In compliance with the applicable data protection laws, we process personal data that is collected when you visit our websites. We will not publish your data or disclose it to any third parties without authorization. In the following sections, we explain which data we collect when you visit our websites, and exactly how this data is used.
I. Name and address of the controller
The controller within the meaning of the General Data Protection Regulation, other national data protection legislation of the Member States and other data protection legislation is:
Forschungsverbund Berlin e.V.
Rudower Chaussee 17
Tel. +49 30 63923300
Represented by the Executive Board of Forschungsverbund Berlin e.V.:
Prof. Dr. Thomas Schröder, Executive Board Spokesman and Director of IKZ
Dr. Nicole Münnich, Executive Board Member and Managing Director of Forschungsverbund Berlin e.V.
II. Name and address of the Data Protection Officer
The controller’s Data Protection Officer is:
DID Dresdner Institut für Datenschutz, Stiftung bürgerlichen Rechts
Frau Kristin Beyer or Herr Max Just
III. General information about data processing
1. Scope of personal data processing
As a general rule, we only process personal data concerning our users where necessary in order to provide a functional website and to provide our content and services. Personal data concerning our users will only be processed regularly if the user has given his or her consent. An exemption applies in such cases where it is impossible, for reasons of fact, to gain prior consent and the processing of data is permitted by law.
2. Legal basis for personal data processing
Where we obtain the consent of the data subject for processing procedures, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR serves as the legal basis. The same applies for processing procedures that are necessary in order to take steps prior to entering into a contract.
Where it is necessary to process personal data for compliance with a legal obligation that FVB must meet, Article 6(1)(c) GDPR serves as the legal basis.
In the event that the vital interests of the data subject or of another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.
If processing is necessary for the purposes of the legitimate interests pursued by FVB or by a third party and if the aforementioned interests are not overridden by the interests or fundamental rights and freedoms of the data subject, then Article 6(1)(f) GDPR serves as the legal basis for processing.
3. Erasure of data and storage period
The personal data concerning the data subject will be erased or made unavailable as soon as the purpose of storage ceases to apply. Data may also be stored where provision has been made for this by European or national legislators in Union regulations, laws or other provisions to which FVB is subject. Data will also be made unavailable or erased where a storage period prescribed by the aforementioned legislation expires, unless there is a need for the further retention of the data for the purpose of entering into or performing a contract.
IV. Provision of the website and creation of log files
Every time our website is visited, our system automatically collects data and information from the computer system of the requesting computer in so-called log files.
The following data is collected in this connection and stored in our systems’ log files:
• Date and time of access
• User’s IP address
• Websites called up from the user’s system via our website
• Websites from which the user’s system reached our website
• Information about the browser type and version
• Information about the user’s operating system
• Information about the user’s internet service provider
This data will not be stored together with other personal data concerning the user.
Data is stored in log files in order to ensure the functionality of the website. In addition, the data serves the purpose of optimizing the website, of eliminating any possible malfunctions and of preserving the security of our information technology systems. Data is deleted as soon as it is no longer necessary for the purpose for which it was collected. In the case of the provision of the website, this occurs at the end of the session. Log file data is usually deleted after seven days at the latest. If FVB has to store log file data for a longer period due to technical requirements or security aspects, users’ IP addresses are deleted or modified to prevent their identification. Such storage is essential and cannot be objected to by the user. The legal basis for the storage of data and log files is Article 6(1)(f) GDPR.
1. Description and scope of data processing
2. Essential cookies
• Log-in information (session data)
These two cookies are deleted when you close the session. No user profiles are created by essential cookies. The legal basis for the use of such cookies can be found in Article 6(1)(f) GDPR.
3. Non-essential cookies
X. Data transmission
Your personal data will only be transmitted to state institutions and authorities when required by legislation or for the purpose of prosecution for attacks on our network infrastructure. Data will not be disclosed to third parties for any other purpose.
XI. Rights of the data subject
If personal data concerning you is processed, you are the data subject within the meaning of the General Data Protection Regulation and have the following rights vis-à-vis the controller – unless statutory exceptions apply in specific cases:
• Withdrawal of consent (Article 7(3) GDPR)
• Access (Article 15 GDPR)
• Rectification (Article 16 GDPR)
• Erasure (Article 17(1) GDPR)
• Restriction of processing (Article 18 GDPR)
• Data portability (Article 20 GDPR)
• Objection to processing (Article 21 GDPR)
• Lodging of a complaint with the supervisory authority (Article 77 GDPR)
For Forschungsverbund Berlin e.V., the supervisory authority is: The Berlin Commissioner for Data Protection and Freedom of Information, Friedrichstr. 219, 10969 Berlin, Germany.