Data Protection Declaration

We are delighted that you have visited our website. Below we would like to inform you about the handling of your data in accordance with Art. 13 of the General Data Protection Regulation (GDPR)

Person Responsible

The controller for the data processing described below is the entity named in the legal notice.

Usage Data

When you visit our websites, so-called usage data is temporarily evaluated on our web server for statistical purposes as a log in order to improve the quality of our websites. This data record consists of

  • the name and address of the requested content,</li
  • the date and time of the request,</li
  • the amount of data transferred,</li
  • the access status (content transferred, content not found),</li
  • the description of the web browser and operating system used,</li
  • the referral link, which indicates from which page you came to ours,</li
  • the IP address of the requesting computer, which is shortened so that a personal reference can no longer be established</li

The aforementioned log data is only analyzed anonymously.

The legal basis for the processing of usage data is Art. 6 para. 1 sentence 1 lit. f GDPR. The processing is carried out in the legitimate interest of providing the content of the website and ensuring a device- and browser-optimized display.

Data Security

We take technical and organizational measures to protect your data from unwanted access as comprehensively as possible. We use an encryption process on our websites. Your data is transmitted from your computer to our server and vice versa via the Internet using TLS encryption. You can usually recognize this by the fact that the lock symbol in the status bar of your browser is closed and the address line begins with https://.

Required Cookies

We use cookies on our websites that are necessary for the use of our websites.

Cookies are small text files that are stored on your end device and can be read. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.

We do not use these necessary cookies for analysis, tracking or advertising purposes.

Some of these cookies only contain information on certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security and implementation of the site.

We use these cookies on the basis of our legitimate interest pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

You can set your browser to inform you about the placement of cookies. You can also delete them at any time via the corresponding browser setting and prevent the setting of new cookies. Please note that our websites may then not be displayed in full and some functions may no longer be technically available.

Consent Banner

We use a consent management platform (consent or cookie banner) on our websites. The processing in connection with the use of the consent management platform and the logging of the settings you have made is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR, in our legitimate interest to display our content according to your preferences and to be able to prove the consent(s) you have given. The settings you have made, the consent you have given and parts of your usage data are stored in a cookie. This means that it is retained for subsequent page requests and your consent can still be tracked. You can find further information on this under the heading “Required cookies”.

The provider of the consent management platform, Borlabs, works for us as a strictly instruction-bound service provider (processor). An order processing contract in accordance with Art. 28 GDPR has been agreed with this provider.

Anonymous Visitor Measurement

We carry out anonymous visitor measurement on our websites. For this purpose, the log data of the web server and the shortened IP address are evaluated. It is not possible to draw conclusions about your person.

Third-Party Tracking Technologies for Advertising Purposes

We use cross-device tracking technologies so that you can be shown targeted advertising on other websites based on your visit to our website and we can recognize how effective our advertising measures were.

Data processing takes place on the basis of your consent, provided you have given your consent via our banner. Your consent is voluntary and can be revoked at any time.

How does the tracking work?

When you visit our websites, it is possible that the third-party providers mentioned below may retrieve recognition features for your browser or your end device (e.g. a so-called browser fingerprint), evaluate your IP address, store or read recognition features on your end device (e.g. cookies) or gain access to individual tracking pixels.

The individual features can be used by third-party providers to recognize your device on other websites. e can commission the relevant third-party providers to place advertisements based on the pages you visit on our website.

What Does Cross-Device Tracking Mean?

If you log in to the third-party provider with your own user data, the respective recognition features of different browsers and end devices can be linked together. For example, if the third-party provider has created a separate feature for the laptop, desktop PC or smartphone or tablet you are using, these individual features can be assigned to each other as soon as you use a service of the third-party provider with your login data. In this way, the third-party provider can also target our advertising campaigns across different end devices.

Which third-party providers do we use in this context?

Below we list the third-party providers with whom we work for advertising purposes. If the data is processed outside the EU or the EEA (in particular in the USA) in this context, we provide information on the level of data protection in the following table.

Provider Maximum storage period Adequate level of data protection Revocation of consent
Meta (Threads) ​​For transfers to the USA, an adequate level of data protection is guaranteed due to the provider’s certification under the adequacy decision (EU-U.S. Data Privacy Framework) If you wish to revoke your consent, please click here and make the appropriate setting via our banner
LinkedIn ​​For transfers to the USA, an adequate level of data protection is guaranteed due to the provider’s certification under the adequacy decision (EU-U.S. Data Privacy Framework) If you wish to revoke your consent, please click here and make the appropriate setting via our banner

Embedded videos

We embed videos on our websites that are not stored on our servers. To ensure that accessing our websites with embedded videos does not automatically result in the third-party provider’s content being reloaded, we only display locally stored preview images of the videos in a first step. This means that the third-party provider does not receive any information.

Only after clicking on the preview image is the third-party provider’s content loaded. As a result, the third-party provider receives the information that you have accessed our site and the usage data technically required in this context. In addition, the third-party provider is then able to implement tracking technologies. e have no influence on further data processing by the third-party provider. By clicking on the preview image, you give us your consent to load content from the third-party provider.

The embedding takes place on the basis of your consent, provided you have given your consent by clicking on the preview image. If the data is processed outside the EU or the EEA (in particular in the USA) in this context, we provide information on the level of data protection in the following table.

Provider Maximum storage period Adequate level of data protection Revocation of consent
Google (Youtube) For transfers to the USA, an adequate level of data protection is guaranteed due to the provider’s certification under the adequacy decision (EU-U.S. Data Privacy Framework). When you have clicked on a preview image, the content of the third-party provider is immediately reloaded. If you do not want such a reload on other pages, please do not click on the preview images any more.

Newsletter Registration and Dispatch

You can subscribe to a newsletter on our website. Please note that we require certain data (at least your e-mail address) to subscribe to the newsletter.

The newsletter will only be sent if you have given us your express consent. Once you have subscribed, you will receive a confirmation e-mail to the e-mail address you have provided (so-called double opt-in). You can withdraw your consent at any time. You can do this easily, for example, by clicking on the unsubscribe link provided in every newsletter.

As part of the newsletter registration, we store further data in addition to the data already mentioned, insofar as this is necessary so that we can prove that you have ordered our newsletter. This may include the storage of the full IP address at the time of the order or confirmation of the newsletter, as well as a copy of the confirmation e-mail sent by us. The corresponding data processing is carried out on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR and in the legitimate interest of being able to account for the legality of the newsletter dispatch.

Integration of other Technical third-party Content and Functions

We use the technical functions and content of third-party providers listed below to display our websites.

When you call up our pages, the content of the third-party provider that provides these functions and content is reloaded. As a result, the third-party provider receives the information that you have accessed our site and the usage data technically required in this context.

We have no influence on further data processing by the third-party provider.

We embedding takes place on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR and in the interest of making our site as appealing and informative as possible.

Please note that the use of third-party content and functions may result in your data being processed outside the EU or the EEA (in particular in the USA). F An adequate level of data protection is guaranteed for transfers to the USA on the basis of the adequacy decision (EU-U.S. Data Privacy Framework).

Provider Technical function or content if applicable maximum storage period ​Adequate level of data protection Possibility to object
podlove.org Integration of the podcast player/files Data processing within the EU/EEA. If you wish to object to data processing, please stop using our website.

Storage period

Unless we have already informed you in detail about the storage period, we delete personal data if it is no longer required for the aforementioned processing purposes and there are no legitimate interests or other (legal) reasons for storage that prevent deletion.

Other processors

We pass on your data to service providers who support us in the operation of our websites and the associated processes as part of order processing in accordance with Art. 28 GDPR. These are, for example, hosting service providers. Our service providers are strictly bound by our instructions and contractually obligated accordingly.

In the following, we will name the processors with whom we work if we have not already done so in the above text of the privacy policy. If data may be processed outside the EU or the EEA in this context, we will inform you of this in the following table.

Processors Purpose Adequate level of data protection
Hetzner Online GmbH Web hosting and Support Processing only within EU/EEA
Mailjet GmbH (Sinch AB) Newsletter dispatch Processing only within EU/EEA

Your rights as a data subject

By the processing of your personal data, the GDPR grants you certain rights as a data subject:

Right of access (Art. 15 GDPR)

You have the right to obtain confirmation as to whether or not personal data concerning you is being processed, and, where that is the case, access to the personal data and the information specified in Art. 15 GDPR.

Right to rectification (Art. 16 GDPR)

You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, where applicable, to have incomplete personal data completed.

Right to erasure (Art. 17 GDPR)

You have the right to obtain the erasure of personal data concerning you without undue delay where one of the grounds listed in Art. 17 GDPR applies.

Right to restriction of processing (Art. 18 GDPR)

You have the right to obtain restriction of processing where one of the conditions listed in Art. 18 GDPR applies, e.g. if you have objected to processing, for the duration of the verification by the controller.

Right to data portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format or to request the transmission of this data to a third party.

Right to object (Art. 7 GDPR)

If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 para. 3 GDPR. B Please note that the revocation only takes effect for the future. Processing that took place before the withdrawal is not affected by this.

Right to object (Art. 21 GDPR)

If data is collected on the basis of Art. 6 para. 1 sentence 1 lit. f GDPR (data processing to protect legitimate interests) or on the basis of Art. 6 para. 1 sentence 1 lit. e GDPR (data processing to protect the public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. W We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

Pursuant to Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of data relating to you infringes data protection regulations. s right to lodge a complaint can be exercised in particular with a supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement.

Enforcement of your rights

Unless otherwise described above, please contact the office named in the legal notice to assert your rights as a data subject.

Contact details of the data protection officer

Our external data protection officer will be happy to provide you with information on the subject of data protection using the following contact details:

datenschutz nord GmbH
Konsul-Smidt-Straße 88
28217 Bremen
Web: https://www.dsn-group.de/
E-Mail: office@datenschutz-nord.de

If you contact our external data protection officer, please also indicate the responsible body named in the legal notice.

Photo by Markus Spiske on Unsplash

Last update: 24.07.2024

Newsletter

Information about current projects, events and publications of the institute.

Subscribe now