Jump to main navigation Skip to Content

DFG Logo: back to Homepage Deutsche Forschungsgemeinschaft

Privacy Policy and Data Protection Notice

The Deutsche Forschungsgemeinschaft e.V. (DFG) takes the protection of your personal data very seriously. We process personal data which is collected when you visit our website or use our services in compliance with the applicable data protection provisions. Your data will not be published by us and will not be passed on to a third party without your consent or the necessary legal authorisation.

Below, we explain what data we collect when you use our services and how exactly this is used.

General information concerning data processing

Scope of the data processing

We generally only collect and use personal data of website users if this is necessary in order to provide a functional website or to make our content and services available. The collection and use of personal data of our users generally only takes place with their consent. An exception applies in cases where processing is permitted under statutory regulations.

Legal basis for the processing of personal data

Should we obtain the consent of the affected person (data subject) for the processing of personal data, Article 6 Paragraph 1 Letter a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for this.

When processing personal data which is necessary in order to fulfil a contract where the contracting party is the data subject, Article 6 Paragraph 1 Letter b) GDPR serves as the legal basis. This also applies to processing operations which are necessary in order to implement pre-contractual measures.

Should processing of personal data be necessary to fulfil a legal obligation to which our company is subject, Article 6 Paragraph 1 Letter c) GDPR serves as the legal basis.

Should the processing be necessary for the purposes of the legitimate interest of the DFG or of a third party and should the interests or fundamental rights and freedoms of the data subject not override the first interest referred to, Article 6 Paragraph 1 Letter f) GDPR forms the legal basis of the processing.

Data deletion and duration of storage

The personal data of the data subject will be erased or made unavailable once the purpose of storage no longer applies. Storage may also take place if this is provided for by the European or national legislator in EU regulations, laws or other ordinances to which the DFG is subject. The data will also be made unavailable or erased if a storage period prescribed by the named norms expires, unless the continued storage of the data is necessary in order to enter into or fulfil a contract.

Contact details of the responsible body (controller)

The responsible body under the GDPR and other national data protection laws, as well as other data protection provisions, is:

represented by the Executive Board, the President Professor Peter Strohschneider and the Secretary General Professor Dorothee Dzwonnek.

Contact details of the data protection officer

Provision of the website, creation of log files and web analytics

Each time a file is used and retrieved, data is temporarily stored and processed in a log file.

Prior to storage, each data record is anonymised by changing the IP address.

In specific terms, this means that the following data is stored with each retrieval/access:

  • anonymised IP address,
  • date and time,
  • retrieved page/name of retrieved file,
  • address of the webpage visited previously (referrer),
  • name and version of your browser/operating system (if transferred),
  • your e-mail address (e.g. when using the contact form),
  • amount of data transferred,
  • notification of whether the retrieval/access was successful.

This data is only analysed for statistical purposes and to improve the website. This information is not used in any other way nor is it forwarded to third parties.

When you access the DFG website, so-called temporary cookies are used to facilitate navigation. These session cookies do not contain any personal data and expire after the end of the session. Components such as Java applets or ActiveX controls that trace users’ access habits are not used.

The legal basis for the temporary storage of the data and log files is Article 6 Paragraph 1 Letter f) GDPR. The data is stored in log files in order to ensure the functionality of the website. In addition, the data allows us to optimise the website, fix problems and ensure the security of our IT systems. These purposes also represent our legitimate interest in data processing in accordance with Article 6 Paragraph 1 Letter f) GDPR.

The data is deleted once it is no longer required for the purpose for which it was collected. In the case of the recording of the data in order to provide the website, this is the case when the individual session comes to an end. In the case of the storage of the data in log files, this is the case after a maximum of seven days. Data may also be stored beyond these periods of time. In this case, the IP addresses of the users are deleted or disguised, so that it is no longer possible to link them to the accessing client.

The recording of data in order to provide the website and the storage of the data in log files is absolutely necessary for the operation of the website. As a result, the user does not have grounds to raise an objection.

Newsletter

If you choose to use a personalised service, e.g. if you sign up to receive the newsletter or use contact forms, any first and last names, postal addresses and e-mail addresses provided to receive this service are stored. The information requested will depend on the service you use. This data is used for the sole purpose of performing the requested service. If you no longer wish to use a personalised service, your personal data will be deleted once you unsubscribe from the service, either via e-mail or by clicking on a link.

The legal basis for the processing is Article 6 Paragraph 1 Letter a) GDPR.

Contact form

Our website contains a contact form, which can be used to get in touch with us electronically. Should a user make use of this option, the data provided in the input screen is transferred to us and stored. These are generally your e-mail address, first name and lastname. The data is only used to process the conversation.

The legal basis for the processing of the data when using the contact form is Article 6 Paragraph 1 Letter a) GDPR, should the consent of the user be present. The processing of the personal data from the input screen serves the sole purpose of allowing us to process the contact which has been initiated. The data is deleted once it is no longer required for the purpose for which it was collected. This is the case when the conversation with the user has come to an end or when the query of the user has been finally processed. The conversation is at an end when it can be determined from the circumstances that the matter concerned has been fully dealt with. The user has the option at any time of withdrawing his or her consent to the processing of the personal data in relation to the listed contact persons.

The legal basis for the processing is Article 6 Paragraph 1 Letter f) GDPR.

Registration

We provide users on our website with the option of registering by providing personal data via an input screen. We generally obtain your e-mail address, first name and surname. We inform you during the registration process how this data will be processed and obtain your consent.

The legal basis for the processing of the data is Article 6 Paragraph 1 Letter a) GDPR, should the consent of the user be present. Should the purpose of the registration be the fulfilment of a contract where the contracting party is the user or the implementation of pre-contractual measures taken at the request of the user, the additional legal basis for the processing of the data is Article 6 Paragraph 1 Letter b) GDPR. Registration by the user is necessary in order to receive certain content and services on our website and in order to fulfil a contract with the user or to implement pre-contractual measures. The data is deleted once it is no longer required for the purpose for which it was collected. This is the case for the data which is collected during the registration process, should the registration on our website be withdrawn or altered. For the registration process in order to fulfil a contract or implement pre-contractual measures, this is the case when the data is no longer required to perform the contract. Once a contract has been entered into, it may be necessary to store personal data of the contracting partner in order to comply with contractual or statutory obligations.

As a user, you have the option of cancelling the registration at any time. The personal data stored in relation to you can be altered by you at any time. The procedure is explained in more detail during the registration process. Should the data be necessary in order to fulfil a contract or implement pre-contractual measures, it is only possible to delete the data prematurely if contractual or statutory obligations do not prevent the deletion.

Right of the data subject

As a data subject whose personal data is collected in connection with the services referred to above, you have by default the following rights, unless statutory exemptions apply in individual cases:

  • Access (Article 15 GDPR)
  • Rectification (Article 16 GDPR)
  • Erasure (Article 17 Paragraph 1 GDPR)
  • Restriction of processing (Article 18 GDPR)
  • Data portability (Article 20 GDPR)
  • Objection to processing (Article 21 GDPR)
  • Withdrawal of consent (Article 7 Paragraph 3 GDPR)
  • Right to lodge a complaint with the supervisory authority (Article 77 GDPR) For the DFG, this is the state officer for data protection and freedom of information of North Rhine-Westphalia, Kavalleriestr. 2-4, 40213 Düsseldorf, Germany

© 2010-2018 by DFG
Printable version of a page from the website of the DFG (German Research Foundation)