The Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG) takes the protection of your personal data very seriously. We process personal data gathered when visiting our websites in compliance with applicable data protection legislation. We neither publish your data nor transmit them to third parties on an unauthorized basis.

In the following section, we explain which data we record when you visit one of our websites, and exactly how they are utilized:

A. General information

1. Scope of data processing
As a matter of principle, we gather and utilize users' personal data only to the extent required to ensure the functioning of our website and of our contents and services. The gathering and utilization of our users' personal data normally occurs after users have granted their consent. An exception occurs where data processing is legally permitted.

2. Legal basis of data processing
To the extent that permission of the affected individual is obtained for the processing of personal data, Article 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

In the processing of personal data to fulfil a contract whose contractual party is the individual affected, Article 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing required to implement pre-contractual measures.

If processing is required to safeguard the justified interest of the MPG or a third party and the interests, basic rights and basic freedoms of the affected individual do not outweigh the first-mentioned interest, Article 6 (1) lit. f GDPR serves as the basis for such processing.

3. Data deletion and storage duration
The affected individual's personal data are deleted or blocked as soon as the purpose of the storage ceases to apply. Storage can also occur if provided for by European or national legislators in EU regulations, acts or other legislation to which the MPG is subject. A blocking or deletion of data then occurs only if a storage period prescribed by one of the aforementioned norms expires, unless a necessity exists in relation to the further storage of the data for the arrangement of a contract or the fulfillment of a contract.

4. Contact details of the individuals responsible
The entity responsible in the meaning of the General Data Protection Regulation and other national data protection acts as well as other data protection legislation is the

Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
Hofgartenstrasse 8
D-80539 Munich

Telephone: +49 (89) 2108-0
Contact form: https://www.mpg.de/contact/requests
Internet: https://www.mpg.de

5. Data Protection Officer's contact details
The Data Protection Officer at the entity responsible is

Heidi Schuster
Hofgartenstrasse 8
D-80539 Munich

Telephone: +49 (89) 2108-1554
E-mail: datenschutz@mpg.de

B. Provision of the website and creation of log files

Each time you visit our website, our service and applications automatically record data and information from the computer system of the visiting computer.

The following data are gathered temporarily:

  • Your IP address
  • Date and time of your access to the website
  • Address of the page visited
  • Address of the previously visited website (referrer)
  • Name and version of your browser/operating system (if transmitted)

These data are stored in our systems' log files. These data are not stored together with the user's other personal data.

The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs in log files in order to ensure the website's functionality. The data also help us optimize the websites, eliminate malfunctions and ensure our IT system security. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.

The data are deleted as soon as they are no longer required to achieve the purpose for which they were gathered. If data are gathered for the provision of the website, this is the case if the respective visit is ended. In the instance that data are stored in log files, this is the case after seven days at the latest. Storage above and beyond this period is possible. In this case, the users' IP addresses are deleted or removed so they can no longer be allocated to the visiting client.

The recording of data for the provision of the website and the storage of data in log files is essential to operate the website. As a consequence, users do not have an option to revoke such data recording.

C. Web analysis

We use the web analytics programme Matomo for statistical data collection in relation to utilization behaviour; this programme uses cookies and JavaScript to collect various information on your computer and transmit this automatically to us. Every time our website is accessed, our system logs the following data and information from the accessing computer system:

  • IP address, anonymized by means of abbreviation
  • Two cookies to distinguish between different visitors (pk_id and pk_sess)
  • Previously visited URL (referrer), if communicated by the browser
  • Name and version of the operating system
  • Name, version and language setting of the browser

The following data is also collected if JavaScript is activated:

  • URLs visited on this website
  • Times of page visits
  • Type of HTML requests
  • Screen resolution and colour depth
  • Technologies and formats supported by the browser (e.g. cookies, Java, Flash, PDF, WindowsMedia, QuickTime, Realplayer, Director, SilverLight, Google Gears)

The saving and analysis of data is carried out solely on a central server operated by the MPG. In addition to the central website www.mpg.de, it is also used by most Max Planck Institutes and many MPG project websites.

The legal basis for the processing of personal user data is Art. 6 para. 1 lit. f GDPR. By processing personal user data, we are able to analyse our users' utilization behaviour. Analysis of the data collected enables us to compile information on the use of the individual components of our web pages. This helps us improve our websites and their user-friendliness on an ongoing basis. These purposes also constitute our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR. Anonymizing the IP address means that user behaviour can no longer be attributed to a specific person.

The data is deleted after the final annual totals have been arrived at for access statistics.

It goes without saying that you have the opportunity to object to your data being collected. The following independent methods are available to you if you wish to object to data collection by the central server:

  1. In your browser, activate the Do-Not-Track setting. If this setting is active, our central server does not save any of your data. Important: Do-Not-Track generally only applies to the one device and browser on which the setting is activated. If you use several devices/browsers, you must activate Do-Not-Track separately on each one.
  2. Use our opt-out function. Click on the check mark in the following selection box under https://www.mpg.de/privacy-policy/data-collection-opt-out in order to stop or re-activate data collection. If the selection box is deactivated, our central server does not save any of your data. Important: For the opt-out, we have to store a special recognition cookie in your browser. If you delete this or use a different PC/browser, you have to object to data collection once again on this page.

There is no storage of this data together with other personal data relating to the user.

D. Use of cookies

Our website uses cookies. Cookies are text files which are saved in or by the internet browser in the user's computer system. If a user accesses a website, a cookie can be saved on the user's operating system. This cookie contains a characteristic string of characters which enables definitive identification of the browser the next time the website is accessed.

We use cookies in order to make our website more user-friendly. It is a technical requirement of certain elements of our website that the accessing browser can also be identified after a page change. The following data is saved and transmitted in cookies:

  • Language settings (localization) of the browser: Session Cookie i18next
  • Session data (click series, pages accessed, current language and any error messages on forms: Session Cookie mpg_session_r
  • Form security (secures communication via web forms): Session Cookie csrf_token

The legal basis for the processing of personal data by means of cookies is Art. 6 para. 1 lit. f GDPR and § 25 para. 2 No. 2 TTDSG. Some of the functions of our website cannot be offered without the use of cookies. For these to work, it is essential for the browser to be recognized after a page change. We require cookies for the following applications:

  • Function of the language switch
  • Automatic takeover of the browser's language settings
  • Remembering of form details entered: words used in searches within the website, details entered in the contact form (Section F)

The user data collected by technically required cookies is not used to create user profiles. These purposes also constitute our legitimate interest in the process of personal data according to Art. 6 para. 1 lit. f GDPR.

Cookies are saved on the user's computer and transmitted by the latter to our website. For this reason, you as the user also have full control over the use of cookies. By changing the settings in your internet browser, you can deactivate or limit the transmission of cookies. Cookies which have already been saved can be deleted at any time. This can also happen on an automated basis. If cookies are deactivated for our website, the full range of functions of the website may not be entirely available for use.

On our website we also use cookies that enable analysis of utilization behaviour. For details, please read the information under C.

E. Newsletter

By subscribing to the MPINB newsletter, you allow us to use your email address to send you our electronic newsletter on a regular basis. We use the provider "Sendinblue" to send our newsletter. As part of the registration, you therefore agree that your data will be passed on to Sendinblue GmbH. Please note the privacy policy and general terms and conditions of Sendinblue GmbH. Your data will not be passed on to third parties. Your data will not be processed or used for the purposes of consulting, advertising or market research. If you unsubscribe from the newsletter, all personal data about you will be deleted from our database.

F. YouTube Terms of Use

https://www.mpinb.mpg.de integrates YouTube videos on some pages. The YouTube "Terms of Use" can be viewed at the following link: https://www.youtube.com/static?template=terms

G. Rights of individuals affected

As an individual whose personal data are gathered as part of the aforementioned services, you have, in principle, the following rights, to the extent that no legal exceptions are applicable in individual cases:

  • Information (Article 15 GDPR)
  • Correction (Article 16 GDPR)
  • Deletion (Article 17 (1) GDPR)
  • Restriction of processing (Article 18 GDPR)
  • Data transmission (Article 20 GDPR)
  • Revocation of processing (Article 21 GDPR)
  • Revocation of consent (Article 7 (3) GDPR)
  • Right to complain to the regulator (Article 77 GDPR). For the MPG, this is the Bavarian Data Protection Authority (BayLDA), Postfach 1349, 91504 Ansbach, Germany.