The Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG) takes the protection of your personal data very seriously. We process personal data gathered when visiting our websites in compliance with the applicable data protection legislation and, as a matter of principle, only to the extent that this is necessary to provide a functioning website and our content and services. We neither publish your data nor transmit them to third parties on an unauthorized basis. In the following sections, we explain which data we record when you visit one of our websites, and how exactly they are utilized:
a. Type of data
Each time you visit our website, our service and applications automatically record data and information from the system of the visiting device.
The following data are gathered temporarily:
These data are stored in our systems' log files. There is no storage of these data together with other personal data relating to the user.
b. Legal basis
The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs in log files in order to ensure the website's functionality. The data also serve to optimize the websites, eliminate malfunctions and ensure our IT system security. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.
The recording of data for the provision of the website and the storage of data in log files are essential to operate the website. It is therefore not possible for the user to object.
c. Data deletion
The data are deleted as soon as they are no longer required in order to fulfil the purpose of their collection. If data are gathered for the provision of the website, this is the case if the respective visit is ended. In the event that data are stored in log files, this is the case after seven days at the latest. Storage above and beyond this period is possible. In this case, the users' IP addresses are deleted or removed so they can no longer be allocated to the visiting device.
a. Type of data
b. Legal basis
c. Data deletion
The cookies are deleted after closing the session.
The saving and analysis of data is carried out solely on a central server operated by the MPI.
It goes without saying that you have the opportunity to object to your data being collected. The following independent methods are available to you if you wish to object to data collection by the central server:
There is no storage of these data together with other personal data relating to the users.
The legal basis for the processing of personal data by means of cookies is Art. 6 (1) lit. f GDPR as well as § 25 para. 2 no. 2 TTDSG. The processing of the users' personal data enables us to analyze the usage behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of our websites. This helps us improve our websites and their user-friendliness on an ongoing basis. These purposes also constitute our legitimate interest in data processing according to Art. 6 (1) lit. f GDPR as well as § 25, para. 2, no. 2 TTDSG. By anonymizing the IP address, the users' interest in the protection of their personal data is sufficiently taken into account.
The data are deleted after the final annual totals have been arrived at for access statistics.
Our website offers users the opportunity to sign up for a free newsletter. When users sign up for the newsletter, the data from the input screen are transmitted to us. This generally consists of your email address, last name and first name. We inform you about the concrete processing of your data in the course of the sign-up process and obtain your consent accordingly. There is also a reference to this Data Privacy Statement. The data is solely used for sending out the newsletter.
The legal basis for processing the data after a user signs up for the newsletter is the user's consent according to Art. 6 (1) lit. a GDPR. The purpose of collecting data is to deliver the newsletter.
The legal basis for voluntary tracking is Art. 6 (1) lit. a GDPR.
The user's email address is therefore only saved for as long as the newsletter subscription is active. The newsletter subscription can be cancelled by the user in question at any time.
On our website, we offer you the opportunity to register for events by entering personal data via an input screen. As a rule, we ask for your email address, last name and first name. We inform you about the concrete processing of your data in the course of the registration operation and obtain your consent accordingly.
The legal basis for processing data is the existence of the user's consent according to Art. 6 (1) lit. a GDPR. If registration serves to fulfill a contract of which you are a contractual party or to implement pre-contractual measures, the additional legal basis for data processing is Art. 6 (1) lit. b GDPR.
The data are deleted as soon as they are no longer required in order to fulfill the purpose of their collection. This applies to the data collected during the registration operation if registration on our websites is withdrawn or altered. It applies to the registration operation to fulfill a contract or to implement pre-contractual measures if the data are no longer required in order to implement the contract. It may also be necessary to save the contractual partner's personal data after conclusion of the contract in order to meet contractual or statutory requirements.
You can withdraw registration at any time. You can have the data relating to you altered at any time; the procedure is described in detail during the actual registration operation. If the data are required to fulfill a contract or implement pre-contractual measures, premature deletion of the data is only possible if this is not prevented by contractual or statutory obligations.
The management and storage of your personal details is carried out by selected services
within the scope of commissioned data processing on systems of our service providers.
Your personal data are only transmitted to public institutions and authorities if legally required or for the purpose of criminal prosecution due to attacks on our network infrastructure. The data are not shared with third parties for any other purposes.
The controller within the meaning of the General Data Protection Regulation and other national data protection acts as well as other data protection legislation is the
The controller’s Data Protection Officer can be reached as follows:
As a data subject whose personal data are collected in the context of the above-mentioned services, you generally have the following rights unless legal exceptions apply in individual cases: