Skip to content
Vaccine research is now digital: You can contribute in just 5 minutes by joining one of our studies.

Privacy Policy

The protection of your personal data is very important to us. We treat this topic with a great deal of care and therefore inform you in the following about the handling of your personal data when visiting our website and

Personal data means any information relating to an identified or identifiable natural person, such as name, address and email address.

1. Controller and data protection officer

The responsible controller according to Art. 4 para. 7 of the General Data Protection Regulation (GDPR) is D4L data4life gGmbH, Charlottenstraße 109, 14467 Potsdam Germany,

You can contact our data protection officer by email ( or by sending a letter to our postal address (to the attention of "the data protection officer").

2. Purpose and legal basis for the processing of personal data

a. When visiting our website

While visiting our website and if you do not register for our newsletter or contact us via our contact form, we only collect the data that your browser transmits to our server.

This is the following information required to display our website to you and to ensure stability and security: IP address, date and time of the request, content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request comes, browser, operating system and its interface, language and version of the browser software. Please note that we cannot draw any conclusions about individual persons on the basis of this data.

The data is stored by us for technical security reasons, e.g. to prevent attacks on our web server; however, the data is anonymized after seven days at the latest by shortening the IP address at domain level, so that it is no longer possible to establish any reference to the individual website user. The legal basis for the processing described above is Art. 6 para. 1 sentence 1 lit. f GDPR (processing is necessary in relation with controller’s legitimate interests).

b. Registering for our Newsletter

With your consent, you can subscribe to our newsletter, in which we inform you – approximately once a month- about updates about Data4Life, in particular about the launch of the Data4Life platform and eventual possibilities of a beta test for users.

For the registration to our newsletter we have implemented the so-called double opt-in procedure. This means that after you registered for the newsletter, we will send you an email to the specified email address in which we ask you for your confirmation that you would like to receive the newsletter. If you do not confirm the registration within three days, your information will be blocked and automatically deleted after one month.

The only information required to register for our newsletter is your email address. After your confirmation we will save your email address for the purpose of sending you the newsletter. The legal basis for the processing described above for the purpose of sending the newsletter is Art. 6 para. 1 sentence 1 lit. a GDPR (processing on the basis of the data subject's consent).

In addition, we store your IP addresses and the time of registration and confirmation. The purpose of the aforementioned storage is to be able to prove your registration and, if necessary, to investigate a possible misuse of your personal data. The legal basis for this is Art. 6 para. 1 sentence 1 f GDPR (processing is necessary in relation with controller’s legitimate interests).

You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in every newsletter, by email to or e.g. by contacting us via the contact details given in our imprint.

To send our newsletter, we use the services of our newsletter service provider Sendinblue – 7 rue de Madrid, 75008 Paris, France. The email addresses of the newsletter subscribers and the associated registration data required for logging / proof of registration are stored on Sendinblue’s servers exclusively in the European Union. These data are used exclusively on our behalf on the basis of a data processing agreement between us and Sendinblue for sending the newsletter and storing the registration data, not for other purposes and in particular not for Sendinblue’s own use of the data.

We store the data described above in connection with the subscription to our newsletter for as long as you are subscribed for the newsletter. We will delete the data as soon as the storage is no longer necessary, e.g. after you have unsubscribed from the newsletter or revoked your consent.

c. Support/Contact

When you contact us using the contact form provided on our website, e.g., email, post, or telephone, the data you provide (e.g., your email address and your name as well as the content of your inquiry) will be stored by us in order to process and answer your questions or concerns or to provide the support you require when using the Data4Life offering. The legal basis for this collection of data is Art. 6 para. 1 sentence 1 lit. b GDPR (processing is necessary for the fulfillment of a contract with the data subject) when we are in the process of entering into or already have a contractual relationship. The legal basis is Art. 6 para. 1 sentence 1 lit. f GDPR (processing is necessary to safeguard the legitimate interests of the controller) if we do not have or do not plan a contractual relationship, e.g., when the contact is of a general nature. Our legitimate interest in the latter case is to answer your inquiry by providing appropriate and useful information.

We anonymize the data arising in this context after the storage is no longer necessary (usually four weeks after we fully answered your request), or restrict the processing if there are legal storage obligations. The legal basis for the processing described above is Art. 6 para. 1 sentence 1 lit. f. (processing is necessary to safeguard the legitimate interests of the controller). Data4Life has a legitimate interest in collecting key performance indicators as part of a quality management system for continuous improvement of the services offered. For this purpose, we systematically evaluate the number of contacts and the reasons for them, the processing time of inquiries and other key figures.

3. Usage analytics using Matomo.

a. Usage analytics using Matomo

On our website we use the web analysis tool Matomo. Matomo helps us understand your use of our website. We use the generated insights to optimize our website with the knowledge gained, to correct errors and to improve it regularly. We only analyze your usage after you have given us explicit consent.

For this purpose, no personal data is processed. Your IP address is anonymized immediately after processing and before its storage. We process the data collected using Matomo exclusively on servers in Germany, which we own and operate ourselves. The following data will be collected, if you have given consent:

  • Click
  • Mouse movement
  • Current cursor position
  • Scroll
  • Window resize
  • Zoom on mobile devices
  • Page changes within our domain, e.g if a pop-up appears

Matomo uses so-called permanent cookies for this purpose. This helps us to understand whether various visits to our website have been made over a longer period of time by one or more visitors to our website in order to measure interest in our website. The permanent cookies we use have a lifetime of one year.

The legal basis for the use of Matomo is your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). You can revoke your consent at Data4Life at any time with effect for the future under no. 3 c.

If your browser is sending the "Do Not Track" preference, our website will not create a user profile about the visitor's activities nor create cookies.

b. Error reporting using Sentry

In order to understand the source and causes of potential errors and crashes in our services, to gain the knowledge necessary to reproduce and resolve such crashes, and to provide our users with the best possible experience when using our services, we use, with your consent, Sentry, which enables us to track errors in real time. In this context, and if you discover a bug or crash in our website, user data, such as information about the device you are using and the time at which the bug or crash occurred will be collected and analyzed solely for the purpose of identifying the bug or crash and resolving it, and not for any other purpose, and then deleted once the bug or crash has been resolved. The data collected with the Sentry technology is processed exclusively on Data4Llife servers in Germany.

The legal basis for the use of Sentry is your consent (Art. 6 para. 1 sentence 1 lit. a GDPR). You can revoke your consent at any time with effect for the future under no. 3 c.

c. Withdrawing or granting consent for usage analytics and error reporting

You can reject or grant the use of optional cookies, the use of Matomo and the use of Sentry at any time with effect for the future. To change your consent settings, click the button.

Current setting: Consent for cookies, bug reports & usage analysis is granted Consent for optional cookies, bug reports & usage analysis is denied Do-not-track

Note: Withdrawing the consent does not delete cookies that have been previously set. You can delete existing cookies at any time in your browser settings.

4. Obligation to provide personal data

If you would like to subscribe to our newsletter or e.g. contact us via our contact form, you must provide the personal data required to send the newsletter or to process and respond to your inquiry. If you do not provide us with this information, it is not possible for us to send you the newsletter you have ordered or to process and respond to your inquiry.

5. Non-existence of automated individual decision making, including profiling

Please note that in the context of the use of our website and the use of our offers/services offered on our website (newsletter, contact form) you will not be subject to an individual decision based exclusively on automated processing - including profiling - which has a legal effect on you or significantly impairs you in a similar manner.

6. Your rights

You have the following rights with regard to personal data related to you:

  • Right of access (Art. 15 GDPR),
  • Right to rectification (Art. 16 GDPR),
  • Right to erasure (Art. 17 GDPR, “right to be forgotten”),
  • Right to restriction of processing (Art. 18 GDPR),
  • Right to object to processing (Art. 21 GDPR),
  • Right to data portability (Art. 20 GDPR).

You also have the right to complain to a data protection supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement if you consider that the processing of personal data related to you is unlawful. The supervisory authority responsible for us is:

Die Landesbeauftragte für den Datenschutz und für das Recht auf Akteneinsicht
Stahnsdorfer Damm 77
14532 Kleinmachnow

Telephone: 0049 (0)33203/356-0
Telefax: 0049 (0)33203/356-49

If you have given us consent to the processing of your data, you can revoke it at any time with effect for the future. The lawfulness of processing your data until revocation remains unaffected by this.For the assertion of your rights or if you have any other data protection concerns, you can contact us at any time via the contact details listed in section 1 above and/or in our imprint.

7. Additional information on your right of objection

Please note that if your personal data is processed on the basis of a legitimate interest pursuant to Art. 6 Par. 1 S. 1 lit. f GDPR and/or if your personal data is processed for the purposes of direct marketing, you have the right to object to the processing of your personal data at any time.

With your consent, we will analyze your behaviour on the website to improve the website for all users. If you consent to the transmission of analysis data, click “Accept”. You can use the website without giving consent to analyze your behaviour. For further information, visit the privacy policy.

We care about digital health.