You will find further information on the controller in our Legal Notices.
II. What we do:
FIZ Karlsruhe offers you web pages for information purposes and online products (hereinafter summarized as our “digital offers”). We process personal data collected from the visitors of our digital offers exclusively in compliance with data protection laws. The legal basis of data protection can be found in the General Data Protection Regulation (GDPR), the German Federal Data Protection Act (Bundesdatenschutzgesetz) in its valid form and the German Telemedia Act (Telemediengesetz).
The sections below will inform you about the type and scope of data we collect, the reasons why we collect them, and the way in which they are used and processed. We use these data only for the purposes we specify.
In general, you may use our web pages without providing any additional personal information.
If you would like to use our online products, you will in most cases need a user account (individual access) for which we will collect personal data from you. In addition, in relation to these products, special rules may apply about which you will be informed separately in the respective Terms and Conditions.
III. What do we know about your use of our digital offers?
1. Log Files
By default, our server will store the following user information in a log file whenever our digital offers are used:
IP address used
If you have logged in: your user ID
Operating system used
Searches, if applicable
Date and time of access
Volume of data sent and received (bytes)
Address of the web page from which our page was accessed (referrer)
We use the log file data exclusively to
trace our customers’ movements through our digital offers in case of malfunctions in order to identify the malfunction and to
trace our visitors’ actions if there is specific indication that our digital offers have been used in an illegal manner.
The legal basis for the usage modalities mentioned above is art. 6(1)(f) GDPR. We will not use the user data contained in the log files, in particular the IP address, for any purposes other than those mentioned above.
We will delete the log files and the information contained therein after 90 days at the latest. This does not apply in cases where there is specific indication that our digital offers were used in an illegal manner. In this case the data will be stored until the matter is settled.
2. Collection and analysis of user data for statistical purposes
We use “Matomo” – an open source software product – to statistically analyze our visitors‘ user behavior. Whenever you access our digital offers, we store the following information in a database via Matomo by default:
The IP address used in anonymized form
Operating system used
Browser used (including language settings, screen resolution, plug-ins and operating system used)
Pages visited with date and time of access
Names of the documents you have downloaded from our pages
Volume of data sent and received (bytes)
Address of the web page from which you accessed our digital offer (“referrer”)
Address of the web pages that you visited from our digital offers (“outlinks”)
We make sure that the data about the individually accessed pages of our digital offers (usage data) are anonymized directly after the page was accessed. We use these anonymized data only for statistical purposes and to improve our digital offers. For this purpose we
gather statistical information on aggregate use,
analyze the general use of individual web pages,
analyze information on the operating systems and browsers our customers use, in order to ensure optimum user experience.
We do not identify the place from which you access our digital offers (geolocalization). We only use the primary language settings of the browser in order to roughly allocate our visitors to certain countries.
If you do not want any cookies to be stored on your computer you must disable this function according to the instructions provided in your web browser. As a consequence, however, you will no longer be able to use certain features of our website (e.g., auto-saving of facets or language settings).
3.1 Tracking cookies
As an alternative, you may tell us you do not want us to keep a log of your activities on our digital offer. In this case we will store a cookie containing this information on your computer. As long as this cookie is installed on your end device, we will not log any of your visits to our digital offers made from this end device. Should you use several end devices to access our digital offers (e.g., a computer and a mobile phone), you have to repeat this procedure for each device.
3.2 Cookies storing settings and preferences
3.3 Cookies required for technical reasons in order to allow for sessions
4. Sharing content through social networks
We do not use any mechanisms that automatically transmit data to providers of social networks when our digital offers are visited. Some of our digital offers allow for the sharing of pages through social networks. To be able to share a page, you have to activate the social network’s button by mouse click first. Only upon your activating the button will the provider of the social network learn that you are using our digital offer. You have to carry out this process for each individual page of our digital offer you would like to share.
5. Using FIZ Karlsruhe’s online products and tools
5.1 Online products
In general, you will need a user account and/or a contract to use our online products. Depending on the product, you can either register directly online or have the account created by our customer service.
If you have concluded a contract with us in order to use our digital offers, the personal data required to perform this contract are processed according to art. 6(1)( b) GDPR.
Beyond performing our contractual obligations we will process your data if this is necessary in order to safeguard a legitimate interest of our own or of third parties. The legal basis is art. 6(1)(f) GDPR.
If we request your consent to the processing of personal data, this consent will be the legal basis according to art. 6(1)(a) GDPR.
We may be bound by law to process your personal data, for example, to fulfil tax obligations. In this case the data are processed according to art. 6(1)(c) GDPR.
If we have to process your data for a task that is of public interest, the data are processed according to art. 6(1)(e) GDPR.
The personal data are stored for the duration of the contract or as long as there is another legal basis for it, and for the relevant or mandatory retention periods.
5.2 Online tools for collaboration in projects
In order to use our online tools for collaboration in projects, you usually need to have a user account that our administration will set up for you at your request. We process your data in order to protect legitimate interests of us or third parties. Art. 6(1)(f) GDPR forms the legal basis for this. In this respect, the legitimate interests for the processing of personal data are to enable and organize efficient cooperation between distributed project teams. Personal data is stored for the duration of the contractual relationship or for as long as another legal basis exists and within existing retention periods.
5.3 Videoconference systems
We use videoconference systems to collaborate with our partners and their staff or within the scope of workshops and training.
To the extent that personal data of FIZ Karlsruhe staff are processed, Art. 26 BDSG and Art. 6 para. 1 lit. f) GDPR are the legal basis for the data processing. In these cases, our interest is to efficiently perform the online meetings. For all other data subjects, the legal basis for data processing when performing online meetings is Art. 6 (1) lit. b) GDPR, if the meetings are conducted in the context of contractual relationships. If there is no contractual relationship, the legal basis is Art. 6 para. 1 lit. f) GDPR. Here, too, our interest lies in the effective performance of online meetings.
When using our website, you may also request further information or support in using our digital offers, i.e., if you
provide feedback online
participate in a promotional offer or product test
request an e-mail notification
subscribe to a newsletter
subscribe to a mailing list
In this case we will ask for the necessary personal data and a separate declaration of consent, if required. You consent will then constitute the legal basis according to art. 6, section 1 lit. a GDPR.
Receiving information from us is not mandatory. If we have obtained your consent, your personal data will only be used for the purposes covered by this consent.
Revocation of consent
You have the right to revoke your consent to the use of personal data connected with the aforementioned services at any time. Please note that you will no longer be able to use the services in question after you have revoked your consent.
7. Personal Metadata
In some of our digital offers we are processing metadata from scientific publications (including publications of data). Metadata describe a publication in order to identify it and to make it easily retrievable. These metadata also contain personal information that was either published by the respective persons themselves or that we have taken from publicly available sources:
Names of the authors or the persons who generated the data
Persistent, unambiguous person identifiers (e.g., ORCID, VIAF, GND-ID, WikiData-ID)
Information about which institution the persons belong to
Hyperlinks to authors’ academic websites
These personal metadata are usually processed together with other, non-personal descriptive metadata (e.g., the title of the publication, abstract, copyright holder). The purposes for which the data are processed and published include
Supporting the scientific discourse,
Searching for and providing publications,
Acknowledging and correctly attributing scientific achievements,
Archiving global research knowledge, and
Persistently providing the descriptive metadata as a set of research data.
All metadata are permanently stored within the scope of providing our services.
The legal basis for processing and publishing these data is GDPR art. 6(1)(f).
The descriptive metadata are processed for research and storage purposes and are required in order to fulfil the specific purposes mentioned above. Therefore, the persons concerned may only object on grounds of their particular situation and if the interests, basic rights and fundamental freedoms of the persons concerned prevail over the legitimate interest mentioned above.
We are always interested in correcting faulty metadata and completing incomplete sets of metadata, if necessary. Therefore, we are very grateful for any hint on missing data and errors to be corrected. Just contact us at one of the addresses listed in section VI.6.
IV. Disclosure of personal data
1. Personal data that were already published by you or by a third party
Depending on the digital offer, we make the descriptive metadata of scientific publications available to the public through websites, data interfaces (“API“) or as complete download in various machine-readable data formats.
2. Personal data that were not yet published
Your personal data will not be sold or in any other way disclosed to any third parties for marketing or other business purposes without your consent. Please note that other websites that can be accessed through our digital offers may request personal data from you. This data protection policy does not apply to any third-party sites.
Personal data will only be disclosed to public authorities if this is required by law, in particular in order to protect the national or public security, or for the purpose of criminal prosecution.
FIZ Karlsruhe reserves the right to use your data to assert or to defend legal claims.
V. Data security
FIZ Karlsruhe’s digital offers have appropriate security measures in place to prevent the loss, misuse, and unauthorized alteration of your personal data. These include
end-to-end encryption of data transmitted between you end device and our web pages,
protection of our computer systems by modern firewall systems,
regular security updates,
regular backups, and
login and access control.
We strive to best protect your personal data in compliance with the relevant data protection laws. However, FIZ Karlsruhe cannot absolutely ensure the security of the data you transmit to us. Therefore, that transfer of data is at your own risk.
In your own interest, please be careful and responsible whenever you are online and protect your personal information against unauthorized third-party access.
VI. Your Rights
1. Right of access by the data subject (Art. 15 GDPR)
Upon request, FIZ Karlsruhe will inform you in writing or by e-mail if your personal data are stored with us and which forms of your personal data are stored with us. If you find factual inaccuracies in your personal data previously transmitted to FIZ Karlsruhe, please contact us by e-mail or at the address below and indicate the required changes or corrections.
2. Right to rectification (Art. 16 GDPR)
Should you detect errors in your personal data stored by us, or if your personal data have changed, you have the right to have these data corrected or updated.
3. Right to erasure (Art. 17 GDPR)
You have the right to have your personal data we have stored blocked or deleted, provided that this does not conflict with any of the reasons listed in art. 17 sect. 3 lit. a-e GDPR.
4. Right to restriction of processing (Art. 18 GDPR)
You have the right to restrict the processing of your personal data stored with us under the conditions outlined in art. 18, sect. 1 GDPR.
5. Right to data portability (Art. 20 GDPR)
You also have the right to receive your personal data that you have provided to us in a structured, common, machine-readable format.
6. Right to object (Art. 21 GDPR)
You also have the right to object at any time to the processing of your personal data on the basis of art. 6 sect. 1 lit. e or f GDPR on grounds relating to your particular situation.
To exercise your rights please contact us informally by mail or e-mail at one of the addresses listed below and describe your concern as precisely as possible. If necessary, we will ask you for further information in order to be able to examine your request.
Address of our Data Protection Officer:
FIZ Karlsruhe – Leibniz-Institut für Informationsinfrastruktur GmbH
You also have the right to lodge a complaint with the competent supervisory authority.
If you have any further questions relating to our data protection policy, to our digital offers or to the relevant modalities of their access and use, please send an e-mail to our customer service department: firstname.lastname@example.org