The Max Planck Society for the Advancement of Science (MPG) takes the protection of your person-al data very seriously. We process personal data collected when you visit our websites in compli-ance with the applicable data protection regulations and in principle only to the extent necessary to provide a functional website as well as our content and services. We will neither publish your data nor pass it on to third parties without authorisation. In the following, we explain what data we collect during your visit to our websites and how exactly it is used:
A. Provision of the website
1. Accessing the website
a. Type of data
Every time our website is accessed, our servers and applications automatically collect data and information from the system of the accessing device.
- The following data is collected temporarily:
- Your IP address
- Date and time of your access to the site
- Address of the accessed page
- Address of the previously visited website (referrer)
- Name and version of your browser/operating system (if transferred)
The data is stored in the log files of our systems. This data is not stored together with other personal data of the users.
b. Legal basis
The legal basis for the temporary storage of data and log files is Art. 6 (1) (f) GDPR. The data is stored in log files to ensure the functionality of the website. In addition, the data is used to opti-mize the websites, to eliminate faults and to ensure the security of our information technology systems. These purposes also constitute our legitimate interest in data processing in accordance with Art. 6 (1) (f) GDPR.
The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.
c. Deletion of data
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the accessing device.
2. User-friendly design of the website
a. Type of data
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s system. When a user visits a website, a cookie is stored on the us-er’s device. The cookies contain a characteristic string of characters that allows the browser to be uniquely identified when the website is accessed again.
We use cookies to make our website more user-friendly. Some elements of our website technically require that the accessing browser can be identified even after a page has changed. The following data is stored and transmitted in the cookies:
- Language settings (localization) of the browser, even when changing pages (functionality of the language switcher)
- Session data (click path, pages accessed, current language, memorization of form data (terms used in the internal page search, entries in the contact form) and, if applicable, error messages for forms)
Cookies are stored on your device and transmitted from it to our site. Therefore, as a user, you also have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
b. Legal basis
The legal basis for the processing of personal data using cookies is Art. 6 para. 1 lit. f GDPR and § 25 para. 2 no. 2 TDDDG. Some functions of our website cannot be offered without the use of cookies. For these, it is absolutely necessary that the browser is recognized even after changing pages.
c. Deletion of data
The cookies are deleted after the session is closed.
B. Web analytics
1. Type of data
We use the web analytics program Matomo to collect statistical data on user behavior, which uses cookies and JavaScript to collect various information on your computer and automatically transmit it to us. Each time our website is accessed, our system collects the following data and information from the computer system of the accessing device:
- IP address, anonymized by shortening
- Two cookies to distinguish different visitors
- Previously visited URL (referrer), if transmitted by the browser
- Operating system name and version
- Browser name, version, and language setting.
Additionally, if JavaScript is enabled:
- URLs visited on this website
- Timing of page views
- Type of HTML requests
- Screen resolution and color depth
Browser-supported techniques and formats (e.g., cookies, Java, Flash, PDF, WindowsMedia, Quick-Time, Realplayer, Director, SilverLight, Google Gears).
The data is stored and evaluated exclusively on a central server operated by MPG.
Of course, you have the option of objecting to the collection of data. You have the following independent options to object to data collection by the central server:
- Enable the Do Not Track or Do Not Follow setting in your browser. As long as this setting is active, our central server will not store any data about you. Important: The Do Not Track statement typically applies only to the one device and browser in which you enable the setting. If you use several devices / browsers, you have to activate Do-Not-Track separately everywhere.
- Use our opt-out function. Click on the check mark in the following selection box under https://colab.mpdl.mpg.de/mediawiki/Erkl%C3%A4rung_zur_Datenerhebung to stop or reactivate data collection. As long as the selection box is deactivated, our central server will not store any data about you. Important: For the opt-out, we need to store a special recognition cookie in your browser. If you delete it or use a different PC/browser, you will have to object to the data collection again on this page.
This data is not stored together with other personal data of the users.
3. Legal basis
The legal basis for the processing of users’ personal data is Art. 6 (1) (f) GDPR and Section 25 (2) No. 2 TDDDG . The processing of users’ personal data enables us to analyse the usage behaviour of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our websites. This helps us to constantly improve our websites and their user-friendliness. In these purposes, our legitimate interest also lies in the processing of the data in accordance with Art. 6 para. 1 lit. f GDPR and § 25 para. 2 no. 2 TDDDG. The anonymization of the IP address sufficiently takes into account the interest of users in the protection of their personal data.
4. Deletion of data
The data is deleted after the final annual totals for the access statistics have been calculated.
C. Contact form
1. Type of data
There is a contact form on our website, which can be used to contact us electronically. If you take advantage of this option, the data entered in the input mask will be transmitted to us and stored. These are usually your email address, surname, and first name. We will inform you about the specific processing of the data as part of the usage process and obtain your consent. In addition, reference is made to this privacy policy. The data is used exclusively for the processing of the conversation.
2. Legal basis
The legal basis for the processing of data when using the contact form is your consent in accordance with Art. 6 (1) (a) GDPR. The processing of the personal data from the input mask serves us solely to process the contact. You have the option of revoking your consent to the processing of personal data at any time by contacting the contact persons listed.
3. Deletion of data
The data will be deleted as soon as it is no longer necessary to achieve the purpose for which it was collected. This is the case when the respective conversation with the user has ended or the user’s request has been finally processed. The conversation is ended when it can be inferred from the circumstances that the facts in question have been conclusively clarified.
D. Data transfer
The management and storage of your personal data is carried out by selected services
• Contact form (Section C)
in the context of commissioned data processing on systems of our service companies.
Your personal data will only be transmitted to state institutions and authorities in cases required by law or for criminal prosecution due to attacks on our network infrastructure. It will not be passed on to third parties for other purposes.
E. General information
1. Contact details of the responsible persons
Responsible within the meaning of the General Data Protection Regulation and other national data protection laws as well as other data protection regulations is the
Max Planck Society for the Advancement of Science (MPG)
Hofgartenstraße 8
D-80539 Munich
Phone: +49 (89) 2108-0
Contact form: https://www.mpg.de/kontakt/anfragen
Internet: https://www.mpg.de
2. Contact details of the data protection officer
The data protection officer of the controller can be reached as follows:
Data Protection Officer of the Max Planck Society
Hofgartenstraße 8
D-80539 Munich
Phone: +49 (89) 2108-1554
datenschutz [at] mpg [dot] de
F. Rights of data subjects
As a data subject whose personal data is collected in the context of the above-mentioned services, you generally have the following rights, unless statutory exceptions apply in individual cases:
- Information (Art. 15 GDPR)
- Corrigendum (Art. 16 GDPR)
- Erasure (Art. 17 para. 1 GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection to processing (Art. 21 GDPR)
- Revocation of consent (Art. 7 para. 3 GDPR)
- Right to lodge a complaint with the supervisory authority (Art. 77 GDPR). For the MPG, this is the Bavarian State Office for Data Protection Supervision, P.O. Box 1349, 91504 Ansbach.