2022-02-03 09:39:04 +01:00
|
|
|
|
{{define "navigation"}}
|
2022-03-02 08:37:30 +01:00
|
|
|
|
<header>
|
|
|
|
|
<nav class="navbar navbar-expand-lg navbar-light fixed-top bg-light">
|
|
|
|
|
<div class="container-fluid">
|
|
|
|
|
<a class="navbar-brand" href="/">
|
|
|
|
|
{{block "brand" .}}
|
|
|
|
|
<img style="height: 30px;" alt="ClusterCockpit Logo" src="/img/logo.png" class="d-inline-block align-top">
|
|
|
|
|
{{end}}
|
|
|
|
|
</a>
|
|
|
|
|
</div>
|
|
|
|
|
</nav>
|
|
|
|
|
</header>
|
2022-02-03 09:39:04 +01:00
|
|
|
|
{{end}}
|
|
|
|
|
|
|
|
|
|
{{define "content"}}
|
|
|
|
|
<div class="container" style="margin-top:80px;margin-bottom:80px;">
|
|
|
|
|
<div class="row legal">
|
|
|
|
|
<div class="col-md">
|
|
|
|
|
<h1>Privacy</h1>
|
|
|
|
|
<p>
|
|
|
|
|
INSTITUION is
|
|
|
|
|
responsible for its websites within the meaning of the
|
|
|
|
|
General Data Protection Regulation (GDPR) and other
|
|
|
|
|
national data protection laws as well as other data
|
|
|
|
|
protection regulations. It is legally represented by
|
|
|
|
|
its XX. For contact details, please consult the
|
|
|
|
|
YYY.
|
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
The respective INSTITUION institutions are responsible for
|
|
|
|
|
any content they make available on the websites of
|
|
|
|
|
INSTITUION. For questions related to specific content,
|
|
|
|
|
please contact the person responsible as named
|
|
|
|
|
LINK of this web page.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h2>Name and address of the Data Protection Officer</h2>
|
|
|
|
|
|
|
|
|
|
<address>
|
|
|
|
|
address
|
|
|
|
|
</address>
|
|
|
|
|
|
|
|
|
|
<ul>
|
|
|
|
|
<li>Telefon: </span> +49 </li>
|
|
|
|
|
<li>Fax:</span> +49 </li>
|
|
|
|
|
<li>E-Mail:</li>
|
|
|
|
|
</ul>
|
|
|
|
|
|
|
|
|
|
<h2>General information on data processing</h2>
|
|
|
|
|
|
|
|
|
|
<h3>Scope of processing of personal data</h3>
|
|
|
|
|
<p>
|
|
|
|
|
We only process our users’ personal data to the extent
|
|
|
|
|
necessary to provide services, content and a functional
|
|
|
|
|
website. As a rule, personal data are only processed after
|
|
|
|
|
the user gives their consent. An exception applies in those
|
|
|
|
|
cases where it is impractical to obtain the user’s
|
|
|
|
|
prior consent and the processing of such data is
|
|
|
|
|
permitted by law.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h3>Legal basis for the processing of personal data</h3>
|
|
|
|
|
<p>
|
|
|
|
|
Art. 6 (1) (a) of the EU General Data Protection Regulation
|
|
|
|
|
(GDPR) forms the legal basis for us to obtain the
|
|
|
|
|
consent of a data subject for their personal data to be
|
|
|
|
|
processed.<br> When processing personal data required for
|
|
|
|
|
the performance of a contract in which the contractual
|
|
|
|
|
party is the data subject, Art. 6 (1) (b) GDPR forms the
|
|
|
|
|
legal basis. This also applies if data has to be processed
|
|
|
|
|
in order to carry out pre-contractual activities.<br> Art.
|
|
|
|
|
6 (1) (c) GDPR forms the legal basis if personal data has
|
|
|
|
|
to be processed in order to fulfil a legal obligation on
|
|
|
|
|
the part of our organisation.<br> Art. 6 (1) (d) GDPR forms
|
|
|
|
|
the legal basis in the case that vital interests of the
|
|
|
|
|
data subject or another natural person make the processing
|
|
|
|
|
of personal data necessary.<br> If data processing is
|
|
|
|
|
necessary in order to protect the legitimate interests of
|
|
|
|
|
our organisation or of a third party and if the interests,
|
|
|
|
|
basic rights and fundamental freedoms of the data subject
|
|
|
|
|
do not outweigh the interests mentioned above, Art. 6 (1)
|
|
|
|
|
(f) GDPR forms the legal basis for such data processing.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h3>Deletion of data and storage period</h3>
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
|
The personal data of the data subject are deleted or
|
|
|
|
|
blocked as soon as the reason for storing them ceases
|
|
|
|
|
to exist. Storage beyond this time period may occur if
|
|
|
|
|
provided for by European or national legislators in
|
|
|
|
|
directives under Union legislation, laws or other
|
|
|
|
|
regulations to which the data controller is subject.
|
|
|
|
|
Such data are also blocked or deleted if a storage period
|
|
|
|
|
prescribed by one of the above-named rules expires,
|
|
|
|
|
unless further storage of the data is necessary for
|
|
|
|
|
entering into or performing a contract.
|
|
|
|
|
</p>
|
|
|
|
|
<h2>Provision of the website and generation of log files</h2>
|
|
|
|
|
<h3>Description and scope of data processing</h3>
|
|
|
|
|
<p>
|
|
|
|
|
Each time our website is accessed, our system
|
|
|
|
|
automatically collects data and information from
|
|
|
|
|
the user’s computer system.<br> In this context, the
|
|
|
|
|
following data are collected:
|
|
|
|
|
</p>
|
|
|
|
|
<ul>
|
|
|
|
|
<li>
|
|
|
|
|
Address (URL) of the website from which the file was requested
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
Name of the retrieved file
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
Date and time of the request
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
Data volume transmitted
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
Access status (file transferred, file not found, etc.)
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
Description of the type of web browser and/or operating system used
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
Anonymised IP address of the requesting computer
|
|
|
|
|
</li>
|
|
|
|
|
</ul>
|
|
|
|
|
<p>
|
|
|
|
|
The data stored are required exclusively for technical or
|
|
|
|
|
statistical purposes; no comparison with other data or
|
|
|
|
|
disclosure to third parties occurs, not even in part.
|
|
|
|
|
The data are stored in our system’s log files. This is not
|
|
|
|
|
the case for the user’s IP addresses or other data
|
|
|
|
|
that make it possible to assign the data to a specific
|
|
|
|
|
user: before data are stored, each dataset is anonymised by
|
|
|
|
|
changing the IP address. These data are not stored
|
|
|
|
|
together with other personal data .
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h3>Legal basis for data processing</h3>
|
|
|
|
|
<p>
|
|
|
|
|
The legal basis for the temporary storage of data and
|
|
|
|
|
logfiles is §§ 14, 15 TMG, § 100 Abs. 1 TKG and Art. 4
|
|
|
|
|
BayDSG following the tasks of Art. 11 BayEGovG and Art. 7
|
|
|
|
|
and 34 BayHO
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h3>Purpose of data processing</h3>
|
|
|
|
|
<p>
|
|
|
|
|
The temporary storage of the IP address by the system is
|
|
|
|
|
necessary in order to deliver the website to the
|
|
|
|
|
user’s computer. For this purpose, the user’s IP address
|
|
|
|
|
must remain stored for the duration of the session.<br> The
|
|
|
|
|
storage of such data in log files takes place in order to
|
|
|
|
|
ensure the website’s functionality. These data also serve
|
|
|
|
|
to help us optimise the website and ensure that our IT
|
|
|
|
|
systems are secure. They are not evaluated for marketing
|
|
|
|
|
purposes in this respect.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h3>Storage period</h3>
|
|
|
|
|
<p>
|
|
|
|
|
Data are deleted as soon as they are no longer necessary
|
|
|
|
|
for fulfilling the purpose for which they were
|
|
|
|
|
collected. If data have been collected for the purpose of
|
|
|
|
|
providing the website, they are deleted at the end of the
|
|
|
|
|
respective session.<br> If data are stored in log files,
|
|
|
|
|
they are deleted at the latest after seven days. A longer
|
|
|
|
|
storage period is possible. In this case, the users’ IP
|
|
|
|
|
addresses are deleted or masked so that they can no longer
|
|
|
|
|
be assigned to the client accessing the website.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h3>Options for filing an objection or requesting removal</h3>
|
|
|
|
|
<p>
|
|
|
|
|
The collection of data for the purpose of providing the
|
|
|
|
|
website and the storage of such data in log files is
|
|
|
|
|
essential to the website’s operation. As a consequence,
|
|
|
|
|
the user has no possibility to object.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h2>Use of cookies</h2>
|
|
|
|
|
<h3>Description and scope of data processing</h3>
|
|
|
|
|
<p>
|
|
|
|
|
Our website uses cookies. Cookies are text files that are
|
|
|
|
|
saved in the user’s web browser or by the web browser
|
|
|
|
|
on the user’s computer system. When a user accesses a
|
|
|
|
|
website, a cookie can be stored in the user’s operating
|
|
|
|
|
system. This cookie contains a character string that allows
|
|
|
|
|
the unique identification of the browser when the
|
|
|
|
|
website is accessed again.
|
|
|
|
|
</p>
|
|
|
|
|
<p>
|
|
|
|
|
We use cookies to make our website more user-friendly. Some
|
|
|
|
|
parts of our website require that the requesting browser
|
|
|
|
|
can also be identified after changing pages.<br> During
|
|
|
|
|
this process, the following data are stored in the cookies
|
|
|
|
|
and transmitted:
|
|
|
|
|
</p>
|
|
|
|
|
<ul>
|
|
|
|
|
<li>
|
|
|
|
|
Log-in information (only in the case of protected information that is made available exclusively to FAU members)
|
|
|
|
|
</li>
|
|
|
|
|
</ul>
|
|
|
|
|
<p>
|
|
|
|
|
Technical measures are taken to pseudonymise user data
|
|
|
|
|
collected in this way. This means that the data can no
|
|
|
|
|
longer be assigned to the user. The data are not stored
|
|
|
|
|
together with other personal data of the user.<br> When
|
|
|
|
|
accessing our website, a banner informs users that cookies
|
|
|
|
|
are used for analysis purposes and makes reference to this
|
|
|
|
|
data protection policy. In connection with this, users are
|
|
|
|
|
also instructed how they can block the storage of cookies
|
|
|
|
|
in their browser settings.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h3>Legal basis for data processing</h3>
|
|
|
|
|
<p>
|
|
|
|
|
The legal basis for the temporary storage of data and
|
|
|
|
|
logfiles is §§ 14, 15 TMG, § 100 Abs. 1 TKG and Art. 4
|
|
|
|
|
BayDSG following the tasks of Art. 11 BayEGovG and
|
|
|
|
|
Art. 7 and 34 BayHO
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h3>Purpose of data processing</h3>
|
|
|
|
|
<p>
|
|
|
|
|
Analysis cookies are used for the purpose of improving the
|
|
|
|
|
quality of our website and its content. We learn
|
|
|
|
|
through the analysis cookies how the website is used and in
|
|
|
|
|
this way can continuously optimise our web presence.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h3>Storage period, options for filing an objection or requesting removal</h3>
|
|
|
|
|
<p>
|
|
|
|
|
As cookies are stored on the user’s computer and are
|
|
|
|
|
transmitted from it to our website, users have full
|
|
|
|
|
control over the use of cookies. You can deactivate or
|
|
|
|
|
restrict the transmission of cookies by changing the
|
|
|
|
|
settings in your web browser. Cookies that are already
|
|
|
|
|
stored can be deleted at any time. This can also be done
|
|
|
|
|
automatically. If cookies are deactivated for our
|
|
|
|
|
website, it may be the case that not all of the website’s
|
|
|
|
|
functions can be used in full.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h2>SSL encryption</h2>
|
|
|
|
|
<p>
|
|
|
|
|
Our website uses SSL encryption for security reasons and to
|
|
|
|
|
protect the transmission of confidential information,
|
|
|
|
|
for example enquiries you send to us as operators of
|
|
|
|
|
the website. You can recognise an encrypted connection
|
|
|
|
|
when the browser’s address line changes from
|
|
|
|
|
<code>http://</code> to <code>https://</code> and a padlock
|
|
|
|
|
appears in your web browser.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<p>
|
|
|
|
|
If SSL encryption is activated, the data you transmit to us
|
|
|
|
|
cannot be read by third parties.
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<h2>Rights of the data subject</h2>
|
|
|
|
|
<p>
|
|
|
|
|
With regard to the processing of your personal
|
|
|
|
|
data, you as a data subject are entitled to the
|
|
|
|
|
following rights pursuant to Art. 15 et seq. GDPR:
|
|
|
|
|
</p>
|
|
|
|
|
|
|
|
|
|
<ul>
|
|
|
|
|
<li>
|
|
|
|
|
You can request information as to whether we process
|
|
|
|
|
your personal data. If this is the case, you have the
|
|
|
|
|
right to information about this personal data as well
|
|
|
|
|
as further information in connection with the
|
|
|
|
|
processing (Art. 15 GDPR). Please note that this
|
|
|
|
|
right of access may be restricted or excluded in
|
|
|
|
|
certain cases (cf. in particular Art. 10 BayDSG).
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
In the event that personal data about you is (no
|
|
|
|
|
longer) accurate or incomplete, you may request that
|
|
|
|
|
this data be corrected and, if necessary, completed
|
|
|
|
|
(Art. 16 GDPR).
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
If the legal requirements are met, you can demand that
|
|
|
|
|
your personal data be erased (Art. 17 GDPR) or that
|
|
|
|
|
the processing of this data be restricted (Art. 18
|
|
|
|
|
DSGVO). However, the right to erasure pursuant to
|
|
|
|
|
Art. 17 (1) and (2) GDPR does not apply, inter alia,
|
|
|
|
|
if the processing of personal data is necessary for the
|
|
|
|
|
performance of a task carried out in the public
|
|
|
|
|
interest or in the exercise of official authority
|
|
|
|
|
or in the exercise of official authority vested (Art.
|
|
|
|
|
17 para. 3 letter b GDPR).
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
If you have given your consent to the processing, you
|
|
|
|
|
have the right to withdrawal it at any time. The
|
|
|
|
|
withdrawal will only take effect in the future;
|
|
|
|
|
this means that the withdrawal does not affect the
|
|
|
|
|
lawfulness of the processing operations carried out
|
|
|
|
|
on the basis of the consent up to the withdrawal.
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
For reasons arising from your particular situation, you
|
|
|
|
|
may also object to the processing of your personal
|
|
|
|
|
data by us at any time (Art. 21 GDPR). If the legal
|
|
|
|
|
requirements are met, we will subsequently no longer
|
|
|
|
|
process your personal data.
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
Insofar as you have consented to the processing of your
|
|
|
|
|
personal data or have agreed to the performance of
|
|
|
|
|
the contract and the data processing is carried out
|
|
|
|
|
automated, you may be entitled to data portability
|
|
|
|
|
(Art. 20 GDPR).
|
|
|
|
|
</li>
|
|
|
|
|
<li>
|
|
|
|
|
You have the right to lodge a complaint to a
|
|
|
|
|
supervisory authority within the meaning of Art. 51
|
|
|
|
|
GDPR about the processing of your personal data. The
|
|
|
|
|
responsible supervisory authority for XXX
|
|
|
|
|
authorities is YYY.
|
|
|
|
|
</li>
|
|
|
|
|
</ul>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
</div>
|
|
|
|
|
{{end}}
|