Privacy Policy

At FIZ Karlsruhe – Leibniz-Institut für Informationsinfrastruktur GmbH (hereinafter referred to as “FIZ Karlsruhe“, “we” or “us” ) ensuring the security and protection of your personal data is a primary concern. We would therefore like to inform you on how, to what extent, and for which purposes we collect, process and use your personal data.

I. Controller

Controller according to art. 4(7) of the General Data Protection Regulation (GDPR) is

FIZ Karlsruhe – Leibniz-Institut für Informationsinfrastruktur GmbH

Hermann-von-Helmholtz-Platz 1

76344 Eggenstein-Leopoldshafen

You will find further information on the controller in our Legal Notices.

 

II. What we do:

FIZ Karlsruhe offers you web pages for information purposes and online products (hereinafter summarized as our “digital offers”). We process personal data collected from the visitors of our digital offers exclusively in compliance with data protection laws. The legal basis of data protection can be found in the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz) in its valid form and the German Telemedia Act (Telemediengesetz).

The sections below will inform you about the type and scope of data we collect, the reasons why we collect them, and the way in which they are used and processed. We use these data only for the purposes we specify.


In general, you may use our web pages without providing any additional personal information. 


If you would like to use our online products, you will in most cases need a user account (individual access) for which we will collect personal data from you. In addition, in relation to these products, special rules may apply about which you will be informed separately in the respective Terms and Conditions.


III. What do we know about your using our digital offers?

1. Log Files

By default, our server will store the following user information in a log file whenever our digital offers are used:

  • IP address used
  • If you have logged in: your user ID
  • Operating system used
  • Browser used
  • Pages visited
  • Searches, if applicable
  • Date and time of access
  • Volume of data sent and received (bytes)
  • Address of the web page from which our page was accessed (referrer)
  • Email/delivery address, if applicable, on the basis of the relevant legal basis and separate Terms and Conditions or Terms of Use

We use the log file data exclusively to 

  1. trace our customers’ movements through our digital offers in case of malfunctions in order to identify the malfunction and to

  2. trace our visitors’ actions if there is specific indication that our digital offers have been used in an illegal manner.


The legal basis for the usage modalities mentioned above is art. 6(1)(f) GDPR. We will not use the user data contained in the log files, in particular the IP address, for any purposes other than those mentioned above.


We will delete the log files and the information contained therein after 90 days at the latest. This does not apply in cases where there is specific indication that our digital offers were used in an illegal manner. In this case the data will be stored until the matter is settled.


2. Collection and analysis of user data for statistical purposes

We use “Matomo” – an open source software product – to statistically analyze our visitors‘ user behavior. Whenever you access our digital offers, we store the following information in a database via Matomo by default:

  • The IP address used in anonymized form
  • Operating system used
  • Browser used (including language settings, screen resolution, plug-ins and operating system used)
  • Pages visited with date and time of access
  • Names of the documents you have downloaded from our pages
  • Volume of data sent and received (bytes)
  • Address of the web page from which you accessed our digital offer (“referrer”)
  • Address of the web pages that you visited from our digital offers (“outlinks”)

We make sure that the data about the individually accessed pages of our digital offers (usage data) are anonymized directly after the page was accessed. We use these anonymized data only for statistical purposes and to improve our digital offers. For this purpose we

  1. gather statistical information on aggregate use,
  2. analyze the general use of individual web pages,
  3. gather information on the operating systems and browsers our customers use, in order to ensure optimum user experience.


We do not identify the place from which you access our digital offers (geolocalization). We only use the primary language settings of the browser in order to roughly allocate our visitors to certain countries.   


3. Cookies

Cookies are text files that we store on your computer. They enable us to monitor over a defined period of time when and how you use our digital offers. We use cookies for various purposes that are described below.


If you do not want any cookies to be stored on your computer you must disable this function according to the instructions provided in your web browser. As a consequence, however, you will no longer be able to use certain features of our website (e.g., auto-saving of facets or language settings).

3.1 Tracking cookies

The “Matomo” software tool described in section 2 uses cookies to enable us to track your access to our digital offers for statistical purposes. We collect these data in anonymized form. We always read these data separately according to the digital offer in question. If our digital offers have not been used for seven days, our cookie will expire and automatically be deleted by your browser.


As an alternative, you may tell us you do not want us to keep a log of your activities on our digital offer. In this case we will store a cookie containing this information on your computer. As long as this cookie is installed on your end device, we will not log any of your visits to our digital offers made from this end device. Should you use several end devices to access our digital offers (e.g., a computer and a mobile phone), you have to repeat this procedure for each device.

 

3.2 Cookies storing settings and preferences

We also use cookies to store your settings, e.g., your preferred language. A pop-up message within our digital offer will notify you that we are using these cookies. If you accept this, we will store the information in question in a cookie on your computer. Usually, the lifetime of such cookies ranges from some months to more than one year.


3.3 Cookies required for technical reasons in order to allow for sessions

Finally, we use cookies for technical reasons to be able to unambiguously allocate the large number of simultaneous visits to their respective users. They enable us to create “sessions” during which you can perform actions built upon one another. These cookies are automatically deleted at the end of a session (by logout or by closing the tab or the browser used to access our digital offer). 


4. Sharing content through social networks

We do not use any mechanisms that automatically transmit data to providers of social networks when our digital offers are visited. Some of our digital offers allow for the sharing of pages through social networks.  To be able to share a page, you have to activate the social network’s button by mouse click first. Only upon your activating the button will the provider of the social network learn that you are using our digital offer. You have to carry out this process for each individual page of our digital offer you would like to share.    

 


5. Using FIZ Karlsruhe’s online products

In general, you will need a user account and/or a contract to use our online products. Depending on the product, you can either register directly online or have the account created by our customer service. 

If necessary, we will provide you with further information relevant to the separate Terms and Conditions or Terms of Use for our online products. The regulations contained therein and the purposes for which we are using the personal data that are mentioned in these Terms and Conditions or Terms of use have the following legal basis:

 

  • If you have concluded a contract with us in order to use our digital offers, the personal data required to perform this contract are processed according to art. 6(1)( b) GDPR.
  • Beyond performing our contractual obligations we will process your data if this is necessary in order to safeguard a legitimate interest of our own or of third parties. The legal basis is art. 6(1)(f) GDPR.
  • If we request your consent to the processing of personal data, this consent will be the legal basis according to art. 6(1)(a) GDPR.
  • We may be bound by law to process your personal data, for example, to fulfil tax obligations. In this case the data are processed according to art. 6(1)(c) GDPR
  • If we have to process your data for a task that is of public interest, the data are processed according to art. 6(1)(e) GDPR
  • The personal data are stored for the duration of the contract or as long as there is another legal basis for it, and for the relevant or mandatory retention periods.

 


6. Receiving additional information

When using our website, you may also request further information or support in using our digital offers, i.e., if you 

  1. provide feedback online 
  2. participate in a promotional offer or product test
  3. request an e-mail notification
  4. subscribe to a newsletter
  5. subscribe to a mailing list. 


In this case we will ask for the necessary personal data and a separate declaration of consent, if required. You consent will then constitute the legal basis according to art. 6, section 1 lit. a GDPR


Receiving information from us is not mandatory.  If we have obtained your consent, your personal data will only be used for the purposes covered by this consent. 

Revocation of consent

You have the right to revoke your consent to the use of personal data connected with the aforementioned services at any time. Please note that you will no longer be able to use the services in question after you have revoked your consent.

 


7. Personal Metadata

In some of our digital offers we are processing metadata from scientific publications (including publications of data). Metadata describe a publication in order to identify it and to make it easily retrievable. These metadata also contain personal information that was either published by the respective persons themselves or that we have taken from publicly available sources:

  • Names of the authors or the persons who generated the data
  • Persistent, unambiguous person identifiers (e.g., ORCID, VIAF, GND-ID, WikiData-ID)
  • Information about which institution the persons belong to
  • Hyperlinks to authors’ academic websites 

These personal metadata are usually processed together with other, non-personal descriptive metadata (e.g., the title of the publication, abstract, copyright holder). The purposes for which the data are processed and published include

  • Supporting the scientific discourse,
  • Searching for and providing publications,
  • Acknowledging and correctly attributing scientific achievements,
  • Archiving global research knowledge, and
  • Persistently providing the descriptive metadata as a set of research data. 

All metadata are permanently stored within the scope of providing our services.

The legal basis for processing and publishing these data is GDPR art. 6(1)(f).

The descriptive metadata are processed for research and storage purposes and are required in order to fulfil the specific purposes mentioned above. Therefore, the persons concerned may only object on grounds of their particular situation and if the interests, basic rights and fundamental freedoms of the persons concerned prevail over the legitimate interest mentioned above.

We are always interested in correcting faulty metadata and completing incomplete sets of metadata, if necessary. Therefore, we are very grateful for any hint on missing data and errors to be corrected.  Just contact us at one of the addresses listed in section VI.6.

  


IV. Disclosure of personal data

1. Personal data that were already published by you or by a third party

Depending on the digital offer, we make the descriptive metadata of scientific publications available to the public through websites, data interfaces (“API“') or as complete download in various machine-readable data formats. 

 


2. Personal data that were not yet published 

Your personal data will not be sold or in any other way disclosed to any third parties for marketing or other business purposes without your consent. Please note that other websites that can be accessed through our digital offers may request personal data from you. This data protection policy does not apply to any third-party sites. 

Personal data will only be disclosed to public authorities if this is required by law, in particular in order to protect the national or public security, or for the purpose of criminal prosecution. 

FIZ Karlsruhe reserves the right to use your data to assert or to defend legal claims. .


V. Data security

FIZ Karlsruhe’s digital offers have appropriate security measures in place to prevent the loss, misuse, and unauthorized alteration of your personal data. These include

  • end-to-end encryption of data transmitted between you end device and our web pages, 
  • protection of our computer systems by modern firewall systems,
  • regular security updates,
  • regular backups, and
  • login and access control.

        We strive to best protect your personal data in compliance with the relevant data protection laws. However, FIZ Karlsruhe cannot absolutely ensure the security of the data you transmit to us. Therefore, that transfer of data is at your own risk. 

        In your own interest, please be careful and responsible whenever you are online and protect your personal information against unauthorized third-party access. 


        VI. Your Rights

        1. Right of access by the data subject (Art. 15 GDPR) 

        Upon request, FIZ Karlsruhe will inform you in writing or by e-mail if your personal data are stored with us and which forms of your personal data are stored with us. If you find factual inaccuracies in your personal data previously transmitted to FIZ Karlsruhe, please contact us by e-mail or at the address below and indicate the required changes or corrections. 

         


        2. Right to rectification (Art. 16 GDPR)

        Should you detect errors in your personal data stored by us, or if your personal data have changed, you have the right to have these data corrected or updated.  

         


        3. Right to erasure (Art. 17 GDPR)

        You have the right to have your personal data we have stored blocked or deleted, provided that this does not conflict with any of the reasons listed in art. 17 sect. 3 lit. a-e GDPR.

         


        4. Right to restriction of processing (Art. 18 GDPR)

        You have the right to restrict the processing of your personal data stored with us under the conditions outlined in art. 18, sect. 1 GDPR

         


        5. Right to data portability  (Art. 20 GDPR)

        You also have the right to receive your personal data that you have provided to us in a structured, common, machine-readable format.  

         


        6. Right to object (Art. 21 GDPR)

        You also have the right to object at any time to the processing of your personal data on the basis of art. 6 sect. 1 lit. e or f GDPR on grounds relating to your particular situation.   

        To exercise your rights please contact us informally by mail or e-mail at one of the addresses listed below and describe your concern as precisely as possible. If necessary, we will ask you for further information in order to be able to examine your request. 


        FIZ Karlsruhe – Leibniz-Institut für Informationsinfrastruktur GmbH
        Customer Service
        Hermann-von-Helmholtz-Platz 1
        76344 Eggenstein-Leopoldshafen
        Germany
        helpdesk(at)remove-this.fiz-karlsruhe(dot)de


        Address of our Data Security Officer:


        FIZ Karlsruhe – Leibniz-Institut für Informationsinfrastruktur GmbH
        Datenschutzbeauftragter
        Hermann-von-Helmholtz-Platz 1
        76344 Eggenstein-Leopoldshafen 
        Germany
        datenschutzbeauftragter(at)remove-this.fiz-karlsruhe(dot)de


        You also have the right to lodge a complaint with the competent supervisory authority.


        VII. Questions

        If you have any further questions relating to our data protection policy, to our digital offers or to the relevant modalities of their access and use, please send an e-mail to our customer service department:  helpdesk(at)remove-this.fiz-karlsruhe(dot)de

         


        Date: August 16, 2018