The FeatureCloud consortium is committed to the principles of data protection and data minimization. The use of our website and our scientific activities involve the processing of personal data. In order to make these data processing operations transparent, we would like to inform you in this privacy policy how we process personal data and what rights you have in this regard. Should you have any further questions, please find our contact details below.
I. Who we are and how you can contact us if you have any questions:
concentris research management gmbH created and maintains this website as a member of the FeatureCloud consortium and is with regard to this website the controller according to the General Data Protection Regulation (GDPR).
concentris research management gmbh
Ludwigstr. 4
82256 Fürstenfeldbruck
Germany
contact[at]concentris.de
II. Our data processing – for what purpose and on what legal basis we process personal data
II.1 General:
We process personal data in compliance with the relevant data protection law, in particular the General Data Protection Regulation (GDPR, Regulation [EU] 2016/679) and the German Federal Data Protection Act (BDSG). Any processing by us will therefore only take place based on a legal basis (in particular in accordance with Article 6 paragraph 1 lit a to f GDPR), which will be stated below for the individual data processing operations. We do not carry out any automated decision making.
II.2 Operation of our website:
Every time you access our website (https://featurecloud.eu), your computer (terminal device) / web browser automatically transmits certain information to enable you to visit the website:
- IP address
- Date and time of the request
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the request (page/content to be retrieved)
- Access Status/HTTP(S) Status Code and request method (GET/POST)
- Browser and browser version
- Operating system and its user interface
This data is temporarily stored in the log files of our system. This data is not stored together with other personal data of the user.
Legal basis and purpose of data processing
The legal basis for the processing of data and their temporary storage in log files is Article 6 paragraph 1 lit f GDPR. Temporary storage of the listed data by the system is necessary to enable delivery of the website to the user’s computer. The storage in log files is done to ensure the functionality of the website. In addition, the data serves us to optimise the website and to ensure the security of our information technology systems, in particular to guarantee the integrity, confidentiality and availability of the data processed via our website. From these purposes follows our legitimate interest in data processing in accordance with Article 6 paragraph 1 lit f GDPR.
Duration of storage
The data will be deleted as soon as they are no longer necessary for the purpose of their collection. This is the case when collecting data for the purpose of providing the website when the respective session is ended. For the data stored in log files, this is the case after 30 days at the latest, unless further processing is necessary to clarify a (suspected) attack.
Personal data, which is collected during the operation of the website, will only be transmitted by us to third parties (in particular to expert persons and security authorities) in the event of a (suspected) data security incident or a criminal act (e.g. an attack) for the purposes of clarification, prosecution or the exercise of legal claims.
Third-party websites
Our website contains in part hyperlinks to and elements from third-party websites. If you follow a hyperlink to one of these websites or activate elements from third-party websites (e.g. Twitter), please note that we cannot assume any responsibility or guarantee for third-party content or data protection conditions.
II.3 Use of cookies
Our website uses cookies. Cookies are text files that are stored in the web browser or by the web browser on the user’s computer system. If a user accesses a website, a cookie can be stored on the user’s computer system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is accessed again.
Cookie “PHPSESSID”
This cookie is automatically created once someone opens the website and cleared once they close the browser. PHPSESSID is an auto generated session cookie by the server which contains a random long number which is given out by the server itself. In the session cookie, only the above-mentioned data about your use of the website is temporarily stored. These store a so-called “session ID”, which can be used to assign various requests from your browser to a common session. The session cookies used are technically necessary and are deleted when you close your browser. These cookies are not used for “tracking” or to establish a personal reference.
Complianz-Cookies
Cookie “cmplz_stats”
Cookie “cmplz_all”
Cookie “complianz_consent_status”
Cookie “complianz_policy_id”
Cookie “cmplz_marketing”
Cookie “complianz_config” (Administrator cookie, will be ignored)
The Complianz cookies keep track if someone accepted the Privacy policy and the level of their consent. They are kept for 365 days, after this the user has to accept it again.
Cookie “wfwaf-authcookie-*”
Retention: 12 hours
Determins if the user is logged in.
WordFence plugin
Cookie “wfvt_*”
Retention: 30 minutes
The purpose of the WordFence plugin and of this cookie is the protection of our website from attacks.
Cookie “wordpress_*”
Retention: 1 day
WordPress specific cookie, stored only for logged in users (i.e. only users from the FeatureCloud consortium) to remember when someone is logged in.
Captcha Them All
Cookies “mc_session_ids”
Retention: 15 minutes
These are stored for the contact form to reduce spam emails.
In addition to the cookies absolutely necessary of the functioning of the website, with your consent we set the following cookies:
Matomo plugin
Cookie: “_pk_ref*”
Retention: 6 months
These are statistical cookies used for anonymous visitor tracking. We may collect non-person-identifying, anonymous information relating to your use of our sites via Matomo technology. This may include: which pages are visited how often; how long visitors stay; the number of returning page visitors; and which country visitors are browsing from, but no personal information at all. This data is collected for the purpose of monitoring and understanding the effectiveness of our websites, and is in fact required by the European Commission during the impact-reportings (about dissemination activities of EU-funded research projects).
Twitter
Cookie “metrics_token”
Cookie “local_storage_support_test”
Cookie “display twitter feed”
All twitter cookes are only stored once people agree with displaying the twitter feed.
You can choose not to accept cookies by changing your browser settings or deleting existing cookies installed on your computer. Visit the “About Cookies website” for information on how to do this.
Legal basis and purpose for data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized even after a page change.
For this purpose, we have a legitimate interest in processing personal data in accordance with Article 6 paragraph 1 lit f GDPR.
The legal basis for the processing of personal data with regard to all other cookies is your consent in accordance with Article 6 paragraph 1 lit f GDPR.
Duration of storage, objection and removal possibility
Cookies are stored on the user’s computer and transmitted by the user to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, it is possible that not all functions of the website can be used to their full extent.
II.4 Twitter:
We use the short message service “Twitter” under the handle @Feature_Cloud and make use of the platform of Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103 USA. Responsibility for data processing (for persons living outside the USA) lies with: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2 D02 AX07, Ireland. Please note that you use this short message service and its functions (e.g. Retweet, Like) on your own responsibility and that we have no influence on the data processing by Twitter. For more information on processing by Twitter, please refer to the Twitter privacy policy: https://twitter.com/en/privacy.
The data you publish on Twitter, in particular your handle (user name) and the content accessible under your account, are processed by us to the extent that we retweet or reply to these (“tweets”) or write tweets from us referring to your account.
II.5 Establishing contact:
When contacting us (e.g. via contact form or e-mail), the information provided by the inquirer (name, contact data, other details) will be processed for documentation, processing and answering the enquiry. We offer a contact form on our website. We have marked the mandatory data required to answer an inquiry as mandatory fields. The provision of further data is voluntary.
The basis for this is our legitimate interest in the proper documentation, processing and answering of the enquiry (Article 6 paragraph 1 lit f GDPR).
The personal data provided is stored by us as long as it is necessary for the purpose of proper documentation, processing and answering the enquiry(up to 3 years), except for a longer storage period is required for the purpose of fulfilling a legal obligation or for the exercise or defence of legal claims.
II.6 To whom do we transmit personal data?
We will only transfer your personal data to the extent necessary and only in the following cases:
- with your consent;
- insofar as we are legally obliged to do so;
- to companies that support us in providing our website; these service providers act as processors, who may only process the data in accordance with our instructions (within the framework of an agreement according to Article 28 paragraph 3 GDPR);
- insofar as this is necessary to protect our legitimate interests (e.g. to assert, exercise or defend legal claims) or those of a third party and there is no reason to assume that you have an overriding interest which requires protection of personal data.
III. Rights of the data subject
Provided that the respective legal requirements are met, you can assert the following rights of data subjects:
- Right to information: You can request confirmation as to whether personal data concerning you is being processed and request information about this data and the information in accordance with Article 15 GDPR.
- Right of rectification if we process incorrect or incomplete data about you (Article 16 GDPR).
- Right to have personal data concerning you deleted if the conditions of Article 17 GDPR are met.
- Right to limit the processing of your data (Article 18 GDPR).
- The right to transfer the data you have provided to us, provided that the processing is based on consent (Article 6 paragraph 1 letter a) or on a contract (Article 6 paragraph 1 letter b) to which you are party and that the processing is carried out using automated procedures (Article 20 GDPR).
- In the case of processing operations carried out on the basis of legitimate interests (pursuant to Article 6 paragraph 1 lit f GDPR), you have the right to object to the processing of your personal data pursuant to Article 21 GDPR, provided that there are reasons for doing so arising from your particular situation. In the case of processing for the purpose of direct marketing, this right is unrestricted.
- You can revoke your consent to the processing of personal data at any time, please contact us (see our contact details). Revocation of the consent does not affect the lawfulness of the processing carried out based on the consent until revocation.
- Right of complaint: You have the right to complain to a supervisory authority responsible for you (in Bavaria (Germany): Bavarian State Office for Data Protection Supervision, https://www.lda.bayern.de/) if you believe that the processing of personal data relating to you has violated the GDPR or your rights as a data subject have been infringed. In cases in which you were not completely satisfied with our work, we request that you first contact us so that we can be given an opportunity to rectify any errors.
Changes to our privacy policy
We always keep our privacy policy up to date and therefore adapt it when necessary.
Status as of 30.09.2020