{{define "navigation"}}
    <header>
        <nav class="navbar navbar-expand-lg navbar-light fixed-top bg-light">
            <div class="container-fluid">
                <a class="navbar-brand" href="/">
                    {{block "brand" .}}
                        <img style="height: 30px;" alt="ClusterCockpit Logo" src="/img/logo.png" class="d-inline-block align-top">
                    {{end}}
                </a>
            </div>
        </nav>
    </header>
{{end}}

{{define "content"}}
    <div class="container" style="margin-top:80px;margin-bottom:80px;">
        <div class="row legal">
            <div class="col-md">
                <h1>Privacy</h1>
                <p>
                    INSTITUION is
                    responsible for its websites within the meaning of the
                    General Data Protection Regulation (GDPR) and other
                    national data protection laws as well as other data
                    protection regulations. It is legally represented by
                    its XX. For contact details, please consult the
                    YYY.
                </p>
                <p>
                    The respective INSTITUION institutions are responsible for
                    any content they make available on the websites of
                    INSTITUION. For questions related to specific content,
                    please contact the person responsible as named
                    LINK of this web page.
                </p>

                <h2>Name and address of the Data Protection Officer</h2>

                <address>
                    address
                </address>

                <ul>
                    <li>Telefon: </span> +49 </li>
                    <li>Fax:</span> +49 </li>
                    <li>E-Mail:</li>
                </ul>

                <h2>General information on data processing</h2>

                <h3>Scope of processing of personal data</h3>
                <p>
                    We only process our users’ personal data to the extent
                    necessary to provide services, content and a functional
                    website. As a rule, personal data are only processed after
                    the user gives their consent. An exception applies in those
                    cases where it is impractical to obtain the user’s
                    prior consent and the processing of such data is
                    permitted by law.
                </p>

                <h3>Legal basis for the processing of personal data</h3>
                <p>
                    Art. 6 (1) (a) of the EU General Data Protection Regulation
                    (GDPR) forms the legal basis for us to obtain the
                    consent of a data subject for their personal data to be
                    processed.<br> When processing personal data required for
                    the performance of a contract in which the  contractual
                    party is the data subject, Art. 6 (1) (b) GDPR forms the
                    legal basis. This  also applies if data has to be processed
                    in order to carry out pre-contractual activities.<br> Art.
                    6 (1) (c) GDPR forms the legal basis if personal data has
                    to be processed in order  to fulfil a legal obligation on
                    the part of our organisation.<br> Art. 6 (1) (d) GDPR forms
                    the legal basis in the case that vital interests of the
                    data  subject or another natural person make the processing
                    of personal data necessary.<br> If data processing is
                    necessary in order to protect the legitimate interests of
                    our  organisation or of a third party and if the interests,
                    basic rights and fundamental  freedoms of the data subject
                    do not outweigh the interests mentioned above,  Art. 6 (1)
                    (f) GDPR forms the legal basis for such data processing.
                </p>

                <h3>Deletion of data and storage period</h3>

                <p>
                    The personal data of the data subject are deleted or
                    blocked as soon as the reason for storing them ceases
                    to exist. Storage beyond this time period may occur if
                    provided for by European or national legislators in
                    directives under Union legislation, laws or other
                    regulations to which the data controller is subject.
                    Such data are also blocked or deleted if a storage period
                    prescribed by one of the above-named rules expires,
                    unless further storage of the data is necessary for
                    entering into or performing a contract.
                </p>
                <h2>Provision of the website and generation of log files</h2>
                <h3>Description and scope of data processing</h3>
                <p>
                    Each time our website is accessed, our system
                    automatically collects data and information from
                    the user’s computer system.<br> In this context, the
                    following data are collected:
                </p>
                <ul>
                    <li>
                        Address (URL) of the website from which the file was requested
                    </li>
                    <li>
                        Name of the retrieved file
                    </li>
                    <li>
                        Date and time of the request
                    </li>
                    <li>
                        Data volume transmitted
                    </li>
                    <li>
                        Access status (file transferred, file not found, etc.)
                    </li>
                    <li>
                        Description of the type of web browser and/or operating system used
                    </li>
                    <li>
                        Anonymised IP address of the requesting computer
                    </li>
                </ul>
                <p>
                    The data stored are required exclusively for technical or
                    statistical purposes; no comparison with other data or
                    disclosure to third parties occurs, not even in part.
                    The data are stored in our system’s log files. This is not
                    the case for the user’s IP addresses or other data
                    that make it possible to assign the data to a specific
                    user: before data are stored, each dataset is anonymised by
                    changing the IP address. These data are not stored
                    together with other personal data .
                </p>

                <h3>Legal basis for data processing</h3>
                <p>
                    The legal basis for the temporary storage of data and
                    logfiles is §§ 14, 15 TMG, § 100 Abs. 1 TKG and Art. 4
                    BayDSG following the tasks of Art. 11 BayEGovG and Art. 7
                    and 34 BayHO
                </p>

                <h3>Purpose of data processing</h3>
                <p>
                    The temporary storage of the IP address by the system is
                    necessary in order to deliver the website to the
                    user’s computer. For this purpose, the user’s IP address
                    must remain stored for the duration of the session.<br> The
                    storage of such data in log files takes place in order to
                    ensure the website’s functionality. These data also serve
                    to help us optimise the website and ensure that our  IT
                    systems are secure. They are not evaluated for marketing
                    purposes in this respect.
                </p>

                <h3>Storage period</h3>
                <p>
                    Data are deleted as soon as they are no longer necessary
                    for fulfilling the purpose for which they were
                    collected. If data have been collected for the purpose of
                    providing the website, they are deleted at the end of the
                    respective session.<br> If data are stored in log files,
                    they are deleted at the latest after seven days. A  longer
                    storage period is possible. In this case, the users’ IP
                    addresses are deleted  or masked so that they can no longer
                    be assigned to the client accessing the website.
                </p>

                <h3>Options for filing an objection or requesting removal</h3>
                <p>
                    The collection of data for the purpose of providing the
                    website and the storage of such data in log files is
                    essential to the website’s operation. As a consequence,
                    the user has no possibility to object.
                </p>

                <h2>Use of cookies</h2>
                <h3>Description and scope of data processing</h3>
                <p>
                    Our website uses cookies. Cookies are text files that are
                    saved in the user’s web  browser or by the web browser
                    on the user’s computer system. When a user accesses a
                    website, a cookie can be stored in the user’s operating
                    system. This cookie contains a character string that allows
                    the unique identification of the browser when the
                    website is accessed again.
                </p>
                <p>
                    We use cookies to make our website more user-friendly. Some
                    parts of our website require that the requesting browser
                    can also be identified after changing pages.<br> During
                    this process, the following data are stored in the cookies
                    and transmitted:
                </p>
                <ul>
                    <li>
                        Log-in information (only in the case of protected information that is made available exclusively to FAU members)
                    </li>
                </ul>
                <p>
                    Technical measures are taken to pseudonymise user data
                    collected in this way. This  means that the data can no
                    longer be assigned to the user. The data are not stored
                    together with other personal data of the user.<br> When
                    accessing our website, a banner informs users that cookies
                    are used for analysis  purposes and makes reference to this
                    data protection policy. In connection with this,  users are
                    also instructed how they can block the storage of cookies
                    in their browser settings.
                </p>

                <h3>Legal basis for data processing</h3>
                <p>
                    The legal basis for the temporary storage of data and
                    logfiles is §§ 14, 15 TMG, § 100 Abs. 1 TKG and Art. 4
                    BayDSG following the tasks of Art. 11 BayEGovG and
                    Art. 7 and 34 BayHO
                </p>

                <h3>Purpose of data processing</h3>
                <p>
                    Analysis cookies are used for the purpose of improving the
                    quality of our website and its content. We learn
                    through the analysis cookies how the website is used and in
                    this way can continuously optimise our web presence.
                </p>

                <h3>Storage period, options for filing an objection or requesting removal</h3>
                <p>
                    As cookies are stored on the user’s computer and are
                    transmitted from it to our website, users have full
                    control over the use of cookies. You can deactivate or
                    restrict the transmission of cookies by changing the
                    settings in your web browser. Cookies that are already
                    stored can be deleted at any time. This can also be done
                    automatically. If cookies are deactivated for our
                    website, it may be the case that not all of the website’s
                    functions can be used in full.
                </p>

                <h2>SSL encryption</h2>
                <p>
                    Our website uses SSL encryption for security reasons and to
                    protect the transmission  of confidential information,
                    for example enquiries you send to us as operators of
                    the website. You can recognise an encrypted connection
                    when the browser’s address line changes from
                    <code>http://</code> to <code>https://</code> and a padlock
                    appears in your web browser.
                </p>

                <p>
                    If SSL encryption is activated, the data you transmit to us
                    cannot be read by third parties.
                </p>

                <h2>Rights of the data subject</h2>
                <p>
                    With regard to the processing of your personal
                    data, you as a data subject are entitled to the
                    following rights pursuant to Art. 15 et seq. GDPR:
                </p>

                <ul>
                    <li>
                        You can request information as to whether we process
                        your personal data. If 	this is the case, you have the
                        right to information about this personal data as well
                        as further information in connection with the
                        processing (Art. 15 GDPR). Please note that this
                        right of access may be restricted or excluded in
                        certain cases (cf. in particular Art. 10 BayDSG).
                    </li>
                    <li>
                        In the event that personal data about you is (no
                        longer) accurate or incomplete,	you may request that
                        this data be corrected and, if necessary, completed
                        (Art. 16 GDPR).
                    </li>
                    <li>
                        If the legal requirements are met, you can demand that
                        your personal data be erased (Art. 17 GDPR) or that
                        the processing of this data be restricted (Art. 18
                        DSGVO). However, the right to erasure pursuant to
                        Art. 17 (1) and (2) GDPR does not apply, inter alia,
                        if the processing of personal data is necessary for the
                        performance of a task carried out in the public
                        interest or in the exercise of official authority
                        or in the exercise of official authority vested (Art.
                        17 para. 3 letter b GDPR).
                    </li>
                    <li>
                        If you have given your consent to the processing, you
                        have the right to withdrawal it at any time. The
                        withdrawal will only take effect in the future;
                        this means that the withdrawal does not affect the
                        lawfulness of the processing operations carried out
                        on the basis of the consent up to the withdrawal.
                    </li>
                    <li>
                        For reasons arising from your particular situation, you
                        may also object to the processing of your personal
                        data by us at any time (Art. 21 GDPR). If the legal
                        requirements are met, we will subsequently no longer
                        process your personal data.
                    </li>
                    <li>
                        Insofar as you have consented to the processing of your
                        personal data or have agreed to the performance of
                        the contract and the data processing is carried out
                        automated, you may be entitled to data portability
                        (Art. 20 GDPR).
                    </li>
                    <li>
                        You have the right to lodge a complaint to a
                        supervisory authority within the meaning of Art. 51
                        GDPR about the processing of your personal data. The
                        responsible supervisory authority for XXX
                        authorities is YYY.
                    </li>
                </ul>
            </div>
        </div>
    </div>
{{end}}