As you use this website, personal data about you will be processed by us as the data controller and stored for as long as necessary to fulfill the specified purposes and legal obligations. Below, we inform you about the types of data involved, how they are processed, and what rights you have in this regard.
Personal data, as defined in Art. 4 No. 1 of the General Data Protection Regulation (GDPR), refers to any information relating to an identified or identifiable natural person.
2 Name and Contact Information of the Controller and the Corporate Data Protection Officer
3 Processing Personal Data and Purposes of Data Processing
10 Rights of the Data Subjects
12 Timeliness and Amendments to this Data Protection Information
1 Scope of Application
This privacy information applies to the data processing on the website https://blog.izm.fraunhofer.de of Fraunhofer-Institut für Zuverlässigkeit und Mikrointegration IZM, which refers to this privacy information.
2 Name and Contact Information of the Controller and the Corporate Data Protection Officer
Fraunhofer-Gesellschaft
for the Advancement of Applied Research e.V.
Hansastraße 27 c
80686 Munich
for its
Fraunhofer-Institut für Zuverlässigkeit und Mikrointegration IZM
Gustav-Meyer-Allee 25
D-13355 Berlin
(hereinafter Fraunhofer-IZM)
E-Mail: georg.weigelt [at] izm.fraunhofer.de
Phone: +49 30 4 64 03-1 00
Fax: +49 30 4 64 03-1 11
The data protection officer of Fraunhofer can be reached at the above address in Munich, for the attention of: Data Protection Officer or at datenschutz@zv.fraunhofer.de. You can contact our data protection officer directly at any time with questions regarding data protection law or your rights as a data subject.
Alternatively, our contact person Carsten Wohlgemuth is available at datenschutz@izm.fraunhofer.de.
3 Processing Personal Data and Purposes of Data Processing
When Visiting the Website
When you access our website and retrieve its content, temporary data is stored that may allow identification. The browser used on your device automatically sends the information to the server of our website. The following data is collected:
- Date and time of access
- IP address
- Hostname of the accessing server
- Website from which our website was accessed
- Visited page on our website
- Notification of whether the access was successful
- Volume of data transferred
- Information about the browser type and version used
- Operating system
The temporary storage of data is necessary for establishing the connection and the course of a website visit so that we can provide you with the content on our website.
Further storage in log files occurs to ensure the functionality of the website, the security of the information technology systems, and to enable the uninterrupted provision of our website as well as to track any unlawful attacks if necessary.
If technical data from your device is processed to enable access to our website, this is done because such data is required in accordance with § 25 para. 1 no. 2 TDDDG.
The storage of the IP address is done anonymously by removing the last block of characters.
When Registering for a Newsletter or Other E-Mail Distribution List
If you have explicitly consented in accordance with Art. 6 Abs. 1 S. 1 lit. a DSGVO, we will use your e-mail address to regularly send you selected information that informs you about the work at our institute and/or other institutions and/or events of the Fraunhofer Society. The topics and contents of the selected information are determined by the distribution list you have signed up for.
For receiving the newsletter, we collect the following mandatory information:
- E-mail address
- Title
- First name
- Last name
- Country
We need your name and title to personally address you in our newsletter.
You can voluntarily provide additional information about yourself (e.g., address and phone number). We use this data to contact you by phone or post (e.g., for press invitations).
After your registration, you will receive a registration notification by e-mail, which you must confirm to receive the newsletter (so-called Double Opt-In). This serves as proof that the registration was indeed initiated by you.
Unsubscribing is possible at any time, e.g., via a link at the end of each newsletter. Alternatively, you can unsubscribe via the following link: https://www.fraunhofer.de/de/fraunhofer-newsletter-abmeldung.html.
Your e-mail address will be deleted immediately after you withdraw your consent to receive the newsletter.
When using contact forms
We offer you the opportunity to contact us via a form provided on the website. The following information is required:
- Title
- First and last name
- Email address
- Company
- Phone
- Country and
- Your message
We need your data to determine who the inquiry is from and to respond to and process it.
The data processing is carried out at your request and is based on our legitimate interests in answering a contact inquiry according to Art. 6 Abs. 1 S. 1 lit. f GDPR.
The personal data we collect for using the contact form will be deleted after we have completed your inquiry.
When using the comment function
It is possible to publicly comment on articles and blog posts on our website. Your comment will be published with your specified name below the commented post.
In the context of using the comment function, we collect the following mandatory information:
- Name and
- Email address
Instead of your name, you can also provide a pseudonym. Your email address is required to submit the comment but will not be published with your comment. We use your email address only to inform you about a response to your comment.
Additionally, when you submit a comment, we store your IP address for 30 Tage, after which we will delete it. This storage is necessary so that we can defend ourselves against liability claims in the event of possible publication of unlawful content.
The data processing is carried out in response to your comment and is justified within the framework of the publication of online contributions with user reactions and our legitimate interest in an exchange of opinions and information according to Art. 6 Abs. 1 S. 1 lit. f GDPR.
The personal data will be processed for the duration of the publication of the online contribution and subsequently deleted.
4 Transfer of Data
If we pass on personal data collected through the website to processors, we will inform you about this in this privacy notice for each data processing procedure, naming the specific recipient.
Otherwise, we will only share your personal data if
- you have given your explicit consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR;
- this is necessary for the fulfillment of a contract with you in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR (for example, when passing on data to shipping companies for the purpose of delivering the goods you have ordered or when passing on payment data to payment service providers or credit institutions to carry out a payment transaction);
- there is a legal obligation for the transfer in accordance with Art. 6 para. 1 sentence 1 lit. c GDPR.
The data passed on may only be used by the recipients for the stated purposes.
5 Cookies
General
We use cookies on our site. Cookies are small files that your browser automatically creates and stores on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not harm your device, do not contain viruses, Trojans, or other malicious software.
The cookie stores information that is specific to the device being used. However, this does not mean that we gain direct knowledge of your identity.
Overview of the cookies we set: https://blog.izm.fraunhofer.de/cookie-policy-eu/
Cookies that are not strictly necessary to use a web service you explicitly request will only be set after your consent. You can give this consent through the cookie banner displayed when you visit the website. The legal basis for processing your data is consent according to § 25 TDDDG and Art. 6 para. 1 sentence 1 lit. a GDPR, meaning that this is only done with your consent.
Necessary Cookies
The processing of personal data in the context of technically necessary cookies is required for us to provide the web services you requested. The legal basis for this use of necessary cookies is § 25 para. 2 no. 2 TDDDG and Art. 6 para. 1 sentence 1 lit. f GDPR.
Session Cookies
We use so-called session cookies, for example, to enable session control or to store form entries or shopping carts during the session. Session cookies are deleted at the latest when you close your web browser.
Cookies for Personalizing Our Web Offerings
We use temporary cookies to optimize user-friendliness, which are stored on your device. If you visit our site again to use our services, it will be automatically recognized that you have already been with us and what inputs and settings you made, so you do not have to enter them again.
The type and scope of the data processed, the storage duration, and the providers that supply these cookies can be found in the list of cookies we set.
The processing takes place within the scope of the GDPR (EU/EEA). There is no transfer to third countries. The legal basis for this use of non-essential cookies is your consents according to § 25 para. 1 TDDDG and Art. 6 para. 1 lit. a GDPR.
Cookies for Optimizing Our Web Offerings (Statistical Cookies)
On the other hand, we use cookies to statistically record the use of our website and for the purpose of optimizing our offerings for you. These cookies allow us to automatically recognize during a subsequent visit to our site that you have already been with us.
The type and scope of the data processed as well as the providers that supply these cookies can be found in the list of cookies we set.
The processing takes place within the scope of the GDPR (EU/EEA). There is no transfer to third countries. The legal basis for this processing is § 25 para. 1 TDDDG and Art. 6 para. 1 lit. a GDPR.
Right of Withdrawal
You have the option at any time to withdraw your consent for the storage and access to the contents of the cookies with effect for the future in accordance with Art. 7 para. 3 GDPR or to object to the use of non-technically necessary cookies in whole or in part.
If you withdraw your consent or object to the use, a cookie (opt-out cookie) will be set by us that documents your decision and enables us to implement it. The opt-out cookie applies only in this browser and only for our website and is stored on your device. If you delete the cookies in this browser, you will need to set the opt-out cookie again.
Most browsers automatically accept cookies. However, you can configure your browser so that no cookies are stored on your computer or that you receive a notification before a new cookie is created. However, completely disabling cookies may result in you not being able to use all the features of our website. Your withdrawal does not affect the lawfulness of the processing activities we have carried out that are necessary to provide you with the website according to § 25 para. 2 TDDDG and Art. 6 para. 1 sentence 1 lit. f GDPR.
6 Web Analysis/Tracking
Matomo
We use the open-source software Matomo by InnoCraft Ltd from New Zealand on our website to analyze user behavior during visits to our site and to optimize our site and its content accordingly. We do not receive any information that directly identifies you.
In the version of Matomo that we use, precautions are taken using DoNotTrack technology (see www.donottrack.us), meaning that your website visit will not be recorded if you have indicated in your internet browser settings that you do not wish to be tracked.
In connection with the use of Matomo, cookies are employed that allow for a statistical analysis of the use of this website through your visits. The cookie stores information – including personal information – about your visitor behavior and processes it in a usage profile for analysis purposes using a pseudonym. Since Matomo is hosted on our own server, no processing by third parties is required for the analysis.
The data obtained in this way will not be used to personally identify you without your separate consent, and the data will not be merged with personal data about you as the holder of the pseudonym.
If IP addresses are collected, they will be anonymized immediately after collection by deleting the last block of numbers.
The data processing of the data obtained through cookies and other web analysis/tracking methods is based on our legitimate interest in optimizing our online offerings and our website presence, e.g., in the form of adaptation to frequently used devices and browsers, and more publications on particularly popular topics (Art. 6 Abs. 1 S. 1 lit. f GDPR). The processing takes place within the scope of the GDPR (EU/EEA). There is no transfer to third countries.
The type and extent of the processed data and storage duration can be found in the list of cookies we set.
7 Social-Media-Plugins
We use so-called social media buttons (also social media plugins) on our website. These are small buttons that allow you to publish content from our website on social networks under your profile.
If you activate such a button, a connection will be established between our website and the social network. In addition to the relevant content, the operator of the social network receives further information, some of which may be personal. This includes the fact that you are currently visiting our site.
The integration of the social media buttons is done using the so-called Shariff solution. This solution prevents a connection to a social network from being established simply by visiting a page with a social media button without activating it. This means that information is only transmitted to the social network when you activate the button.
We use the following social media plugins:
LinkedIn Corporation: Sharing on LinkedIn
Information is sometimes transmitted to the parent company LinkedIn Corporation, based in the USA, to other LinkedIn companies, and to external partners of LinkedIn, which may be located outside the European Union. LinkedIn uses standard contractual clauses approved by the European Commission for this purpose.
For more information on data protection at LinkedIn, please refer to their privacy policy at https://www.linkedin.com/legal/privacy-policy.
Facebook Ireland Limited: Sharing on Instagram
Information is sometimes transmitted to the parent company Facebook Inc., based in the USA, to other Facebook companies, and to external partners of Facebook, which may be located outside the European Union. Facebook uses standard contractual clauses approved by the European Commission and relies on adequacy decisions issued by the European Commission regarding certain countries.
For the purpose and scope of data collection and the further processing and use of the data by Facebook, as well as your related rights and options for protecting your privacy, please refer to Instagram’s privacy policy at https://help.instagram.com/519522125107875.
8 YouTube
We integrate components (videos) from the video portal YouTube of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: “Google”) on our websites. The implementation is based on Art. 6 Abs. 1 S. 1 lit. f GDPR, with our interest being the smooth integration of the videos and the appealing design of our website.
The integration is done using a solution that prevents a connection to Google from being established just because you visit a page with an embedded video without activating the video. This means that information is only transmitted to Google when you click on the video to watch it.
Information is sometimes transmitted to the parent company Google Inc., based in the USA, to other Google companies, and to external partners of Google, which may be located outside the European Union. Google uses standard contractual clauses approved by the European Commission and relies on adequacy decisions issued by the European Commission regarding certain countries.
For more information on data protection in connection with YouTube, please refer to Google’s privacy policy at https://policies.google.com/privacy/.
9 Vimeo
We use components (videos) from the company Vimeo, LLC, One North Lexington, 9th Floor, White Plains, NY 10601 USA (hereinafter: “Vimeo”), a company of IAC/InterActiveCorp, 555 West 18th Street, New York, NY 10011, USA, on our websites based on your consent according to Art. 6 Abs. 1 S. 1 lit. f GDPR.
When you visit a page that features an embedded video, a connection to the Vimeo servers is established, and the content is displayed on the website by communicating with your browser.
According to Vimeo’s information, your data—specifically which of our websites you have visited, as well as device-specific information including the IP address—will only be transmitted to the Vimeo server in the USA when you watch the video. By clicking on the video, you consent to this transmission.
If you are logged into Vimeo at the same time, this information will be associated with your Vimeo account. You can prevent this by logging out of your account before visiting our website.
For more information on data protection, please refer to Vimeo’s privacy policy.
10 Rights of the Data Subjects
You have the right to:
- According to Article 7(3) of the GDPR, withdraw your consent at any time. This means that we may no longer continue processing the data based on that consent in the future;
- According to Article 15 of the GDPR, request information about your personal data processed by us. In particular, you can request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data has been disclosed or will be disclosed, the planned storage duration, the existence of the right to rectification, erasure, restriction of processing, or objection, the existence of a right to lodge a complaint, the origin of your data, if not collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
- According to Article 16 of the GDPR, request the immediate rectification of inaccurate or completion of your personal data stored with us;
- According to Article 17 of the GDPR, request the erasure of your personal data stored with us, unless processing is necessary for exercising the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or defense of legal claims;
- According to Article 18 of the GDPR, request the restriction of processing of your personal data, as long as you contest the accuracy of the data, processing is unlawful, but you oppose erasure, and we no longer need the data, but you need it for the establishment, exercise, or defense of legal claims or you have objected to processing according to Article 21 of the GDPR;
- According to Article 20 of the GDPR, receive your personal data provided to us in a structured, commonly used, and machine-readable format or request the transfer to another controller;
- According to Article 77 of the GDPR, lodge a complaint with a supervisory authority. In general, you can contact the supervisory authority of your usual residence or workplace or our association’s registered office for this purpose.
Information about your right to object under Article 21 of the GDPR
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, which is based on Article 6(1)(e) of the GDPR (processing in the public interest) and Article 6(1)(f) of the GDPR (processing based on legitimate interests); this also applies to profiling based on this provision as per Article 4(4) of the GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.
If your objection is directed against the processing of data for direct marketing purposes, we will cease processing immediately. In this case, it is not necessary to specify a particular situation. This also applies to profiling insofar as it is related to such direct marketing.
If you wish to exercise your right to object, it is sufficient to send an email to datenschutzkoordination@zv.fraunhofer.de.
11 Data Security
All your personal data are transmitted in encrypted format, using the widely used and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard that is also used, for instance, in online banking. You will recognize a secure TLS connection by the additional s after http (i.e., https://…) in the address bar of your browser or by the lock icon in the bottom part of your browser window.
In all other regards, we use suitable technical and organizational security measures to protect your data against accidental or intentional manipulations, partial or complete loss, destruction, or the unauthorized access of third parties. We continuously improve our security measures in accordance with the state of the art.
12 Timeliness and Amendments to this Data Protection Information
The further development of our website and the products and services offered or changed due to statutory or regulatory requirements, respectively, may make it necessary to amend this data protection information. You may access and print out the latest data protection information at any time from our website https://www.fraunhofer.de/en/data-protection-policy.html.
