Privacy policy
INFORMATION ON ENETS PRIVACY POLICY (Art. 13 and 14 GDPR)
A. Data protection
Thank you for visiting our websites. The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.
If you use these websites, various different types of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and how we use it. It also explains how and for what purpose this happens.
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible. ENETS processes the personal data of its members, customers and ENETS’ events and educational offers as well as applicants for grants and abstracts.
For the 22nd Annual ENETS Conference in 2025, we also process registration data together with our service provider Business Service “Galop” and herewith state that this privacy policy also applies to the registration form for individuals and the Conference Platform/virtual room page (link will be made available closer to the date) provided by our service providers.
Continuous technological development, changes to our services or to the legal situation, as well as other reasons may require adjustments to our data protection information. We therefore reserve the right to change this data protection declaration at any time and ask you to inform yourself regularly about the current status.
B. Controller and data protection officer
Responsible for processing data is the following controller:
ENETS – European Neuroendocrine Tumor Society (ENETS e.V.)
ENETS Office
Langenbeck Virchow Haus
Luisenstr 58/59
10117 Berlin, Germany
E-Mail: info@enets.org
The responsible party is the natural or legal person who, alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
We have appointed a data protection officer, who you can contact using the following contact details if you have any questions:
CURACON Auditing Company GmbH
Am Mittelhafen
48155 Münster
Tel.: +49 (0)251 922 08 0
E-Mail: Datenschutz@curacon.de
C. Purpose of processing
ENETS processes personal data in accordance with the provisions of the EU Data Protection Basic Regulation GDPR (in German: DSGVO) and the German Federal Data Protection Act (BDSG)
a) For the fulfilment of contractual obligations [Art. 6 Abs. 1 lit. b) DSGVO/GDPR] – the processing of personal data takes place to safeguard the rights and obligations of our members, such as the payment of membership fees and regular contact via email to update you on ENETS and current topics in the field of neuroendocrinology. Furthermore, ENETS processes event participants’ personal data in order to facilitate onsite registration and answer any inquiries prior to the event, as well as to verify incoming payments.
b) For reasons of legitimate interest [Art. 6 Abs. 1 lit. f) DSGVO/GDPR] – If necessary, ENETS may collect the addresses or email addresses of experts, who are necessary for initial contact and correspondence as part of our continuing education offers. ENETS only uses non-sensitive and publicly accessible data of all data subjects.
c) With your consent [Art. 6 Abs. 1 lit. a) DSGVO/GDPR] – ENETS will only process your personal data for specific purposes if the data subject has given consent to their data being processed. The data subject can withdraw their consent at any time by contacting ENETS Office at info@enets.org.
ENETS processes personal data in accordance with the provisions of the EU Data Protection Basic Regulation GDPR (in German: DSGVO) and the Federal Data Protection Act (BDSG)
a) For the fulfilment of contractual obligations [Art. 6 Abs. 1 lit. b) DSGVO/GDPR] – the processing of personal data takes place to safeguard the rights and obligations of our members, such as the payment of membership fees and regular contact via email to update you on ENETS and current topics in the field of neuroendocrinology. Furthermore, ENETS processes event participants’ personal data in order to facilitate onsite registration and answer any inquiries prior to the event, as well as to verify incoming payments.
b) For reasons of legitimate interest [Art. 6 Abs. 1 lit. f) DSGVO/GDPR] – If necessary, ENETS may collect the addresses or email addresses of experts, who are necessary for initial contact and correspondence as part of our continuing education offers. ENETS only uses non-sensitive and publicly accessible data of all data subjects.
c) With your consent [Art. 6 Abs. 1 lit. a) DSGVO/GDPR] – ENETS will only process your personal data for specific purposes if the data subject has given consent to their data being processed. The data subject can withdraw their consent at any time by contacting ENETS Office at info@enets.org.
D. Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in "server log files". These are:
- Browser type and browser version
- The operating system used
- Referrer URL
- Host name of the accessing computer
- Time of the server request
- IP address.
This data will not be combined with data from other sources. The basis for data processing is Art. 6 (1) (b) DSGVO/GDPR, which allows the processing of data to fulfil a contract or for measures preliminary to a contract.
E. Access to your personal data
Only ENETS staff members have access to your personal data provided it is necessary for ENETS to fulfil its contractual and legal obligations. ENETS external service providers may also receive data for specific purposes. All the above-mentioned persons are contractually obliged to comply with the requirements of the GDPR and all other data protection relevant regulations.
F. Recipients or categories of recipients of personal data
Your data will only be used so that ENETS can fulfil its contractual obligations and statutory duty or in cases where it is necessary for its internal organisation (for IT or business purposes). ENETS will take reasonable steps to ensure that your personal data is handled in compliance with statutory requirements. Only ENETS staff members will process your personal data. All ENETS staff members are required to handle your data confidentially and know how to handle your personal data.
Your personal data will not be forwarded to a third party (to any party outside of ENETS) except in cases where you have already provided consent or where there is a solid legal basis.
The following groups of recipients are subject to statutory obligation: Public authorities, supervisory authorities and supervisory bodies, e.g. tax authorities, jurisdiction authorities and law enforcement, e.g. police, public prosecutor’s office, courts, lawyers, attorneys, solicitors and notaries, e.g. in insolvency proceedings: tax advisors and auditors.
Moreover, ENETS employs several service providers (processors in accordance with Article 28 of the General Data Protection Regulation (GDPR)), who are contractually bound to GDPR requirements and who are monitored for compliance. Such providers include IT contractors, billing software, telecommunications, sales, and marketing consultants. Service providers may only process personal data in accordance with ENETS’ instructions and shall use the data for these purposes only.
Except in cases where confidential information is disclosed to service partners such as logistic service providers – in such cases, the logistic service providers will receive all necessary data for independent use. ENETS restricts itself to delivering only the necessary data.
The transfer of personal data to third countries or international organisations in principle does not apply. In individual cases, however, we use selected service providers based in the USA or other safe third countries. In this context, secure means that we only transfer data to countries for which the EU Commission has positively determined that the country-specific level of data protection in the USA corresponds to that of the European Union on the basis of GDPR.
Should a transfer to other third countries or international organizations become necessary in exceptional cases, we ensure that suitable guarantees have been implemented with the corresponding recipients in accordance with Art. 45 GDPR. We would like to emphasise that we have agreed with our service providers on EU data protection regulations and standard contracts approved by a supervisory authority and have continued to take additional measures to secure personal data as well.
G. Cookies
Some of our webpages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called "session cookies." They are automatically deleted after your visit. Other cookies remain in your device's memory until you delete them. These cookies make it possible to recognise your browser when you next visit the site.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter of DSGVO/GDPR. The website operator has a legitimate interest in the storage of cookies to ensure an optimised service provided free of technical errors. If other cookies (such as those used to analyse your surfing behaviour) are also stored, they will be treated separately in this privacy policy.
H. Registration
You can register on our website in order to access the additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will be unable to accept your registration.
To inform you about important changes, such as those within the scope of our site or technical changes, we will use the email address specified during registration.
We will process the data provided during registration only based on your consent per Art. 6 (1)(a) DSGVO/GDPR. You may revoke your consent at any time with future effect. An informal email request is sufficient. Any data processed before we receive your request may still be legally processed.
We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.
I. Contact form
If you contact us via the contact form, any data you provide will be processed according to Art. 6 paragraph 1 lit. b DSGVO/GDPR. We require at least the following set of data to contact you:
- Family name
- First name
- Your Message.
User data may be stored in a customer relation management (CRM) system or a similar system. We will delete all data if the purpose for its storage no longer pertains; data clean-ups will be performed every two years. Mandatory data retention periods remain unaffected by this provision.
J. Data processing in connection with conferences
For virtual, hybrid and physical conferences, ENETS may contract service partners, who on their side contract technical partners providing the platform and technical services.
Our service providers within the framework of the organisation of the 22nd Annual ENETS Conference in 2025 are:
Business Service Galop
Located in Katowice, Poland, (40-164), Ordona Street 7, flat XIV,
Entered into the Register of Economic Activity led by the President of Katowice, under the number 75901, NIP: 6340130006, REGON: 278281124
Poland
AI ANTWORT: INTERNET GmbH
Agentur für digitale Business-Lösungen
Wielandstr. 43
D-10625 Berlin
Germany
The participant registration page is operated by our service provider Business Service Galop.
Conference Registration
During registration, personal data (e.g., name, address, contact information, etc.), as well as detailed data required for processing (e.g., desired type of registration, type of participant, additional booking options) are collected; in addition, payment information (account details, credit card details) may be requested under certain circumstances (and depending on the options selected). If applicable, statistical data such as profession, field of study, etc. will also be collected.
Video Meeting platforms
For webinar, conference and advisory board or task force/working group purposes, ENETS uses Zoom or Microsoft Teams. Both platforms use their own tracking system, which is beyond ENETS’ responsibility. For more information, please look at the respective privacy policies:
- Zoom: https://zoom.us/privacy
- Microsoft Teams: https://www.microsoft.com/en-us/microsoft-365/blog/2020/04/06/it-professionals-privacy-security-microsoft-teams/
Third Parties
Connected to the virtual conference platform and its virtual meeting rooms, there are also subpages from supporters of the conference. These pages fall completely within the responsibility of the respective company. ENETS takes no responsibility for the content as well as potential links to other websites which might be offered there.
ENETS will not share any personal data with such companies unless required by national law, e.g. for compliance reasons.
K. Vimeo videos
For webinar purposes, ENETS uses VIMEO as an embedded iframe on myENETS. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA. Vimeo Video is a component of the video platform of Vimeo, LLC, on which users can upload content, share it over the Internet and receive detailed statistics. Vimeo Video enables us to integrate content from the platform into our website.
When you visit one of our pages featuring a Vimeo video, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. Vimeo also obtains your IP address. This also applies if you are not logged in to Vimeo or do not have a Vimeo account.
If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your Vimeo account.
Vimeo uses cookies or comparable recognition technologies (e.g. device fingerprinting) to recognise website visitors.
Vimeo Video also uses cookies and other browser technologies to evaluate user behaviour, recognise users and create user profiles. This information is used, among other things, to analyse the activity of the content listened to and to create reports.
The use of Vimeo is in the interest of an appealing presentation of our online offers.
If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and § 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission and, according to Vimeo, on “legitimate business interests”.
The specific storage period of the processed data cannot be influenced by us, but is determined by Vimeo, LLC. Further information can be found in the privacy policy for Vimeo Video: https://vimeo.com/privacy.
L. Our website’s use of Facebook and LinkedIn
The Social Media Buttons used on our websites – which conform to all data protection regulations – create
a direct connection to the relevant social network. If you click on one of the buttons mentioned above, you will be redirected to the respective website, and you will leave ENETS’ websites. Through this process, any of these social media companies can associate your visit to our website with your account. We advise you that as the provider of this site, we have no knowledge of the data transferred or Facebook’s, LinkedIn’s, and X’s use of those data. Further information is available on each respective social media service provider’s data protection statement.
M. Google Analytics
This website uses Google Analytics, a web analytics service. It is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google Analytics cookies are stored based on your consent Art. 6 (1) (a) DSGVO/GDPR, which we confirm via the consent banner.
IP anonymisation
We have activated the IP anonymisation feature on this website. Your IP address will be shortened by Google within the European Union or other parties to the Agreement on the European Economic Area prior to transmission to the United States. Only in exceptional cases will the full IP address be sent to a Google server in the US and shortened there. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports on website activity, and to provide other services regarding website activity and internet usage for the website operator. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google.
Demographic data collection by Google Analytics
This website uses Google Analytics' demographic features. This allows reports to be generated containing statements about the age, gender, and interests of site visitors. This data comes from interest-based advertising from Google and third-party visitor data. This collected data cannot be attributed to any specific individual person. You can disable this feature at any time by adjusting the ads settings in your Google account or you can forbid the collection of your data by Google Analytics as described in the section "refusal of data collection".
Objecting to the collection of data
You can prevent the collection of your data by Google Analytics by clicking on the following link. An opt-out cookie will be set to prevent your data from being collected on future visits to this site.
For more information about how Google Analytics handles user data, see Google's privacy policy: https://support.google.com/analytics/answer/6004245?hl=en.
N. Payment methods
If you enter into a contract which requires you to send us your payment information (e.g. account number for direct debits), we will require this data to process your payment. Data processing in connection with payment is based on your consent in accordance with Art. 6 (1) (a) DSGVO/GDPR or on the basis of a contractual relationship per Art. 6 (1) (b) DSGVO/GDPR.
Payment transactions are only made via encrypted SSL or TLS connections. In the case of encrypted communication, any payment details you submit to us cannot be read by third parties.
Unzer
You have the option of transferring the payment to ENETS using the payment service provider Unzer. In this case, your data will be passed on to Unzer GmbH, Vangerowstraße 18, 69115 Heidelberg, as part of the transaction processing. The transfer takes place on the basis of your consent in accordance with Art. 6 (1) (a) DSGVO/GDPR and only insofar as this is necessary for the payment processing. You can object to this processing of your data at any time by sending a message to Unzer. Further information on your data processing by the payment service provider Unzer can be found here: https://www.unzer.com/en/datenschutz#datenschutzhinweise-gem-art-1314-und-21-dsgvo
PayPal
You have the option of transferring the payment to ENETS using the payment service provider PayPal (Europe) S. à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg RCS Luxembourg B 118 349. Further information on data processing by provider PayPal can be found here: https://www.paypal.com/us/legalhub/privacy-full
imoje
On the conference registration website, payments can be made via the service provider ING Bank Śląski S.A., Sokolska 34, 40-086 Katowice, Poland. For more information, please read the privacy policy statement: https://data.imoje.pl/docs/en/imoje_information_of_the_personal_data_controller.pdf.
If you select payment via imoje, the payment data you entered will be transmitted to ING Bank Śląski S.A. ING Bank Śląski S.A. processes personal information only when there is a valid legal ground to do so. The bank processes your personal data to provide services such as maintaining your account, executing transactions, contacting you regarding the performance of agreements, and sending marketing information, including newsletters.
ING Bank Śląski S.A. may seek your explicit consent where the applicable laws require us to do so.
There can be additional legal grounds for processing personal information in some countries. This depends on applicable law and the products and services offered to you.
The User has the right to access and modify their personal data at any time, as well as to request the Administrator to immediately delete them ("right to be forgotten").
Requests regarding the processing of personal data can be submitted via email to the data protection officer at: abi@ing.pl.
Please note that the payment service provider is obliged by the laws on the prevention of the use of the financial system for the purposes of money laundering and financing of terrorism, to store your personal data even in the event of revocation.
You have the right to lodge a complaint with the supervisory authority responsible for data protection, which is the President of the Personal Data Protection Office.
Payments via bank transfer
Conference participants will also have the option to make a direct bank transfer directly to Business Service Galop.
O. Interactive map
On our website, you have the option of searching for our Centers of Excellence (CoE) using an interactive map service from OpenStreetMap. To use the service, you must first give your consent per Art. 6 (1) (a) DSGVO/GDPR to the use of the service via an upstream button. In this case, your data will be processed via other servers within the EEA. In this respect, please note the terms of use and the privacy policy (https://www.fossgis.de/datenschutzerkl%C3%A4rung/) of OpenStreetMap as this provider may also stores cookies in your browser.
P. Data storage duration:
ENETS processes and stores your personal information providing it is necessary for the fulfilment of its contractual and legal obligations. Data that is no longer required for the fulfilment of contractual or legal obligations will be deleted on a regular basis. ENETS distinguishes between the various groups of affected persons accordingly:
1. Members: ENETS processes and stores your personal information such as title, first name and surname, address, telephone number, fax, and email address as well as account data providing it is necessary for the fulfilment of its contractual and legal obligations. Membership data shall be kept for ten years from the date of the last invoice in order to comply with statutory requirements. Since invoice documents are electronically assigned to the respective master data record, the corresponding data record must also be retained for ten years.
Personal data of members who become functionaries in ENETS committees will be displayed on the website (portrait photo, title, first name and surname and short biography). Committee members may object to the use of their personal data.
2. Customers: ENETS processes and stores your personal information (first name and surname, email, job title, pseudonymised account data) providing it is necessary for the fulfilment of its contractual and legal obligations.
3. Conference participants: Participant master data (such as title, first name and surname, address, telephone number, fax, and email address as well as account data) is stored for ten years from the date of the last invoice to comply with statutory requirements [§ 257 (1) Nr. 1 and Nr. 4 HGB]. Since invoice documents are electronically assigned to the respective master data record, the corresponding data record must also be retained for ten years. If the participant indicates during his online registration that he would not like to receive future information on ENETS events, the data set will be deleted upon individual request.
4. Learners/UEMS accredited e-learning: Credentials and results of webinar tests, for which UEMS training credits are awarded, will be kept or stored for one year after the course accreditation expires. Thereafter the data will be deleted.
5. Applicants - grant applications: Data and documents pertaining to grant applications (title, first name and surname, address, telephone number, fax and e-mail address as well as account data, names and institutions of co-authors, address of your institution) will be kept or stored for ten years.
6. Applicants - conference abstract applications: Data and documents pertaining to conference abstract applications (title, first and last name, address, telephone number, fax, and email address as well as account data, names and institutions of co-authors, address of your institution) will be kept and stored for ten years.
Data sets of conference abstracts will be made available to members and customers in the form of Portable Document Format files (PDF) in the ENETS Media Library and will only be deleted upon request.
Q. Rights and obligations
You may request insight into your personal data and/or revoke your consent to the processing of personal data at any time. This also applies to the revocation of declarations of consent that were issued to ENETS prior to the validity of the EU General Data Protection Regulation, i.e. before 25 May 2018. Please note that the revocation will only take effect in the future. Any processing that occurred before the revocation is not affected.
You also have certain data subject rights, which include:
- The right to obtain confirmation from ENETS as to whether or not your personal data is being processed. If that is the case, you have access to your personal data.
- You may request ENETS to rectify (correct) incorrect or inaccurate personal data. Incomplete data is to be completed taking the purposes of the processing into account.
- In certain circumstances, you may request ENETS to delete your personal data. If the conditions are met, we have the obligation to delete your personal data without undue delay.
- You have the right to request ENETS to restrict how your data is processed. In such cases, ENETS will not delete your data but will restrict how this data will be processed.
- You have the right to receive your personal data (which you have provided to ENETS) in a structured, commonly used, and machine-readable format. Under certain conditions, you also have the right to transmit this data to another controller without hindrance from ENETS.
- You have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data has infringed the data protection laws.
The data protection supervisory authority responsible for ENETS is:
Berliner Beauftragte für Datenschutz und Informationsfreiheit
Altmoabit 59-61
10555 Berlin
Tel.: +49 30 13889-0
E-Mail: [email protected]
Website: https://www.datenschutz-berlin.de
Please note that it is necessary for ENETS to ensure that any information or data to be provided should not be disclosed to unauthorised third parties. In order to confirm the identity of the customer, ENETS can and will request additional information according to paragraph 6 of Article 12 of the GDPR. As part of the membership or business relationship, you must provide the personal information necessary to enter into a business relationship so that ENETS can fulfil its contractual and legal obligations. Without this data, ENETS will in general will be unable to execute the order; additionally, ENETS will be unable to complete an existing contract and will possibly have to terminate it.
This website uses the open source web analytics service Matomo.
With the help of Matomo, we are able to collect and analyze data about the use of our website by website visitors. This allows us to find out, among other things, when which page views were made and from which region they came. We also collect various log files (e.g. IP address, referrer, browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its web offering and its advertising. We use Matomo as follows:
- IP anonymisation
When analysing with Matomo, we use IP anonymisation. In this case, your IP address is shortened before analysis so that it can no longer be clearly assigned to you. - Cookieless analysis
We have configured Matomo so that it does not store cookies in your browser. - Local integration
We host Matomo exclusively on our own servers, so that all analysis data remains with us and is not passed on.
If you have any questions to the privacy policy, please send an email or mail to the ENETS Office info@enets.org or to the above address.
Thank you for your continued trust and support.
Best regards,
ENETS Office