA, cannot be excluded. Microsoft uses Standard Contractual Clauses pursuant to Art. 46 GDPR.

    Further information:
    https://privacy.microsoft.com/en-us/privacystatement

    10. External Links and Social Media

    Our website contains links to external websites and social media platforms, particularly LinkedIn.

    By clicking such links, you leave our website. The respective operators are solely responsible for the content and data protection practices of their websites.

    Data is transferred to the respective provider only when you actively click the link.

    11. Integration of Third-Party Content

    Our website may include content provided by external providers, such as maps or technical services.

    To display such content, external providers may need to process users’ IP addresses, as this is technically necessary for delivery of the content.

    12. Rights of Data Subjects

    Under Articles 15–22 GDPR, you have the following rights:

    • right of access
    • right to rectification
    • right to erasure
    • right to restriction of processing
    • right to data portability
    • right to object
    • right to withdraw consent with future effect

    You also have the right to lodge a complaint with the competent supervisory authority.

    Austrian Data Protection Authority
    Barichgasse 40–42
    1030 Vienna
    https://www.dsb.gv.at

    13. No Automated Decision-Making

    No exclusively automated decision-making pursuant to Art. 22 GDPR takes place.

    14. Amendments to this Privacy Policy

    We reserve the right to amend this privacy policy if required due to legal, technical or organizational developments.

    The current version is always available on our website.

  2. 2
    Privacy Notice for Event and Meeting Participants

    Controller

    AGMT Arbeitsgemeinschaft Medikamentöse Tumortherapie gemeinnützige GmbH
    Gentzgasse 60/21
    1180 Vienna, Austria

    E-Mail: datenschutz@agmt.at
    Phone: +43 (0) 662 640 44 12
    Website: www.agmt.at

    Data Protection Contact:
    Dr. Daniela Wolkersdorfer
    E-Mail: datenschutz@agmt.at

    General Information

    The protection of your personal data is of particular importance to us. We process your personal data exclusively on the basis of the applicable legal provisions, in particular the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG).

    This privacy notice provides information on the processing of personal data in connection with the registration for and participation in events, meetings, webinars, educational activities and similar offerings organized by AGMT.

    Categories of Processed Data

    In the context of organizing and conducting events, the following categories of personal data may in particular be processed:

    Registration and Contact Data

    • name
    • title
    • address
    • e-mail address
    • telephone number
    • institution or employer
    • Austrian Medical Chamber number (if required)
    • other information voluntarily provided

    Event-Related Data

    • registration details
    • participation information
    • login and access data for online events
    • certificates of attendance
    • information relating to continuing education credits

    Technical Data for Online Meetings

    For virtual events conducted via Microsoft Teams or comparable platforms, the following additional data may be processed:

    • IP address
    • device and browser information
    • audio, video and chat data
    • duration of participation and login timestamps

    Photo, Audio and Video Recordings

    Photographs, audio recordings and video recordings may be created during events. These recordings may be used for documentation, reporting and publication in print and online media, on the AGMT website or on AGMT social media channels.

    Where required, such processing is based on separate consent or on legitimate interests pursuant to Art. 6(1)(f) GDPR.

    Purpose of Processing

    Personal data is processed in particular for the following purposes:

    • organization and conduct of events
    • communication with participants
    • provision of access and participation information
    • documentation of participation
    • allocation of continuing education credits
    • organizational follow-up activities
    • public relations and event documentation

    Legal Basis

    Processing is carried out on the basis of:

    • Art. 6(1)(b) GDPR (contractual relationship or pre-contractual measures)
    • Art. 6(1)(f) GDPR (legitimate interests in organization, communication and documentation)
    • where applicable, Art. 6(1)(a) GDPR (consent)

    Retention Period

    Your personal data will only be stored for as long as necessary for the organization and follow-up of the event or as required by statutory retention obligations.

    Unless longer statutory retention periods apply, data will generally be stored for a maximum period of 7 years.

    Recipients of Data

    Your personal data will only be disclosed to carefully selected service providers and partners where necessary for the organization and conduct of the event.

    Recipients may in particular include:

    • technical service providers
    • hosting providers
    • event platforms
    • hotels or event venues
    • Austrian Medical Chamber for the allocation of continuing education credits
    • external event or cooperation partners

    Data will only be transferred to the extent necessary and in compliance with applicable data protection laws.

    Online Meetings and Microsoft Teams

    For virtual meetings, webinars and online events, we use Microsoft Teams, a service provided by Microsoft Ireland Operations Limited, Dublin, Ireland.

    In this context, personal data may also be processed outside the European Union, particularly in the United States. Microsoft uses Standard Contractual Clauses pursuant to Art. 46 GDPR.

    Further information:
    https://privacy.microsoft.com/en-us/privacystatement

    Notice Regarding Recordings

    The independent creation of photo, audio, video or screen recordings of events or event materials without prior consent of AGMT is not permitted.

    Your Rights

    Under the GDPR, you have in particular the following rights:

    • right of access
    • right to rectification
    • right to erasure
    • right to restriction of processing
    • right to data portability
    • right to object to processing
    • right to withdraw consent with future effect
    • right to lodge a complaint with a supervisory authority

    Competent supervisory authority in Austria:

    Austrian Data Protection Authority
    Barichgasse 40–42
    1030 Vienna
    https://www.dsb.gv.at

    If you have any questions regarding data protection, please contact us at:
    datenschutz@agmt.at

  3. 3
    Privacy Notice for Clinical Trial Participants

    Controller

    AGMT Arbeitsgemeinschaft Medikamentöse Tumortherapie gemeinnützige GmbH
    Gentzgasse 60/21
    1180 Vienna, Austria

    E-Mail: datenschutz@agmt.at
    Phone: +43 (0) 662 640 44 12
    Website: www.agmt.at

    Data Protection Contact:
    Dr. Daniela Wolkersdorfer
    E-Mail: datenschutz@agmt.at

    General Information

    AGMT conducts clinical trials in accordance with applicable national and European legal requirements and may act as sponsor within the meaning of Regulation (EU) No. 536/2014 on clinical trials on medicinal products for human use (“Clinical Trial Regulation” or “CTR”).

    As a participant in a clinical trial, you have already been comprehensively informed within the framework of the respective patient information and informed consent process about the conduct of the study, the processing of your personal data and your rights, and you have provided the corresponding consent.

    This privacy information serves as additional general information regarding the processing of personal data in connection with AGMT clinical trials.

    Your personal data is processed exclusively in accordance with the applicable legal provisions, in particular:

    • General Data Protection Regulation (GDPR),
    • Austrian Data Protection Act (DSG),
    • Regulation (EU) No. 536/2014 on clinical trials (CTR),
    • Austrian Medicines Act (AMG),
    • Good Clinical Practice (GCP),
    • and other applicable regulatory requirements.

    Processing of Personal Data in Clinical Trials

    Within the framework of clinical trials, personal data is processed insofar as this is necessary:

    • for conducting the clinical trial,
    • for ensuring patient safety,
    • for scientific evaluation,
    • for fulfilling regulatory obligations,
    • for quality assurance,
    • and for complying with legal documentation and retention obligations.

    The following categories of data may in particular be processed:

    • health data,
    • laboratory and examination data,
    • medication data,
    • information regarding disease progression,
    • study documentation,
    • safety and efficacy data,
    • technical logging and system data.

    Data processing is generally carried out in pseudonymized form. The code enabling identification of your person generally remains exclusively at the respective trial site.

    Access to Personal Data

    Access to personal data is granted only to persons who require such access for the conduct, monitoring and control of the clinical trial.

    This may include in particular:

    • investigators and authorized staff of the trial site,
    • monitors and auditors of the sponsor,
    • contracted service providers,
    • ethics committees,
    • national and international health authorities,
    • and other legally authorized bodies.

    All persons involved are subject to statutory and contractual confidentiality obligations.

    Legal Bases for Processing

    The processing of personal data is carried out in particular on the basis of:

    • Article 6(1)(c) GDPR (legal obligation),
    • Article 6(1)(e) GDPR (public interest in the area of scientific research),
    • Article 9(2)(i) GDPR,
    • Article 9(2)(j) GDPR,
    • your consent pursuant to Article 6(1)(a) GDPR and Article 9(2)(a) GDPR,
    • as well as the applicable provisions of the CTR and the Austrian Medicines Act.

    Certain processing activities within clinical trials are carried out not exclusively on the basis of your consent, but also in order to comply with legal and regulatory obligations under the Clinical Trial Regulation (CTR) and the GDPR.

    Transfer of Personal Data

    Personal data may be transferred to external service providers, research partners, authorities or other parties involved in the conduct of the clinical trial, insofar as this is legally permissible or necessary for the conduct of the clinical trial.

    Where data is transferred to countries outside the European Union or the European Economic Area, such transfer takes place exclusively in compliance with applicable data protection requirements, in particular on the basis of appropriate safeguards pursuant to Article 46 GDPR.

    Wherever possible, direct identification of your person shall be excluded.

    Retention of Data

    Personal data and study documentation are retained in accordance with the regulatory requirements of the Clinical Trial Regulation (CTR), the Austrian Medicines Act and other applicable regulations.

    Retention periods generally amount to at least 25 years and may, depending on the type of study and applicable regulatory requirements, extend beyond this period.

    Scientific Evaluations and Publications

    Data collected within the framework of clinical trials may be used for scientific evaluations, regulatory purposes and scientific publications.

    Publications are made exclusively in anonymized or aggregated form so that no conclusions can be drawn regarding individual persons.

    Withdrawal of Consent

    You may withdraw your consent to participate in a clinical trial at any time with effect for the future.

    In the event of withdrawal, no further personal data will generally be collected for study purposes insofar as this is legally permissible.

    However, data already collected may continue to be processed where this is necessary:

    • to ensure the validity and traceability of the clinical trial,
    • to comply with regulatory obligations,
    • to document safety aspects,
    • or due to statutory retention obligations.

    Your Rights

    Under the GDPR, you generally have the following rights:

    • right of access,
    • right to rectification,
    • right to erasure,
    • right to restriction of processing,
    • right to data portability,
    • right to object,
    • right to withdraw consent previously granted.

    These rights may be restricted in the context of clinical research where the exercise of such rights would render impossible or seriously impair the achievement of the objectives of the clinical trial and such restrictions are necessary for the fulfilment of the research purposes.

    If you have questions regarding the processing of your personal data, please contact your investigator or the AGMT data protection contact.

    No Automated Decision-Making

    No exclusively automated decision-making pursuant to Article 22 GDPR takes place.

    Right to Lodge a Complaint

    If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with the competent supervisory authority.

    Austrian Data Protection Authority
    Barichgasse 40–42
    1030 Vienna
    https://www.dsb.gv.at