Privacy Policy

The protection of your personal data is a top priority at Global Atopic Dermatitis Atlas. The data you enter is transmitted in encrypted form and stored on protected servers. We will keep your data secure and take measures to protect your personal data from loss, access, misuse or alteration. Our employees and contractual partners who have access to your data are contractually bound to secrecy and compliance with data protection regulations.



Data collection

When you call up our website, the following data is determined by your terminal device or the browser used and stored in a log file:

  • IP address of the end device
  • Date and time (incl. time zone difference to CET) of access
  • Name and URL of the retrieved page/file
  • The website from which you accessed our site (referrer URL) and the search engines you used to find our site
  • Browser used, operating system of the end device
  • Name of the Internet provider
  • User click tracking on the website

We initially use this data for technical purposes in order to deliver the contents of our website to you and to ensure the secure operation of our services. Furthermore, we do use this data for statistical purposes so that we can trace which terminal devices with which characteristics and settings are used for visiting our website in order to optimise them if necessary. These statistics do not contain any personal data. If you are within the scope of the GDPR, the legal basis for the use of data for the compilation of statistics is Art. 6 Para. 1 f) GDPR.

The complete IP address will be stored for the purposes of detecting and preventing attacks (e.g. preventing access, spying on data, spreading malware (e.g. viruses) or other unlawful purposes) against the systems used for our website. Such attacks would impair the proper functioning of the technology, the use of our website or its functionality and the security of visitors to our website. We hereby pursue the legitimate interest of ensuring the operability of our website and to ward off illegal attacks against us and the visitors to our website.

If you are within the scope of the GDPR, you can execute your right to deletion, in this case the IP address of your terminal device will be deleted (by anonymization) if it is not needed for the recognition or defence of an attack.



Storage of user data

We store your user data exclusively on servers in the European Union.



Use of cookies


Cookies are used for the operation of our website to ensure the technical functionality of our website and to understand how visitors use our website.
A cookie is a small text file that is stored on your terminal device by your browser when you visit our website. If you call up our website again later, we or the service provider can read out the respective cookie again.


There are two types of cookies:

  1. First-party cookies: are set by the website you are visiting.
  2. Third-party cookies: are created by third-party vendors and set by the website owner for different purposes.


Cookies are also stored for different periods of time. A distinction must be made between so-called session cookies and persistent cookies. Session cookies are deleted from your browser when you leave our website or when you exit the browser. Persistent cookies are stored for the duration specified when they are stored.

You can set your browser to deny cookies at any time, but this may result in our website no longer functioning properly. You can also delete cookies yourself at any time.


What cookies do we use?

We use cookies for the following purposes:

  • Technically necessary cookies, which are absolutely necessary for the use of the functions of our website. Without these cookies, certain functions could not be provided. These are session cookies.


Cookie   Type    Description   Functionality          Duration   Expiration
Stored data  

Session ID


Session ID is a randomly generated number by a server that temporarily stores the session cookie 


Necessary for the website to function



Session ID

CSRF (Cross Site Request Forgery)


CSRF token is a unique, secret value that is generated on the server-side application and that checks the validity of the token and rejects the request if the token is missing or invalid

To prevent CSRF attacks/protection against hackers



Random CSRF token


  • Statistics cookies are persistent cookies that are used to analyse user behaviour and the use of website and provide statistics. For details please read the information on "Using Matomo and Google analytics to analyze the use of our website".


Cookie   Type   Functionality       Duration  Expiration
Stored data  
Statistics_cookie  First-party To know if a user has accepted the statistics cookies Persistent   1 year User consents statistics cookies
_pk_ses (Matomo)  First-party Save information about the user visit  Persistent 30 minutes Data about user's visit
_pk_id (Matomo) First-party Save details about the user Persistent 13 months User's data (unique id, browser, ip, etc)
_ga (Google Analytics) Third-party (Google)  

Used to distinguish users


Persistent 2 years Anonymous ID
__gid (Google analytics) Third-party (Google) Used to distinguish users Persistent 2 years Anonymous ID


  • Marketing cookies are usually third-party persistent cookies that are used to track visitors across websites by creating basic profiles in order to display relevant advertisements.  These cookies are used to support online marketing by collecting information about the users to promote products through partners and other platforms.

We use marketing cookies to enable functionality from third parties, such as video players and social media features in order to show the embedded content from third-parties, such as YouTube. If you choose not to give your consent to the use of marketing cookies, this will prevent all functionality with regards to the associated tools. This means that you will no longer be able to engage with videos and similar third-party content.

We use the following marketing cookies:

Cookie   Type   Functionality  Duration  Expiration
Stored data  
marketing_cookie                   First-party To know if a user has accepted the marketing cookies  1 year  Persistent  User consents marketing cookies




Third-party (Google)  Custom ad delivery or retargeting based on recent searches and previous interactions  Persistent  

1 month

1 month

2 years

User consent and profile for marketing
NID  Third-party (Google)

To store user’s information and preferences when visiting pages that integrate Google Maps or YouTube and custom ad delivery or retargeting based on recent searches and previous interactions


Persistent   6 months User's information and preferences
AEC Third-party (Google)

CSRF Token, to prevent malicious sites from acting on behalf of a user without their knowledge


Persistent 6 months Random CSRF token



Using Matomo and Google analytics to analyze the use of our website

For the compilation of statistics and evaluations, for the optimization and for the recognition of errors we use the tool Matomo; (this tool runs directly on our server and is operated by us) and Google Analytics technology.

With this processing we pursue the justified interest to improve our offer and to be able to operate stable. If you are in the area of application of the GDPR is legal basis of the processing art. 6 Abs. 1 f) GDPR.



In order to collect data, the tool uses a so-called "cookie". This is a small text file that is stored by your browser on your terminal device. By means of this cookie, the tool receives, for example, information about which pages you have visited, the duration of your stay on the pages, which country and city you are browsing from, technical data of the browser you are using and of the respective terminal device. The IP address of your terminal device is only processed anonymously. At no time does the tool create profiles to which we can assign certain users, but always uses pseudonyms.


To opt out from Matomo tracking, please click here.


Google Analytics

Google Analytics uses “cookies” which are text files placed on your computer, to help the website analyse how you use the site. The information that is generated by the cookie about your use of our website (including your IP address) is transmitted to a Google server in the USA where it is stored. Google will use this information to evaluate your use of the website, to compile reports on website activity for its operators and to provide other services related to website activity and internet usage. Google may also transfer this information to third parties as required by law or if said third parties process this data on behalf of Google. Google will never associate your IP address with any other data held by Google.


More information and instructions for opting out of Google Analytics tracking


Third party websites

There might be third party websites connected with our website through hyperlinks or buttons including social media sites. When using any such websites, certain information may be collected by such third parties. This information may be subject to their privacy statements and terms and conditions. We encourage you to review third party privacy policies before making use of their websites.

Contact inquiries

If you send us a message via one of the contact options offered, we will use the data you provide to us to process your request. The legal basis for this is our legitimate interest in responding to your request. If you are in the area of application of the GDPR, the legal basis for the corresponding processing is Art. 6 Para. 1 f) GDPR. The data will be deleted if you execute your right to deletion. If we are obliged by law to store the data for a longer period of time, it will be deleted after expiry of the corresponding period.


Email newsletters


We use Sendy to create and deliver our newsletters, and to obtain data regarding open rates and other metrics related to the engagement. In Sendy, we only store the data you provide via the subscription form with the sole purpose of sending you the newsletters. This data is not shared with the third parties. You can unsubscribe at any point by clicking on "unsubscribe" in the email you receive. To view Sendy's privacy policy, please click here:



Last updated on: 20th of October, 2022

In connection with your personal data, you are entitled in particular to the rights listed below. Please refer to the legal regulations for details. If you are within the scope of the GDPR, the GDPR is the legal basis.



Right to information

You have the right to request confirmation from us as to whether personal data relating to you will be processed by us. If this is the case, you have the right to be informed about this personal data and to receive further information. If you are within the scope of the GDPR, the legal basis is Art. 15 GDPR.



Right to rectification

You have the right to demand from us immediately the correction of incorrect personal data concerning you. You also have the right to request the completion of incomplete personal data - also by means of a supplementary declaration - taking into account the purposes of the processing. If you are within the scope of the GDPR, the legal basis is Art. 16 GDPR.



Right to deletion

You have the right to demand that we delete any personal data concerning you immediately. We are obliged to delete personal data immediately if the corresponding requirements are met. If you are within the scope of the GDPR, the legal basis is Art. 17 GDPR.



Right to limitation of processing

Under certain circumstances you have the right to demand that we restrict the processing of your personal data. If you are within the scope of the GDPR, the legal basis is Art. 18 GDPR.



Right to data transferability

If you are within the scope of the GDPR you have the right under Art. 20 GDPR to receive the personal data relating to you which you have provided to us in a structured, common and machine-readable format and you have the right to transfer this data to another responsible person without hindrance by us, provided that the processing is based on consent in accordance with Article 6 Para. 1 a) GDPR or Article 9 para. 2 a) GDPR or on a contract pursuant to Article 6 para. 1 b) GDPR and the processing is carried out using automated procedures.



Existence of a right of appeal to the supervisory authority

If you are within the scope of the GDPR, Art. 77 GDPR gives you the right to complain to the supervisory authority without prejudice to any other administrative or judicial remedy. This right exists in particular in the Member State of your place of residence, your place of work or the place of the alleged infringement if you are of the opinion that the processing of your personal data violates the GDPR.



Right of objection

You have the right to object to the processing of personal data concerning you, including processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics.

If you are within the scope of the GDPR, the legal basis is Art. 21 GDPR. The statement of objection then applies to personal data that is based on Article 6 paragraph 1 letters e or f of the GDPR Regulation.



How to submit a request


If you wish to exercise any of the above rights please send an email to describing the details of your request.