At FIZ Karlsruhe – Leibniz-Institut für Informationsinfrastruktur GmbH (hereinafter referred to as “FIZ Karlsruhe“, “we” or “us” ) ensuring the security and protection of your personal data is a primary concern. We would therefore like to inform you on how, to what extent, and for which purposes we collect, process and use your personal data.
What we do:
FIZ Karlsruhe offers you web pages for information purposes and online products (hereinafter summarized as our “digital offers”). We process personal data collected from the visitors of our digital offers exclusively in compliance with data protection laws. The legal basis of data protection can be found in the General Data Protection Regulation (GDPR), the Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG)) in its valid form and the Telemedia Act (Telemediengesetz (TMG)).
The sections below will inform you about the type and scope of data we collect, the reasons why we collect them, and the way in which they are used and processed. We use these data only for specified purposes.
In general, you may use our web pages without providing any additional personal information.
If you would like to use our online products, you usually will need a user account (individual access) for which we will collect personal data from you. In addition, different rules may apply about which you will be informed separately in the respective Terms and Conditions.
I. What do we know about your using our digital offers?
1. Log Files
By default, our server will store the following user information in a log file whenever our digital offers are used:
- IP address used
- If you have logged in: your user ID
- Operating system used
- Browser used
- Pages visited
- Search queries (where applicable)
- Date and time of access
- Volume of data sent and received (bytes)
- Address of the web page from which our page was accessed (referrer)
We use the log file data to
trace our customers’ movements through our digital offers in case of malfunctions in order to identify the malfunction and to
trace our visitors’ actions if there is specific indication that our digital offers have been used in an illegal manner.
The legal basis for the usage modalities mentioned above is art. 6, para 1 lit f GDPR. We will not use the user data contained in the log files, in particular the IP address, for any purposes other than those mentioned above.
We will delete the log files and the information contained therein after 90 days at the latest. This does not apply in cases where there is specific indication that our digital offers were used in an illegal manner. In this case the data will be stored until the matter is settled.
2. Collection and analysis of user data for statistical purposes
We use “Matomo“ – an open source software product – to statistically analyze our visitors‘ user behavior. Whenever you access our digital offers, we store the following information in a database via Matomo by default:
- The IP address used in anonymized form
- Operating system used
- Browser used (including language settings, screen resolution, plug-ins and operating system used
- Pages visited with date and time of access
- Names of the documents you have downloaded from our pages
- Volume of data sent and received (bytes)
- Address of the web page from which you accessed our digital offer (“referrer”)
- Address of the web pages that you visited from our digital offers (“outlinks”)
We make sure that the data about the individually accessed pages of our digital offers (usage data) are anonymized directly after the page was accessed. We use these anonymized data only for statistical purposes and to improve our digital offers. For this purpose we
- gather statistical information on aggregate use,
- analyze the general use of individual web pages,
- gather information on the operating systems and browsers our customers use, in order to ensure optimum user experience.
We do not identify the place from which you access our digital offers (geolocalization). We only use the primary language settings of the browser in order to roughly allocate our visitors to certain countries.
If you do not want any cookies to be stored on your computer you must disable this function according to the instructions provided in your web browser. As a consequence, however, you will no longer be able to use certain features of digital offers (e.g., auto-saving of facets or language settings).
3.1 Cookies for tracking user actions (“tracking cookies”)
As an alternative, you may tell us you do not want us to keep a log of your activities on our digital offer. In this case we will store a cookie containing this information on your computer. As long as this cookie is installed on your end device, we will not log any of your visits to our digital offers made from this end device.
Should you use several end devices to access our digital offers (e.g., a computer and a mobile phone), you have to repeat this procedure for each device.
3.2 Cookies storing settings and preferences
3.3 Cookies required for technical reasons in order to allow for sessions
4. Sharing content through social networks
We do not use any mechanisms that automatically transmit data to providers of social networks when our digital offers are visited. Some of our digital offers allow for the sharing of pages through social networks. To be able to share a page, you have to activate the button of the social network by mouse click first. Only upon your activating the button the provider of the social network will learn that you are using our digital offer. You have to carry out this activating process for each individual page of our digital offer you would like to share.
II. What other personal data do we collect and how do we use them?
1. Receiving additional information
When using our digital offers, you may also request further information, i.e., if you
- provide feedback online
- participate in a promotional offer or product test
- request an e-mail notification
- subscribe to a newsletter
- subscribe to a mailing list.
In this case we will ask for the necessary personal data and a separate declaration of consent, if required.
Receiving information from us is not mandatory. If we have obtained your consent, your personal data will only be used for the purposes covered by this consent.
Revocation of consent
You have the right to revoke your consent to the use of personal data connected with the aforementioned services at any time. Please note that you will no longer be able to use these services after you have revoked your consent.
2. Using FIZ Karlsruhe’s online products
You usually need a user account to use our online products. Depending on the product, you can either register directly online or have the account created by our customer Service.
III. Disclosure of personal data
Your personal data will not be sold or in any other way disclosed to any third parties for marketing or other business purposes without your consent. Please note that other websites that can be accessed through our digital offers may request personal data from you. This data protection policy does not apply to any third-party sites.
Personal data will only be disclosed to public authorities if this is required by law, namely in order to protect the national or public security, or for the purpose of criminal prosecution.
FIZ Karlsruhe reserves the right to use your data to assert or to defend legal claims.
IV. Data security
FIZ Karlsruhe’s digital offers have appropriate security measures in place to prevent the loss, misuse, and unauthorized alteration of your personal data. These include
- encryption of data transmitted between you end device and our digital offers,
- protection of our computer systems by modern firewall systems
- regular security updates
- regular backups and
- login and access control.
We strive to best protect your personal data in compliance with the relevant data protection laws. However, FIZ Karlsruhe cannot absolutely ensure the security of the data you transmit to us. Therefore, that transfer of data is at your own risk.
In your own interest, please be careful and responsible whenever you are online and protect your password and other information against unauthorized third-party access.
V. Right to be informed and to have data updated, corrected, or deleted
Upon request, FIZ Karlsruhe will inform you in writing or by e-mail if your personal data are stored with us and which forms of your personal data are stored with us. If you find factual inaccuracies in your personal data previously transmitted to FIZ Karlsruhe, please contact us by e-mail or at the address below and indicate the required changes or corrections. You also have the right to claim that data be blocked or deleted and incorrect data be corrected. In such case, please also contact us by e-mail or send a letter to one of the addresses below:
Address of our Data Security Officer:
If you have any further questions relating to our data protection policy, to our digital offers or to the relevant modalities of their access and use, please send an e-mail to our customer service department: helpdesk(at)fiz-karlsruhe(dot)de