Data policy

This website does not employ cookies.

1. General

1.1 Personal data (GDPR, Article 4(1))

Data protection refers to the protection of personal data (hereinafter also referred to as data), which in turn means any information relating to an identified or identifiable natural person. This includes, for example, data such as the person’s name, address, occupation, email address, marital status, telephone number and, if applicable, any Internet user data, such as an IP address.

1.2 Controller (GDPR, Article 4(7))

The controller – i. e. the body responsible for the processing of your personal data within the context of your use of the www.bifonds.de website (hereinafter referred to as the website) – is the Boehringer Ingelheim Fonds, (hereinafter referred to as the BIF, the website operator, or the controller). The controller’s contact details are:

Boehringer Ingelheim Fonds, Stiftung für medizinische Grundlagenforschung

Represented by the Executive Committee: Prof. Dr Dr Thomas Braun (Deputy Chairman), Dr Dr Michel Pairet, Prof. Dr Jan-Michael Peters (Chairman)

Schusterstr. 46-48
55116 Mainz
Germany
Phone: +49 (0) 6131 / 27 50 8-0
Email: secretariat@bifonds.de

1.3 Contact address for inquiries concerning data protection

data-protection@bifonds.de

1.4 The opportunity to object

If, in accordance with this data protection declaration, you wish to deny the BIF permission to process your data entirely or for particular purposes, you can do so by sending an email to data-protection@bifonds.de. Please note that objecting to such data processing may limit or entirely prevent your use of the website and your ability to access the services offered on it.

2. Scope and purposes of data processing, legal basis, provision of data, and duration of storage

2.1 Access and use of the website

Each time the website and its sub-pages are accessed, usage data is transmitted to the BIF via the user’s respective Internet browser and stored in the BIF server’s log files. The stored data sets include the following information:

• Date and time of access
• Name of the accessed sub-page
• IP address
• Referrer URL (the URL from which you came to the website)
• Amount of data transferred
• The user’s browser product and version thereof

The admissibility of such data processing is governed by Article 6(1)(b) of the GDPR, which states that data processing is lawful if it is “necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.” The data processed by the website operator are required to enable the data subject to access and use the website. This concerns data whose processing is necessary to the use of a given telecommunications medium. In the present case, the data subject would otherwise be unable to access the website.

The log files are evaluated by the BIF in an anonymous state in order to further improve the website and make it more user-friendly, find and correct errors more quickly, and manage server capacities. Performing these evaluations enables the BIF, for example, to identify the time periods in which users particularly favour using the website, and thus provide adequate data transfer resources.

The admissibility of such processing is governed by Article 6(1)(f) of the GDPR, according to which such processing is lawful if it is necessary to safeguard the legitimate interests of the data controller or a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Making available a website that contains information, providing services to customers, and optimising website operation are legitimate interests of the website operator.

After the data subject has ceased using the website, his/her IP address is either deleted or rendered anonymous. Anonymizing an IP address consists of altering it in such a manner that, barring a disproportionately large amount of time, expense, and manpower, it can no longer be attributed to a specific or identifiable natural person.

2.2 Email at the click of a button

At some locations on the website, you are offered the opportunity to open and send an email addressed to the BIF simply by clicking on a “mailto” link. In doing so, the email address associated with your email programme is automatically employed as the sender’s email address. If you do not wish your email address to be accessed in this way, you can change your email programme’s settings to prevent such access.

The admissibility of such data processing is governed by Article 6(1)(b) of the GDPR, which states that data processing is lawful if it is “necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.” In order, however, to contact the website operator by email, it is necessary to provide the website with this personal data.

Once statutory data storage obligations have expired, the processed personal data are deleted by the controller, unless it has a legitimate interest in continuing to store the data. In any event, only those data that are genuinely required to fulfil the purpose in question will continue to be stored. To the extent that it is possible, the personal data will be rendered anonymous.

2.3 The use of cookies

This website does not employ cookies.

2.4 “Klatschmail” mailing list

On its website, the BIF offers the opportunity to be added to an internal mailing list to receive its “Klatschmail”. To do so, you must send an email to the BIF by clicking on the “mailto” link provided, which creates an email within your email program that is automatically addressed to the BIF email address stored in the link.

The admissibility of such processing is governed by Article 6 (1)(a) of the GDPR, according to which such processing is lawful if “the data subject has given consent to the processing of his or her personal data for one or more specific purposes.” Providing the BIF with your email address is voluntary yet necessary if you wish to subscribe to its mailing list and receive emails sent to those persons on it.

If you should revoke your consent to the storage of your data, it will be deleted by the controller, unless it has a legitimate interest in continuing to store it. This may be the case if the website operator must continue to store your data due to a contractual agreement that it has with you. In any event, only those data that are genuinely required to fulfil the purpose in question will continue to be stored.

2.5 Funding programmes

We process the personal data you provide to us as applicant in connection with the MD Fellowship, PhD Fellowship, and Travel Grant programmes. More information about the use of your personal data can be found here.

The legal basis for the processing of this personal data is Art. 6 (1) b) DSGVO (performance of a contract or a pre-contractual measure).

Some of the personal data provided in this context is subsequently processed by BIF for the purpose of internal analysis. This processing of personal data is based on Art. 6 (1) f) DSGVO (legitimate interest). The legitimate interest lies in the controlling, better and more efficient promotion of scientists and science as well as the optimization of the selection process and the workflows as a whole.

Using this personal data is necessary for the selection and the implementation of the funding programmes. You are therefore required to provide the personal data requested in this context. Without providing this data, we will not be able to decide on the grant.

Sending out information material
We send information about new or changed funding programmes to scientists who have already received funding from BIF and to scientific institutions who might be interested in applying to our funding programmes. We also use publicly available contact information of scientific institutions for this purpose.

The legal basis for processing this personal data is Art. 6 (1) f) DSGVO (legitimate interest). The legitimate interest lies in the more efficient funding of scientists and science.

You may object to receiving information by us (see section 3.5).

2.6 Notice for reviewers

Within the framework of review processes and associated activities, we process personal data of reviewers. Specifically, this may include:

Business or private contact information, including your name, title, address, email address and telephone number

• General external and private data concerning your person (gender, nationality etc.)
• Data concerning previous reviews for BIF
• General categorising and assigning data (relation to a further process / proposal etc.)
• Competence data (information concerning knowledge and capabilities, certificates, vocational training completed etc.)
• Declarations (consent, agreement, other declarations relating to a matter which have been submitted etc.)

Content-related data (for example evaluation of a proposal, assignment to a subject / topic, summaries, possible instances of bias, other content-related matters – countries, key words etc.)

2.6.1 Purposes and legal basis of the processing of personal data of reviewers

• To be able to approach and engage suitable persons for the review process, we process the information in our databases of applicants and funded persons, as well as other publicly available information (for example of websites of researchers).
• To evaluate funding proposals, reviewers will be asked to submit written reviews to BIF. During this process, personal information will be stored, for example your contact for communication.
• Personal information from the review process will be made available to the BIF statutory bodies. The legal basis for processing the personal data of reviewers is Article 6(1)(b) GDPR (performance of a contract or pre-contractual measures) and Article 6(1)(f) GDPR (legitimate interest).

3. Data subject’s rights to access, to rectification, to erasure, to restriction of processing, to object, and to data portability

3.1 Right to access (GDPR, Article 15)

Upon request, the BIF will inform you whether it is processing any data concerning you. The BIF endeavours to process requests for information promptly.

3.2 Right to rectification (GDPR, Article 16)

You have the right to demand the BIF to correct any inaccurate personal data concerning you without undue delay.

3.3 Right to erasure (GDPR, Article 17)

You have the right to demand the website operator to delete personal data concerning you without undue delay. Further, the operator is obliged to delete personal data without undue delay, provided that one of the reasons stated in Article 17(1)(a-f) of the GDPR applies.

3.4 Right to restriction of processing (GDPR, Article 18)

You have the right to demand the website operator to restrict its processing of your data, when one of the conditions stated in Article 18(1)(a-d) of the GDPR exists.

3.5 Right to object (GDPR, Article 21)

You have the right to object at any time, on grounds relating to your particular circumstances, to any processing of personal data concerning you for any of the purposes stated in points (e) or (f) of Article 6(1) of the GDPR. The website operator will then cease to process the data in question, unless it can demonstrate compelling and defensible grounds for continuing to process the data that override your interests, rights, and freedoms, or unless continuing to process the data serves the purpose of asserting or exercising legal claims, or defending against them.

You also have the right to object, on grounds relating to your particular circumstances, to any processing of personal data concerning you for historical, scientific, or statistical purposes, performed pursuant to Article 89(1) of the GDPR, unless the processing is necessary for the performance of a task carried out in the public interest.

To notify us of your objection, please use the email address data-protection@bifonds.de.

3.6 Right to data portability (GDPR, Article 20)

You have the right to receive, in a structured, commonly used and machine-readable format, the personal data concerning you that you have provided to the BIF. You also have the right to “transmit those data to another controller without hindrance from the controller to which the personal data have been provided” (i. e. the BIF), provided that the processing is based on consent pursuant to Article 6(1)(a) or Article 9 (2)(a) of the GDPR, or on a contract pursuant to Article 6(1)(b) of the GDPR, and the processing is carried out by automated means.

4. Withdrawal of consent

If you have given the BIF your consent to process your personal data and subsequently withdraw this consent, the lawfulness of any processing of data that has already been performed prior to your withdrawal of consent shall not be affected.

5. Right to lodge a complaint

You have the right to lodge a complaint with the respective supervisory authority.

6. Recipients of personal data

Any data that is gathered in the course of your accessing and using the website, as well as any information you provide when contacting the BIF, is transmitted to the BIF server and stored there. In addition, your data may be supplied to the following categories of recipients:

• Persons at the controller who are involved in the processing of data (e. g. administrative staff, members of the Executive Committee)
• E.g. external peer reviewers, members of the Board of Trustees
• Contractors (e. g. IT service providers, software support staff)
• Contractual partners of the website operator (e. g. hosting service provider)

7. Links to third-party websites

When visiting the BIF website, content may be displayed that is linked to the websites of third parties. The BIF has no access to the cookies or other functions employed by third parties on their websites, nor can the BIF control these. Such third parties are not subject to the data protection provisions of the website operator.

1 Januar 2022