Fraunhofer Institute for Systems and Innovation Research ISI
Fraunhofer Institute for Systems and Innovation Research ISI

Data Protection Policy

When you use this website, your personal data will be processed by us as the data controller and stored for as long as is necessary to fulfill the purposes specified and statutory requirements. This document provides further details about which data this involves, how they are processed and your rights in this regard.

Personal data, as defined by Article 4(1) General Data Protection Regulation (GDPR), include any information relating to an identified or identifiable natural person.

 

1. Scope

This data protection policy applies to the data processing on our website isi.fraunhofer.de by the following controller:

 

2. Name and Contact Data of the Data Controller and Corporate Data Protection Officer

 

Fraunhofer-Gesellschaft
zur Förderung der angewandten Forschung e. V.

Hansastrasse 27c
80686 München
Germany

on behalf of the

Fraunhofer Institute for Systems and Innovation Research ISI
Breslauer Straße 48
76139 Karlsruhe
Germany

(hereafter referred to as Fraunhofer ISI)

Email: datenschutz@isi.fraunhofer.de

Telephone number: +49 721 6809-0

Fax: +49 721 689152

 

The data protection officer of the Fraunhofer-Gesellschaft can be reached at the above address in München, c/o Data Protection Officer or at datenschutz@zv.fraunhofer.de.

Please feel free to contact the data protection officer directly at any time if you have questions concerning data protection law or your rights as a data subject.

 

3. Personal Data Processing and Purposes of Data Processing

 

What happens when you visit our website

You can access our website without having to disclose any details of your identity. The browser used on your device automatically sends information to our website’s server (e.g., browser type and version, date and time of access) to enable a connection to the website. This also includes the IP address of the device used to request access. This information is stored temporarily in a so-called log file and will be deleted automatically after 4 days.

We cannot draw any direct conclusions about your identity from processing the IP address and other information in the log file.

We also use tracking pixels, cookies and analytics when you visit our website. Please refer to this data protection policy for more details (below).

 

When registering for events

We regularly provide information about events of different kinds on our website, for which you can register online. Personal data such as your name, address and email address may be collected and processed depending on the purpose.

Any mandatory data are marked as such (e.g., with *). Additional voluntary data may often be provided.

Mandatory data are processed to identify interested persons as participants of the event, to conclude the participation agreement, and to provide participants with information about the event before, during, and after the event. Providing voluntary data enables us to plan and hold the event in line with participants’ interests and age criteria.

Data processing is done at the request of the interested participants and is necessary pursuant to Article 6(1) (b) GDPR to fulfill the participation contract and pre-contractual steps.

When registering for an event using our online forms, we collaborate with the provider Mailingwork GmbH, Birkenweg 7, 09569 Oederan (“Mailingwork”). The purpose of working with this provider is to manage online registrations professionally. The data entered are stored on the Mailingwork servers in Germany.

We have an order processing agreement with Mailingwork. In this agreement, Mailingwork assures that it will process the data on our account in accordance with the General Data Protection Regulation and guarantee the protection of the rights of the data subjects.

In addition, it may be necessary to transfer your personal data to an external organizer as part of fulfilling a contract. When registering for an event, you will be informed who the organizer is and whether this is an external body. The organizer will then process personal data in the context of the event and in particular for participant management.

 

When subscribing to a newsletter or other email distribution list

Provided you have expressly consented in accordance with Article 6(1) (a) GDPR, we will use your email to regularly send you selected information about the work at our institute and/or other Fraunhofer institutions and/or Fraunhofer events. The topics and content of the selected information are determined by the mailing list to which you have subscribed.

After subscribing, you will receive a subscription notification by email, which you need to confirm to receive the newsletter (a so-called double opt-in). Your response to this email serves as proof that you are in fact the person who initiated the subscription.

You can unsubscribe at any time, e.g., using the link at the end of each newsletter or press release or information about an event. Alternatively, you can send us an email saying you wish to unsubscribe to presse@isi.fraunhofer.de, or unsubscribe using the following link: https://www.isi.fraunhofer.de/en/presse/verteiler/abmeldung-dsi.html.

Your email address will be deleted immediately after you withdraw your consent to be sent the newsletter.

We send our newsletter using the provider Mailingwork GmbH, Birkenweg 7, 09569 Oederan (“Mailingwork”). The email addresses of our newsletter recipients are stored on our behalf on the Mailingwork servers in Germany.

Mailingwork uses this information to send and analyze the newsletter on our behalf. For this purpose, we have an order processing agreement with Mailingwork. In this agreement, Mailingwork assures that it will process data in compliance with the General Data Protection Regulation and guarantee the protection of the rights of the data subjects.

Mailingwork states that personal data are fully protected against unauthorized access. Mailingwork does not use the data provided by our newsletter recipients to contact them itself and does not disclose subscriber data to third parties. Mailingwork is a reputable service provider and is certified by the Certified Senders Alliance.

 

4. Data Disclosure

In cases where personal data collected via our website are disclosed to data processors by us, you will be informed of this — along with the name of the specific recipient — under the details of the relevant data processing operation in this data protection policy.

Other than that, we will disclose your personal data only if:

  • you have given your express consent pursuant to the Article 6(1) (a) GDPR;
  • it is necessary for the fulfillment of a contract with you in accordance with Article 6(1) (b) GDPR (for example forwarding data to shipping companies for the purpose of delivering the goods you have ordered or forwarding payment data to payment service providers or credit institutions in order to carry out a payment transaction);
  • There is a legal obligation of disclosure pursuant to Article 6(1) (c) GDPR.

Recipients are permitted to use the disclosed data solely for the specified purposes.

 

5. External Content

 

General information

We occasionally use external services on our website to display additional media content (such as diagrams or interactive maps). Our website uses iFrames or scripts to display such external content.

If you access a page that can display such content, initially, no connection is made to the respective service provider. The content is only loaded after you have expressly requested it. For external content to be displayed, you have to click a button to give your consent for connection to the servers of the respective provider and for data to be transmitted. When loading external content, data such as your IP address may be transmitted to the respective provider. Please refer to the data privacy policy of the external provider.

We do not store any information about your declaration of consent. If you load the page again, you can decide again whether to activate the external content. You can object to the embedding at any time by reloading the page.

Embedding external content is done based on Article 6(1) (f) GDPR. We do this to make our website more attractive and interesting.

 

Datawrapper

We occasionally embed maps or diagrams created using the Datawrapper visualization tool. Datawrapper GbmH is a company based in Germany (Raumerstrasse 39, 10437 Berlin), which creates interactive diagrams to present data in a visually appealing way.

Displaying external content is subject to your active consent to connect to Datawrapper’s servers (www.datawrapper.de) and for data to be transmitted. More information can be found in Datawrapper’s privacy policy: https://www.datawrapper.de/privacy

 

OpenStreetMap

Our website integrates maps from OpenStreetMap. OpenStreetMap is a project of the OpenStreetMap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands B72 1JU, Great Britain, which collects freely accessible geodata and provides them in a database for free use.

For external maps to be displayed, a connection must be made to the servers of the OpenStreetMap Foundation (www.openstreetmap.org) and data must be transmitted. More information about this can be found in OpenStreetMap Foundation’s privacy policy: https://osmfoundation.org/wiki/Privacy_Policy

When connecting to view a map, the following data are transmitted to the servers of OpenStreetMap:

  • IP address      
  • browser and device used
  • operating system:
  • web page from which you were redirected to the OpenStreetMap Foundation site (referring web page) and date and time of your visit to the website.

If you have a user account at OpenStreetMap and are logged in while visiting our website, the following additional data are transmitted to OpenStreetMap’s servers:

  • user ID
  • email address linked to your account, blocks received by the user and associated messages.

If you do not want your data to be transmitted, log out of your OpenStreetMap account before viewing the map. 

 

6. Web Analysis/Tracking

 

LeadLab (Wiredminds GmbH)

We use the LeadLab service of Wiredminds GmbH and its tracking pixel technology on our website to analyze user behavior and optimize our site based on this. This service allows us to see which companies have visited our site. We do not receive any information that can identify you directly.

In connection with the use of LeadLab, cookies and tracking pixels are used to enable statistical analysis of this website’s use based on your visits. Wiredminds uses a pseudonym to process the data and anonymizes these as far as possible in a user profile for the purpose of analysis.

Without your specific permission, we neither use the data obtained in this way to identify you personally nor do we combine the data with personal data pertaining to the pseudonym associated with you.

If IP addresses are collected, these are anonymized immediately after collection by deleting the last number block.

More information about data protection at Wiredminds can be found on the company’s website https://www.wiredminds.de/datenschutz/.

Data processing is done based on our legitimate interest pursuant to Article 6(1) (f) GDPR for the purpose of optimizing our online services and our website. Wiredminds processes the data on our behalf based on an order processing agreement between us and Wiredminds. This ensures that the data processing done on our behalf complies with the General Data Protection Regulation and guarantees the protection of the rights of data subjects.

 

7. Social Media Plug-ins

We use so-called social media buttons (also called social media plug-ins) on our website. These are small icons enabling you to publish content from our website in your profile on social networks.

If you activate such a button, a connection is established between our website and the social network. In addition to the content in question, the social network operator also obtains additional information, some of it personal. For instance, the information that you are currently visiting our website

The so-called Shariff solution is used to integrate social media buttons. This solution prevents a connection from being established to a social network simply because you have accessed a page featuring a social media button, without having activated this. This means that information is transmitted to the social network only when you actively press the button.

We use the following social media plug-ins:

 

Facebook Ireland Limited: Sharing on Facebook

In part, information is transmitted to the parent company Meta Platforms Inc. in the USA, to other Meta companies and external partners of Meta, each of which may be located outside the European Union. Facebook uses standard contractual clauses approved by the European Commission and relies on the European Commission's adequacy decisions about certain countries.

For the purpose and scope of data collection, further processing and use of data by Facebook and for your rights and configuration options to protect your privacy, please refer to Facebook’s data privacy notice at https://www.facebook.com/about/privacy/.

 

X/Twitter International Company: Sharing on X/Twitter

In part, information is transmitted to the parent company Twitter Inc. in the USA, to other Twitter companies and to Twitter’s external partners, each of which may be located outside the European Union. Twitter uses standard contractual clauses approved by the European Commission and relies on your consent.

Further information on data protection at Twitter can be found here: https://x.com/de/privacy

 

NEW WORK SE (formerly XING SE): Sharing on XING

In part, information is transmitted to other NEW WORK companies and external partners of NEW WORK, each of which may be located outside the European Union. NEW WORK uses standard contractual clauses approved by the European Commission or other appropriate safeguards pursuant to Article 46 GDPR and relies on the European Commission's adequacy decisions about certain countries as well as your consent

For the purpose and scope of the data collection, further processing and use of the data by NEW WORK and your rights and configuration options to protect your privacy, please refer to XING’s data privacy notice at https://www.xing.com/privacy.

 

LinkedIn Corporation: Sharing on LinkedIn

In part, information is transmitted to the parent company LinkedIn Corporation in the USA, to other LinkedIn companies and to LinkedIn’s external partners, each of which may be located outside the European Union. LinkedIn uses standard contractual clauses approved by the European Commission.

More information about data protection can be found in their privacy policy guidelines at https://www.linkedin.com/legal/privacy-policy.

 

8. YouTube

We embed components (videos) of the video hosting service “YouTube” of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”) on our websites. The implementation is based on Article 6(1) (f) GDPR; our legitimate interest in this case is the smooth integration of the videos and the attractive design of our website.

In part, information is transmitted to the parent company Google Inc. located in the USA, to other Google companies and external partners of Google, each of which may be located outside the European Union. Google uses standard contractual clauses approved by the European Commission and relies on the European Commission's adequacy decisions about certain countries.

More information on data protection in connection with YouTube can be found in the privacy policy of Google https://policies.google.com/privacy/.

 

9. Rights of the Data Subject

You have the right:

  • pursuant to Article 7(3) GDPR, to withdraw the consent given to us at any time. This means that we may not continue to process the data based on this consent in the future;
  • pursuant to Article 15 GDPR, to obtain information about personal data processed by us. In particular, you may request information about the following: the purposes of the processing; the categories of personal data concerned; the categories of recipients to whom the personal data have been or will be disclosed; the envisaged period for which the personal data will be stored; the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing; the right to lodge a complaint with a supervisory authority; the source of your data if it was not collected by us; and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about the logic involved;
  • pursuant to Article 16 GDPR, to obtain the rectification of inaccurate personal data without undue delay or the completion of the personal data stored with us;
  • pursuant to Article 17 GDPR, to obtain the erasure of your personal data stored with us without undue delay unless processing is necessary to exercise the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or to establish, exercise or defend legal claims;
  • pursuant to Article 18 GDPR, to obtain the restriction of processing your personal data if you contest the accuracy of the data, the processing is unlawful and you oppose the erasure of the personal data and we no longer need the data but you require it to establish, exercise or defend legal claims or if you have objected to processing pursuant to Article 21 GDPR;
  • pursuant to Article 20 GDPR, to receive your personal data that you hav;e provided to us in a structured, commonly used and machine-readable format or to obtain the transmission to another data controller and
  • pursuant to Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your habitual residence or place of work or the registered offices of our organization for this purpose.

Information on your right to object pursuant to Article 21 GDPR

At any time, you have the right to object to the processing of your personal data pursuant to Article 6(1) (e) GDPR (data processing conducted in the public interest) and Article 6(1) (f) GDPR (data processing for the purposes of legitimate interests) on grounds relating to your particular situation. This also applies to profiling as described in the provisions of Article 4(4) GDPR.

If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or unless the processing serves the establishment, exercise or defense of legal claims.

If your objection relates to the processing of data for direct marketing purposes, we will immediately discontinue the processing. In this case, it is not necessary to cite a particular situation. This also applies to profiling, to the extent that it is related to such direct marketing.

If you wish to make use of your right to object, please send an email to datenschutzkoordination@zv.fraunhofer.de.

 

10. Data Security

All the data transmitted by you personally are transferred in encrypted format with the commonly used and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard that is also used for online banking, for example. You will recognize a secure TLS connection by the additional s after http (i.e., https://..) in the address bar of your browser, or by the lock icon in the lower part of your browser, among other things.

We also employ appropriate technical and organizational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are subject to continuous improvement in line with technological progress.

 

11. Up-to-Dateness and Changes to this Data Protection Policy

Changes to this data protection policy may prove necessary due to the further development of our website and associated services or changes in statutory or regulatory requirements. The currently valid data protection information can be accessed and printed at any time via our website https://www.isi.fraunhofer.de/en/data_protection.html.