The Max Planck Society for the Advancement of Science (MPG) takes the protection of your personal data very seriously. We process gathered personal data when visiting our websites in compliance with applicable data protection legislation. However, the pages of open-diffix.org are hosted on third party servers. This always presupposes that the respective provider is aware of the user's IP address, because without the IP address, they would not be able to send content to the browser of the respective user. The IP address is required to display the content.
Unfortunately, we have no control over whether the third-party provider saves the IP address, e.g. for statistical purposes. As far as we know this, we will inform the users about it.
Data protection declaration for the use of GitHub Pages
Scope of data processing
We generally only collect and use personal user data insofar as this is necessary to provide a functional website and our content and services. The collection and use of our users' personal data takes place regularly with the consent of the users. An exception applies in those cases in which the processing of the data is permitted by law.
Legal basis of data processing
To the extent that permission of the affected individual is obtained for the processing of personal data, Article 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
In the processing of personal data to fulfil a contract whose contractual party is the individual affected, Article 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing required to implement pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfill a legal obligation governing the MPG, Articel 6 (1) of the GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Articel 6 (1) of the GDPR serves as the legal basis.
If processing is required to safeguard the justified interest of the MPG or a third party and the interests, basic rights and basic freedoms of the affected individual do not outweigh the first-mentioned interest, Article 6 (1) lit. f GDPR serves as the basis for such processing.
MailChimp - Newsletter
We offer you the opportunity to register for our free newsletter on our website.
We use MailChimp, a service of The Rocket Science Group, LLC, 512 Means Street, Suite 404, Atlanta, GA 30318, USA, hereinafter referred to as "The Rocket Science Group", to send the newsletter.
The Rocket Science Group also offers further data protection information here:
If you register to receive our newsletter, the data requested during the registration process, such as your e-mail address and, optionally, your name and address, will be processed by The Rocket Science Group. In addition, your IP address as well as the date and time of your registration are saved. As part of the further registration process, your consent for the newsletter is obtained, the content is specifically described and reference is made to this data protection declaration.
The newsletter then sent via The Rocket Science Group also contains a so-called tracking pixel, also known as a web beacon. With the help of this tracking pixel, we can evaluate whether and when you have read our newsletter and whether you have followed any further links contained in the newsletter. In addition to other technical data, such as the data of your EDP system and your IP address, the data processed is stored so that we can optimize our newsletter offer and respond to the wishes of the readers. The data are therefore used to increase the quality and attractiveness of our newsletter offer.
The legal basis for sending the newsletter and the analysis is Art. 6 Para. 1 lit. a.) GDPR.
You can revoke your consent to the sending of the newsletter at any time with future effect in accordance with Art. 7 Para. 3 GDPR. All you have to do is inform us of your revocation or use the unsubscribe link contained in every newsletter.
Data deletion and storage duration
The affected individual's personal data are deleted or blocked as soon as the purpose of the storage ceases to apply. Storage can also occur if provided for by European or national legislators in EU regulations, acts or other legislation to which the MPG is subject. A blocking or deletion of data then occurs only if a storage period prescribed by one of the aforementioned norms expires, unless a necessity exists in relation to the further storage of the data for the arrangement of a contract or the fulfilment of a contract.
Contact details of the individuals responsible
The entity responsible in the meaning of the General Data Protection Regulation and other national data protection acts as well as other data protection legislation is the
Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
Telephone: +49 (89) 2108-0
Contact form: https://www.mpg.de/kontakt/anfragen
Data Protection Officer's contact details
The Data Protection Officer at the entity responsible is
Telephone: +49 (89) 2108-1554
Contact details of the website-administrator
Paul Francis: firstname.lastname@example.org
Provision of the website and creation of log files
Each time you visit our website, our service and applications automatically record data and information from the computer system of the visiting computer.
The following data are gathered temporarily:
- Your IP address
- Date and time of your access to the website
- Address of the page visited
- Address of the previously visited website (referrer)
- Name and version of your browser/operating system (if transmitted)
These data are stored in our systems' log files. These data are not stored together with the user's other personal data.
The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs in log files in order to ensure the website's functionality. The data also help us optimize the websites, eliminate malfunctions and ensure our IT system security. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.
The data are deleted as soon as they are no longer required to achieve the purpose for which they were gathered. If data are gathered for the provision of the website, this is the case if the respective visit is ended. In the instance that data are stored in log files, this is the case after seven days at the latest. Storage above and beyond this period is possible. In this case, the users' IP addresses are deleted or removed so they can no longer be allocated to the visiting client.
The recording of data for the provision of the website and the storage of data in log files is essential to operate the website. As a consequence, users do not have an option to revoke such data recording.
Your personal data will only be conveyed to state institutions and authorities in legally essential cases or for criminal prosecution based on attacks on our network infrastructure. The data are not transmitted to third parties for other purposes.
Rights of individuals affected
As an individual whose personal data are gathered as part of the aforementioned services, you have, in principle, the following rights, to the extent that no legal exceptions are applicable in individual cases:
- Information (Article 15 GDPR)
- Correction (Article 16 GDPR)
- Deletion (Article 17 (1) GDPR)
- Restriction of processing (Article 18 GDPR)
- Data transmission (Article 20 GDPR)
- Revocation of processing (Article 21 GDPR)
- Revocation of consent (Article 7 (3) GDPR)
- Right to complain to the regulator (Article 77 GDPR). For the MPG, this is the Bavarian Data Protection Authority (BayLDA), Postbox 606, 91511 Ansbach