Privacy Policy – DNA Repair Meeting 2026 on Physiological Causes and Consequences of Genome Instability

Privacy Notice (GDPR)

This Privacy Notice explains how personal data is processed in connection with the DNA Repair Meeting on Physiological Causes and Consequences of Genome Instability 2026 (7–9 September 2026, University Hospital Cologne, MTI Building) via the registration and abstract submission portal.

1) Joint Controllers (Art. 26 GDPR)

The Meeting is organized under joint controllership by:

the German Society for DNA Repair (DGDR), and
the DFG-funded Research Unit (FOR) 5504 “Physiological Causes and Consequences of Genome Instability.”

The joint controllers have entered into an arrangement under Art. 26 GDPR that defines their respective responsibilities for data protection compliance. You may exercise your data subject rights against either controller.

Contact point for all privacy-related requests:

simon.uszkoreit[at]uk-koeln.de

2) What data we process

Depending on your use of the portal, we process:

Registration data: name, title, affiliation/institution, address (if required), email address, attendance category (e.g., DGDR member, student/postdoc), and other information you provide during registration.
Billing data: invoice recipient details and billing address (and, where applicable, VAT information).
Abstract submission data (if applicable): title, authors, affiliations, abstract text, keywords, and related submission metadata.
Technical data: log files and technical identifiers (e.g., IP address, timestamps, browser/device information) necessary for secure operation.

3) Purposes of processing

We process your personal data to:

manage registration, participation, and conference administration,
handle abstract submission and review processes (if applicable),
issue invoices/receipts and perform accounting-related tasks,
communicate organizational information (e.g., confirmations, updates, practical information),
ensure IT security and the proper functioning of the portal,
(if applicable) assess eligibility for DGDR Travel Fellowships based on submitted abstracts.

4) Legal bases (GDPR)

Processing is carried out on the following legal bases:

Art. 6(1)(b) GDPR (performance of a contract / steps prior to entering into a contract): registration and participation handling.
Art. 6(1)(c) GDPR (legal obligation): statutory accounting and record-keeping obligations related to invoicing.
Art. 6(1)(f) GDPR (legitimate interests): secure and reliable operation of the portal, fraud prevention, and efficient event administration.
Art. 6(1)(a) GDPR (consent): only where consent is explicitly requested (e.g., optional communications), if applicable.

5) Service providers / processors (incl. Converia)

We use Converia as a service provider for the registration and submission portal. Converia processes data on our behalf as a processor under GDPR, based on a data processing agreement (Art. 28 GDPR).

Where necessary, data may also be shared with payment providers/banks and accounting services for invoicing and financial administration.

6) International data transfers

We do not intentionally transfer personal data to countries outside the EU/EEA unless required by the technical setup of service providers. If such transfers occur, appropriate safeguards (e.g., EU Standard Contractual Clauses) are used.

7) Retention period

We retain personal data only as long as necessary for the purposes stated above:

Registration and participation data: typically until completion of the Meeting and necessary follow-up administration.
Invoice and accounting data: retained in accordance with statutory retention obligations.
Abstract submission data: retained for program organization and documentation, and removed or anonymized when no longer required, unless longer retention is justified (e.g., conference proceedings, if applicable).

8) Your rights (data subject rights)

Under the GDPR, you have the right to:

access (Art. 15), rectification (Art. 16), erasure (Art. 17), restriction (Art. 18), data portability (Art. 20), and objection (Art. 21), as applicable.

You also have the right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

To exercise your rights, contact: simon.uszkoreit[at]uk-koeln.de

9) Updates

We may update this Privacy Notice to reflect changes to the Meeting organization or legal requirements. The version published on the portal applies.