Data Protection Information | Max-Planck-Institut für Sozialrecht und Sozialpolitik - MPISOC
Data Protection Information

Data Protection Information

The Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG) takes the protection of your personal data very seriously. We process personal data gathered when visiting our websites in compliance with applicable data protection legislation. We neither publish your data nor transmit them to third parties unauthorized. In the following section, we explain which data we record when you visit one of our websites, and exactly how they are utilized:

    A. General Details

    1. Scope of Data Processing

    We only ever collect and use personal data to the extent required to provide a functional website as well as our content and services. The collection and utilization of our users' personal data is carried out regularly with the users' consent. An exception applies in instances where processing of the data is permitted by statutory provisions.

    2. Legal Basis of Data Processing

    If we obtain the consent of the data subject to carry out personal data processing, the legal basis is Article 6, para. 1, lit. a EU General Data Protection Regulation (GDPR).

    When it is necessary to process personal data in order to fulfil a contract whose contractual party the data subject is, the legal basis is Article 6, para. 1, lit. b GDPR. This also applies to processing operations required in order to implement pre-contractual measures.

    If processing is required in order to safeguard a legitimate interest of the MPG or a third party and if the interests, fundamental rights and fundamental freedoms of the data subject override the first-mentioned interest, the legal basis for processing is Article 6, para. 1, lit. f GDPR.

    3. Data Erasure and Storage Duration

    The personal data of the data subject is erased or blocked as soon as the purpose of storage no longer applies. Data can also be stored if this is required under European or national legislation in EU directives, laws or other provisions to which the MPG is subject. Data is also blocked or erased if the retention period prescribed by the above-mentioned legislation expires, unless the data is required to be stored for longer for the purpose of concluding or performing a contract.

    4. Contact Details of the Controller

    The controller as defined by the EU General Data Protection Regulation (GDPR) as well as other data protection laws and provisions under data protection legislation is:

    Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
    Hofgartenstraße 8
    D-80539 Munich
    Telephone: +49 (89) 2108-0
    Contact Form: https://www.mpg.de/contact/requests
    Internet: https://https://www.mpg.de/en

    5. Contact Details of the Data Protection Officer

    The controller's Data Protection Officer is

    Heidi Schuster
    Hofgartenstraße 8
    D-80539 Munich
    Telephone: +49 (89) 2108-1554
    datenschutz (at) mpg.de

    In addition, you may contact our Institute's data protection officer, Andrea Oepen (oepen (at) mea.mpisoc.mpg.de, +49 (0)89 38602 - 353), if you have further questions.

      B. Provision of the Website and Creation of Logfiles

      Every time our website is accessed, our servers and applications automatically log data and information from the accessing computer system.

      The following data is collected:

      • Your IP address
      • Date and time the page is accessed
      • Address of the page accessed
      • Address of the website visited previously (referrer)
      • Name and version of your browser/operating system (if transmitted)

      The data is saved in our systems' logfiles. This data is not stored together with other personal data relating to the user.

      The legal basis for the temporary saving of data and logfiles is Article 6, para. 1, lit. f GDPR. Data is saved in logfiles in order to ensure the functional capability of the website. In addition, the data serves to optimize the websites, eliminate faults and ensure the security of our IT systems. These purposes also constitute our legitimate interest in data processing according to Article 6, para. 1, lit. f GDPR.

      The data is deleted as soon as it is no longer required in order to fulfil the purpose of its collection. In the case of the collection of the data for the purpose of providing the website, this applies when the session in question is finished. In the case of saving data in logfiles, this applies after a maximum of fourteen days. Saving of data beyond this period is possible. In this case, users' IP addresses are deleted or altered so that they can no longer be attributed to the accessing client.

      Data collection for the purpose of providing the website and the saving of data in logfiles are absolutely necessary in order to operate the website. It is therefore not possible for the user to object.

      C. Web Analysis

      We use the web analytics programme Matomo (formerly Piwik) for statistical data collection in relation to utilization behaviour; this programme uses cookies and JavaScript to collect various information on your computer and transmit this automatically to us. Every time our website is accessed, our system logs the following data and information from the accessing computer system:

      • IP address, anonymized by means of abbreviation
      • Two cookies to distinguish between different visitors (pk_id and pk_sess)
      • Previously visited URLs (referrers) if transmitted by the browser
      • Name and version of the operating system
      • Name, version and language setting of the browser

      The following data is also collected if JavaScript is activated:

      • URLs visited on this website
      • Times of page visits
      • Type of HTML requests
      • Screen resolution and colour depth
      • Technologies and formats supported by the browser (e.g. cookies, Java, Flash, PDF, WindowsMedia, QuickTime, Realplayer, Director, SilverLight, Google Gears)

      The saving and analysis of data is carried out on a central server operated by the MPG. In addition to the central website www.mpg.de, it is also used by most Max Planck Institutes and many MPG project websites.

      The legal basis for the processing of personal user data is Article 6, para. 1, lit. f GDPR. By processing personal user data we are able to analyse our users' utilization behaviour. Analysis of the data collected enables us to compile information on the use of the individual components of our web pages. This helps us improve our websites and their user-friendliness on an ongoing basis. These purposes also constitute our legitimate interest in data processing according to Article 6, para. 1, lit. f GDPR. Anonymization of the IP address sufficiently meets the users' interest in the protection of their personal data.

      The data is deleted after the final annual totals have been arrived at for access statistics.

      Of course, you have the opportunity to object to your data being collected. The following independent methods are available to you if you wish to object to data collection by the central server:

      1. In your browser, activate the Do-Not-Track setting. If this setting is active, our central server does not save any of your data. Important: Do-Not-Track generally only applies to the one device and browser on which the setting is activated. If you use several devices/browsers, you must activate Do-Not-Track separately on each one.
      2. Use our opt-out function. Click on the check mark in the following selection box under https://www.mpg.de/datenschutzhinweis/datenerhebung-deaktivieren, in order to stop or re-activate data collection. If the selection box is deactivated, our central server does not save any of your data. Important: We have to save a special recognition cookie in your browser for the opt-out function. If you delete this or use a different PC/browser, you have to object to data collection once again on this page.

      This data is not saved together with other personal data relating to the user.

      D. Use of Cookies

      Our website uses cookies. Cookies are text files which are saved in or by the internet browser in the user's computer system. If a user accesses a website, a cookie can be saved on the user's operating system. This cookie contains a characteristic string of characters which enables definitive identification of the browser the next time the website is accessed.

      We use cookies in order to make our website more user-friendly. It is a technical requirement of certain elements of our website that the accessing browser can also be identified after a page change. The following data is saved and transmitted in cookies:

      • Visitor's device for optimal resolution: resolution

      The legal basis for the processing of personal data by means of cookies is Article 6, para. 1, lit. f GDPR and § 25 para. 2 no. 2 TTDSG. Some of the functions of our website cannot be offered without the use of cookies. For these to work, the browser absolutely has to be recognized after a page change. We require cookies for the following applications:

      • Adoption of the browser language setting: automatic selection of the start page and spell check
      • Remembering of form details entered: words used in searches within the website

      The user data collected by technically required cookies is not used to create user profiles.

      Cookies are saved on the user's computer and transmitted by the latter to our website. For this reason, you as the user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or limit the transmission of cookies. Cookies which have already been saved can be deleted at any time. This can also happen on an automated basis. If cookies our deactivated for our website, the full range of functions of the website may not be entirely available for use.

      On our website we also use cookies that enable analysis of utilization behaviour. For details, please read the information under C.

      E. Rights of Data Subjects

      As a data subject whose personal data is collected in connection with the above-mentioned services, you have the following fundamental rights unless legal exceptions apply in individual cases:

      • Access (Article 15 GDPR)
      • Rectification (Article 16 GDPR)
      • Erasure (Article 17, para. 1 GDPR)
      • Restriction of processing (Article 18 GDPR)
      • Data portability (Article 20 GDPR)
      • Objection to processing (Article 21 GDPR)
      • Withdrawal of consent (Article 7, para. 3 GDPR)
      • Right to lodge a complaint with a supervisory authority (Article 77 GDPR). For the MPG, this is BayLDA (Bavarian Data Protection Authority), Postfach 1349, 91504 Ansbach.