Thank you for visiting the GraFOx website, maintained by the Paul-Drude-Institut für Festkörperelektronik, Leibniz-Institut im Forschungsverbund Berlin e.V. (PDI) website. Below you will find detailed information about how your data is handled.
This text is a direct translation of the original Privacy Policy in German, prepared by Forschungsverbund Berlin e.V (FVB). However, for legal purposes, only the German version is binding.
In compliance with the applicable data protection laws, we process personal data that is collected when you visit our websites. We will not publish your data or disclose it to any third parties without authorization. In the following sections, we explain which data we collect when you visit our websites, and exactly how this data is used.
I. Name and address of the controller
The controller within the meaning of the General Data Protection Regulation, other national data protection legislation of the Member States and other data protection legislation is:
Forschungsverbund Berlin e.V.
Rudower Chaussee 17
12489 Berlin
Germany
Tel. +49 30 6392-3330
Email: infofv-berlin.de
represented by the Executive Board of Forschungsverbund Berlin e.V.:
Professor Dr. Stefan Eisebitt, Executive Board Spokesman and Director at the MBI
Martin Böhnke, Managing Director of Forschungsverbund Berlin e.V.
II. Name and address of the Data Protection Officer
The controller’s Data Protection Officer is:
DID Dresdner Institut für Datenschutz, Stiftung bürgerlichen Rechts
Contact: Max Just
Hospitalstraße 4
01097 Dresden
Germany
Email datenschutzfv-berlin.de
III. General information about data processing
1. Scope of personal data processing
As a general rule, we only process personal data concerning our users where necessary in order to provide a functional website and to provide our content and services. Personal data concerning our users will only be processed regularly if the user has given his or her consent. An exemption applies in such cases where it is impossible, for reasons of fact, to gain prior consent and the processing of data is permitted by law.
2. Legal basis for personal data processing
Where we obtain the consent of the data subject for processing procedures, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR serves as the legal basis. The same applies for processing procedures that are necessary in order to take steps prior to entering into a contract.
Where it is necessary to process personal data for compliance with a legal obligation that FVB must meet, Article 6(1)(c) GDPR serves as the legal basis.
In the event that the vital interests of the data subject or of another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.
If processing is necessary for the purposes of the legitimate interests pursued by FVB or by a third party and if the aforementioned interests are not overridden by the interests or fundamental rights and freedoms of the data subject, then Article 6(1)(f) GDPR serves as the legal basis for processing.
3. Erasure of data and storage period
The personal data concerning the data subject will be erased or made unavailable as soon as the purpose of storage ceases to apply. Data may also be stored where provision has been made for this by European or national legislators in Union regulations, laws or other provisions to which FVB is subject. Data will also be made unavailable or erased where a storage period prescribed by the aforementioned legislation expires, unless there is a need for the further retention of the data for the purpose of entering into or performing a contract.
IV. Provision of the website and creation of log files
Every time our website is visited, our system automatically collects data and information from the computer system of the requesting computer in so-called log files.
The following data is collected in this connection and stored in our systems’ log files:
- Date and time of access
- User’s IP address
- Websites called up from the user’s system via our website
- Websites from which the user’s system reached our website
- Information about the browser type and version
- Information about the user’s operating system
- Information about the user’s internet service provider
This data will not be stored together with other personal data concerning the user.
Data is stored in log files in order to ensure the functionality of the website. In addition, the data serves the purpose of optimizing the website, of eliminating any possible malfunctions and of preserving the security of our information technology systems.
Data is deleted as soon as it is no longer necessary for the purpose for which it was collected. In the case of the provision of the website, this occurs at the end of the session.
Log file data is usually deleted after 30 days at the latest. If FVB has to store log file data for a longer period due to technical requirements or security aspects, users’ IP addresses are deleted or modified to prevent their identification.
Such storage is essential and cannot be objected to by the user.
The legal basis for the storage of data and log files is Article 6(1)(f) GDPR.
V. Use of cookies
1. Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user requests a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that enables the browser to be uniquely identified when you next visit the website.
2. Non-essential cookies / Web analytics
Some FVB institutes that are accessible via a link from the FVB website use web analytics software. An opt-out possibility is available for users.
3. Duration of storage, possibility of objection and removal
Cookies are stored on the user’s computer and transmitted from there to our website. As the user, you therefore have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also take place automatically. If cookies are disabled for our website, you may not be able to use the full functionality of the website.
VI. Data transmission
Your personal data is managed and stored at PDI.
Your personal data will only be transmitted to state institutions and authorities when required by legislation or for the purpose of prosecution for attacks on our network infrastructure. Data will not be disclosed to third parties for any other purpose.
VII. Rights of the data subject
If personal data concerning you is processed, you are the data subject within the meaning of the General Data Protection Regulation and have the following rights vis-à-vis the controller – unless statutory exceptions apply in specific cases:
- Withdrawal of consent (Article 7(3) GDPR)
- Access (Article 15 GDPR)
- Rectification (Article 16 GDPR)
- Erasure (Article 17(1) GDPR)
- Restriction of processing (Article 18 GDPR)
- Data portability (Article 20 GDPR)
- Objection to processing (Article 21 GDPR)
- Lodging of a complaint with the supervisory authority (Article 77 GDPR)
For Forschungsverbund Berlin e.V., the supervisory authority is: The Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin, Germany.
VIII. Website analytics
Use of Matomo
This Paul-Drude-Institut für Festkörperelektronik, Leibniz-Institut im Forschungsverbund Berlin e.V. (PDI) website uses the open source software Matomo (formerly Piwik), operated by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, for the statistical evaluation of visitor access. In this context, the browser type used, the browser version, the operating system used, the site from which the GraFOx website was accessed, the subpages of the GraFOx website, and the date and time of access are collected. The user’s internet protocol address (IP address) is anonymized before being saved.
Matomo is configured in compliance with data protection, i.e. data is saved in anonymous form and no cookies are set.
If the user’s browser supports “do-not-track” technology and the user has activated this feature, his or her visit to the website will automatically be ignored.
Data collected by Matomo will never be transferred to other servers or shared with third parties; instead, it will be used in anonymous form to improve the online content. IP addresses are saved without the last tuple in Matomo.
The legal basis for the data described here with the use of Matomo is Article 6(1)(f) of the General Data Protection Regulation (GDPR). Our legitimate interests follow from the aforementioned purposes of data collection.