In compliance with the applicable data protection laws, we process personal data that is collected when you visit our websites. We will not publish your data or disclose it to any third parties without authorization. In the following sections, we explain which data we collect when you visit our websites, and exactly how this data is used.
I. Name and address of the controller
The controller within the meaning of the General Data Protection Regulation, other national data protection legislation of the Member States and other data protection legislation is:
Leibniz Institute for Zoo and Wildlife Research in the Forschungsverbund Berlin e.V. (Leibniz-IZW)
Rudower Chaussee 17
Phone: +49(0)30 63923300
represented by the Executive Board of Forschungsverbund Berlin e.V.:
Professor Dr. Volker Haucke, Executive Board Spokesman and Director of FMP;
Dr. Falk Fabich, provisional Executive Board Member and provisional Managing Director of Forschungsverbund Berlin e.V.
II. Name and address of the Data Protection Officer
III. General information about data processing
1. Scope of personal data processing
As a general rule, we only process personal data concerning our users where necessary in order to provide a functional website and to provide our content and services. Personal data concerning our users will only be processed regularly if the user has given his or her consent. An exemption applies in such cases where it is impossible, for reasons of fact, to gain prior consent and the processing of data is permitted by law.
2. Legal basis for personal data processing
Where we obtain the consent of the data subject for processing procedures, Article 6(1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary for the performance of a contract to which the data subject is party, Article 6(1)(b) GDPR serves as the legal basis. The same applies for processing procedures that are necessary in order to take steps prior to entering into a contract.
Where it is necessary to process personal data for compliance with a legal obligation that Leibniz-IZW must meet, Article 6(1)(c) GDPR serves as the legal basis.
In the event that the vital interests of the data subject or of another natural person require the processing of personal data, Article 6(1)(d) GDPR serves as the legal basis.
If processing is necessary for the purposes of the legitimate interests pursued by Leibniz-IZW or by a third party and if the aforementioned interests are not overridden by the interests or fundamental rights and freedoms of the data subject, then Article 6(1)(f) GDPR serves as the legal basis for processing.
3. Erasure of data and storage period
The personal data concerning the data subject will be erased or made unavailable as soon as the purpose of storage ceases to apply. Data may also be stored where provision has been made for this by European or national legislators in Union regulations, laws or other provisions to which Leibniz-IZW is subject. Data will also be made unavailable or erased where a storage period prescribed by the aforementioned legislation expires, unless there is a need for the further retention of the data for the purpose of entering into or performing a contract.
IV. Provision of the website and creation of log files
Every time our website is visited, our system automatically collects data and information from the computer system of the requesting computer in so-called log files.
The following data is collected in this connection and stored in our systems’ log files:
• Date and time of access
• User’s IP address
• Websites called up from the user’s system via our website
• Websites from which the user’s system reached our website
• Information about the browser type and version
• Information about the user’s operating system
• Information about the user’s internet service provider
This data will not be stored together with other personal data concerning the user.
Data is stored in log files in order to ensure the functionality of the website. In addition, the data serves the purpose of optimizing the website, of eliminating any possible malfunctions and of preserving the security of our information technology systems. Data is deleted as soon as it is no longer necessary for the purpose for which it was collected. In the case of the provision of the website, this occurs at the end of the session.
Log file data is usually deleted after 30 days at the latest. If Leibniz-IZW has to store log file data for a longer period due to technical requirements or security aspects, users’ IP addresses are deleted or modified to prevent their identification. Such storage is essential and cannot be objected to by the user. The legal basis for the storage of data and log files is Article 6(1)(f) GDPR.
1. Description and scope of data processing
2. Essential cookies
In the process, the cookies store and transmit the following data:
• Language settings; when a user switches language: cookie i18N_LANGUAGE, this cookie simply records the choice of language and can by no means be used to identify or track a visitor to the website.
• Log-in information (session data); after log-in: __ac. This cookie contains encrypted information about the successful log-in and will be deleted after logging out. It is only used to record the log-in status; no further storage of data occurs.
These two cookies are deleted when you close the session. No user profiles are created by essential cookies. The legal basis for the use of such cookies can be found in Article 6(1)(f) GDPR.
3. Duration of storage, possibility of objection and removal
VII. Data transmission
Your personal data is managed and stored at Leibniz-IZW.
Your personal data will only be transmitted to state institutions and authorities when required by legislation or for the purpose of prosecution for attacks on our network infrastructure. Data will not be disclosed to third parties for any other purpose.
VIII. Rights of the data subject
If personal data concerning you is processed, you are the data subject within the meaning of the General Data Protection Regulation and have the following rights vis-à-vis the controller – unless statutory exceptions apply in specific cases:
• Withdrawal of consent (Article 7(3) GDPR)
• Access (Article 15 GDPR)
• Rectification (Article 16 GDPR)
• Erasure (Article 17(1) GDPR)
• Restriction of processing (Article 18 GDPR)