Data protection regulation pursuant to EU European General Data Protection Regulation (GDPR)
Courtesy translation – only the German language version is legally binding
1. Scope of Application
This data protection declaration applies to the Internet offering of the Leibniz Education Research Network (LERN) at https://www.leibniz-bildung.de. For websites of other providers, which are referred to e.g. via links, the data protection information and declarations of those providers apply.
2. Operator of the Website
The LERN website is operated by the DIPF | Leibniz Institute for Research and Information in Education. The DIPF is responsible for processing the personal data collected on this website. For address and contact details, please refer to the imprint.
3. Responsible Data Protection Officer
The Coordination Office of the Leibniz Education Research Network (LERN) is institutionally affiliated with the DIPF | Leibniz Institute for Research and Information in Education. If you have any questions regarding data protection, please contact the responsible data protection officers:
DIPF | Leibniz Institute for Research and Information in EducationData Protection Officer
Rostocker Str. 6
4. Collected data
The use of our website is possible without providing additional personal data. Insofar as personal data is collected on our pages, this is always done on a voluntary basis beyond technically necessary functionality data. All data will not be passed on to third parties without your express consent.
Data and information are collected every time this website is called up and used. This functionality data and information is stored in log files of the servers. The following data may be collected:
- IP address
- Information about the type of browser and the version used
- Date and time of access
- Internet service provider of user
- User’s operating system
- Websites from which the user’s system accesses our website
- Websites that are accessed by the user’s system via our website
5. Duration of Storage
The legal basis for the temporary storage of the data and the log files is Art. 6 (1) lit. f of the German Data Protection Regulation (GDPR). The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session. The storage in log files is done to ensure the functionality of the website, to optimize the content of the website and to ensure the security of our information technology systems. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. In the case of storage of data in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of users are deleted or alienated so that an assignment of the calling client can no longer be made.
6. Note on Limits of Data Protection
We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of data against access by third parties is not possible on this side. The use of contact data published within the framework of the imprint obligation by third parties for the purpose of sending unsolicited advertising and alleged information material is hereby expressly prohibited. The DIPF expressly reserves the right to take legal action in the event that unsolicited advertising information, such as spam, is sent.
7. Your Rights
According to Art. 15 – 18 and 20 – 21 GDPR, you as a user of this website have the following rights:
7.1 Right to Information
You can request information pursuant to Art. 15 GDPR or § 52 HDSIG (Hessisches Datenschutz- und Informationssicherheits Gesetz) about your personal data processed by us. In your request for information, you should specify your request in order to make it easier for us to compile the necessary data. Please note that your right to information may be restricted by the provisions of Sections 24 (2), 25 (2), 26 (2) and 33 HDSIG Section 52 (2) to (5) HDSIG.
7.2 Right to Rectification
If the information concerning you is not (or is no longer) accurate, you may request a correction in accordance with Art. 16 GDPR or § 53 HDSIG. If your data is incomplete, you can also demand that it be completed.
7.3 Right to Deletion
You can demand the deletion of your personal data under the conditions of Art. 17 GDPR and §§ 34 and 53 HDSIG.
7.4 Right to Restriction of Processing
Within the framework of the requirements of Art. 18 GDPR or also § 53 HDSIG, you have the right to demand a restriction of the processing of the data concerning you.
7.5 Right to Data Portability
According to Art. 20 GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, common and machine-readable format. You also have the right to transfer this data to another controller without hindrance from the controller to whom the personal data was provided. This applies if.
(1) the processing is based on consent pursuant to Art. 6(1)(a) GDPR or Art. 9(2)(a) GDPR or on a contract pursuant to Art. 6(1)(b) GDPR
and (2) the processing is carried out with the help of automated procedures.
The exercise of this right also includes the possibility for you to have the personal data concerning you transferred directly from one controller to another controller, insofar as this is technically feasible. Freedoms and rights of other persons must not be affected by this.
7.6 Right to Object
Pursuant to Art. 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of data relating to you which is carried out on the basis of Art. 6 (1) lit. e or f GDPR.
7.7 Right to Complain
If you are of the opinion that we have not complied with data protection regulations when processing your personal data, you may, in accordance with Art. 77 GDPR, § 55 HDSIG, lodge a complaint with the supervisory authority at the Hessian Commissioner for Data Protection and Freedom of Information, who will examine your complaint.
E-mail address of the data protection officer: email@example.com
8. Explanations on Data Analysis Functions and Social Media Platforms
8.1 Anonymous Data Collection
In principle, you can visit the website of the Leibniz Education Research Network without telling us who you are. However, in order to improve our Internet offering, we conduct web analysis. The following information may be collected in the process: IP address, information about the browser type and version used, date and time of access, users Internet service provider, operating system used, websites from which the users system accesses our website, and websites accessed by the users system via our website. This information is evaluated for statistical purposes. Individual users remain anonymous.
This website uses Matomo, an open source software for statistical analysis of visitor traffic. Matomo uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is stored on our server. The IP address is anonymized immediately after processing and before it is stored. You can prevent the installation of cookies by selecting the appropriate settings on your browser software (so-called “Do-Not-Track” function). However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
Objection to tracking with Matomo
Tracking is currently not active for you, because your browser has informed us that you do not want tracking. This is a browser setting. To reactivate tracking, you must deactivate the so-called “Do-Not-Track” setting in your browser settings.
8.3 Social Media Plugins with Shariff
On our website, plugins of the social media Twitter, Facebook and LinkedIn are used, which enable the sharing of posts via links. You can recognize these links by icons or small stylized symbols. To ensure data protection on our website, we only use these plugins together with the so-called “Shariff” solution. This application prevents the plugins integrated on our website from transmitting data to the respective provider when you first enter the page. Only when you activate the respective plugin by clicking on the associated button, a direct connection to the provider’s server is established. As soon as you activate the plugin, the respective provider receives the information that you have visited our site with your IP address. Activating the plugin constitutes consent within the meaning of Art. 6 Para. 1 lit. a GDPR.
9. Newsletter Subscription
On the LERN website you can subscribe to a free newsletter.
By ordering the LERN newsletter, published by the DIPF | Leibniz Institute for Research and Information in Education, you agree to receive the newsletter 4-5 times per year by e-mail. When you order the newsletter, your e-mail address (as well as your first name and last name), the date and time of registration and your IP address will be stored on the DIPF servers as a record. Your e-mail address will be used exclusively for sending the LERN newsletter. It will not be passed on to third parties. The data processing is based on your consent (Art. 6 para. 1 lit. a GDPR) as well as for the purpose of implementation (Art. 6 para. 1 lit. b GDPR). A revocation of your already given consent is possible at any time.
If you wish to unsubscribe from the newsletter, you can use the form https://www.leibniz-bildung.de/newsletter-abmeldung/ for this purpose or click on the “Unsubscribe from newsletter” link, e.g. also at the end of each newsletter. Data that you have entered to set up a newsletter subscription will be deleted from our servers in the event of unsubscription.
10. Registration for Events
You can register for events of the Leibniz Education Research Network via the LERN website. For this purpose, information on e-mail address, first and last name as well as institutional affiliation is required. All other information in the respective registration form is optional. If there is a call for papers, it is possible that this can also be uploaded via the event page.
The data you provide will be used for participation management, for sending information and documentation and, if necessary, for a selection of papers. The legal basis is your consent, which you give by sending your registration for the event (Art. 6 para. 1 lit. a GDPR), as well as for the purpose of implementation (Art. 6 para. 1 lit. b GDPR).
On the web server, all data will be deleted after 12 weeks, possible functionality data of a website visit (event page) after 1 week. You can revoke your consent at any time by sending an e-mail to firstname.lastname@example.org.
Last modified: December 15, 2020