You are here:
Information on data processing as part of the consultation services offered by the Institute of Biometry and Clinical Epidemiology
If you make use of the biometric consultation service of the Institute for Biometry and Clinical Epidemiology of the Charité - Universitätsmedizin Berlin (iBikE), your personal data will be processed. We hereby inform you about the type, purpose, duration and legal basis of the processing as well as about your rights.
This page informs you about data processing at the Charité - University of Berlin concerning issues beyond our consultation services.
Type, Scope and Purposes of Data Processing
The iBikE offers a free biometric consultation service on medical research projects of all kinds to all researching physicians, doctoral students and scientific staff of the Charité - Universitätsmedizin Berlin (Charité) and the Berlin Institute of Health (BIH) (hereinafter referred to as "clients"). The registration for a consultation is usually done via the online registration form or personally during scheduled office hours ("walk-in service"). For organisational, administrative and documentary reasons, our institute maintains an electronic consultation database.
For the purpose of
- the organization of appointment scheduling
- the coordination of consultants as well as the preparation of the content of consulting appointments
- the quality-assuring assessment and evaluation of counselling processes, counselling contents and counselling results (evaluation)
- the compilation of anonymous statistics on consulted subjects, time frames and monthly number of consultation appointments for mandatory reporting to the Dean's Office of the Charité on the type and extent of utilisation of the iBikE consultation service (degree of utilisation)
- ensuring equal and balanced access to consultation (prevention of abuse, e.g. prevention and detection of unjustified multiple consultation)
we collect, document and store the following data collected during registration:
- personal information on the supervisors/project managers (e.g. doctoral supervisor, institute director, study director): First name, surname, academic title (if applicable)
- contact details of customers and supervisors/project managers as indicated in the registration form or on the Charité Intranet: official e-mail address (e.g. first_name.Last_name@charite.de), telephone numbers
- institute affiliation of supervisors/project leaders according to the information from the registration form or the Charité Intranet
- data on the consulted project
- subject
- Project type: Research, Dissertation, Dissertation as monograph, Master Thesis, Other
- if applicable, name of the study or name and number of the research project
- if applicable, information on third-party funding: BMBF, DFG, DKG, others
- if applicable, information on cooperation with: BIH, CRU, KKS, MDC
- calendar details: date of first registration, date of confirmation
- if applicable, short description : additional information on the consultation given in the registration form
In addition, we collect, document and store further data for the above-mentioned purposes within the scope of an individual consultation:
- date and duration of the consultation apointment
- stage of the advised project (e.g. application, ethics application, implementation, publication)
- type of consultation (e.g. personal/telephone, walk-in)
- name of the consultant
- institutional affiliation of the client present
- if applicable, information on the content of the consultation (e.g. recommended statistical method)
Name and Details of the Data Controller
The party responsible within the meaning of the General Data Protection Regulation (GDPR), other data protection laws applicable in the member states of the European Union and other provisions of a data protection nature is:
Charité – Universitätsmedizin Berlin
Charitéplatz 1
10117 Berlin
Deutschland
t: +49 30 450 50
Website: www.charite.de
Data Protection Office
If you have any questions regarding the processing of your personal data or your rights regarding data protection, please contact
Datenschutz der Charité – Universitätsmedizin Berlin
Charitéplatz 1
10117 Berlin
Deutschland
t: +49 30 450 580 016
E-Mail: datenschutz(at)charite.de
Data Processing: Legal Basis
The consultation service offered by iBikE is provided on behalf of the Board of Directors of the Charité according to its guidelines and directions. (Article 6 Statutes of the Charité).
The legal basis for the above processing of your data is Article 6 Paragraph 1 Sentence 1 and Paragraph 5 of the Berliner Hochschulgesetz (BerlHG), which applies to the Charité, in conjunction with Article 6 Paragraph 1 Sentence 1 Letter e of the General Data Protection Regulation (GDPR)
Under these provisions, the Charité, as a member body of Freie Universitaet Berlin and Humboldt-Universitaet zu Berlin, may collect, store, and use personal data about its members as well as about applicants for degree programs, examination candidates, and third parties insofar as this is necessary to fulfill its tasks under the higher education law (e.g., for doctoral studies or for the organization and evaluation of research and studies).
Recipients of Subject Data
The data collected during the registration process and in the course of the consulting process will only be processed by iBikE employees in their capacity as consultants, system administrators or institute managers. Insofar as the dean's office of the Charité has to be provided with evaluations of the utilization of the consultation services for reporting purposes, these are exclusively anonymous statistics without personal reference. No data will be transmitted to other third parties, third countries or international organisations.
Envisaged Time Limits
The data processed by us will be deleted or restricted in their processing in accordance with the legal requirements and the Charité guideline "Archiving, blocking and deletion of data in Charité systems". The stored data will be deleted in accordance with the legal requirements as soon as they are no longer required for their purpose and there are no legal obligations to retain them. For the fulfilment of our purposes and taking into account the time and personnel framework conditions in the research sector, the data in the consulting database are generally stored for a period of 10 years in accordance with the official guidelines and recommendations for safeguarding good scientific practice (Article 7 Statutes of the Charité for safeguarding good scientific practice).
Data Subjects' Rights
You have contacted our institute in order to make use of the consultation services offered or you are a supervisor or project manager of one of our customers and are therefore affected by data processing in connection with inclusion in our consulting database. In this respect, you as the "data subject" belong to the group of persons protected by the GDPR (Article 4 No. 1 GDPR). You are then entitled to the following rights:
- You have the right to request confirmation as to whether we process personal data relating to you. If this is the case, you have the right to request information about this data as well as a copy of the data. You may also request that your data be corrected or that the processing be restricted if at least one of the reasons for the restriction provided for by law applies.
- You have the right to object to the processing of your data for reasons inherent to your personal situation. However, the processing of your data remains permissible despite an objection if this is justified by weighing the conflicting interests.
You can file a complaint with any supervisory authority responsible for data protection. The supervisory authority located at the Charité headquarters is:
Die Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstraße 219
10969 Berlin
Tel.: +49 30 13889-0
Fax: +49 30 2155050
E-Mail: mailbox(at)datenschutz-berlin.de
Webseite: www.datenschutz-berlin.de
Definitions of Terms
Personal Data
Any information related to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier (e.g. cookies) or to one or more specific characteristics expressing the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person (Article 4(1) GDPR).
Processing
Any operation carried out with or without the aid of automated procedures or any set of operations relating to personal data. The processing concept is very broad because the legal definition of data processing covers almost any handling of personal data (namely collection, recording, organisation, sorting, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or association, limitation, erasure or destruction) (Article 4(2) GDPR).
Anonymized data
Information that does not relate to an identified or identifiable natural person, or personal data that has been rendered anonymous in such a way that the data subject cannot or can no longer be identified. The Basic Data Protection Regulation therefore does not concern the processing of such anonymous data, including for statistical or research purposes (see Recital 26, fifth and sixth sentences, GDPR).