Documents under Public Review

Duty to inform pursuant to Art. 12, 13 and 14 GDPR
– Public Review Process –

1. Body responsible for processing the data

European Network of Forensic Science Institutes (ENFSI) e.V.
Bundeskriminalamt KT-AS
Äppelallee 45
65173 Wiesbaden
Germany
Phone +49 611 55 16660
Mail: secretariat@enfsi.eu
Board members: Michael Bovens, Pinelopi Miniati, Dorijan Kerzan, Yalcin Büyük, Pavel Kolar, Stefan Becker

You can reach our data protection officer at the above mentioned address with the addition -data protection officer- or under:
datenschutz@enfsi.eu
Contact details are also available on the internet at www.enfsi.eu.

2. Categories of data processed and their origin

The categories of personal data processed include:
ž Master data (name, first name, title)
ž Contact details (e-mail-address)
ž Other data that may arise in the context of the public review process and the mutual exchange of information e.g. profession, specialist skills and data that you yourself have entered or stored in our systems and media.
Your personal data is usually collected directly from you.

3. Purpose and legal basis of the processing of personal data

On our homepage www.enfsi.eu we publish scientific papers in connection with a public review process. We give you the opportunity to download the documents and then contact us for any comments. The process serves to secure and develop scientific standards. We process the data collected in this process because of our legitimate interest (GDPR art. 6 (1)(f)) in promoting science and research in the field of forensic sciences.
In addition, our legitimate interests lie in ensuring compliance regulations and in avoiding damage to the association in the course of the entire process.
If you have consented to the processing of your data, the primary legal basis is GDPR art. 6 (1)(a).

4. Passing on of personal data

Within our association, only those persons and bodies will receive your personal data that they need to review your comments and to further develop the documents.
Furthermore we partly use external service providers (e.g. IT service provider, web designer, print service provider).
In individual cases it may happen that we publish data agreed with you regarding your comments on a document on our homepage www.enfsi.eu.

5. Transfer of personal data to a third country

If we transfer personal data to service providers outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission as having an adequate level of data protection or if other appropriate data protection guarantees (e.g. binding internal company data protection regulations or EU standard contract clauses) exist.

6. Data subject´s rights to information

You can request information about your personal data at the a.m. address. In addition, you can, under certain circumstances, request the correction or deletion of your data. You may also have a right to restrict the processing of your data and a right to have the data you provided released in a structured, common and machine-readable format.

7. Right to appeal

You have the right to complain to a data protection supervisory authority. The data protection supervisory authority responsible for us is:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 3163
65021 Wiesbaden
Germany

8. Right of withdrawal of consent

You have the right to revoke your consent to the processing of data at any time, GDPR art. 7 para. 3. In the event of revocation, we will immediately delete the data concerned, unless further processing cannot be based on a legal basis for processing. Revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until revocation.

9. Right to object

If your data are processed on the basis of legitimate interests (GDPR art. 6 (1)(f)), you can object to this processing at any time. We will no longer process the personal data unless we can base the processing on another legal basis or demonstrate compelling reasons for processing worthy of protection that outweigh the interests, rights and freedoms of your person, or unless the processing serves to assert, exercise or defend legal claims.

10. Data storage duration

We delete your personal data as soon as they are no longer required for the above-mentioned purposes and respecting the legal proof and retention periods, which are regulated, among others, in the Commercial Code and the Fiscal Code. The storage periods are up to ten years. In addition, personal data may be retained for the time during which claims can be made against us (statutory limitation period of three to thirty years).

11. Profiling / Scoring

For the purposes described above, we do not use automated processing to make a decision – including profiling -.

Document NameDeadline for CommentsFurther InstructionsDocumentComment Template
DNA Contamination Minimization Guideline For DNA Laboratories20th May 2023, 13:00 CETPlease fill out the comment template and send it to secretariat@enfsi.eu for evaluation.ENFSI Contamination Minimization Guideline 18 04 2023 (1)ENFSI template for comments
Guideline: DNA Database Management Review and Recommendations6th June 2023, 16:00 CETPlease fill out the comment template and send it to secretariat@enfsi.eu for evaluation.Guideline: DNA Database Management Review and RecommendationsENFSI template for comments