mirror of
https://github.com/ClusterCockpit/cc-backend
synced 2025-07-23 21:01:40 +02:00
Refactor directory structure
This commit is contained in:
332
web/templates/privacy.tmpl
Normal file
332
web/templates/privacy.tmpl
Normal file
@@ -0,0 +1,332 @@
|
||||
{{define "navigation"}}
|
||||
<header>
|
||||
<nav class="navbar navbar-expand-lg navbar-light fixed-top bg-light">
|
||||
<div class="container-fluid">
|
||||
<a class="navbar-brand" href="/">
|
||||
{{block "brand" .}}
|
||||
<img style="height: 30px;" alt="ClusterCockpit Logo" src="/img/logo.png" class="d-inline-block align-top">
|
||||
{{end}}
|
||||
</a>
|
||||
</div>
|
||||
</nav>
|
||||
</header>
|
||||
{{end}}
|
||||
|
||||
{{define "content"}}
|
||||
<div class="container" style="margin-top:80px;margin-bottom:80px;">
|
||||
<div class="row legal">
|
||||
<div class="col-md">
|
||||
<h1>Privacy</h1>
|
||||
<p>
|
||||
INSTITUION is
|
||||
responsible for its websites within the meaning of the
|
||||
General Data Protection Regulation (GDPR) and other
|
||||
national data protection laws as well as other data
|
||||
protection regulations. It is legally represented by
|
||||
its XX. For contact details, please consult the
|
||||
YYY.
|
||||
</p>
|
||||
<p>
|
||||
The respective INSTITUION institutions are responsible for
|
||||
any content they make available on the websites of
|
||||
INSTITUION. For questions related to specific content,
|
||||
please contact the person responsible as named
|
||||
LINK of this web page.
|
||||
</p>
|
||||
|
||||
<h2>Name and address of the Data Protection Officer</h2>
|
||||
|
||||
<address>
|
||||
address
|
||||
</address>
|
||||
|
||||
<ul>
|
||||
<li>Telefon: </span> +49 </li>
|
||||
<li>Fax:</span> +49 </li>
|
||||
<li>E-Mail:</li>
|
||||
</ul>
|
||||
|
||||
<h2>General information on data processing</h2>
|
||||
|
||||
<h3>Scope of processing of personal data</h3>
|
||||
<p>
|
||||
We only process our users’ personal data to the extent
|
||||
necessary to provide services, content and a functional
|
||||
website. As a rule, personal data are only processed after
|
||||
the user gives their consent. An exception applies in those
|
||||
cases where it is impractical to obtain the user’s
|
||||
prior consent and the processing of such data is
|
||||
permitted by law.
|
||||
</p>
|
||||
|
||||
<h3>Legal basis for the processing of personal data</h3>
|
||||
<p>
|
||||
Art. 6 (1) (a) of the EU General Data Protection Regulation
|
||||
(GDPR) forms the legal basis for us to obtain the
|
||||
consent of a data subject for their personal data to be
|
||||
processed.<br> When processing personal data required for
|
||||
the performance of a contract in which the contractual
|
||||
party is the data subject, Art. 6 (1) (b) GDPR forms the
|
||||
legal basis. This also applies if data has to be processed
|
||||
in order to carry out pre-contractual activities.<br> Art.
|
||||
6 (1) (c) GDPR forms the legal basis if personal data has
|
||||
to be processed in order to fulfil a legal obligation on
|
||||
the part of our organisation.<br> Art. 6 (1) (d) GDPR forms
|
||||
the legal basis in the case that vital interests of the
|
||||
data subject or another natural person make the processing
|
||||
of personal data necessary.<br> If data processing is
|
||||
necessary in order to protect the legitimate interests of
|
||||
our organisation or of a third party and if the interests,
|
||||
basic rights and fundamental freedoms of the data subject
|
||||
do not outweigh the interests mentioned above, Art. 6 (1)
|
||||
(f) GDPR forms the legal basis for such data processing.
|
||||
</p>
|
||||
|
||||
<h3>Deletion of data and storage period</h3>
|
||||
|
||||
<p>
|
||||
The personal data of the data subject are deleted or
|
||||
blocked as soon as the reason for storing them ceases
|
||||
to exist. Storage beyond this time period may occur if
|
||||
provided for by European or national legislators in
|
||||
directives under Union legislation, laws or other
|
||||
regulations to which the data controller is subject.
|
||||
Such data are also blocked or deleted if a storage period
|
||||
prescribed by one of the above-named rules expires,
|
||||
unless further storage of the data is necessary for
|
||||
entering into or performing a contract.
|
||||
</p>
|
||||
<h2>Provision of the website and generation of log files</h2>
|
||||
<h3>Description and scope of data processing</h3>
|
||||
<p>
|
||||
Each time our website is accessed, our system
|
||||
automatically collects data and information from
|
||||
the user’s computer system.<br> In this context, the
|
||||
following data are collected:
|
||||
</p>
|
||||
<ul>
|
||||
<li>
|
||||
Address (URL) of the website from which the file was requested
|
||||
</li>
|
||||
<li>
|
||||
Name of the retrieved file
|
||||
</li>
|
||||
<li>
|
||||
Date and time of the request
|
||||
</li>
|
||||
<li>
|
||||
Data volume transmitted
|
||||
</li>
|
||||
<li>
|
||||
Access status (file transferred, file not found, etc.)
|
||||
</li>
|
||||
<li>
|
||||
Description of the type of web browser and/or operating system used
|
||||
</li>
|
||||
<li>
|
||||
Anonymised IP address of the requesting computer
|
||||
</li>
|
||||
</ul>
|
||||
<p>
|
||||
The data stored are required exclusively for technical or
|
||||
statistical purposes; no comparison with other data or
|
||||
disclosure to third parties occurs, not even in part.
|
||||
The data are stored in our system’s log files. This is not
|
||||
the case for the user’s IP addresses or other data
|
||||
that make it possible to assign the data to a specific
|
||||
user: before data are stored, each dataset is anonymised by
|
||||
changing the IP address. These data are not stored
|
||||
together with other personal data .
|
||||
</p>
|
||||
|
||||
<h3>Legal basis for data processing</h3>
|
||||
<p>
|
||||
The legal basis for the temporary storage of data and
|
||||
logfiles is §§ 14, 15 TMG, § 100 Abs. 1 TKG and Art. 4
|
||||
BayDSG following the tasks of Art. 11 BayEGovG and Art. 7
|
||||
and 34 BayHO
|
||||
</p>
|
||||
|
||||
<h3>Purpose of data processing</h3>
|
||||
<p>
|
||||
The temporary storage of the IP address by the system is
|
||||
necessary in order to deliver the website to the
|
||||
user’s computer. For this purpose, the user’s IP address
|
||||
must remain stored for the duration of the session.<br> The
|
||||
storage of such data in log files takes place in order to
|
||||
ensure the website’s functionality. These data also serve
|
||||
to help us optimise the website and ensure that our IT
|
||||
systems are secure. They are not evaluated for marketing
|
||||
purposes in this respect.
|
||||
</p>
|
||||
|
||||
<h3>Storage period</h3>
|
||||
<p>
|
||||
Data are deleted as soon as they are no longer necessary
|
||||
for fulfilling the purpose for which they were
|
||||
collected. If data have been collected for the purpose of
|
||||
providing the website, they are deleted at the end of the
|
||||
respective session.<br> If data are stored in log files,
|
||||
they are deleted at the latest after seven days. A longer
|
||||
storage period is possible. In this case, the users’ IP
|
||||
addresses are deleted or masked so that they can no longer
|
||||
be assigned to the client accessing the website.
|
||||
</p>
|
||||
|
||||
<h3>Options for filing an objection or requesting removal</h3>
|
||||
<p>
|
||||
The collection of data for the purpose of providing the
|
||||
website and the storage of such data in log files is
|
||||
essential to the website’s operation. As a consequence,
|
||||
the user has no possibility to object.
|
||||
</p>
|
||||
|
||||
<h2>Use of cookies</h2>
|
||||
<h3>Description and scope of data processing</h3>
|
||||
<p>
|
||||
Our website uses cookies. Cookies are text files that are
|
||||
saved in the user’s web browser or by the web browser
|
||||
on the user’s computer system. When a user accesses a
|
||||
website, a cookie can be stored in the user’s operating
|
||||
system. This cookie contains a character string that allows
|
||||
the unique identification of the browser when the
|
||||
website is accessed again.
|
||||
</p>
|
||||
<p>
|
||||
We use cookies to make our website more user-friendly. Some
|
||||
parts of our website require that the requesting browser
|
||||
can also be identified after changing pages.<br> During
|
||||
this process, the following data are stored in the cookies
|
||||
and transmitted:
|
||||
</p>
|
||||
<ul>
|
||||
<li>
|
||||
Log-in information (only in the case of protected information that is made available exclusively to FAU members)
|
||||
</li>
|
||||
</ul>
|
||||
<p>
|
||||
Technical measures are taken to pseudonymise user data
|
||||
collected in this way. This means that the data can no
|
||||
longer be assigned to the user. The data are not stored
|
||||
together with other personal data of the user.<br> When
|
||||
accessing our website, a banner informs users that cookies
|
||||
are used for analysis purposes and makes reference to this
|
||||
data protection policy. In connection with this, users are
|
||||
also instructed how they can block the storage of cookies
|
||||
in their browser settings.
|
||||
</p>
|
||||
|
||||
<h3>Legal basis for data processing</h3>
|
||||
<p>
|
||||
The legal basis for the temporary storage of data and
|
||||
logfiles is §§ 14, 15 TMG, § 100 Abs. 1 TKG and Art. 4
|
||||
BayDSG following the tasks of Art. 11 BayEGovG and
|
||||
Art. 7 and 34 BayHO
|
||||
</p>
|
||||
|
||||
<h3>Purpose of data processing</h3>
|
||||
<p>
|
||||
Analysis cookies are used for the purpose of improving the
|
||||
quality of our website and its content. We learn
|
||||
through the analysis cookies how the website is used and in
|
||||
this way can continuously optimise our web presence.
|
||||
</p>
|
||||
|
||||
<h3>Storage period, options for filing an objection or requesting removal</h3>
|
||||
<p>
|
||||
As cookies are stored on the user’s computer and are
|
||||
transmitted from it to our website, users have full
|
||||
control over the use of cookies. You can deactivate or
|
||||
restrict the transmission of cookies by changing the
|
||||
settings in your web browser. Cookies that are already
|
||||
stored can be deleted at any time. This can also be done
|
||||
automatically. If cookies are deactivated for our
|
||||
website, it may be the case that not all of the website’s
|
||||
functions can be used in full.
|
||||
</p>
|
||||
|
||||
<h2>SSL encryption</h2>
|
||||
<p>
|
||||
Our website uses SSL encryption for security reasons and to
|
||||
protect the transmission of confidential information,
|
||||
for example enquiries you send to us as operators of
|
||||
the website. You can recognise an encrypted connection
|
||||
when the browser’s address line changes from
|
||||
<code>http://</code> to <code>https://</code> and a padlock
|
||||
appears in your web browser.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
If SSL encryption is activated, the data you transmit to us
|
||||
cannot be read by third parties.
|
||||
</p>
|
||||
|
||||
<h2>Rights of the data subject</h2>
|
||||
<p>
|
||||
With regard to the processing of your personal
|
||||
data, you as a data subject are entitled to the
|
||||
following rights pursuant to Art. 15 et seq. GDPR:
|
||||
</p>
|
||||
|
||||
<ul>
|
||||
<li>
|
||||
You can request information as to whether we process
|
||||
your personal data. If this is the case, you have the
|
||||
right to information about this personal data as well
|
||||
as further information in connection with the
|
||||
processing (Art. 15 GDPR). Please note that this
|
||||
right of access may be restricted or excluded in
|
||||
certain cases (cf. in particular Art. 10 BayDSG).
|
||||
</li>
|
||||
<li>
|
||||
In the event that personal data about you is (no
|
||||
longer) accurate or incomplete, you may request that
|
||||
this data be corrected and, if necessary, completed
|
||||
(Art. 16 GDPR).
|
||||
</li>
|
||||
<li>
|
||||
If the legal requirements are met, you can demand that
|
||||
your personal data be erased (Art. 17 GDPR) or that
|
||||
the processing of this data be restricted (Art. 18
|
||||
DSGVO). However, the right to erasure pursuant to
|
||||
Art. 17 (1) and (2) GDPR does not apply, inter alia,
|
||||
if the processing of personal data is necessary for the
|
||||
performance of a task carried out in the public
|
||||
interest or in the exercise of official authority
|
||||
or in the exercise of official authority vested (Art.
|
||||
17 para. 3 letter b GDPR).
|
||||
</li>
|
||||
<li>
|
||||
If you have given your consent to the processing, you
|
||||
have the right to withdrawal it at any time. The
|
||||
withdrawal will only take effect in the future;
|
||||
this means that the withdrawal does not affect the
|
||||
lawfulness of the processing operations carried out
|
||||
on the basis of the consent up to the withdrawal.
|
||||
</li>
|
||||
<li>
|
||||
For reasons arising from your particular situation, you
|
||||
may also object to the processing of your personal
|
||||
data by us at any time (Art. 21 GDPR). If the legal
|
||||
requirements are met, we will subsequently no longer
|
||||
process your personal data.
|
||||
</li>
|
||||
<li>
|
||||
Insofar as you have consented to the processing of your
|
||||
personal data or have agreed to the performance of
|
||||
the contract and the data processing is carried out
|
||||
automated, you may be entitled to data portability
|
||||
(Art. 20 GDPR).
|
||||
</li>
|
||||
<li>
|
||||
You have the right to lodge a complaint to a
|
||||
supervisory authority within the meaning of Art. 51
|
||||
GDPR about the processing of your personal data. The
|
||||
responsible supervisory authority for XXX
|
||||
authorities is YYY.
|
||||
</li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{{end}}
|
Reference in New Issue
Block a user