ECCO Privacy Policy

ECCO Website Privacy Policy according to GDPR

The ECCO Website is published by OCEAiN – Organisation, Congress, Emotion, Association, iNnovation GmbH (the congress business unit of the European Crohn’s and Colitis Organisation, registered and located in Vienna, is the assuming congress organiser, fully owned by the European Crohn’s and Colitis Organisation, under the terms of §§ 12 ff. UmgrStG.)

The publication of this website is pursued by OCEAiN in service to the European Crohn’s and Colitis Organisation (ECCO): Hereafter “ECCO” shall refer to this online publication service of OCEAiN in the interest of the European Crohn’s and Colitis Organisation (ECCO).

Purpose: Information provided on the web site of ECCO is intended for informational purposes only.

Legal basis for data processing: Personal browser settings and consent to cookies, if given.

Identifiable Personal Data collected for web tracking

During your visit to our website, some information is collected and analysed for web controlling purposes. This information is provided by your browser. The collection is done by way of a pixel integrated into all websites. The following data are collected:

  • Requests (file name of the requested file) (e.g. www.beispiel.de/index.html)
  • Browser type/browser version (e.g. Internet Explorer 6.0)
  • Browser language (e.g. English)
  • Operating system used (e.g. Windows XP)
  • Inner resolution of browser window
  • Screen resolution
  • Javascript activation
  • Java on /off
  • Cookies on / off
  • Colour depth
  • Referrer URL (the previously visited web site)
  • IP address – is deleted immediately
  • Time of access
  • Clicks
  • Total orders, if any
  • Content of forms, if any (in the case of text fields, e.g. name and password, only the information “completed“ or “not completed“ is transmitted)

IP address

The IP address is transmitted with every server request. Based on this information, the server will know where to send the response. This IP address is assigned by your internet service provider (ISP) when you go online. ISPs can trace which address was assigned to which client at a given time. Theoretically, if IP addresses are stored, ISPs can use IP addresses to determine the identity of the owner of the Internet access account. Therefore, ECCO and its provider of statistical services do not store IP addresses permanently, but use them for session identification purposes and to prevent attacks only. Subsequently, IP addresses are deleted immediately, which makes the collected data anonymous. At that point, the identity of the user can no longer be determined, even by ISPs.

Cookies

Our pages rely on several so-called cookies. Their purpose is to make our online content more user-friendly and efficient. Cookies are small text files that are placed on your computer and saved by your browser. Cookies cannot be used to identify specific individuals and do not contain personal data. This data will not be associated with data from other sources. Most of the cookies we use are so-called “session cookies” that are deleted as soon as you end your browser session. In addition, there are some persistent cookies used to recognize you as a returning visitor to the website. These cookies do not cause any harm to your computer and do not contain any viruses. Use your browser settings to determine whether you want to allow the use of cookies or not.

Data protection declaration regarding Universal Analytics/opt-out option

The website of ECCO uses Universal Analytics, a service provided by Google Inc. (“Google”). Universal Analytics relies on so-called “cookies” that are stored on your computer and generate information for the analysis of the websites used by you. This information about your use of the ECCO website (including your IP address) is transferred to a Google server located in the USA and is stored there.

ECCO strongly believes in protecting your data. On the website of Austrian Post, we have activated the IP anonymisation option. The function anonymizeIP() processes IP addresses in a shortened form which makes it impossible to reference users. The means that before the data is transferred to Google, the IP address is shortened in the member states of the European Union or in other member states of the European Economic Area.

On behalf of ECCO, Google will use the received information to analyse how the Internet and this website are used, e.g. Google will perform anonymous analyses and create graphics regarding page views and visits. ECCO uses this data exclusively for market research purposes, to optimise its websites and to provide additional services associated with the use of the website. Google might transfer this information to third parties, provided that it is legally permissible. Third parties may also process this data on behalf of Google. Google will under no circumstances associate your IP address with other data generated by Google. For additional information about Google Analytics, please see the Internet or visit www.google.com/analytics.

You can opt out of the data collection and storage at any time without retroactive effect.

You can prevent cookies from getting saved on your computer by choosing the respective setting in your browser software. However, please note that you may not be able to use all functions of the ECCO website.

In addition, you have the option of preventing that data collected from your cookies and your use of the website (including your IP address) will be transferred to and processed by Google. To do that, please download the browser plugin by following this link: https://tools.google.com/dlpage/gaoptout?hl=en

You also have the option of preventing the tracking process altogether. To do that, all you have to do is click on the link below. In order for this refusal to take permanent effect, your browser needs to accept cookies.

Click here to opt out of Google Analytics.

Throughout the ECCO Website, you will have the option to register online with your personal data for specified ECCO initiatives (e.g.: Congress, Workshops, Membership, eNewsletter) for which your data will be stored in the ECCO IT HUB in line with the following information.

 


ECCO IT HUB (= ECCO Database) - Privacy Policy according to GDPR

ECCO IT HUB consists of the following 3 organisational entities with their registered seat in 1030 Wien, Ungargasse 6/13, and is based on a joint controllership agreement according to Article 26 General Data Protection Regulation (“GDPR”):

  • ECCO – European Crohn’s and Colitis Organisation (“ECCO”), registered in the Austrian Register of Associations (ZVR) under the registration number 468755685, as well as its daughter entities:
  • OCEAiN – Organisation, Congress, Emotion, Association, iNnovation GmbH (“OCEAiN”) and
  • IBDIM – IBD in Motion GmbH („IBDIM“)

(together hereafter referred to as “ECCO IT HUB” or “we”).

Contact point according to Article 26 GDPR:

ECCO Office
Ungargasse 6/13, A-1030 Vienna, Austria.
Tel: +43-(0)1-710 2242-0
Fax: +43-(0)1-710 2242-001
E-Mail: 
This email address is being protected from spambots. You need JavaScript enabled to view it.

ECCO IT HUB solely processes your personal data for the purpose of:

  • centralised and up-to-date data administration of ECCO Membership, Congress and event participations as well as stakeholder status in order to avoid scattering loss of up-to-date contact details among the business units of the joint data controllers
  • facilitating communication among stakeholders of the IBD Community and making relevant data visible via the ECCO Website (including the display of names and affiliations of Congress speaker and ECCO Officer and the disclosure of conflicts of interest, names and affiliation)
  • the selection process with respect to open research calls, open manuscript-project calls and open calls for positions in ECCO
  • facilitating the whole process of submission, review and publication of scientific abstracts of the annual ECCO Congress

The use of synergy effects in data harmonization also aims to facilitate your access to activities within the larger framework of ECCO IT Hub (e.g. distribution of our newsletters, promotion of our Congress and educational/scientific activities, access facilitation via the publisher/distributor of our publications). 

ECCO IT Hub only processes your personal data based on your consent (including eNewsletter subscription and applications in open calls) or in performance of our (pre-)contractual obligation (including Congress business) or our legitimate interest (including membership administration for the fulfilment of our association purpose) according to of Article 6 of the GDPR.

Please note that in the context of Membership Group Registrations and Group Congress Registrations, ECCO IT HUB received your personal data via the contact person of the respective group registration. These contact persons are under a contractual obligation to collect your consent for this registration in advance.

Please note that prior to submitting abstracts to this system together with the personal details of your co-authors, the submitting author is responsible for obtaining and ensuring the consent of the co-authors to the processing of their personal data for the purposes described above.

ECCO IT Hub solely processes the personal data needed to fulfil the purposes described above: name, email addresse(s), phone number(s), postal addresse(s), fax, date of birth, profession, your ECCO Membership status, applications to open calls, event and project participation(s). Your personal data will furthermore not be subject to further processing in a way and manner that are incompatible with the intended purposes listed above.

In addition, the scientific review process generates a review result for the submitters of abstracts and applications for fellowships and grants which will be stored in connection with the abstract submitted via the submitter’s account.

In order to adequately fulfil the intended purposes listed above, ECCO IT Hub uses data processors – i.e. IT Service Companies based in the European Union (including but not limited to services such as eNewsletter distribution, online payment providers for ePayment purposes primarily based in Austria, Belgium and Germany).

ECCO IT Hub of course also observes the principle of storage limitation for personal data. This means that ECCO IT Hub will only process your data until you withdraw your consent, but not longer than for 10 years. Beyond that time, ECCO IT Hub will only process your data if we are in a (pre-)contractual relationship with you, or if we are entitled to process your personal data for the fulfilment of our association purposes, or if we are obliged to process your personal data by law.

Should you be affected by our processing of personal data, you have the right at any time to request access to, rectification, or erasure of personal data, or restriction of the processing concerning your personal data or to object to processing as well as the right to data portability.

As data subject, you may withdraw your consent for us to process your personal data at any time under This email address is being protected from spambots. You need JavaScript enabled to view it. or This email address is being protected from spambots. You need JavaScript enabled to view it.. Please note that the withdrawal of consent does not affect the lawfulness of the data processing that took place before its withdrawal, and that in certain circumstances ECCO IT Hub is entitled or else required to process certain forms of personal data for a period extending beyond the withdrawal of consent, either due to our contractual relationship with you, or else due to legal requirements. Please also note that in case of the withdrawal of consent you will not be able to benefit or use all functions of ECCO IT Hub. You directly access and modify your information via your personal log-in under the following link: https://cm.ecco-ibd.eu/cmgateway/member/NW/index.html?module=relationmanager&config=normal#manageprofiles.

In case you believe that the processing of your personal data does not comply with the provisions of data protection, you can – other legal remedies in law courts or under administrative law notwithstanding – make a complaint to the competent data protection authority. In Austria, this complaint shall be submitted to the Austrian Data Protection Authority.

The address is as follows:
Österreichische Datenschutzbehörde (Austrian Data Protection Authority)
Wickenburggasse 8
1080 Vienna, Austria

Data protection officer according to Article 37 GDPR:

oehner & partner rechtsanwaelte gmbh
Att.: Ms. Sabine Brunner
Donau-City-Straße 7, 1220 Wien
This email address is being protected from spambots. You need JavaScript enabled to view it.

The essence of the ECCO IT Hub arrangement according to Article 26 GDPR:

obligation

controller

ECCO

OCEAiN

IBDIM

information obligation according to Article 13 / 14 GDPR

 

x

 

fulfilment of the request of access

 

x

 

fulfilment of the request of rectification

 

x

 

fulfilment of the request of erasure and restriction of processing

 

x

 

notification to recipients (Article 19 GDPR)

 

x

 

fulfilment of the request of data portability

 

x

 

processing of withdrawals

 

x

 

implementation of technical and organisational measures (Article 32 GDPR)

 

x

 

review and adaption of technical and organisational measures

 

x

 

selection and assignment of data processors

x

x

x

maintenance of a record of processing activities

 

x

 

processing of notifiable data breaches

 

x

 

common contact point for the fulfilment of data subjects’ requests

 

x

 

provision of information according to Article 26 paragraph 2 sentence 2 GDPR

 

x