You are here:   GRUR About us Privacy Policy

Privacy Policy

Data Protection Regulation of the German Association for the Protection of Intellectual Property (GRUR) in accordance with the General Data Protection Regulation (GDPR)

 - Updated: 24.05.2018 -

The German Association for the Protection of Intellectual Property (GRUR) is one of the oldest and largest associations in Germany in the field of industrial property rights and copyright. We respect and protect your privacy and observe the existing data protection regulations. This applies regardless of whether or not you are a member of GRUR, or wish to use our information and services in any other way.

 In the following you can get an overview of which personal data we collect from you and what we do with them. In addition, we inform you about your rights under applicable data protection law and name the contact persons whom you can contact.

1. With your application to become a member of GRUR, the GRUR Association processes the following data

It is mandatory that your application for a GRUR membership be submitted digitally. For this purpose, we provide you with an online form on our homepage, which you must fill in and submit to us. The pre-selection form begins with a pre-selection query as to whether you wish to apply as an individual, an individual at discounted rate, a public authority/association/corporate body, a company with up to 500 employees or a company with more than 500 employees. This query enables us to assign you directly to your correct membership due group.

After pre-selection, please provide us with: Your salutation, title, postgraduate, academic title (e.g. "Dr rer. nat."), first name, surname, employment sector, occupation, street and house number, postcode, town or city, country, your GRUR Regional Group/Working Group, e-mail, phone number, company, additional information on the company, department, position, date of birth, billing address, method of payment (invoice, bank collection) that may differ from the postal address. In the case of corporate memberships, you must also specify through which natural person the company wishes to exercise its membership rights in the GRUR Association. You also declare that you have read the GRUR Statutes and that you have read and agreed to the information on the GRUR Data Protection Regulation, and whether or not you would like to receive a printed membership directory.

Your application data are sent to the GRUR Head Office, collected in an automated procedure and sent electronically each week to the members of the GRUR Executive Committee and the chairperson of the GRUR Regional Group in your domicile/registered office, who decide or are consulted on the admission. When you apply for membership, an electronic, personalised member account will be created for you, in which you can view and manage your personal data after registration. At this point in time, the account is only partially functional, i.e. you can only view and change your personal data until the final decision on whether you are admitted as member of GRUR has been made, but you cannot yet search the GRUR database. If the members of the Executive Committee and the chairperson of the respective Region Group of GRUR do not objected to your membership application in the course of the automated procedure (usually within two weeks), the database automatically generates a personalised welcome letter, an invoice regarding the fees to be paid, as well as other documents and records and sends them to you and to the GRUR Head Office by e-mail. The GRUR Head Office then sends you these documents, and - if requested by you at the time of application - the printed membership directory via post mail. You can cancel the mailing of the printed membership directory by changing the settings in your member account at any time.

2. Further data processed by GRUR if you are a member

a. Administration of your membership

We also process your data after your application and admission as a member of the GRUR Association. In addition to your entry date as a member and your address data, we collect whether and when you have paid your invoices as regards membership fees, and whether you are an honorary member of GRUR. We also maintain your address and invoice data upon notification from you as regards any changes to your address or billing data, whenever we notice that your address in no longer up to date, e.g. due to postal returns from Deutsche Post AG (e.g. after the annual membership fee invoices have been sent out) or when a direct debit is rejected due to outdated account data, or when we have researched your current address in public directories such as the Federal Lawyers´ Registry or freely accessible on the Internet. These data are stored and processed centrally in the GRUR database. Any administrative changes, additions or other updates to your data are recorded in the GRUR database. Any change of your data records is tracked and recorded; the same goes for the name of the authorised person who made the changes. This is permanently stored to ensure the consistency of your data. Comprehensive changes to your data records can only be made by yourself and the authorised staff of the GRUR Head Office.

In addition to your e-mail address, with which you log in to your member account, you have the option of entering another e-mail address, which will instead be created in your member profile and in the printed member directory. You have the option of subscribing to e-mailings from other Regional Groups, you can decide whether you would like to receive a printed membership directory or whether you do not wish to receive any messages by e-mail from GRUR. These changes are not logged, only the status quo is always displayed.

In your member account you can view all membership fee invoices and also whether or not you have paid them. You can also enter an alternative billing address. You can print out duplicates of your invoices at any time.

In your membership account, the GRUR Head Office also stores files which document important correspondence with you, such as correspondence regarding changes to your address data, payment transactions, but also your membership application, your welcome letter, your membership and your notice of termination. You can view these documents at any time.

The chairpersons of the GRUR Special Committees and the chairpersons, deputy chairpersons and leaders of the GRUR Regional Groups can only view and change your address data, with every change being recorded. This limited group of persons belongs to the group of authorised persons, because these persons are so-called natural contact points for you and are in contact with you through their office. They help us to keep your data consistent. You can view and change your address and invoice data at any time. At your request, we will inform you who changed which piece of your data and at what time which specific documents were stored in your member account concerning your correspondence with us.

b. Member account and GRUR member database

In addition to the various association-specific purposes, the GRUR database serves, among other things, the need of GRUR members to find out who the other GRUR members are and whether and in which boards and committees they are involved. For this purpose, as already explained under point 2a., we have set up a separate member account for each member, to which you have direct access after registration with your e-mail address, which can only be used once within the database.

Some of the data you have entered in your member account with your application can be researched and viewed by other GRUR members. These are your address data including telephone number, fax number and email address. You have the option of restricting the amount of data visible to other members. However, in respect of the information interests of other GRUR members, a minimum amount of data always stays visible. The data permanently visible are your name, title and postal address. You can hide all other address data for third parties.

You can also set up your own profile in your member account, which is automatically displayed to other members when they call up your member entry. This profile is automatically limited to your professional parameters. You have the option of depositing a photograph (profile photo) of yourself, which is then visible to other members. You can also specify your "green (= IP, competition, antitrust and/or data law related)" areas of activity and interest, as well as your "green" bar-certified specialist qualifications, which are limited to up to three legal areas (by multiple clicks) and also to the legal areas for which GRUR has set up its Special Committees and Working Groups. In addition to your professional contact data, you can also enter information about yourself and your specialist publications using the free text fields on the form. You can change and delete this data at any time. If you set up your GRUR profile as described above, you are given the option of setting up your own imprint as standard.

We do not evaluate any data that you have stored in your profile; we only save it as mere database entries so that you can present yourself.

If you hold a company membership, you also have the option of entering information about your company in a specific text field of the online form; these information may have an advertising character but should always focus on factual information. You can also upload your company logo to this profile. The natural person stored in your company profile also has the option of creating a personal profile for him- or herself to the same extent as is the case for natural members. If you set up a profile of your company, you are given the option of setting up your own imprint by default.

Via their membership account, each GRUR member can join a different Region Group than the one in which they reside or are domiciled. Both the new and the previous Regional Group will automatically be informed about this change by e-mail. The e-mail will be sent to the chairperson, the vice-chairperson and the secretary of the previous and the new Regional Group.

We do not log any changes or deletions to the content that you make in the free text fields of your profile, nor which photograph of yourself you have stored; nor do we link these data. Regarding company memberships, we do not log these changes either, nor do we log whether or which company logo you used and when. This means that when you make changes to your data records, you overwrite your old data.

You can create a personal contact list and write messages to, and receive messages from, other GRUR members registered in the GRUR member database without having to enter your email address. Your personal contact list is displayed in your profile and made visible to other members. You can also track sent and received messages (when, to whom and by whom), and you can deactivate and thus prevent the function of receiving messages from other GRUR members. Sent and received messages are saved, but you can also delete them. GRUR does not log which changes and deletions you have made to your contacts.

The information that we publish in your profile also include information about the boards/committees in which you are or were active and which offices within GRUR you currently hold. In addition, other members can see when and for how long you have held which offices. This also includes whether you are an honorary member of GRUR. These data are created in your profile by the GRUR Head Office in order to inform other members of the association and cannot be changed by you. However, changes to this data are also logged.

You have the possibility to search the GRUR database. The search functions of the GRUR database only allow certain search parameters. These are:

Professional group (patent attorney, lawyer, judge, company, science (university, university of applied sciences, etc.), office/agency, association/organisation, training/clerkship, law firm, other, tax consultant, notary, lawyer and notary, auditor), surname, first name, place, person is employed at, surname company/office etc., contact person surname, Regional Group/Working Group.

In addition, there is a detailed search for individual persons from the Regional Groups, Special Committees, the General Council and the Executive Committee. The search also allows a combination of the above search parameters.

The search functions of the member search serve exclusively the purpose of finding other members or of displaying a list/overview of which members belong to which Regional Groups or Special Committees or which members are active in the GRUR boards. Members and committee members are not permitted to carry out any further data searches or any other type of combined data search.

For administrative reasons, the GRUR Head Office staff can search for individual members by their membership number or status (e.g. member, former member, membership application filed). Search queries in the GRUR member database and any search terms are not monitored, recorded (logged) or otherwise processed.

c. Information pages of the Regional Groups, Special Committees/Working Groups, the General Council and the Executive Committee

The GRUR database offers information pages for members of the Regional Groups and members of the Special Committees, through which they can access specific information on the Regional groups and Special Committees. These pages are open to all GRUR members. They contain lists of the current and former board members including their election dates and term of office, a list of members and guests (who in turn must be members of GRUR), documents such as minutes, legal sources, statements and other information of interest to the members. The chairpersons of the Regional Groups and Special Committees as well as the secretaries of the Regional Groups can use a rights management system to determine whether the information and documents provided can only be accessed by members of the Regional Groups and Special Committees or by all GRUR members. As special information, the information pages of the Regional Groups offer a list of the 20 most recently joined new members assigned to the respective Regional Groups and link directly to their personal profile.

The GRUR General Council maintains its own information page in the GRUR member database, which is equally accessible to all members. There they can inform themselves about the members (and former members) of the General Council and also view documents such as minutes, which are posted by the employees of the GRUR Head Office. This process is linked to a rights management system, so that employees of the GRUR Head Office can determine whether the information/documents are made accessible to all GRUR members or exclusively to members of the Management Board. We record who provided which information to the General Council, at what time and with which authorisations.

The Executive Committee maintains its own information page in the GRUR member database, which is only accessible to members of the Executive Committee. They can find out about the other members (and former members) of the Executive Committee and also view documents or minutes that are posted by the staff of the GRUR Head Office. We record who provided which information/documents to the Executive Committee and when.

d. GRUR Regional Groups and lectures of the GRUR Regional Groups

The GRUR Regional Groups are organising lectures at regular intervals. For this purpose they send their members (§ 10 par. 2, 3 of the GRUR statutes) e-mails with the invitations to the lecture events as well as a form for later certification of participation according to the FAO (Fachanwaltsordnung). To send out the invitations and certificates, the district groups use the central email dispatch tool of the GRUR database, in which all members are recorded. The members of the Regional Groups are entitled to send the Regional Group invitations or Regional Group news. We log which authorised person sent which email to which recipient and when via the GRUR database, with which content and which documents attached, and archive this data permanently in order to be able to prove our association activities. In addition, some Regional Groups have separate address lists of persons who are not stored in the GRUR database because they are not GRUR members, but who are also invited to the lectures. In addition, some Regional Groups make and archive copies of the certificates of participation in accordance with the FAO. At your request, we will provide you with information about who sent which Regional Group messages and which certificates of attendance to you and when.

e. GRUR Special Committees

The e-mail transmission tool of the GRUR database is also used by the chairs of the GRUR Special Committees and Working Groups in order to send their members information and invitations to meetings of the Special Committees, if necessary. The chairperson of the Special Committee may change the address data of the members of the respective committee. They may send electronic messages to the members of their Special Committee from the database. We log which authorised person sent which e-mail to which recipient and when via the GRUR database, with which content and attached documents.

f. General invitations, information and participant management with regard to events

We use your e-mail address to send you, as a member or interested third party, not only information about the Regional Groups and Special Committees, but also information about our association, our publication "GRUR Newsletter", invitations to training courses and other events (e.g. "GRUR meets Brussels"), but in some cases also invitations to third-party scientific events, e.g. organised by universities and other scientific institutions  as well as invitations to events organised by organisations associated with us such as the Markenverband or the BDI (cf. § 1 para. 1 lit. c) of the GRUR Statutes).

If we send you invitations to our own events (e.g. "GRUR meets Brussels" and "GRUR Int./JIPLP Joint Seminar"), you can register for these events using the participant management tool in the GRUR database. In this case you provide us with your name, title, address, e-mail, telephone number as well as your company/office/authorities/court name. We process this data in order to administer your participation. After the end of the event your data will be stored and archived. They can be reused at a later date to send you repeat invitations to subsequent events to these or other events by e-mail, provided that you, as a non-member of GRUR, have given your express prior consent. This data is not used for any other purposes and is not actively maintained. Since May 25, 2018, we no longer publish lists of participants on the GRUR homepage.

If you register for GRUR events, we ask for your consent to publish photos of you on the GRUR homepage upon registration. You can revoke your consent to GRUR at any time, the photo will then be removed immediately or you will be made unrecognisable in the photo if there are other persons who have given their consent to the publication. The photos are not processed biometrically.

g. GRUR member directory

We generate a print-ready file of the GRUR member directory from the GRUR database fully automatically. We pass this file, together with the machine-readable address data of our members (as shipping addresses), on to a printing house as order processor within the framework of an order processing agreement between GRUR and the printing house. The printing house then prints the membership directory and sends it by post mail to GRUR members. The printing house will act solely for, on initiative of, and in accordance with the instructions of GRUR within the framework of a contract concluded specifically for this purpose. It must comply with and ensure the principles of data security, confidentiality and encryption. It may only use the data passed on to it for the stated purposes and must irrevocably delete them once the purpose has been fulfilled.

h. Accounting procedures

Once a year, at the end of February, our database automatically generates all membership fee invoices. A copy of these invoices is deposited in each electronic member account (see also the explanations under 2.a.). We process your invoice data and record when you have transferred your membership fee to us or if you have given us direct debit authorisation, when we have collected the membership fee from your bank account. We record if and when you are in arrears with payment of your membership fee as well as whether and when we have reminded you. In the event that we terminate your membership due to non-payment of your membership fee (§ 7c GRUR Statutes), we will also include this information.

3. Data processed by GRUR during and after termination of your membership

You may terminate your GRUR membership by cancelling it any time, while taking into account the notice period as stated in the statutes of the Association. Every notice of cancellation or other notice of termination (e.g. death certificate) will be processed electronically by us. Alternatively, you can initiate this cancellation and processing procedure yourself via your electronic membership account. You will immediately receive an automatically generated cancellation confirmation by e-mail, a copy of which will also be sent to the GRUR Head Office, printed out there and sent to you by post. If you inform us of the reason of your cancellation, we record this reason and process it anonymously for statistical purposes. The database calculates the statutory cancellation date and automatically notes your cancellation at this point in time. At the end of this period your account will be deactivated and your data will be archived (transferred to the association archive). Archived membership data is no longer maintained and is only accessible to the employees of the GRUR Head Office. We process this data in anonymous form for statistical purposes in order to document the development of our association. If you wish to reactivate your membership at a later date, we will reactivate your old data record from the archive.

4. Other data processed and archived by GRUR

a. General file management

The GRUR Head Office is keeping files on paper for all processes related to GRUR´s activities as an association. These files are partly destroyed after the procedures have been completed and after the end of their legal retention period, partly digitised and archived, insofar as this is necessary for the purposes of the GRUR association, e.g. the subsequent reconstruction of procedures.

b. Science fund

As a scientific association GRUR financially supports universities, colleges, institutes, university chairs and special scientific projects. These activities are reported in the so-called Science Fund. For this data, GRUR processes which recipients receive or have received which funding amounts for which funding purposes in the past. This data is published in the Secretary General's annual report and evaluated for statistical purposes.

c. GRUR journals and GRUR Newsletter

Since its foundation, the GRUR association has operated a scientific journal business. This includes the journals GRUR, GRUR-Int., GRUR-RR and GRUR-Prax as well as the online decision collection GRUR-RS. As the economic "owner" of this business, GRUR owns the lists of subscribers to the print editions of GRUR and GRUR-Int. These lists contain the names of subscribers, subscribed journals and billing and payment data. These data are not processed and stored by the publisher C.H. Beck, but within the framework of a contract concluded between GRUR and the publisher.

We also publish the GRUR Newsletter. The GRUR Newsletter is an official journal of GRUR, in which current developments in industrial property law, copyright, competition and data law are taken up at national, European and international level and presented in the form of technical and editorial articles including interviews and short contributions, some of which are illustrated. The Newsletter appears in printed, but also digital form; it is sent in both forms to the members of GRUR, but also to third parties and published on the GRUR homepage. In the contributions personal data are processed, partly also in form of pictures. The persons concerned have given their express prior consent to the respective forms and types of publication.

d. GRUR Calendar and GRUR News

The GRUR Calendar is the central calendar for all lectures, seminars and other (training) events in the field of intellectual property. It displays events of GRUR, the German Lawyers' Academy (DeutscheAnwaltAkademie) and other providers (of which we have written consent) and processes personal data to the extent that it lists which speaker presents when and where on a specific topic. The speakers have given us their consent. Lecture documents will only be published on the homepage if the speaker or the organiser has given their prior consent as the copyright holder for the publication, stating the publication period. If the speaker has set an expiry date when uploading the data with their consent the download of the file is blocked after the expiry date. Events in the past are archived. No further processing of data takes place.

The GRUR News display short information on events in intellectual property law. These come both from GRUR itself and from third parties from whom we have received consent. Messages by the third-party providers DPMA, EUIPO, WIPO and EPO which we publish with their consent within the GRUR News stream with their consent are transmitted to us daily in an automated data procedure.

e. Homepage

In addition to the member database, GRUR operates its homepage, which can be reached under the domains and You can visit the GRUR homepage without telling us who you are. When users surf the homepage, IP addresses and general user statistics are collected from our order processor.

Access data includes the name of the accessed website, file, date and time of access, transferred data volume, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider. The data are used exclusively for administration and optimisation of the internet offer and for statistical purposes. No usage profiles are created. The pages are not tracked with further analysis tools such as Google Analytics. However, we do include Google Maps to show you where the events we publish in the GRUR calendar take place.

The IP address can be a personal data, because under certain conditions, it is possible to track back the identity of the owner of the Internet access used by legitimally receiving these information from the respective Internet provider. We do not intend to evaluate the IP access. This could only become relevant if there were an attack on our Internet system. In this case, we have a legitimate interest in the processing of the IP address within the scope of Art. 6 Para. 1 f) GDPR. It arises from the need to repel the attack on our Internet system, to determine the origin of the attack in order to be able to take action against the responsible person under criminal and civil law and to effectively prevent further attacks.

The GRUR homepage publishes GRUR position papers and statements signed by the President and the Secretary General of GRUR. The minutes of the meetings of the General Council and the Annual General Assembly of GRUR are also published on the homepage. These sometimes contain personal data. For reasons of transparency, the publication of these data is also in the overriding legitimate interest of GRUR since it includes recorded discussions, decision-making, elections and votes. GRUR also publishes a list of the so-called "Green University Chairs" in Germany on its homepage. This publication is made exclusively at the express request and with the express consent of the respective chair holders. This consent can be revoked at any time.

f. Electronic communication with GRUR, especially with the GRUR Head Office

General communication with the GRUR Association and the GRUR Head Office is via the e-mail address The employees of the GRUR Head Office have access to this address. This procedure is intended to ensure that no message is lost and can be processed immediately by the person(s) responsible. A copy of the messages automatically sent by the GRUR database is transferred to the person who initiated the transmission.

The staff of the GRUR Head Office, the President, the Secretary General, the Treasurer and the respective Regional Groups of GRUR have their own e-mail addresses and accounts with the ending or These are separate e-mail accounts, which are managed by an order processor. Appropriate contracts have been concluded with this order processor, who is obliged to observe and ensure the principles of data security, confidentiality and encryption.

You have the possibility to use our contact form on the GRUR homepage for the purpose of correspondence with the GRUR Head Office. We make it available to you on the GRUR homepage. You may enter and communicate personal data to us in the respective input fields. These data will only be processed for the purpose for which you have provided us with the data and which you have formulated in the free text field. In this case, the processing of personal data takes place with your consent and is therefore permissible pursuant to Art. 6 para. 1 a) GDPR. Your message will be stored in so far as your data is converted into an email and sent to the GRUR Head Office and received there as an e-mail. There will be no further storage, documentation or archiving of your message.

g. Employees of the GRUR Head Office

GRUR employs staff in its Head Offuce. Data such as name, account details, social security details and marital status of the employees are processed within the framework of their employment relationship, the establishment, implementation and termination of employment relationship, and in particular for personnel administration and payroll accounting.

5. Order processing

GRUR has all data of its member database and the homepage stored by an order processor. GRUR also uses an order processor for the administration of the participants of the GRUR Annual Meeting as well as for the postal dispatch of the printed membership directory and the GRUR Newsletter including the annual fee invoices and the payroll accounting for the employees of the GRUR Head Office. At any given time, all order processors work for GRUR on the initiative and in accordance with the instructions of GRUR within the framework of specially concluded order processing contracts. They must comply with and ensure the principles of data security, confidentiality and encryption. They may only use the data passed on to them for the purposes agreed on, and must irrevocably delete them once the purpose has been fulfilled.

6. Data processing purposes

We process your data within the framework of our statutory provisions in accordance with General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

a. For the fulfilment of contractual obligations (Art. 6 para. 1b GDPR)

We process your data according to art. 6 para. 1b GDPR for the mutual fulfilment of obligations arising from the activities of the GRUR Association as well as for the establishment and implementation of the quasi contractual obligation resulting from you joining the GRUR Association (recruitment of new members, member support, member administration and member information, among other on activities of GRUR). We process these data both at the time you join GRUR and during your membership.

b. Within the scope of legitimate interests (Art. 6 para. 1f GDPR)

We process your data, but also the data of third parties according to Art. 6 para. 1f GDPR to protect our legitimate interests as an association in fulfilment of our statutory requirements, goals and purposes, as well as to maintain the activities of the Association. This does not apply if your overriding interests or fundamental rights conflict with this.

The object of the Association is to promote scientific education and further development of the protection of intellectual property and copyright, including competition law at the national, European and international level (§ 2 para. 1 GRUR Statutes).

In accordance with § 3 para. 1 GRUR Statutues, the purpose of the Association shall be served by:
a) Discussion and handling of intellectual property, copyright and antitrust issues in committees, assemblies, seminars and scientific publications, the publication of professional journals (print and online) and the education and training in intellectual property, copyright and antitrust law;
b) Support for the legislature and for administrative agencies with regard to intellectual property, copyright and antitrust issues;
c) Cooperation with associations pursuing common objectives.

The processing of third party data may occur if, for example, non-members register for events and, as part of the registration process, transmit to us those data that are necessary for the administration of their participation.

c. On the basis of consent (Art. 6 para. 1a GDPR)

We are authorised to process your personal data within the scope of GRUR's association-related activities within the framework of its statutory purposes, in particular within the framework of the membership relationship, even without your consent. This includes, for example, the sending of electronic messages, event announcements or information material or documents on our own behalf.

This does not apply to data collected for special purposes. These are considered to be:

  • Photos of people at GRUR events posted on the GRUR homepage,
  • Use of the contact form on the GRUR homepage,
  • Sending invitations via the e-mail sending tool to events of GRUR or third parties or association news or information material of GRUR to non-members who have previously participated in GRUR events and have therefore passed on their data to us,
  • Sending invitations to events of third parties or information material of third parties to GRUR members via the email sending tool,
  • Publication of the name of a chair holder in the list of "Green University Chairs" shown on the GRUR homepage.

In these cases, we will only take action if you have expressly given us your prior consent. If you are not a member of GRUR, you can send us your consent by e-mail stating your name and address to: As a member you have the possibility at any time to give your consent in your member account by mouse click in a special field. You can also give your consent during the application process for membership in GRUR. We record when you have given your consent and for what special purposes. 

You have the possibility to revoke your consent at any time. To do this, please use the form of communication that you have also chosen for giving your consent ("actus contrarius"). We record when you have withdrawn your consent and for what special purposes. The revocation is only valid for the future and does not affect any processing that took place before the revocation.

7. Rights of the persons concerned
You have the right:

  • in accordance with Art. 7 para. 3 GDPR, to revoke your consent to us at any time. As a result, we are no longer allowed and will not continue processing data based on this consent in the future;
  • to request information about your personal data processed by us in accordance with Art. 15 GDPR. In particular, you may request information on the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom your data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing, the right to lodge a complaint with a supervisory authority, the origin of your data, if these have not been collected by us, and the existence of automated decision-making, including profiling and, if applicable, meaningful information on the logic involved; you will receive this information within one month. [Note: It is planned to automate this information so that a member can access the information with a mouse click - Facebook has also chosen this procedure].
  • in accordance with Art. 16 GDPR; to obtain from us without undue delay the rectification of incorrect or complete personal data stored by us in;
  • in accordance with Art. 17 GDPR, to obtain from us the erasure of personal data concerning you (`right to be forgotten´), unless the processing is necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or to establish, exercise or defend legal claims;
  • pursuant to Art. 18 GDPR, to obtain from the us the restriction of processing of your personal data if you contest the accuracy of the data and the processing is unlawful and you oppose to erasure of the personal data and request the restriction of their use instead; if we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims or if you have objected to processing pursuant to Art. 21 GDPR;
  • to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format in accordance with Art. 20 GDPR and to request its transfer to another controller in charge; and
  • to lodge a complaint with a supervisory authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority in the Member State of your habitual place of residence or place of work or place of the registered office of our Association.

8. Right to object

If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 letter f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for doing so, on grounds relating to your particular situation. In the event of an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.

If you wish to exercise your right to object, simply send an e-mail to

9. Obligation to maintain data secrecy; name and contact details of the data controller and the GRUR Data Protection Officer

All persons who have access to membership data of GRUR, i.e. in particular the employees of the GRUR Head Office, the chairpersons of the Regional Groups and Special Committees, the vice-chairpersons and secretaries of the Regional Groups, who have access to the membership data for their tasks, have been obliged in writing to maintain data secrecy (§ 5 BDSG). These statements are available to us and are published below.

This data protection information applies to data processing by:

German Association for the Protection of Intellectual Property and Copyright Law (GRUR)
GRUR Data Protection Officer: Attorney Norbert Diel, Theodor-Heuss-Ring 32, 50668 Cologne, Germany

Phone: +49 (0) 221 78959-330
Fax: +49 (0) 221 78959-340

The GRUR Data Protection Officer can be contacted at the above address or at

10. Changes to the Data Protection Regulation

GRUR reserves the right to update the Data Protection Regulation with regard to changed association needs or purposes, but also to changed legal situations or to adapt them to changes in the service or data processing. You are therefore requested to keep yourself informed about the content on the GRUR homepage. There we will inform you of which changes we have made, and when. The current version of the declaration was first issued on 24.05.2018 and published on 02.07.2018.

Download this Data Protection Regulation (pdf)