Data protection and privacy policy: Charité’s Twitter presence

The controller responsible for the processing of your personal data as described in detail in Sec. 3 below, as defined in Article 4(7) GDPR, is

Charité – Universitätsmedizin Berlin, represented by Prof. Heyo K. Kroemer, Chief Executive Officer of Charité,
Charitéplatz 1, 10117 Berlin, Germany
T: +49 (0) 30 450 50 (also referred to in this text as “we” or “us”).

We are not the controller responsible for the processing of personal data that occurs when you visit the Twitter site. When you do this, Twitter processes information including your IP address and further information stored in the form of cookies on your device or in your browser. Twitter is the sole controller responsible for this for data protection and privacy law purposes. Charité has no influence over the nature or scope of the data processed by Twitter, the nature of processing, or the disclosure of these data to third parties.

Which information Twitter processes, how, and for what purposes is described in Twitter’s privacy policy. You can also consult this policy for information on ways to contact Twitter. The privacy policy is available at https://twitter.com/en/privacy. For further information, such as information on the cookies Twitter uses, please visit https://help.twitter.com/en/rules-and-policies/x-cookies.

You can reach our data protection officer by e-mail at datenschutzbeauftragte(at)charite.de or by postal mail at the above address, adding “An die Datenschutzbeauftragte” (“Attn.: Data Protection Officer").

If you respond to or retweet one of our tweets or quote one of our tweets in your own tweet or otherwise respond to any of our tweets, we process your personal data. This includes but is not limited to your Twitter username, the link to your Twitter profile, the nature and content of your post on Twitter, and the relevant metadata (particularly the time at which you have tweeted a post, for example). If you also follow our Twitter account, we process that information as well. If you contact us using Twitter’s tweet or messaging function, the data transferred in this context and relevant metadata are also processed by us. Please note that Twitter also processes these data as a controller for purposes of data protection and privacy law in its own right.

We process the data concerning you as outlined above for the purpose of, and in our interest in, targeted and balanced public relations work. The aim of our Twitter presence is to provide our users with information about research topics. This is especially true with regard to those persons who primarily get their information from social networks. On the other hand, we also aim to give you the opportunity to express your opinion through activities and responses to our tweets, thereby supporting and promoting the process of public formation of opinions. The legal basis is point (f) of Article 6(1) GDPR.

The data mentioned above may also be transferred by Twitter to countries outside the European Economic Area (EEA). According to information from Twitter, the lawfulness of this transfer to what are known as “third countries” is ensured through the EU standard contractual clauses.

The data remain visible on Twitter, and thus are stored, until your Twitter profile is deleted or the relevant data, such as the individual post, are erased.

We use the Facelift tool from processor Facelift brandbuilding technologies GmbH, Gerhofstr. 19, 20354 Hamburg, Germany, to be able to manage our social media channels more easily. You can find the Facelift data privacy policy here: https://facelift-bbt.com/en/data-protection.

Facelift serves primarily to make it easier to manage all the social media channels we maintain. If a user uses the comments function on our social media page to ask a question specified in further detail in Facelift, then the text and the user’s username flow into the tool together and are displayed to us. The text that has been transmitted and the username are deleted once the inquiry has been answered.

The legal basis for the data processing is point (f) of Article 6(1) GDPR. We use Facelift because we have a legitimate interest in managing the content on our Twitter profile in a way that saves both time and costs but is equally effective, which includes collecting and responding to comments by visitors to our profile. In this regard, it is also in the interest of visitors for their comments to be acknowledged centrally and promptly and – depending on the content – recognized or answered by Charité. This gives us a better overview of user comments, which facilitates communication with the users of our social media presence.

Charité uses Talkwalker for the purposes of brand monitoring on our social media websites and to optimize our campaigns. The brand monitoring encompasses monitoring, collection, and analysis of mentions, statements, and perceptions relating to Charité on the various social media websites. Primary goals here include monitoring the reputation and acceptance of Charité in the public and among consumers and assessing these factors on a targeted basis in terms of demographics.

This Web analytics service is provided by Talkwalker Sàrl, 12-16 Avenue Monterey, 2163 Luxembourg, Luxembourg. The service includes extensive data analysis and provision of all information and opinions mentioned regarding Charité on social media platforms, a search engine option for brand and trend checks and for comparison with competitors, and tracking of campaigns placed by Charité.

We process your personal data on the basis of our legitimate interest pursuant to point (f) of Article 6(1) GDPR. Our interest consists in keeping abreast of what is being published and said about Charité and having this information in order to be able to respond to issues such as fake news or security problems. The data collected in this context are deleted after this purpose ceases to apply and after we stop using Talkwalker.

Where personal data concerning you are processed, you have, pursuant to the GDPR, the rights of access to and rectification or erasure of personal data, the right to data portability, and the right to restriction of processing.

Since we process your personal data on the basis of our legitimate interest (point (f) of Article 6(1) GDPR), you can object to the processing by contacting us or the data protection officer (by e‑mail, for example; for contact details, see points 1 and 2 above).

If you are exercising your right to object, please specify the reasons that your personal data should not be processed. In case of an objection, the facts of the matter will be reviewed and the data processing will either be discontinued or adjusted to fit the circumstances, or you will be informed of the compelling legitimate grounds on which the processing is being continued.

In cases in which Twitter alone is the controller responsible for data processing, please contact Twitter to assert your rights as a data subject as described at https://help.twitter.com/en/forms/privacy.

You also have the right to lodge a complaint with a data protection supervisory authority regarding the processing of your personal data.

Charité uses Twitter alongside other information channels. This gives you the opportunity to learn about what we offer and contact us in different places, but always with the same level of quality.