Privacy Policy

Controller (Art. 4(7) GDPR)
Infinite Science GmbH, Maria-Goeppert-Str. 1, 23562 Lübeck, Germany
Email: info@infinite-science.de, Phone: +49 (0) 451 5853 2903
(Further mandatory information can be found in the legal notice.)

Scope
These notices apply to our conference websites and their linked subpages. For the conference portal with ticket shop (login area, Stripe payments), the additional notices displayed there also apply.

1. Hosting, server logs, and security

When you access our pages, the server automatically processes log data (IP address, date/time, URL/referrer, user agent). Purpose: operation, stability, and IT security (e.g., defense against attacks). Legal basis: Art. 6(1)(f) GDPR.
Retention: typically 7 days; longer in the event of security-relevant incidents.
Our pages use TLS/HTTPS.

2. Cookies & similar technologies (CMP)

We use a consent management platform (CMP). We set technically necessary cookies/technologies without consent; all others (e.g., statistics/analytics, external media such as YouTube/Vimeo, maps) only after you give consent. Legal bases:

  • Storage/access on end devices: Section 25(1) of the German TDDDG (consent); exceptions for strictly necessary technologies: Section 25(2) TDDDG.
  • Further processing of personal data: depending on purpose, Art. 6(1)(a) GDPR (consent) or Art. 6(1)(f) GDPR (legitimate interests).

You can change your selection at any time via the cookie settings (link in the footer).

Our CMP categories:

  • Necessary (e.g., session/CSRF cookies, consent storage) – no consent required.
  • Statistics/Analytics (e.g., Google Analytics 4) – consent required.
  • External media (e.g., YouTube/Vimeo) – consent required.
  • Maps (Google Maps) – consent required.
    (The specific list of cookies/hosts/retention periods is shown in the CMP’s cookie overview.)
3. Web analytics with Google Analytics 4 (GA4)

We use Google Analytics 4 to analyze and improve use of our website.
Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (with possible transfer to Google LLC/USA).
Legal basis: your consent (Art. 6(1)(a) GDPR; Section 25(1) TDDDG).
Data processing: pseudonymous usage data (e.g., page views, interactions, device type, where applicable coarse location data). GA4 does not store IP addresses; IPs of EU users are discarded before logging.
Retention in GA4: 2 or 14 months (property setting); aggregated standard reports are unaffected.
Third-country transfers: Transfers to the USA are based (depending on provider status) on the EU–US Data Privacy Framework (DPF) adequacy decision and/or the EU Standard Contractual Clauses (SCCs).
Further information from Google: Privacy Policy & Frameworks.

Withdrawal/opt-out: You can disable GA4 at any time via the cookie settings.

4. Third-party content only after consent

4.1 YouTube & Vimeo

Pages may embed content from YouTube (provider: Google Ireland Limited) or Vimeo (provider: Vimeo.com, Inc., USA). Content is loaded only after your active consent (“click to load”). Upon activation, your IP address, device/usage data and, where applicable, cookie IDs are transmitted to and processed by the respective provider. Legal basis: Art. 6(1)(a) GDPR; Section 25(1) TDDDG.
Transfers to the USA by YouTube/Google and Vimeo rely—where certified—on the EU–US DPF; otherwise SCCs apply.

4.2 Google Maps

Map services (Google Maps) are loaded only after your consent. When loading the map, Google processes, among other things, your IP address and usage data; provider is Google Ireland Limited (with possible transfer to Google LLC/USA). Legal basis: Art. 6(1)(a) GDPR; Section 25(1) TDDDG.
For information on data use/linkages in the EEA, see Google’s Business Safety & Maps resources.

5. Online forms

When using our online forms (e.g., contact forms or submission/abstract forms), we process the data you provide (e.g., name, email, institution, content/files) to handle your request or to manage the abstract/submission process.
Legal basis: depending on purpose, Art. 6(1)(b) GDPR (pre-contractual/contractual communication) or Art. 6(1)(f) GDPR (general inquiries).
Retention: until your request is fully handled; for submissions in accordance with conference deadlines and any documentation/record-keeping obligations.

6. Images, copyright & personality rights

Images/graphics on our pages originate from Adobe Stock or from individual photographers; attributions are provided next to the image or in a credits section.
Where images depict identifiable individuals, publication is based on consent (Art. 6(1)(a) GDPR) or on the applicable copyright/personality provisions (e.g., Sections 22, 23 KUG – German Art Copyright Act). Rights to withdraw consent remain unaffected.

7. Conference portal & ticket shop (login, Stripe payments)

For registration, ticket purchases and management, we use a conference portal behind a login. Depending on the process, we process:
Identification and contact data (name, email, billing address where applicable), ticket/order data, payment information.
Legal basis: Art. 6(1)(b) GDPR (contract/order), Art. 6(1)(c) GDPR (statutory retention under tax/commercial law).

Payment processing with Stripe
Provider: Stripe (including Stripe Payments Europe, Ltd., Ireland; Stripe, Inc., USA). Stripe uses technically necessary cookies/technologies for payment processing; these are required for performance of the contract (no separate CMP in the portal). Legal bases: Section 25(2) TDDDG (strictly necessary) in conjunction with Art. 6(1)(b) GDPR.
International transfers: Stripe is DPF-certified for the USA; Stripe also uses SCCs as a transfer mechanism. See Stripe’s Privacy/DPF notices for details.

Retention in the ticket/billing area: in accordance with legal obligations (generally 6–10 years for tax-relevant records).

8. Processors & recipients

We use service providers for operation, hosting, analytics and payment processing (e.g., hosting providers, CMP provider, Google for GA4/YouTube/Maps, Vimeo, Stripe). We have Art. 28 GDPR agreements with providers acting as processors. International transfers are based on the EU–US DPF (where the recipient is certified) and/or the EU Standard Contractual Clauses (SCCs).

9. Legal bases at a glance
  • Website operation/IT security/log files: Art. 6(1)(f) GDPR
  • Cookies/end-device access: Section 25(1) TDDDG (consent); exceptions Section 25(2) TDDDG (strictly necessary)
  • Forms (contact/submissions): Art. 6(1)(b)/(f) GDPR
  • Analytics/external media/maps: Art. 6(1)(a) GDPR (each revocable)
  • Tickets/payments/accounting: Art. 6(1)(b), (c) GDPR
10. Obligation to provide data / consequences of not providing data

For ticket purchases/registration, certain information is required. Without this data, participation or billing is not possible. Providing consents (analytics/external media/maps) is voluntary; some functions may be restricted without consent.

11. Your rights (Art. 15–21 GDPR)

You have the rights to access, rectification, erasure, restriction of processing, data portability, and to object to processing based on Art. 6(1)(f) GDPR. You can withdraw consents at any time with effect for the future (in particular via the cookie settings).

Right to lodge a complaint (Art. 77 GDPR)
You can lodge a complaint with a data protection supervisory authority. For example, the Independent Centre for Privacy Protection Schleswig-Holstein (ULD), or another authority at your place of residence or work.

12. Changes

We update these privacy notices when technology, providers, or the legal situation changes. The current version is available here.

Last updated: 22 October 2025

Annex: Transparency on international data transfers
  • EU–US Data Privacy Framework (DPF): The European Commission adopted an adequacy decision on 10 July 2023; the General Court of the EU confirmed the decision on 3 September 2025 (Case T-553/23 – Latombe v. Commission).
  • Standard Contractual Clauses (SCCs): Commission Decision (EU) 2021/914.
  • GA4 – IP addresses: Google Analytics 4 does not log IP addresses of EU users; additional EU controls are available.
  • Stripe – DPF certification: see Stripe’s Privacy/DPF documentation.
© 2025 Infinite Science GmbH
Cookie Settings
X

We are using cookies.

We are using cookies on this web page. Some of them are required to run this page, some are useful to provide you the best web experience.

I accept

Individual Cookie Settings

Only accept required cookies.

Privacy Notes Imprint

X

Privacy settings

Here is an overview of all cookies use

Required Cookies

These cookies are needed to let the basic page functionallity work correctly.

Show Cookie Informationen

Hide Cookie Information

TYPO3 System Cookies

Diese Cookies ermöglichen grundlegende Funktionen, die für die einwandfreie Nutzung der Website erforderlich sind.

Provider:TYPO3
Cookiename:be_*, fe_*
Runtime:Dauer der Session

Cookies for external Content

Content for Videoplatforms und Social Media Platforms will be disabled automaticly. To see content from external sources, you need to enable it in the cookie settings.

Show Cookie Informationen

Hide Cookie Information

Google Maps

Wird benutzt, um das Einbinden interaktiver Karten auf der Website zu ermöglichen.

Provider:Google Inc.
Cookiename:1P_JAR, _Secure, APISID, CGIC, CONSENT, DV, HSID, NID, OTZ, PAIDCONTENT, SAPISID, SEARCH_SAMESITE, SIDCC, SID, SNID, SSID
Runtime:365 Tage
Privacy source url:https://policies.google.com/privacy
Host:google.com, maps.google.com

Save

BackOnly accept required cookies.

Privacy Notes Imprint

Legal Notice Privacy Policy Sitemap
Login / Registration
 Link to Registration