The Max-Planck-Gesellschaft (MPG) takes the protection ad safety of personal data very seriously. We comply with the applicable requirements of the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz (BDSG)).

The Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG) takes the protection of your personal data very seriously. We process personal data collected during visits to our website, observing the currently valid provisions under data protection law as amended. Your data is neither published by us, nor disclosed to third parties on an unauthorised basis.

In the following, we will explain which data we record during your visit to our webpages and exactly how we use it.

Scope of data processing

We only ever collect and use personal data to the extent required in order to provide a functional website which presents our content and services. The collection and utilization of our users' personal data is carried out regularly based on the users' consent. An exception applies in instances where processing of the data is permitted by statutory provisions.

Legal basis for data processing

If we obtain the consent of the data subject to carry out personal data processing operations, the legal basis is Article 6, para. 1, lit. a EU General Data Protection Regulation (GDPR).

When it is necessary to process personal data in order to fulfil a contract whose contractual party is the data subject, the legal basis is Article 6, para. 1, lit. b GDPR. This also applies to processing operations required in order to implement pre-contractual measures.

If processing is required in order to safeguard a legitimate interest of the MPG or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject override the first-mentioned interest, the legal basis for processing is Article 6, para. 1, lit. f GDPR.

Data erasure and duration of storage

The personal data of the data subject is erased or blocked as soon as the purpose of storage no longer applies. Data can also be stored if this is required under European or national legislation in EU directives, laws or other provisions to which the MPG is subject. Data is also blocked or erased if the retention period prescribed by the above-mentioned legislation expires, unless the data is required to be stored for longer for the purpose of concluding or performing a contract

Contact details of the individuals responsible

The entity responsible within the meaning of the General Data Protection Act and other national data protection laws as well as other data protection regulations is

Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
Hofgartenstraße 8
D-80539 Munich
Phone: +49 (89) 2108-0
Contact form: https://www.mpg.de/kontakt/anfragen
Internet: https://www.mpg.de

The contact details of the individuals responsible for the platform Digital Libraries Connected (DLC) can be viewed in the footer via the link “Contact details”.

Contact details of the Data Protection Officer

The controller's Data Protection Officer is

Heidi Schuster
Hofgartenstraße 8 
D-80539 Munich 
Phone: +49 (89) 2108-1554
E-Mail: datenschutz@mpg.de

Provision of the website and creation of log files

For technical reasons, our servers record personal connection details in so-called log files when you access the DLC. The following data are gathered temporarily:

• Your IP address
• Date and time of your access to the website
• Address of the page visited
• Address of the previously visited website (referrer)
• Name and version of your browser/operating system (if transmitted)

The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs in log files in order to ensure the website's functionality. The data also helps us optimize the websites, eliminate malfunctions and ensure our IT system security. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes. These data are not saved together with any other personal data of the user and the saved data are deleted automatically after seven days.

Cookies

Our website utilizes cookies. Cookies are text files stored in the Internet browser or by the Internet browser on the user's computer system. If a user visits a website, a cookie can be stored on the user's operating system. This cookie contains a sequence of characters enabling the browser to be clearly identified when visiting the website again.

We deploy cookies to make our website more user-friendly. Some elements of our website also technically require the identification of the visiting browser after a change of page. The following data are saved and transmitted in the cookies:

• Language settings (localization) of the browser
• Session data (search terms)

The legal basis for personal data processing while utilizing cookies is Article 6 (1) lit. f GDPR and section 25 (2) no. 2 of the “Gesetz über den Datenschutz und den Schutz der Privatsphäre in der Telekommunikation und bei Telemedien” (TTDSG). The purpose of utilizing technically necessary cookies is to simplify the utilization of websites for users. Some of our website's functions cannot be offered without the utilization of cookies. For these, it is absolutely necessary that the browser can also be re-identified following a change of page. We require cookies for the following applications:

• Transferring the browser's language setting: automatic selection of the homepage
• Search terms: Jump back to search hit list

Our justified interest in personal data processing pursuant to Article 6 (1) lit. f GDPR . The user data collected using technically required cookies are not utilized to create user profiles.

Cookies are stored on the user's computer, which transmits them to our site. For this reason, you, as the user, also have full control over the utilization of cookies. You can deactivate or restrict the transmission of cookies through changing your Internet browser settings. Cookies that have already been saved can be deleted at any time. This can also occur automatically. If cookies for our website are deactivated, you may find not all of the website's functions can continue to be utilized in full.

Since we only use session cookies, these are deleted automatically when you close your browser window.

In addition, we also utilize cookies on our website to enable users' utilization behavior to be analyzed (for more information on this topic, please refer to the information provided below).

Web statistics using Matomo

We want to make our websites as appealing and comfortable for you as possible. The analysis of statistical data on the use of our websites and the capture of various technical details about the web browsers and computers of our users are a great help.

That’s why we deploy the Matomo web analysis program (formerly: Piwik), which utilizes cookies and JavaScript to collect various information on your computer and transmit it to us automatically (anonymized user data).

The central Matomo server logs the following data – unless you have objected to this – and includes them in the user statistics.

Basic data:

• IP address, anonymized by shortening
• Cookie to differentiate different visitors
• Previously visited URL (referrer), if communicated by the browser
• Name and version of the operating system
• Name, version and language setting of the browser

Additionally, if JavaScript is activated:

• URLs visited on this website
• Times at which pages are visited
• Type of HTML queries
• Screen resolution and color depth
• Formats and techniques supported by the browser (e.g. cookies, Java, Flash, PDF, WindowsMedia, QuickTime, RealPlayer, Director, SilverLight, Google Gears)

Techniques such as Java Applets or Active-X controls which make it possible to track user access behavior are not used.

Data are generally stored and analyzed anonymously. Session cookies are deleted at the latest when your browser is closed.

No personal user profiles are created.

Data are stored and evaluated exclusively on a central server operated by MPG.Along with the central www.mpg.de website, it is utilized by most Max Planck Institutes and many of the project websites allocated to MPG.

The legal basis for the processing of users' personal data is Article 6 (1) lit. f GDPR. Processing of users' personal data enables us to analyze our users' utilization behavior. The evaluation of the data we obtain enables us to aggregate information about the utilization of our websites' individual components. This helps us constantly improve our websites and their user-friendliness. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes. The anonymization of the IP address sufficiently takes into consideration users' interest in the protection of their personal data.

Right to object

It goes without saying that you are able to revoke data gathering. You have the following independent possibilities to revoke data recording by the central server:

• In your browser, activate the do-not-track or do-not-follow settings. If these settings are active, our central server will not store any data relating to you. Important: The do-not-track instruction generally applies only for the device and browser in which you activate the setting. If you utilize several devices/browsers, you will need to separately activate do-not-track in all relevant locations.
• Utilize our opt-out function. Click the following selection box under https://www.mpg.de/privacy-policy/data-collection-opt-out in order to stop data collection or to reactivate it. If the selection box is deactivated, our central server will not store any data about you. Important: For the opt-out, we have to store a special recognition cookie in your browser. If you delete it or utilize another PC/browser, you will need to revoke data collection again on this page.

These data are not stored together with the user's other personal data.

External services

The integration or connection of external services (DFG viewer to display digitized objects, Google to authenticate an individual user account) is always well-considered and has the aim of making your visit to our websites as comfortable for you as possible.

Please note that the integration or connection of external services might result in your IP address and possibly additional personal data being transmitted to the respective service providers who may save and evaluate the data. For more information, please see the specific privacy policy for the respective service:

• DFG viewer: https://dfg-viewer.de/en/privacy-policy
• Google authentication service: https://policies.google.com/privacy?hl=en-US

 

User accounts

External users of DLC have the option to create a user account to use special functions (e.g. create individual watch lists). If you create a DLC-internal user account, this entails the storage and processing of personal data, namely your email address, display name (optional and can be chosen freely), first name (optional) and family name (optional). If you log in using your Google account, only your email address is stored on our server so that this address can be used in future to check your access authorization via a data comparison between Google and our system.

The data are used exclusively for the purpose of using the services of DLC.

The data are stored and processed on the basis of legitimate interest pursuant to Article 6 (1) lit. b GDPR. Our legitimate interest results from the above-mentioned purpose of data collection.

The user accounts and linked personal data are deleted following your request at the latest within one month.

Rights of individuals affected

As an individual whose personal data are gathered as part of the aforementioned services, you have, in principle, the following rights, to the extent that no legal exceptions are applicable in individual cases:

• Information (Article 15 GDPR)
• Correction (Article 16 GDPR)
• Deletion (Article 17 (1) GDPR)
• Restriction of processing (Article 18 GDPR)
• Data transmission (Article 20 GDPR)
• Revocation of processing (Article 21 GDPR)
• Revocation of consent (Article 7 (3) GDPR)
• Right to complain to the regulator (Article 77 GDPR). For the MPG, this is the Bavarian Data Protection Authority (BayLDA), PO Box 1349, 91504 Ansbach.

 

Data transmission

Your personal data will only be conveyed to state institutions and authorities in legally essential cases or for criminal prosecution based on attacks on our network infrastructure. The data are not transmitted to third parties for other purposes.

Amendments to the data protection provisions

This data protection information may be amended from time to time because the legal framework conditions have changed or this is required because of new functionalities or services.