The Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG) takes the protection of your personal data very seriously. We process personal data gathered when visiting our websites in compliance with the applicable data protection legislation and, as a matter of principle, only to the extent that this is necessary to provide a functioning website and our content and services. We neither publish your data nor transmit them to third parties on an unauthorized basis. In the following sections, we explain which data we record when you visit one of our websites, and how exactly they are utilized. Details on data protection in social media can be found in the Information on data processing in conformity with Art. 14 General Data Protection Regulation.

A.     Provision of the website

1.      Visiting the website

a.      Type of data

Each time you visit our website, our service and applications automatically record data and information from the system of the visiting device.

The following data are gathered temporarily:

  • Your IP address
  • Date and time of your access to the website
  • Address of the page visited
  • Address of the previously visited website (referrer)
  • Name and version of your browser/operating system (if transmitted)

These data are stored in our systems’ log files. There is no storage of these data together with other personal data relating to the user.

b.      Legal basis

The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs in log files in order to ensure the website’s functionality. The data also serve to optimize the websites, eliminate malfunctions and ensure our IT system security. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.

The recording of data for the provision of the website and the storage of data in log files are essential to operate the website. It is therefore not possible for the user to object.

c.       Data deletion

The data are deleted as soon as they are no longer required in order to fulfil the purpose of their collection. If data are gathered for the provision of the website, this is the case if the respective visit is ended. In the event that data are stored in log files, this is the case after seven days at the latest.

2.      User-friendly website design

a.      Type of data

Our website uses cookies. Cookies are text files which are saved in or by the internet browser on the users’ systems. If a user accesses a website, a cookie can be saved on the user’s system. These cookies contain a characteristic string of characters which enables definitive identification of the browser the next time the website is accessed.

We use cookies in order to make our website more user-friendly. It is a technical requirement of certain elements of our website that the accessing browser can also be identified after a page change. The following list shows which data is stored and transmitted in the cookies:

Polylang

Functional

Usage

We use Polylang for locale management. Read more

Sharing data

This data is not shared with third parties.

Functional

Name
Expiration
persistent
Function
Store language settings

Complianz

Functional

Usage

We use Complianz for cookie consent management. Read more

Sharing data

This data is not shared with third parties. For more information, please read the Complianz Privacy Statement.

Functional

Name
Expiration
365 days
Function
Store if the cookie banner has been dismissed
Name
Expiration
365 days
Function
Store information about cookies that have been detected on the site

Matomo

Statistics (anonymous)

Usage

We use Matomo for website statistics. Read more

Sharing data

This data is not shared with third parties.

Statistics (anonymous)

Name
Expiration
13 months
Function
Store a unique user ID
Name
Expiration
session
Function
Store a unique session ID

Miscellaneous

Purpose pending investigation

Usage

Sharing data

Sharing of data is pending investigation

Purpose pending investigation

Name
cmplz_consented_services
Expiration
365 days
Function
Name
cmplz_policy_id
Expiration
365 days
Function
Name
wpEmojiSettingsSupports
Expiration
Function
Name
wp_lang
Expiration
Function
Name
cmplz_marketing
Expiration
365 days
Function
Name
cmplz_statistics
Expiration
365 days
Function
Name
cmplz_preferences
Expiration
365 days
Function
Name
cmplz_functional
Expiration
365 days
Function
Name
mtm_cookie_consent
Expiration
Function
Name
_pk_ref.1.2ec0
Expiration
Function
Name
_pk_ref_1_2ec0
Expiration
Function

Cookies are saved on your device and transmitted by the latter to our website. For this reason, you as the user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or limit the transmission of cookies. This can also happen on an automated basis. If cookies are deactivated for our website, the full range of functions of the website may not be entirely available for use.

b.      Legal basis

The legal basis for the processing of personal data by means of cookies is Art. 6 (1) lit. f GDPR as well as § 25, para. 2, no. 2 of the German Telecommunications-Telemedia Data Protection Act [TTDSG]. Some of the functions of our website cannot be offered without the use of cookies. For these, it is absolutely necessary that the browser is recognized even after a page change.

c.       Data deletion

Please refer to (a) for the retention period of each cookie.

B.     Web analysis

1.      Type of data

We use the web analytics programme Matomo for statistical data collection in relation to utilization behaviour; this programme uses cookies and JavaScript to collect various information on your computer and transmit this automatically to us. Every time our website is accessed, our system logs the following data and information from the computer system of the accessing device:

  • IP address, anonymized by means of abbreviation
  • Two cookies to distinguish between different visitors: pk_id and pk_sess
  • Previously visited URL (referrer) if communicated by the browser
  • Name and version of the operating system
  • Name, version and language setting of the browser.

The following data are collected additionally if JavaScript is activated:

  • URLs visited on this website
  • Times of page visits
  • Type of HTML requests
  • Screen resolution and colour depth
  • Technologies and formats supported by the browser (e.g. cookies, Java, Flash, PDF, WindowsMedia, QuickTime, Realplayer, Director, SilverLight, Google Gears).

The data is stored and analyzed on a server of our hosting provider DomainFactory in Strasbourg or Cologne. You can find more details about our service providers in section E.

It goes without saying that you have the opportunity to object to your data being collected. The following independent methods are available to you if you wish to object to data collection by the central server:

  1. In your browser, activate the Do-Not-Track setting. As long as this setting is active, our central server will not save any of your data. Important: Do-Not-Track generally only applies to the one device and browser on which the setting is activated. If you use several devices/browsers, you must activate Do-Not-Track separately on each one.
  2. Use our opt-out function:

    You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.

    Click on the check mark in order to stop or reactivate data collection. As long as the selection box is deactivated, our central server will not save any of your data. Important: For the opt-out, we have to store a special recognition cookie in your browser. If you delete this or use a different PC/browser, you have to object to data collection once again on this page.

There is no storage of these data together with other personal data relating to the users.

2.      Legal basis

The legal basis for the processing of personal data by means of cookies is Art. 6 (1) lit. f GDPR as well as § 25 para. 2 no. 2 TTDSG. The processing of the users’ personal data enables us to analyze the usage behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of our websites. This helps us improve our websites and their user-friendliness on an ongoing basis. These purposes also constitute our legitimate interest in data processing according to Art. 6 (1) lit. f GDPR as well as § 25, para. 2, no. 2 TTDSG. By anonymizing the IP address, the users’ interest in the protection of their personal data is sufficiently taken into account.

3.      Data deletion

The data are deleted after two years.

C.     Newsletter

1.      Type of data

Our website offers users the opportunity to sign up for a free newsletter. When users sign up for the newsletter, the data from the input screen are transmitted to us. This generally consists of your email address, last name and first name. We inform you about the concrete processing of your data in the course of the sign-up process and obtain your consent accordingly. There is also a reference to this Data Privacy Statement. The data is solely used for sending out the newsletter.

We use tracking to measure our information activity. The following data are collected anonymously as part of tracking:

  • Successful delivery of the newsletter
  • Opening of the newsletter yes/no via tracking pixels (mini graphic in the newsletter)
    • Type of browser, type of operating system
    • Mobile terminal or normal terminal
    • User Agent (e-mail client used)
    • IP address
    • Date and time of the opening of the newsletter
  • Links clicked in the newsletter

2.      Legal basis

The legal basis for processing the data after a user signs up for the newsletter is the user’s consent according to Art. 6 (1) lit. a GDPR. The purpose of collecting data is to deliver the newsletter.

The legal basis for voluntary tracking is Art. 6 (1) lit. a GDPR as well as § 25, para.1 TTDSG.

3.      Data deletion

The user’s email address and tracking data is only saved for as long as the newsletter subscription is active. The newsletter subscription can be cancelled by the user in question at any time.

D.     Data transmission

The management and storage of your personal details is carried out by selected services within the scope of commissioned data processing on systems of our service providers:

Technical web editing

For technical web editing we are supported by the agency for science communication Con Gressa GmbH, Engeldamm 62, 10179 Berlin, Germany.

Newsletter (Section C):

We use Newsletter2Go. Provider is Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin, Germany.

Web Hosting:

We host the content of our website at DomainFactory GmbH, c/o WeWork, Neuturmstraße 5, 80331 Munich, Germany (hereinafter DomainFactory). When you visit our website, DomainFactory collects various log files including your IP addresses. For details, please refer to DomainFactory’s privacy policy: https://www.df.eu/de/datenschutz/.

The use of DomainFactory is based on Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in the most reliable presentation of our website. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the end device of the user (e.g. for device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

Your personal data will only be transmitted to state institutions and authorities in cases required by law or for criminal prosecution due to attacks on our network infrastructure. Data will not be passed on to third parties for any other purpose.

Complianz | The Privacy Suite for WordPress

This website uses the Complianz Privacy Suite for WordPress to collect consent forms. For this feature, your IP address is anonymized and stored in our database. For more information, please see the Complianz Privacy Policy.

Youtube with the plugin WP Youtube Lyte

This website embeds videos from the website Youtube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

We use Youtube with the help of the plugin WP Youtube Lyte. This means that Youtube does not store any information about visitors to this website before they view the video. The thumbnails of the videos are stored locally on our server.

As soon as you start a Youtube video on this website, a connection to the Youtube servers is established. This tells the Youtube server which of our pages you have visited. If you are logged into your Youtube account, you enable Youtube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Youtube account.

Furthermore, Youtube can save various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, Youtube can obtain information about visitors to this website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts.

If necessary, further data processing operations may be triggered after the start of a Youtube video, over which we have no control.

Youtube is used in the interest of an appealing presentation of our online offers. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. If a corresponding consent was requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a DSGVO and § 25 para. 1 TTDSG, insofar as the consent includes the storage of cookies or access to information in the end device of the user (e.g. device fingerprinting) within the meaning of the TTDSG. The consent can be revoked at any time.

For more information about data protection at Youtube, please see their privacy statement at: https://policies.google.com/privacy?hl=en.

Google Fonts (local hosting)

This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.

Further information on Google Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=en.

E.     General details

1.      Contact details of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection acts as well as other data protection legislation is the

Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
Hofgartenstrasse 8
D-80539 Munich, Germany
Telephone: +49 (89) 2108-0
Contact form: https://www.mpg.de/kontakt/anfragen
Internet: https://www.mpg.de

2.      Data Protection Officer’s contact details

The controller’s Data Protection Officer can be reached as follows:

Data Protection Officer of the MPG
Hofgartenstrasse 8
D-80539 Munich, Germany
Telephone: +49 (89) 2108-1554
datenschutz@mpg.de

F.     Rights of the data subjects

As a data subject whose personal data are collected in the context of the above-mentioned services, you generally have the following rights unless legal exceptions apply in individual cases:

  • Information (Article 15 GDPR)
  • Correction (Article 16 GDPR)
  • Deletion (Article 17 (1) GDPR)
  • Restriction of processing (Article 18 GDPR)
  • Data transmission (Article 20 GDPR)
  • Revocation of processing (Article 21 GDPR)
  • Revocation of consent (Article 7 (3) GDPR)
  • Right to complain to the regulator (Article 77 GDPR). For the MPG, this is the Bavarian Data Protection Authority (BayLDA), Postfach 1349, 91504 Ansbach, Germany.