Data Protection Information
Only the German version is authoritative
The Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG) takes the protection of
your personal data very seriously. We process personal data gathered when visiting our websites in
compliance with applicable data protection legislation. We neither publish your data nor transmit
them to third parties on an unauthorized basis. In the following section, we explain which data we
record when you visit the IPP Pinboard, and exactly how they are utilized:
A. General information
1. Scope of data processing
As a matter of principle, we gather and utilize users' personal data only to the extent required to
ensure the functioning of our website and of our contents and services. The gathering and utilization
of our users' personal data normally occurs after users have granted their consent. An exception
occurs where data processing is legally permitted.
2. Legal basis of data processing
To the extent that permission of the affected individual is obtained for the processing of personal
data, Article 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
In the processing of personal data to fulfil a contract whose contractual party is the individual
affected, Article 6 (1) lit. b GDPR serves as the legal basis. This also applies to processing required to
implement pre-contractual measures.
If processing is required to safeguard the justified interest of the MPG or a third party and the
interests, basic rights and basic freedoms of the affected individual do not outweigh the first-
mentioned interest, Article 6 (1) lit. f GDPR serves as the basis for such processing.
3. Data deletion and storage duration
The affected individual's personal data are deleted or blocked as soon as the purpose of the storage
ceases to apply. Storage can also occur if provided for by European or national legislators in EU
regulations, acts or other legislation to which the MPG is subject. A blocking or deletion of data then
occurs only if a storage period prescribed by one of the aforementioned norms expires, unless a
necessity exists in relation to the further storage of the data for the arrangement of a contract or the
fulfilment of a contract.
4. Contact details of the individuals responsible
The entity responsible in the meaning of the General Data Protection Regulation and other national
data protection acts as well as other data protection legislation is the
Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
Hofgartenstraße 8
D-80539 München
Germany
Telephone: +49 (89) 2108-0
Contact form: https://www.mpg.de/kontakt/anfragen
Internet: https://www.mpg.de
5. Data Protection Manager's contact details
The Data Protection Manager at the entity responsible is
Datenschutzbeauftragte der MPG
Hofgartenstraße 8
D-80539 München
Germany
Telefon: +49 (89) 2108-0
datenschutz@mpg.de
B. Provision of the website and creation of log files
Each time you visit our website, our service and applications automatically record data and
information from the computer system of the visiting computer.
The following data are gathered temporarily:
- Your IP address
- Date and time of your access to the website
- Address of the page visited
- Address of the previously visited website (referrer)
- Name and version of your browser/operating system (if transmitted)
If the server prompts you for authentication, your ID that you use to log in to the server will also be collected and temporarily stored. This is especially true if you are visiting pages of the ASDEX Upgrade Intranet from outside the ASDEX Upgrade Network, or if you are using personalized services on the ASDEX Upgrade Intranet. Your identifier is usually your userid at the Max Planck Computing & Data Facility (MPCDF). If you do not have a userid on the MPCDF, but you have registered to use the ASDEX Upgrade Intranet (see Section F), then the ID used to log in to the ASDEX Upgrade Intranet will be your email address specified during registration.
These data are stored in our systems' log files. These data are not stored together with the user's
other personal data.
The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs
in log files in order to ensure the website's functionality. The data also help us optimize the websites,
eliminate malfunctions and ensure our IT system security. Our justified interest in data processing
pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.
The data are deleted as soon as they are no longer required to achieve the purpose for which they
were gathered. If data are gathered for the provision of the website, this is the case if the respective
visit is ended. In the instance that data are stored in log files, this is the case after seven days at the
latest. Storage above and beyond this period is possible. In this case, the users' IP addresses are
deleted or removed so they can no longer be allocated to the visiting client.
The recording of data for the provision of the website and the storage of data in log files is essential
to operate the website. As a consequence, users do not have an option to revoke such data
recording.
C. Utilization of cookies
Our website utilizes cookies. Cookies are text files stored in the Internet browser or by the Internet
browser on the user's computer system. If a user visits a website, a cookie can be stored on the
user's operating system.
If you need to authentify to visit our webpages (see section B), then a cookie (named "session")
is generated on your first visit. This cookie stores your userid, your name and your IP address, and will be cleared at latest when you close your brower.
We deploy further cookies to make our website more user-friendly.
Our cookies transmit your choices regarding the layout of some web pages. They are not stored in our systems.
All cookies are deleted when the session is closed.
The legal basis for personal data processing while utilizing cookies is Article 6 (1) lit. f GDPR. The
purpose of utilizing technically necessary cookies is to simplify the utilization of websites for users.
Cookies are stored on the user's computer, which transmits them to our site. For this reason, you, as
the user, also have full control over the utilization of cookies. You can deactivate or restrict the
transmission of cookies through changing your Internet browser settings. Cookies that have already
been saved can be deleted at any time. This can also occur automatically. If cookies for our website
are deactivated, you may find not all of the website's functions can continue to be utilized in full.
D ASDEX Upgrade Information
The purpose of the ASDEX Upgrade Intranet is to provide and maintain information which is necessary and/or helpful to build and operate ASDEX Upgrade, to plan, conduct and evaluate experiments on ASDEX Upgrade, and/or to engage ASDEX Upgrade employees in other fusion research projects.
Our justified interest in data processing
pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.
The information in the ASDEX Upgrade Intranet is usually only accessible to a limited group of users. When you retrieve information from the ASDEX Upgrade Intranet, your authentication and authorization will either be based on the source of your query based on your IP address, or your ID (see Section B).
When you enter new information into the ASDEX Upgrade Intranet, your authorship of this information is stored on the ASDEX Upgrade Intranet.
For this we store the following data:
Contact Data
The following contact details are extracted
based on your ID, with which you log on to the ASDEX Upgrade Intranet,
from various databases of the Max Planck Institute
for Plasma Physics (IPP) and the Max Planck Computing & Data Facility (MPCDF) ,
and possibly stored in the ASDEX Upgrade intranet:
- Name (last name, first names)
- your email address and aliases at IPP
- possibly the organizational unit at IPP (division, project)
- possibly your phone and room number within IPP
Contents and Usage Data
Your authorship of any information you submit through the ASDEX Upgrade Intranet web pages
or other suitable interfaces will be transferred to us and stored in the ASDEX Upgrade Intranet,
along with the relevant information.
The personal data of this information will be deleted, blocked or anonymized at the latest when the purpose of storage ceases to apply.
A premature deletion or anonymization is possible on request,
unless a necessity exists in relation to the further storage of the data for the arrangement of a contract or the fulfilment of a contract.
If you have provided additional personal data (eg your job profile at the IPP or your photo)
in special sections of the ASDEX Upgrade Intranet,
this data can be stored and published on the ASDEX Upgrade Intranet with your consent.
In this case, Article 6 (1) lit. a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
This personal information will be deleted at the latest when you leave the IPP or when you revoke your consent.
If you are a visitor from outside the IPP Garching and are involved in setting up and operating ASDEX Upgrade, or planning, performing, or evaluating experiments on ASDEX Upgrade,
we will also store your contact information at your home organization,
your visit dates (also scheduled),
the purpose of your visit and the local contact person.
It also recorded which safety instructions you have attended.
These personal data will be deleted, blocked or anonymised at the latest if the purpose of the storage ceases to apply..
E. Registration
On our websites, we offer users the option to register, entailing the entry of personal data in a data
entry form. We generally gather your email address, family name and first name,
your home research unit, and the reason why you need to access the ASDEX Upgrade intranet.
We inform you
about the specific processing of the data and we obtain your consent as part of the registration
procedure. Reference is also made to this data protection statement.
The legal basis for the processing of data is the user's consent pursuant to Article 6 (1) lit. a GDPR. If
registration serves to fulfil a contract whose contractual party is the user or to implement pre-
contractual measures, the additional legal basis for the processing of data is Article 6 (1) lit. b GDPR.
Registering the user is necessary to provide certain contents and services on our website or to fulfil a
contract with the user or to implement pre-contractual measures. The data are deleted as soon as
they are no longer required to achieve the purpose for which they were gathered. This is the case for
data gathered during the registration process if registration is cancelled or modified on our websites.
For the registration process to fulfil a contract or to implement pre-contractual measures, this is the
case if the data are no longer required to fulfil the contract. After the contract ends, it may be
necessary to continue to store the contractual partner's personal data in order to fulfil contractual or
statutory obligations.
As a user, you can cancel the registration at any time. You can have the data saved in connection
with yourself modified at any time. The procedure is described in more detail in the specific
registration procedure. If the data are required to fulfil a contract or to implement pre-contractual
measures, early deletion of the data is possible only to the extent that no contractual or statutory
obligations prevent such deletion.
F. Data Transmission
All users who are registered at the ASDEX Upgrade intranet can read your personal data
via the web interface
of the IPP pinboard, together with the correspoding subnmitted information.
Your personal data will only be conveyed to state institutions and authorities in legally essential cases
or for criminal prosecution based on attacks on our network infrastructure.
The data are not
transmitted to third parties for other purposes.
G. Rights of individuals affected
As an individual whose personal data are gathered as part of the aforementioned services, you have,
in principle, the following rights, to the extent that no legal exceptions are applicable in individual
cases:
- Information (Article 15 GDPR)
(You may also see en informal list of all you data stored in the ASDEX Upgrade intranet at
https://www.aug.ipp.mpg.de/meine_daten)
- Correction (Article 16 GDPR)
- Deletion (Article 17 (1) GDPR)
- Restriction of processing (Article 18 GDPR)
- Data transmission (Article 20 GDPR)
- Revocation of processing (Article 21 GDPR)
- Revocation of consent (Article 7 (3) GDPR)
- Right to complain to the regulator (Article 77 GDPR). For the MPG, this is the Bavarian Data
Protection Authority (BayLDA), Postbox 606, 91511 Ansbach.