Max-Planck-Institut f\374r Plasmaphysik
 
 

Data Protection Information

Only the German version is authoritative

The Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG) takes the protection of your personal data very seriously. We process personal data gathered when visiting our websites in compliance with applicable data protection legislation. We neither publish your data nor transmit them to third parties on an unauthorized basis. In the following section, we explain which data we record when you visit the IPP Pinboard, and exactly how they are utilized:

A. General information

1. Scope of data processing

As a matter of principle, we gather and utilize users' personal data only to the extent required to ensure the functioning of our website and of our contents and services. The gathering and utilization of our users' personal data normally occurs after users have granted their consent. An exception occurs where data processing is legally permitted.

2. Legal basis of data processing

To the extent that permission of the affected individual is obtained for the processing of personal data, Article 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

In the processing of personal data to fulfil a contract whose contractual party is the individual affected, Article 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing required to implement pre-contractual measures.

If processing is required to safeguard the justified interest of the MPG or a third party and the interests, basic rights and basic freedoms of the affected individual do not outweigh the first- mentioned interest, Article 6 (1) lit. f GDPR serves as the basis for such processing.

3. Data deletion and storage duration

The affected individual's personal data are deleted or blocked as soon as the purpose of the storage ceases to apply. Storage can also occur if provided for by European or national legislators in EU regulations, acts or other legislation to which the MPG is subject. A blocking or deletion of data then occurs only if a storage period prescribed by one of the aforementioned norms expires, unless a necessity exists in relation to the further storage of the data for the arrangement of a contract or the fulfilment of a contract.

4. Contact details of the individuals responsible

The entity responsible in the meaning of the General Data Protection Regulation and other national data protection acts as well as other data protection legislation is the

Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
Hofgartenstraße 8
D-80539 München
Germany
Telephone: +49 (89) 2108-0
Contact form: https://www.mpg.de/kontakt/anfragen
Internet: https://www.mpg.de

5. Data Protection Manager's contact details

The Data Protection Manager at the entity responsible is

Heidi Schuster
Hofgartenstraße 8
D-80539 München
Germany
Telefon: +49 (89) 2108-1554
datenschutz@mpg.de

B. Provision of the website and creation of log files

Each time you visit our website, our service and applications automatically record data and information from the computer system of the visiting computer.

The following data are gathered temporarily:

If the server prompts you for authentication, your ID that you use to log in to the server will also be collected and temporarily stored. This is especially true if you are visiting pages of the ASDEX Upgrade Intranet from outside the ASDEX Upgrade Network, or if you are using personalized services on the ASDEX Upgrade Intranet. Your identifier is usually your userid at the Max Planck Computing & Data Facility (MPCDF). If you do not have a userid on the MPCDF, but you have registered to use the ASDEX Upgrade Intranet (see Section F), then the ID used to log in to the ASDEX Upgrade Intranet will be your email address specified during registration.

These data are stored in our systems' log files. These data are not stored together with the user's other personal data.

The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs in log files in order to ensure the website's functionality. The data also help us optimize the websites, eliminate malfunctions and ensure our IT system security. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.

The data are deleted as soon as they are no longer required to achieve the purpose for which they were gathered. If data are gathered for the provision of the website, this is the case if the respective visit is ended. In the instance that data are stored in log files, this is the case after seven days at the latest. Storage above and beyond this period is possible. In this case, the users' IP addresses are deleted or removed so they can no longer be allocated to the visiting client.

The recording of data for the provision of the website and the storage of data in log files is essential to operate the website. As a consequence, users do not have an option to revoke such data recording.

C. Utilization of cookies

Our website utilizes cookies. Cookies are text files stored in the Internet browser or by the Internet browser on the user's computer system. If a user visits a website, a cookie can be stored on the user's operating system.

If you need to authentify to visit our webpages (see section B), then a cookie (named "session") is generated on your first visit. This cookie stores your userid, your name and your IP address, and will be cleared at latest when you close your brower.

We deploy further cookies to make our website more user-friendly. Our cookies transmit your choices regarding the layout of some web pages. They are not stored in our systems.

All cookies are deleted when the session is closed. The legal basis for personal data processing while utilizing cookies is Article 6 (1) lit. f GDPR. The purpose of utilizing technically necessary cookies is to simplify the utilization of websites for users.

Cookies are stored on the user's computer, which transmits them to our site. For this reason, you, as the user, also have full control over the utilization of cookies. You can deactivate or restrict the transmission of cookies through changing your Internet browser settings. Cookies that have already been saved can be deleted at any time. This can also occur automatically. If cookies for our website are deactivated, you may find not all of the website's functions can continue to be utilized in full.

D ASDEX Upgrade Information

The purpose of the ASDEX Upgrade Intranet is to provide and maintain information which is necessary and/or helpful to build and operate ASDEX Upgrade, to plan, conduct and evaluate experiments on ASDEX Upgrade, and/or to engage ASDEX Upgrade employees in other fusion research projects. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.

The information in the ASDEX Upgrade Intranet is usually only accessible to a limited group of users. When you retrieve information from the ASDEX Upgrade Intranet, your authentication and authorization will either be based on the source of your query based on your IP address, or your ID (see Section B).

When you enter new information into the ASDEX Upgrade Intranet, your authorship of this information is stored on the ASDEX Upgrade Intranet.

For this we store the following data:

Contact Data

The following contact details are extracted based on your ID, with which you log on to the ASDEX Upgrade Intranet, from various databases of the Max Planck Institute for Plasma Physics (IPP) and the Max Planck Computing & Data Facility (MPCDF) , and possibly stored in the ASDEX Upgrade intranet:

Contents and Usage Data

Your authorship of any information you submit through the ASDEX Upgrade Intranet web pages or other suitable interfaces will be transferred to us and stored in the ASDEX Upgrade Intranet, along with the relevant information. The personal data of this information will be deleted, blocked or anonymized at the latest when the purpose of storage ceases to apply. A premature deletion or anonymization is possible on request, unless a necessity exists in relation to the further storage of the data for the arrangement of a contract or the fulfilment of a contract.

If you have provided additional personal data (eg your job profile at the IPP or your photo) in special sections of the ASDEX Upgrade Intranet, this data can be stored and published on the ASDEX Upgrade Intranet with your consent. In this case, Article 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis. This personal information will be deleted at the latest when you leave the IPP or when you revoke your consent.

If you are a visitor from outside the IPP Garching and are involved in setting up and operating ASDEX Upgrade, or planning, performing, or evaluating experiments on ASDEX Upgrade, we will also store your contact information at your home organization, your visit dates (also scheduled), the purpose of your visit and the local contact person. It also recorded which safety instructions you have attended. These personal data will be deleted, blocked or anonymised at the latest if the purpose of the storage ceases to apply..

E. Registration

On our websites, we offer users the option to register, entailing the entry of personal data in a data entry form. We generally gather your email address, family name and first name, your home research unit, and the reason why you need to access the ASDEX Upgrade intranet.

We inform you about the specific processing of the data and we obtain your consent as part of the registration procedure. Reference is also made to this data protection statement.

The legal basis for the processing of data is the user's consent pursuant to Article 6 (1) lit. a GDPR. If registration serves to fulfil a contract whose contractual party is the user or to implement pre- contractual measures, the additional legal basis for the processing of data is Article 6 (1) lit. b GDPR. Registering the user is necessary to provide certain contents and services on our website or to fulfil a contract with the user or to implement pre-contractual measures. The data are deleted as soon as they are no longer required to achieve the purpose for which they were gathered. This is the case for data gathered during the registration process if registration is cancelled or modified on our websites. For the registration process to fulfil a contract or to implement pre-contractual measures, this is the case if the data are no longer required to fulfil the contract. After the contract ends, it may be necessary to continue to store the contractual partner's personal data in order to fulfil contractual or statutory obligations.

As a user, you can cancel the registration at any time. You can have the data saved in connection with yourself modified at any time. The procedure is described in more detail in the specific registration procedure. If the data are required to fulfil a contract or to implement pre-contractual measures, early deletion of the data is possible only to the extent that no contractual or statutory obligations prevent such deletion.

F. Data Transmission

All users who are registered at the ASDEX Upgrade intranet can read your personal data via the web interface of the IPP pinboard, together with the correspoding subnmitted information.

Your personal data will only be conveyed to state institutions and authorities in legally essential cases or for criminal prosecution based on attacks on our network infrastructure.

The data are not transmitted to third parties for other purposes.

G. Rights of individuals affected

As an individual whose personal data are gathered as part of the aforementioned services, you have, in principle, the following rights, to the extent that no legal exceptions are applicable in individual cases: