Data protection information

The Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG) takes the protection of your personal data very seriously. We process personal data gathered when visiting our websites in compliance with applicable data protection legislation. We neither publish your data nor transmit them to third parties on an unauthorized basis. In the following section, we explain which data we record when you visit one of our websites, and exactly how they are utilized:

A.    General information

1.    Scope of data processing

As a matter of principle, we gather and utilize users' personal data only to the extent required to ensure the functioning of our website and of our contents and services. The gathering and utilization of our users' personal data normally occurs after users have granted their consent. An exception occurs where data processing is legally permitted.

2.    Legal basis of data processing

To the extent that permission of the affected individual is obtained for the processing of personal data, Article 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

In the processing of personal data to fulfil a contract whose contractual party is the individual affected, Article 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing required to implement pre-contractual measures.

If processing is required to safeguard the justified interest of the MPG or a third party and the interests, basic rights and basic freedoms of the affected individual do not outweigh the first-mentioned interest, Article 6 (1) lit. f GDPR serves as the basis for such processing.

3.    Data deletion and storage duration

The affected individual's personal data are deleted or blocked as soon as the purpose of the storage ceases to apply. Storage can also occur if provided for by European or national legislators in EU regulations, acts or other legislation to which the MPG is subject. A blocking or deletion of data then occurs only if a storage period prescribed by one of the aforementioned norms expires, unless a necessity exists in relation to the further storage of the data for the arrangement of a contract or the fulfilment of a contract.

4.    Contact details of the individuals responsible

The entity responsible in the meaning of the General Data Protection Regulation and other national data protection acts as well as other data protection legislation is the

Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
Hofgartenstrasse 8
D-80539 Munich
Telephone: +49 (89) 2108-0
Contact form: https://www.mpg.de/kontakt/anfragen
Internet: https://www.mpg.de

The Data Protection Manager at the entity responsible is

Heidi Schuster
Hofgartenstrasse 8
D-80539 Munich
Telephone: +49 (89) 2108-1554
datenschutz@mpg.de

B.    Provision of the website and creation of log files

Each time you visit our website, our service and applications automatically record data and information from the computer system of the visiting computer.

The following data are gathered temporarily:

• Your IP address
• Date and time of your access to the website
• Address of the page visited
• Address of the previously visited website (referrer)
• Name and version of your browser/operating system (if transmitted)

These data are stored in our systems log files. These data are not stored together with the user's other personal data.

The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs in log files in order to ensure the website's functionality. The data also help us optimize the websites, eliminate malfunctions and ensure our IT system security. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.

The data are deleted as soon as they are no longer required to achieve the purpose for which they were gathered. If data are gathered for the provision of the website, this is the case if the respective visit is ended. In the instance that data are stored in log files, this is the case after seven days at the latest. Storage above and beyond this period is possible. In this case, the users' IP addresses are deleted or removed so they can no longer be allocated to the visiting client.[1]

The recording of data for the provision of the website and the storage of data in log files is essential to operate the website. As a consequence, users do not have an option to revoke such data recording.

C.    Web analysis

For the statistical data recording of utilization behaviour, we deploy the Matomo web analysis program (formerly: Piwik), which utilizes cookies and JavaScript to collect various information on your computer and transmit it to us automatically. Each time you visit our websites, our system records the following data and information from the visiting computer's computer system:

• IP address, anonymized by shortening
• Two cookies to differentiate different visitors (pk_id and pk_sess)
• Previously visited URL (referrer), if communicated by the browser
• Name and version of the operating system
• Name, version and language setting of the browser

Additionally, if JavaScript is activated:

• URLs visited on this website
• Times at which pages are visited
• Type of HTML queries
• Screen resolution and colour depth
• Formats and techniques supported by the browser (e.g. cookies, Java, Flash, PDF, WindowsMedia, QuickTime, RealPlayer, Director, SilverLight, Google Gears)

Data are stored and evaluated exclusively on a central server operated by MPG. Along with the central www.mpg.de website, it is utilized by most Max Planck institutes and many of the project websites allocated to MPG.

The legal basis for the processing of users' personal data is Article 6 (1) lit. f GDPR. Processing of users' personal data enables us to analyze our users' utilization behaviour. The evaluation of the data we obtain enables us to aggregate information about the utilization of our websites' individual components. This helps us constantly improve our websites and their user-friendliness. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes. The anonymization of the IP address sufficiently takes into consideration users' interest in the protection of their personal data.

The data are deleted after the formation of the conclusive annual sums for access statistics.

It goes that saying that you are able to revoke data gathering. You have the following independent possibilities to revoke data recording by the central server:

1.             In your browser, activate the do-not-track or do-not-follow settings. If these settings are active, our central server will not store any data relating to you. Important: The do-not-track instruction generally applies only for the device and browser in which you activate the setting. If you utilize several devices/browsers, you will need to separately activate do-not-track in all relevant locations.

2.           Utilize our opt-out function. Click the following selection box https://www.mpg.de/privacy-policy/data-collection-opt-out in order to stop data recording or to reactivate it. If the selection box is deactivated, our central server will not store any data about you. Important: For the opt-out, we have to store a special recognition cookie in your browser. If you delete it or utilize another PC/browser, you will need to revoke data recording again on this page.

These data are not stored together with the user's other personal data.

D.   Utilization of cookies

Our website utilizes cookies. Cookies are text files stored in the Internet browser or by the Internet browser on the user's computer system. If a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a sequence of characters enabling the browser to be clearly identified when visiting the website again.

We deploy cookies to make our website more user-friendly. Some elements of our website also technically require the identification of the visiting browser after a change of page. The following data are saved and transmitted in the cookies:

• Language settings (localization) of the browser: session cookie i18next
• Session data (click path, pages visited, current language, and, where relevant, error messages for forms: session cookie MPG_session_r

Both cookies are deleted when the session is closed.

The legal basis for personal data processing while utilizing cookies is Article 6 (1) lit. f GDPR. The purpose of utilizing technically necessary cookies is to simplify the utilization of websites for users. Some of our website's functions cannot be offered without the utilization of cookies. For these, it is necessary that the browser can also be re-identified following a change of page. We require cookies for the following applications:

• Transferring the browser's language setting: automatic selection of the homepage and spelling
• Noting of form data entered: terms and entries in the contact form utilized in searches within the website (section F)

User data gathered by technically necessary cookies are not utilized to prepare user profiles. Our justified interest in personal data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.

Cookies are stored on the user's computer, which transmits them to our site. For this reason, you, as the user, also have full control over the utilization of cookies. You can deactivate or restrict the transmission of cookies through changing your Internet browser settings. Cookies that have already been saved can be deleted at any time. This can also occur automatically. If cookies for our website are deactivated, you may find not all of the website's functions can continue to be utilized in full.

In addition, we also utilize cookies on our website to enable users' utilization behaviour to be analyzed. For more information on this topic, please refer to the information provided under C.

 

E.    Data transmission

The management and storage of your personal information occurs in the case of selected services

• Newsletter
• Contact form
• Registering for the "abo.mpg.de" subscription management

As part of contract data processing on the systems of Infopark AG, Berlin.

Your personal data will only be conveyed to state institutions and authorities in legally essential cases or for criminal prosecution based on attacks on our network infrastructure. The data are not transmitted to third parties for other purposes.

 

F.    Rights of individuals affected

As an individual whose personal data are gathered as part of the aforementioned services, you have, in principle, the following rights, to the extent that no legal exceptions are applicable in individual cases:

• Information (Article 15 GDPR)
• Correction (Article 16 GDPR)
• Deletion (Article 17 (1) GDPR)
• Restriction of processing (Article 18 GDPR)
• Data transmission (Article 20 GDPR)
• Revocation of processing (Article 21 GDPR)
• Revocation of consent (Article 7 (3) GDPR)
• Right to complain to the regulator (Article 77 GDPR). For the MPG, this is the Bayerisches Landesamt für Datenschutzaufsicht, Postfach 1349, 91504 Ansbach

  ---

   

Information on data processing in conformity with Art. 14 General Data Protection Regulation

 

1. Contact details of the controller

We, the Max-Planck-Institut für molekulare Physiologie, Otto-Hahn-Str. 11, D-44227 Dortmund, Telefon: +49 (231) 133-0, provide the following social media websites:

• Facebook: https://www.facebook.com/mpidortmund
• Instagram: http://www.instagram.com/mpi_dortmund
• Twitter: twitter.com/mpimoph
• YouTube: https://www.youtube.com/channel/UCMZsMcgDKX3y_Oa18iZVQCg
• LinkedIn:https://www.linkedin.com/company/max-planck-institute-for-molecular-physiology-dortmund-germany

As the provider of these websites, we, the Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V., work together with the provider of the respective social media platform in the sense of Art. 4 No. 7 of the General Data Protection Act (GDPR):

• Meta Platforms Ireland Ltd. (Facebook, Instagram)
• Google Ireland Ltd. (YouTube)
• New Work SE (Xing)
• LinkedIn Ireland Unlimited Company (LinkedIn)
• Twitter International Company (Twitter)

When you visit our social media websites, the controller processes personal data. Below we will inform you of which data these are, how they are processed and what rights you have in this context. We as the controller of these websites have concluded agreements with the provider of the respective social media platform which e.g. set out the conditions for using the websites. The terms of use of the respective provider and the terms and conditions and guidelines listed there at the end are relevant here.

 

1. Use of insights and cookies

The providers of the social platforms also provide us with user statistics (so-called analytical services or page insights data) for our websites on the social media platforms based on the actions and interactions of our followers (e.g. likes, shares, comments etc., the number of following, individual page area access, scope of a contribution as well as statistics about the followers based on age, language, place of origin or interests), which help us to contact our followers and interested parties, understand the use and scope of our contributions, evaluate contents and identify user preferences and design our websites on the social media platforms to be as target-group-friendly as possible. We cannot influence or access the creation or processing of these user statistics and the underlying data; this is performed on the sole responsibility of the provider of the respective social media platform.

The provider of the respective social media platform receives, records and processes the information stored in the cookies. This also includes services provided by the provider or the provider group of the social media platforms as well as services provided by other companies that use the social media platforms and which are visited by the user. In addition, other positions such as partners or even third parties can use cookies on the social media platforms to provide services to the companies advertising on the social media platforms. For more information on the use of cookies by the provider, please see the latter's Cookie Policy.

 

1. Contact details of the Data Protection Officer

The contact details of the MPG Data Protection Officer are: Hofgartenstraße 8, D-80539 Munich, Tel.: +49 (89) 2108-1554, Email: datenschutz@mpg.de

 

1. Purposes of data processing

The data entered on our websites on social media platforms such as comments, questions, videos, images, likes, public messages, job preferences and selection etc. are published by the provider of the social media platform and only used or processed by us for the purposes listed below. We reserve the right to delete contents, where necessary. If applicable, we will share our contents on our website, if this is a function of the website and communicate with you via the website.

The websites provided by us contain links to our other company sites on social media platforms. You can identify links to the websites of the social media platforms e.g. by the respective company logo. If you follow this link, you can reach our company sites on the respective social media platforms. When you click on a link to a social media platform, a connection is established with the servers of the social media platform. This informs us that you have visited our website. In addition, further data is transmitted to the providers of the social media platform. These are, for example:

• Address of the website with the activated link
• Data and time of the website access and activation of the link
• Information about the browser and operating system used
• IP address

If you are already logged into the respective social media platform at the time that you activate the link, the provider of this social media platform may be able to determine your user name or even your real name based on the transmitted data and attribute this information to your personal user account on the social media platform. You can prevent this allocation to your personal user account, if you log out of your user account first.

 

Establishing contact

You can contact us via several of our websites on social media platforms. We process your data in order to answer your query and, if applicable, to send you the requested information materials. Your data may also be transmitted to the position responsible for your query. This position may be a third party. A transmission only takes place, if we are authorized to carry out the transmission under data protection law.

If you send us a query on the social media platforms, we may, depending on the required response, also refer to other, secure communication channels which guarantee confidentiality.

You always have the option to send us confidential enquiries via our address listed under contact details.

 

Statistical evaluations

Information processing is intended to allow us as the provider of the social media website to receive statistics (so-called page insights data) which the provider of the social media platform makes available based on the visits to our website. For example, it enables us to gain knowledge about the profiles of the visitor who like our website or use the applications on our website, so that we can provide them with more relevant contents and develop functions which may be of greater interest to them.

In order for us to better understand how to use our website to better reach our interested users, the recorded information is also subjected to demographic and geographical analyses which are then made available to us. We can use this information in order to offer targeted interest-based contents without obtaining direct knowledge of the visitor's identity. Where visitors use social media platforms on several devices, the recording and analysis can also be implemented across several devices, if these are registered users who are logged into their profiles.

The created visitors’ statistics are transmitted exclusively in an anonymized format. We do not have any access to the underlying data.

You can find more information on the processing of your personal data by the provider of the respective social media platform in the context of creating and processing user statistics by checking the information about user statistics on the following websites by the respective social media platform:

• Meta Platforms Ireland Ltd. (Facebook, Instagram)
• Google Ireland Ltd. (YouTube)
• LinkedIn Ireland Unlimited Company (LinkedIn)

 

1. Legal basis for data processing

We provide these social media websites in order to present ourselves to the users and other interested parties who visit our websites and to communicate with them. The personal user data are processed on the basis of our legitimate interests in an optimized company and product presentation (Art. 6 para. 1 lit. f GDPR).

 

1. Recipients or categories of recipients

We do not transfer the data to third parties.

The servers of the social media platforms are located in the USA and in other countries outside the European Union. As a result, the providers of the social media platform can also use the data in countries outside the European Union. Please note that companies in these countries are subject to data protection law that does not generally protect personal data to the same extent as is the case in the European Union.

Please note that we cannot influence the scope, type and purpose of the data processing by the provider of the social media platform. For more information on the use of your data by the social media platform linked to on our website, please see the privacy policies of the respective social media platforms:

• Meta Platforms Ireland Ltd. (Facebook, Instagram)
• Google Ireland Ltd. (YouTube)
• New Work SE (Xing)
• LinkedIn Ireland Unlimited Company (LinkedIn)
• Twitter International Company (Twitter)

 

1. Duration of storage

We do not save the data.

 

1. Rights of the data subject

You have the right to information about your data saved at the MPG, the right to correction of the data, if these are incorrect, the right to deletion of data stored inappropriately and the right to data portability. You also have the right to lodge a complaint with the supervisory authority. For the MPG, this is the Bavarian State Office for Data Protection Supervision [Bayerische Landesamt für Datenschutzaufsicht], PO Box 1349, 91504 Ansbach.

 

1. Source of data

The data are not collected directly from the data subjects but instead made available by the provider of the social media platform:

• Meta Platforms Ireland Ltd. (Facebook, Instagram)
• Google Ireland Ltd. (YouTube)
• New Work SE (Xing)
• LinkedIn Ireland Unlimited Company (LinkedIn)
• Twitter International Company (Twitter)