Dear visitors to the Euroshrimp Internet portal of Alfred-Wegener-Institut
Helmholtz-Zentrum für Polar- und Meeresforschung.
To ensure that you feel secure when visiting our website, we would like to inform you below about how we handle your data. We neither publish your data nor pass it on to third parties without your consent. Below we explain what types of data we collect when you visit our web pages and precisely how it is used:
A. General information
1. Extent of data processing
We only process personal data collected from our users insofar as this is necessary for the provision of a functional web presence and our content and services. As a rule, personal data provided by our users is only processed with their consent. One exception is where statutory regulations permit the processing of data.
2. Legal basis for data processing
Art. 6 (1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis whenever we obtain the consent of the person concerned (“data subject”) for the processing of their personal data.
Art. 6 (1)(b) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data which is necessary for performing a contract to which the data subject is a party. The same applies to processing that is required for carrying out pre-contractual measures.
Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR) serves as the legal basis when processing is necessary to safeguard a legitimate interest of AWI or a third party, and provided this legitimate interest is not outweighed by the data subject’s interests and fundamental rights and freedoms.
3. Data erasure and storage duration
The personal data of the data subject is erased, anonymised or blocked as soon as the purpose of the storage ceases to apply. In addition, storage may take place if required by European or national law in EU regulations, laws or other regulations to which AWI is subject. Blocking, anonymisation or deletion of the data also takes place if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfil the contract.
4. Controller’s contact details
Data controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection legislation as well as any other data protection regulations:
Helmholtz-Zentrum für Polar-und Meeresforschung
Am Handelshafen 12
Contact form: https://www.awi.de/ueber-uns/service/kontakt.html
5. Contact details of the data protection officer:
The controller’s data protection officer is:
Tel.: +49 (471) 4831-1637
B. Provision of the website and creation of log files
We store data relating to individual visits to our website for statistical purposes to improve the quality of our web pages. This data record consists of:
- the page from which the data file was requested,
- the name of the data file,
- the date and time of the query,
- the quantity of data transmitted,
- the status of access (the file was transmitted or the file was not found),
- a description of the type of web browser used,
- the IP address of the inquiring computer.
The data is stored in the log files of our systems. Storage of this data together with other personal data of the user does not take place.
The legal basis for the temporary storage of data and the log files is Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR). Storage in log files is carried out to ensure the functionality of the website. In addition, the data is used to optimise the web pages, to carry out troubleshooting and to ensure the security of our IT systems. These purposes also constitute our legitimate interest in the data processing pursuant to Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR).
The data is deleted as soon as it is no longer needed to achieve the purpose for which it was collected. In the case of data collection for the provision of the website, the data is deleted when the respective session has ended. If the data is stored in log files, it will be deleted after seven days at the latest. Further storage is possible, in which case the IP addresses are deleted or altered so that identification of the calling client is no longer possible.
The collection of data for the purpose of providing the website and storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no right to objection on the part of the user.
C. Web analysis
Jetpack syncs miscellaneous bits of user information, such as:
- The user IDs, usernames, email addresses, roles, and capabilities of registered users. This does not include passwords.
- The user ID of any users that make changes to the site and the time that changes are made (e.g. ID of the user that added a new user, modified the site icon, or trashed a comment).
- Twitter username, if configured with Jetpack.
- Publicize connection data, which includes email addresses and usernames associated with connected services.
- For WordAds customers, we also sync the account’s email address and physical address. Review the complete terms of service for the program here.
- Successful and failed login attempts (this includes the IP address and user agent of the individual performing the login action).
This user-related data is utilized by Jetpack in a variety of ways, including:
- Preventing unauthorized access.
- Providing audit logs (coming soon!).
- Managing subscribers and followers.
- Seamless integration with third-party social media services.
Information of Jetpack hosting company:
The storage and evaluation of data is carried out solely on a central server operated by WordPress.com.
The legal basis for the processing of users’ personal data is Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR). Processing the personal data of users enables us to analyse how our users utilise the website. By evaluating the acquired data, we are able to compile information on the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. These purposes also constitute our legitimate interest in the data processing pursuant to Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR). By anonymising the IP address, sufficient consideration is given to the interests of users in protecting their personal data.
The data is erased after formation of the final annual totals for the access statistics.
Of course, you have the option of objecting to the data collection. You have the following independent ways of objecting to data being acquired through the central server:
1. Activate the “do not track” setting in your browser. As long as this setting is active, our central server will not be able to store any of your data. Important: The “do not track” instruction usually only applies to the device and the browser in which you activate the setting. If you use several devices/browsers, you have to activate “do not track” separately everywhere.
2. Use our opt-out function. Click on the tick in the following option box to stop or reactivate data collection. As long as this option box is deactivated, our central server will not be able to store any of your data. Important: For the opt-out, we need to store a special recognition cookie in your browser. If you delete it or utilise a different PC/browser, you will need to revoke data collecting again on this page.
Storage of this data together with other personal data of the user does not take place.
We deploy cookies to make our website more user-friendly. Some elements of our website also technically require the identification of the visiting browser after a change of page.
- Transferring the browser’s language setting: automatic selection of the homepage and spellcheck
- Remembering entered form data: search terms used in the website, entries in the contact form (Section E)
User data gathered by technically necessary cookies is not utilised to prepare user profiles. These purposes also constitute our legitimate interest in processing personal data, pursuant to Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR).
Cookies are stored on the user’s computer, which transmits them to our site. For this reason, you, as the user, also have full control over the utilisation of cookies. You can deactivate or restrict the transmission of cookies by changing your Internet browser settings. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, you may find that not all of the website’s functions can continue to be utilised in full.
E. Contact form / Euroshrimp Newsletter
There is a contact form on our website that can be used to contact us electronically. If you use this option, the data entered voluntarily in the input screen is transmitted to us and stored. This normally comprises your email address, first name, surname and organisation. We inform you about the actual processing of data while you are using the form and we obtain your consent. Reference is also made to the privacy notice. The data is used solely for processing the conversation.
The legal basis for processing the data when using the contact form, if the user’s consent has been given, is Art. 6 (1)(a) of the EU General Data Protection Regulation (GDPR). Personal data from the input screen is processed solely for the purpose of acting on the contact request. The data is deleted as soon as it is no longer needed to achieve the purpose for which it was collected. This is the case when the relevant conversation with the user has ended or when the user’s request has finally been processed. The conversation has ended when it is apparent from the circumstances that the issue in question has been finally clarified. The user may at any time withdraw their consent to the processing of personal data vis-à-vis the contact persons listed.
Your personal data will only be transmitted to government organisations and authorities if required by law and/or for the purpose of prosecution in the event of attacks on our network infrastructure. Forwarding to third parties for other purposes does not take place.
Mailchimp.com / Newsletter
F. Rights of the data subject
As the data subject whose personal data is collected within the scope of the above-mentioned services, you have the following rights, unless any legal exceptions apply in individual cases:
- Information (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 (1) GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection to processing (Art. 21 GDPR)
- Withdrawal of consent (Art. 7 (3) GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR). For AWI, this is the Landesbeauftragte für den Datenschutz und Informationssicherheit (State Data Protection and Freedom of Information Officer), Arndtstrasse 1, 27570 Bremerhaven.
Use of WP Security Plugin
For security reasons we are using the plugin All In One WP Security & Firewall.
This plugin can collect IP addresses for security reasons, such as to prevent brute force login threats and malicious activity. The collected information is stored on our server. No information is transmitted to third parties or remote server locations.
Use of external map services
Data protection regulations on the use of Google Maps
Some of our web pages use Google Maps for showing a site layout. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this website, you consent to the capture, processing and use of the data that is automatically collected, and of the data that you enter, by Google, its agents and external service providers.