What is GDPR?
The General Data Protection Regulation (GDPR) is European legislation to protect the privacy of European citizens. Every organisation that is located in the EU or that is collecting, recording, organising, structuring, storing, adapting or altering, retrieving, concerned with consultation, using, transmitting, disseminating or otherwise making available, doing alignment or combination, restricting, erasing or destructioning personal data of people situated in the EU must comply with GDPR.
The IBBS complies with GDPR, meaning that its members and visitors of the website have all rights as stated in this legislation.
Processing of visitors' data
The IBBS website does not use any mechanisms for tracking or identifying visitors on its website. Member logins are registered, though.
The only cookies we use are so-called 'session cookies', which make the website more user-friendly. They are automatically deleted after your visit.
Data will not be provided to third parties, other than indicated below.
Member administration, congress registration administration and storage in its database
The database is integrated in the website, hosted at Hetzner Online GmbH. There is a signed processing agreement in place between IBBS and Hetzner Online GmbH. Emails are sent through the Acymailing service, compliant with GDPR.
Processing index
The IBBS administration processes data from its members according to the register below.
Data item | Purpose | Retention time |
Access |
Title, first name, last name 2,3 |
Enable membership administration, share information and contacts |
Duration of membership plus 5 years |
Members 1 |
Photograph 1 | same | same | same |
Organization, department | same | same | same |
Address, city, zip, state, country 2 | same | same | same |
E-mail address, phone number(s) 2,3 | same | same | same |
Affiliation | same | same | same |
Membership type | same | same | same |
Membership status: | |||
date begin / payment / renew | Membership administration |
same | Member, Steering Council, administrator |
invoice details | same | same | same |
Notes: 1 optional for members. 2 May be shared with congress organizers and FBCNS. 3 Will be shared with e-mail services provder. Payment details (name, amount, payment date) will be provided to our Payment Service Provider(s).
Security
The data are only processed on secure PCs. The security consists of passwords, virus scanners, keeping the entire system up-to-date. The connection to the website server is encrypted.
Responsible for data collection
Prof. Dr. H.E. de Vries
VU University Medical Center
Department of Molecular Cell Biology and Immunology
PO Box 7057
1007 MB Amsterdam, The Netherlands