Privacy notice
Declaration of consent and privacy notice on the processing of personal data in the context of FPCUP – Framework Partnership Agreement for Copernicus User Uptake (final event 2025)
I. Declaration of consent to process personal data
The German Aerospace Center (DLR) takes the protection of your personal data very seriously. The intended processing of your personal data for the purpose of the registration for the FPCUP final event, participation in surveys, publication of photographs, audio and video recordings, and publication of your session contribution [only for speakers] requires your prior given consent as the legal basis.
I consent that DLR is entitled to process the described personal data only for the above-mentioned purposes.
In order to enable you to make a transparent decision, we would like to inform you about how DLR processes your personal data with the following privacy notice.
I. Privacy notice
In accordance with the EU General Data Protection Regulation (GDPR) applicable from 25 May 2018, this privacy notice informs you about the processing activities of your personal data by DLR and about your data subject rights. These notices may be updated as necessary and will be made available to you.
1. Controller and Data Protection Officer
Controller within the meaning of the GDPR is the
German Aerospace Center (DLR)
Linder Höhe, 51147 Cologne
Phone: +49 2203 601-0, web: https://www.dlr.de
You can contact the DLR Data Protection Officer at:
DLR Data Protection Officer, Linder Höhe, 51147 Cologne,
Email: datenschutz@dlr.de
2. Purpose of the processing activities
The purpose of the processing is the FPCUP final event.
3. Data categories
The following personal data are processed within the scope of the processing activity:
Name, e-mail address, affiliation, nationality
4. Legal basis of the processing activities
If personal data of DLR employees is processed to fulfil business obligations, the legal basis for processing is Section 26 of the German Federal Data Protection Act (BDSG).
If the processing is based on a declaration of consent, the legal basis for the processing is Art. 6 (1) (a) GDPR
If the processing is based on a contract or a similar relationship with you, the legal basis for the processing is Art. 6 (1) (b) GDPR.
If the processing is based on a legitimate interest of DLR, the legal basis of the processing is Art. 6 (1) (f) GDPR.].
5. Categories of recipients
Personal data is regularly disclosed internally only to the departments that have been entrusted with the processing. In this connection, it shall always be assessed whether the transfer is necessary to that effect. Your data will only be passed on if confidentiality is maintained and only to the extent permitted by a legal basis.
Your data will be passed to the European Commission for the access registration to the venue.
6. Data retention period
The personal data will only be processed as long as necessary.
In addition, storage may take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject.
7. Data subjects’ rights
You have the following rights vis-à-vis DLR with regard to the personal data concerning you. In order to exercise these rights, please contact the office indicated in section 1.
Please note that in the context of scientific and research purposes in accordance with Section 27 (2) BDSG, there may be restrictions on the right of access, the right to rectification, the right to restriction of processing, the right to object and, in accordance with Art. 17 (3) (d) GDPR, exceptions to the right to erasure, in so far as these rights is likely to render impossible or seriously impair the achievement of the objectives of that processing.
· Right of access - Art. 15 GDPR
The right of access grants the data subject comprehensive insight into the data concerning him or her and into other important criteria, such as the purposes of the processing or the period for which the data shall be stored. The derogations of this right laid down in Sect. 34 BDSG are applicable.
· Right of rectification - Art. 16 GDPR
The right to rectification implies the possibility for the data subject to have inaccurate personal data concerning him or her rectified.
· Right to erasure - Art. 17 GDPR
The right to erasure entails the possibility for the data subjects to have data erased at the controller. This is, however, only possible if the data concerning him or her are no longer necessary, if they have been unlawfully processed, or a corresponding consent has been withdrawn. The derogations laid down in Sect. 35 BDSG are applicable.
· Right to restriction of processing - Art. 18 GDPR
The right to restriction of processing includes the possibility for the data subject to prevent for the time being any further processing of personal data concerning him or her. A restriction mainly occurs at the stage of examining other exercises of rights by the data subject.
· Right to data portability - Art. 20 GDPR
The right to data portability implies the right for the data subject to receive from the controller the personal data concerning him or her in a commonly used, machine-readable format in order to have them, if necessary, transferred to another controller. In accordance with Art. 20 para. 3 sentence 2 of the GDPR, that right is not available if the data processing serves the purpose of performing public tasks.
· Right to object - Art. 21 GDPR
The right to object includes the possibility for data subjects to object, in a particular situation, to the further processing of their personal data as far as this processing is justified by the performance of public tasks or of public and private interests. The derogations laid down in Sect. 36 BDSG are applicable.
· Withdrawal of consent
Data subjects have the option to withdrawal their data protection consent at any time with effect for the future.
· Complaint to a supervisory authority - Art. 77 GDPR
Every data subject has the right to lodge a complaint with a supervisory authority. As a rule, the supervisory authority of your usual place of residence or workplace or the registered office of the person responsible is available for this purpose.
8. Provision of personal data
There is no obligation to provide personal data. Where these data are not provided either completely or in part, the processing is not possible or is only possible to a limited extent. This shall not apply to such data that we process within the scope of consent.
9. Automated decision making
Automated decision-making does not take place.
