Data Protection Information

The Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG) takes the protection of your personal data very seriously. We process personal data gathered when visiting our websites in compliance with the applicable data protection legislation and, as a matter of principle, only to the extent that this is necessary to provide a functioning website and our content and services. We neither publish your data nor transmit them to third parties on an unauthorized basis. In the following sections, we explain which data we record when you visit one of our websites, and how exactly they are utilized.

A. Provision of the website

1. Visiting the website

a. Type of data

Each time you visit our website, our service and applications automatically record data and information from the system of the visiting device. The following data are gathered temporarily:

Your IP address
Date and time of your access to the website
Address of the page visited
Address of the previously visited website (referrer)
Name and version of your browser/operating system (if transmitted)

These data are stored in our systems' log files. There is no storage of these data together with other personal data relating to the user.

b. Legal basis

The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs in log files in order to ensure the website's functionality. The data also serve to optimize the websites, eliminate malfunctions and ensure our IT system security. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes. The recording of data for the provision of the website and the storage of data in log files are essential to operate the website. It is therefore not possible for the user to object.

c. Data deletion

The data are deleted as soon as they are no longer required in order to fulfil the purpose of their collection. If data are gathered for the provision of the website, this is the case if the respective visit is ended. In the event that data are stored in log files, this is the case after seven days at the latest. Storage above and beyond this period is possible. In this case, the users' IP addresses are deleted or removed so they can no longer be allocated to the visiting device.

2. User-friendly website design

a. Type of data

Our website uses cookies. Cookies are text files which are saved in or by the internet browser on the users' systems. If a user accesses a website, a cookie can be saved on the user's system. These cookies contain a characteristic string of characters which enables definitive identification of the browser the next time the website is accessed. We use cookies in order to make our website more user-friendly. It is a technical requirement of certain elements of our website that the accessing browser can also be identified after a page change. In the process, the following data are saved and transmitted in the cookies:

Language settings (localization) of the browser, also when changing pages (functionality of the language switch): Sessioncookie i18next
Session data (click path, pages visited, current language, remembering form data (terms used in the internal site search, entries in the contact form) as well as error messages for forms, if applicable): Sessioncookie mpg_session_r

Cookies are saved on your device and transmitted by the latter to our website. For this reason, you as the user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or limit the transmission of cookies. This can also happen on an automated basis. If cookies are deactivated for our website, the full range of functions of the website may not be entirely available for use.

b. Legal basis

The legal basis for the processing of personal data by means of cookies is Art. 6 (1) lit. f GDPR as well as § 25, para. 2, no. 2 of the German Telecommunications-Telemedia Data Protection Act [TTDSG]. Some of the functions of our website cannot be offered without the use of cookies. For these, it is absolutely necessary that the browser is recognized even after a page change.

c. Data deletion

The cookies are deleted after closing the session.

3. OpenStreetMap

Our website uses OpenStreetMap to build a map showing the institutions owning haptic devices. The usage of OpenStreetMap can be denied by selecting the relevant option in the consent management panel.

OpenStreetMap's terms of use can be accessed via the following link.

B. Web Analysis

1. Type of data

We use the web analytics programme Matomo for statistical data collection in relation to utilization behaviour; this programme uses cookies and JavaScript to collect various information on your computer and transmit this automatically to us. Every time our website is accessed, our system logs the following data and information from the computer system of the accessing device:

IP address, anonymized by means of abbreviation
Two cookies to distinguish between different visitors: pk_id and pk_sess
Previously visited URL (referrer) if communicated by the browser
Name and version of the operating system
Name, version and language setting of the browser

The following data are collected additionally if JavaScript is activated:

URLs visited on this website
Times of page visits
Type of HTML requests
Screen resolution and colour depth
Technologies and formats supported by the browser (e.g. cookies, Java, Flash, PDF, WindowsMedia, QuickTime, Realplayer, Director, SilverLight, Google Gears)

The saving and analysis of data is carried out solely on a central server operated by the MPG. It goes without saying that you have the opportunity to object to your data being collected. The following independent methods are available to you if you wish to object to data collection by the central server:

In your browser, activate the Do-Not-Track setting. As long as this setting is active, our central server will not save any of your data. Important: Do-Not-Track generally only applies to the one device and browser on which the setting is activated. If you use several devices/browsers, you must activate Do-Not-Track separately on each one.
Use our opt-out function in the consent manager window, which should appear the first time you visit the website. You can also open it by clicking on the lemon logo in the bottom left corner. As long as you opted-out, our central server will not save any of your data. Important: For the opt-out, we have to store a special recognition cookie in your browser. If you delete this or use a different PC/browser, you have to object to data collection once again on this page.

There is no storage of these data together with other personal data relating to the users.

2. Legal basis

The legal basis for the processing of personal data by means of cookies is Art. 6 (1) lit. f GDPR as well as § 25 para. 2 no. 2 TTDSG. The processing of the users' personal data enables us to analyze the usage behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of our websites. This helps us improve our websites and their user-friendliness on an ongoing basis. These purposes also constitute our legitimate interest in data processing according to Art. 6 (1) lit. f GDPR as well as § 25, para. 2, no. 2 TTDSG. By anonymizing the IP address, the users' interest in the protection of their personal data is sufficiently taken into account.

3. Data deletion

The data are deleted after the final annual totals have been arrived at for access statistics.

C. Registration

On our web pages we offer users the opportunity to register by entering personal data via an input screen. Generally speaking we ask for your e-mail address, last name and first name. We inform you about the concrete processing of your data in the course of the registration operation and obtain your consent accordingly. There is also a reference to this Data Protection Information.
The legal basis for processing data is the existence of the user's consent according to Article 6, para. 1, lit. a GDPR. If registration serves to fulfil a contract of which the user is a contractual party or to implement pre-contractual measures, the additional legal basis for data processing is Article 6, para. 1, lit. b GDPR. It is necessary to register the user in order to be able to provide certain content and services on our website, fulfil a contract with the user or implement pre-contractual measures. The data is deleted as soon as it is no longer required in order to fulfil the purpose of its collection. This applies to the data collected during the registration operation if registration on our websites is withdrawn or altered. It applies to the registration operation to fulfil a contract or to implement pre-contractual measures if the data is no longer required in order to implement the contract. It may also be necessary to save the contractual partner's personal data after conclusion of the contract in order to meet contractual or statutory requirements.
As a user, you can withdraw registration at any time. You can have the data relating to you altered at any time; the procedure is described in detail during the actual registration operation. If the data is required to fulfil a contract or implement pre-contractual measures, premature deletion of the data is only possible if this is not prevented by contractual or statutory obligations.

D. General details

1. Contact details of the controller

The controller within the meaning of the General Data Protection Regulation and other national data protection acts as well as other data protection legislation is the:

Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
Hofgartenstraße 8
D-80539 Munich
Germany
+49 89 2108-0
www.mpg.de/kontakt/anfragen
www.mpg.de

2. Contact details of the data protection officer

The controller's Data Protection Officer can be reached as follows:

Data Protection Officer of the MPG
Hofgartenstraße 8
D-80539 Munich
+49 (89) 2108-1554
datenschutz@mpg.de

E. Rights of the data subjects

As a data subject whose personal data are collected in the context of the above-mentioned services, you generally have the following rights unless legal exceptions apply in individual cases:

Information (Article 15 GDPR)
Correction (Article 16 GDPR)
Deletion (Article 17 (1) GDPR)
Restriction of processing (Article 18 GDPR)
Data transmission (Article 20 GDPR)
Revocation of processing (Article 21 GDPR)
Revocation of consent (Article 7 (3) GDPR)
Right to complain to the regulator (Article 77 GDPR). For the MPG, this is the Bavarian Data Protection Authority (BayLDA), Postfach 1349, 91504 Ansbach, Germany.