Declaration on data protection
The following information provides the visitors/users of the www.cipos.eu website with a simple overview of the collection, use and deletion of personal and/or project-related data. This information is relevant when a visitor/user accesses the www.cipos.eu website or is redirected to it.
Personal data is understood to mean all information by means of which visitors/users of the www.ipos-research.eu website can be personally identified. Personal data are also those by means of which authorised persons can be identified, provided that they work in the protected project-related area after successful log-in. Further details can be found in Art. 4 para. 1 GDPR (General Data Protection Regulation).
Project-related data is understood to mean the information that is provided and/or made available on the public and/or protected area of the website www.ipos-research.eu for the purpose of implementing CIPOS projects.
Processing is understood to mean the collection, recording, organisation, organisation, filing, storage, adaptation or modification, reading, consultation, use, disclosure by means of transmission, processing or any other form of processing or any other form of provision, comparison or linking, restriction, deletion or destruction, either automated or not.
The CIPOS processes personal and/or project-related data collected during visits to the website and/or in the course of research projects in compliance with applicable data protection regulations. Personal and/or project-related data will not be made publicly accessible by CIPOS without prior written consent or legal authorisation, will not be made available to third parties and will not be processed for purposes other than those for which consent or authorisation has been granted.
The website www.cipos.eu does not collect or process personal data of public users, this includes that the following data in particular is not collected: IP addresses of visitors, browser data of users, reference pages as well as location, date and time-related information. When using the www.cipos.eu website, cookies, Java applets, Active-X-Controls and comparable applications are not used by CIPOS.
On the website www.cipos.eu, personal data of registered internal users per project are used to the extent necessary to ensure correct registration in the internal data management system (login data). Personal data of registered internal users per project are processed to the extent necessary to achieve the respective project objectives; this includes in particular data on the provision of services (as agreed in the individual contract for each project) as well as data used for project-related invoicing vis-à-vis third-party funding providers.
The legal basis for the processing of personal and/or project-related data is derived from Art. 6 GDPR, the national legal provisions standardised in the Federal Data Protection Act and the provisions of the Bremen Data Protection Act.
According to Art. 6 GDPR, processing is lawful if one of the following conditions is fulfilled:
the data subject has given his or her consent to the processing of personal data concerning him or her for one or more specific purposes;
processing is necessary for the performance of a contract to which the data subject is party or in order to implement pre-contractual measures taken at the request of the data subject;
processing is necessary for compliance with a legal obligation to which the controller is subject;
processing is necessary to protect the vital interests of the data subject or of another natural person;
processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
processing is necessary to protect the legitimate interests of the controller or of a third party except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require the protection of personal data, in particular where the data subject is a child.
Erasure and storage of data
Personal and/or project-related data are generally deleted immediately as soon as the respective intended and agreed purpose of storage has been achieved; in deviation from this, personal and/or project-related data may be stored if European or German regulations of sovereign legal character provide for this or if a judicial or extrajudicial decision or pending judicial or extrajudicial proceedings require this.
Personal and/or project-related data will be deleted immediately if relevant storage periods have been reached; in deviation from this, personal and/or project-related data may remain stored if this is provided for in individual contracts.
LogFiles
Each time a file is used and retrieved, data is temporarily stored in a log file (system log).
The legal basis for temporary data storage and log files is Art. 6 para. 1 lit. f GDPR. On the one hand, log file storage serves the purpose of ensuring the functionality of the website, on the other hand, the data is used for website optimisation, the elimination of malfunctions and to guarantee the security of the information technology system of CIPOS. This is the reason for the justified interest of CIPOS in data processing according to article 6 paragraph 1 letter f GDPR.
As soon as these data are no longer required for the purpose of their collection, they are automatically deleted. The data used to provide the website www.cipos.eu are deleted at the end of the session. If and insofar as data are stored in log files, they will be deleted after four weeks at the latest. Any further storage by CIPOS is not possible.
Data collection for the purpose of providing the website www.cipos.eu as well as its storage in log files is absolutely necessary for the purpose of ensuring the functioning of the website; in this respect, there is no possibility of objection by the visitors/users.
Google Web Fonts
In order to ensure the uniform display of fonts, the website www.ipos-research.eu uses web fonts provided by Google; therefore the browser of the respective visitor/user of the website loads the respective web fonts into the browser cache of the visitor/user. This requires that the browser used by the visitor/user establishes a connection to the Google servers; consequently, Google obtains knowledge that the www.cipos.eu website was accessed via the visitor/user’s IP address (if the visitor/user’s browser does not support web fonts, his computer or other device uses a standard font). This process takes place in the interest of a uniform and appealing presentation of CIPOS online offers and thus constitutes a legitimate interest within the meaning of Article 6 (1) lit. f GDPR.
Further information on Google Web Fonts can be found at: https://developers.google.com/fonts/faq and in Google’s data protection declaration: https://www.google.com/policies/privacy/.
Rights of visitors/users
Visitors/users whose personal data are collected in the course of the above-mentioned services enjoy the following rights, unless and insofar as no legal exceptions or court decisions apply in individual cases:
Right of appeal to the competent supervisory authority according to Art. 77 GDPR; for CIPOS this is the Curaçao Personal Data Protection Board
Contact details of the person in charge
Responsible in terms of the basic data protection regulation, other data protection laws and other data protection regulations:
CIPOS
info@cipos.eu
represented by the Head of CIPOS: Gabriela Piontkowski