General Data Protection Policy for the Linser Lab Web Pages
1. Contact Information
The person responsible of the Linser LAB web pages within the meaning of the General Data Protection Regulation (DSGVO) and other national data protection laws or other provisions relating to data protection is Prof. Dr. Rasmus Linser. Contact information can be found here.
2. Applicability of the Data Protection Policy
This data protection policy applies to the processing of personal data in connection with this internet presence:
- Personal data means all information which relates to an identified or identifiable, natural person (Art. 4 item 1 DSGVO).
- Processing means any process executed with or without the aid of automated methods, or any such set of methods in connection with personal data (Art. 4 item 2 DSGVO).
Purpose and Legal basis for processing of personal data
On our web pages we offer services, and also information for the public about our activities. Personal data will only be processed on this web pages if it is necessary to provide a functioning internet page, to present the particular content, or to provide certain services or offers. The processing of personal data occurs either owing to a legal requirement or based on the user’s consent. When processing of personal data is based on a consent, then such processing shall occur based on Art. 6 DSGVO.
We use cookies, protocol data files and web analysis tools to check or maintain our web services and to ensure network and information security. Insofar and inasmuch as the purpose of the processing is not adversely impacted, we will anonymize or pseudomize your personal data.
Data Deletion and Retention Period
The personal data of users of the Linser LAB internet pages will be deleted or anonymised inasmuch as and provided the particular purpose of the retention has expired and there is no archiving requirement.
Data Security
In order to protect your data in a reasonable and comprehensive manner during the processing, and in particular to protect against its transmittal, where necessary and with reference to the prior art, we use appropriate encryption techniques and secure technical systems (e.g. SSL/TLS).
3. Specific Information on Data Processing on the Linser LAB Internet Pages
Every time you visit this web site, the system automatically collects data and information from the computer system of the accessing computer. In addition, we process your personal data to the extent you provide such data via the Linser LAB internet pages. In the processing of your personal data we take into account in particular the principles of data protection relating to necessity, purpose, data minimizing, legality, correctness and integrity.
Use of Javascript and Cookies
The information offers of the Linser LAB use JavaScript applications, primarily for navigational and presentational elements. No personal data is saved in this. The use of these functionalities can be turned off by making a setting in your browser program. By turning off this feature, the display of some elements may be adversely affected.
Sometimes cookies are placed merely due to a visit of the Linser LAB pages, for example, to identify user-sessions, and to configure the internet pages in a user-friendly manner. Cookies are text files that are stored by the Internet browser on the user's computer system. This files contain a unique character sequence that permits the browser to be specifically identified upon a subsequent visit to the internet page. You can deactivate or restrict the transmission of cookies by changing the configuration of your Internet browser. Cookies that have already been saved can be deleted at any time. However, several elements of our internet pages require that the calling internet browser can also be identified even after a page-change. If cookies are deactivated for the Linser LAB internet pages, it is possible that not all functions of the Linser LAB internet pages can still be accessed.
Protocols and Preparation of Logfiles
Due to occurring security-related events, e.g. attempted hacking attacks, relevant access data will be logged. The protocol data set contains:
- IP address of the inquiring computer
- Date and time of the inquiry
- Access method/function requested by the inquiring computer
- Access status of the web server (data file transmitted, data file not found, command not executed, etc.).
- Name of requested data file
- URL from which the file was requested/the desired function was initiated
- Information on browser type and operating system
- Internet pages from which the user's system accessed the Linser LAB web page
The saved data are used for purposes of identification and tracking of allowed access and of impermissible access attempts, for maintenance of the internet page functionality on the internet server, and - in anonymized form - for optimizing and analyzing of the internet offering (i.e. web statistics). Temporary saving of the IP address is also necessary in order to enable delivery of the Linser LAB internet page to your computer. For this purpose the user’s IP address must remain stored for the duration of the session. This data is not stored by the Linser LAB together with other personal data.
Use of an email address
In addition to the contact form, it is also possible to send an email to an Linser LAB email address provided for use of the particular internet page. If you send us an email, then your email address and the other data provided by you will only be used for correspondence with you, and will be saved only as long as necessary for this purpose, unless some other legal grounds will justify its continuing retention. Please note that the use of a non-encrypted email is fundamentally unsecure, that is, it may possibly be read, changed or captured by third parties along the transmission route.
4. Your Data Protection Rights as an Affected Person
As a part of the Linser LAB internet presence, personal data is processed within the scope stated above. To this extent you are an affected person within the meaning of the DSGVO and are entitled to the following rights with respect to the Linser LAB:
Right to information
You can ask the Linser LAB to confirm whether we process personal data concerning you. If such data is processed, you can request the following information from the Linser LAB:
- The purposes of the processing for which the personal data are intended;
- The categories of personal data processed;
- The recipients or categories of recipients to whom personal data concerning you have been or will be disclosed;
- The period for which the personal data will be stored, or if that is not possible, the criteria used to determine that period;
- The right to request from the responsible officer to correct or delete your personal data, a right of restriction of processing or a right to object to processing as well as the right to data portability;
- A right to complain to an oversight authority;
- All available information regarding the source of the data if personal data was not collected from you;
- The existence of automated decision-making, including profiling, referred to in Article 22 para. 1 and 4 DSGVO and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the affected person.
You have the right to request information concerning whether your personal data will be transferred to a third country or international organization. In such cases, you may request to be informed of the appropriate guarantees pursuant to Art. 46 DSGVO as related to this transfer.
Your right to information is subject to legal restrictions and is not absolute, rather, it is limited in particular in the following cases:
- If a large volume of information is saved for an affected person, then the Linser LAB may request that the information be restricted to that information or processing which relates to the request for information.
- Obvious unfounded or excessive requests, or frequent repetitions may result in rejection or in compensation of costs.
- The granting of information must not affect the rights of the Linser LAB or other persons (in this regard, professional secrets, business secrets, data with reference to other persons are exempted).
Right to Restriction of Processing
Under the following circumstances you may request a restriction of processing of your personal data:
- If you contest the accuracy of the personal data, the restriction will extend for a period enabling the Linser LAB to verify the accuracy of the personal data;
- The processing is unlawful and you oppose the erasure of the personal data and request the restriction of its use instead;
- The Linser LAB no longer needs the personal data for the purposes of the processing, but it is required by you for the establishment, exercise or defense of legal claims;
- If you have objected to processing pursuant to Article 21 para. 1 DSGVO pending the verification whether the legitimate grounds of the Linser LAB override those asserted by you.
Where processing personal data concerning you has been restricted, such personal data shall, with the exception of storage, only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State. Where processing personal data concerning you has been restricted, you will be informed by the Linser LAB before the restriction of processing is lifted.
Right to Deletion
Deletion requirement: You can request the Linser LAB to delete your personal data without delay. The Linser LAB is required to delete this data without delay, provided one of the following reasons applies:
- The personal data concerning you is no longer necessary in relation to the purposes for which it was collected or otherwise processed and the processing for other purposes is not permissible.
- You withdraw consent on which the processing is based according to Art. 6 para. 1 (a) or Art. 9 para. 2 (a) DSGVO, and where there is no other legal grounds for the processing.
- You object to the processing pursuant to Art. 21 para. 1 DSGVO and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 para. 2 DSGVO.
- Personal data concerning you have been unlawfully processed.
- The personal data concerning you have to be erased for compliance with a legal obligation in Union or Member State law to which the responsible person is subject.
- The personal data concerning you have been collected in relation to an offer of services of the information company referred to in Art. 8 para. 1 DSGVO.
Notification to third parties: Where the Linser LAB has made the personal data public and is obliged pursuant to Art. 17 para. 1 DSGVO to erase the personal data, the responsible officer, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform officers who are processing the personal data, that you have requested the deletion by such officers of any links to, or copy or replication of, that personal data.
Exceptions: The right to erasure does not apply to the extent processing is necessary:
- For exercising the right of freedom of expression and information;
- For completion of a legal obligation which requires the processing according to the laws of the EU or of member states to which the Linser LAB is subject, or to complete a task in the public interest or in exercise of official authority which has been conferred upon the Linser LAB;
- For reasons of public interest in the area of public health in accordance with Art. 9 para. 2 (h) and (i) as well as Art. 9 para. 3 DSGVO;
- For archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Art. 89 para. 1 DSGVO in so far as the right referred to in letter a) above is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
- For the establishment, exercise or defense of legal claims.
Right to notification
If you have asserted your right to rectification, erasure or restriction of processing vis-a-vis the Linser LAB, then we are obliged to communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort (Art. 19 DSGVO).
You have the right to be informed by the Linser LAB about such recipients.
Right to data portability
Regarding the demands of Art. 21 DSGVO you have the right to receive the personal data concerning you which you provided to the Linser LAB, in a structured, commonly used and machine-readable format. In addition, you have the right to transfer this data to one or another responsible officer without hindrance by the Linser LAB, provided
- The processing is based on consent pursuant to Art. 6 para. 1 DSGVO or Art. 9 para. 2 DSGVO or on a contract pursuant to Article 6 para. 1 (b) DSGVO; and
- The processing is carried out by automated means.
In exercising your right to data portability, you have the right to have the personal data transmitted directly from the Linser LAB to another responsible officer, where technically feasible. The exercise of this right cannot adversely affect the rights and freedoms of others. The right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Linser LAB.
Right to object
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 para.1 (e) or (f) DSGVO. In such cases, the Linser LAB shall no longer process the personal data concerning you unless the Linser LAB can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. In the context of the use of information company services, and notwithstanding Directive 2002/58/EC, you are entitled to exercise your right to object by using automated means, in which technical specifications are applied. In the case of processing of your personal data for scientific or historical research purposes and for statistical purposes pursuant to Art. 89 para. 1 DSGVO, you have the right to object to this data processing for reasons relating to your particular situation.
Right to revoke consent to data processing
You have the right to revoke your consent to data processing with future effect; however, this revocation shall not affect the legitimacy of the data processing already occurred based on your consent given until the time of revocation. This revocation must always be submitted to the agency within the Linser LAB which has received the consent.
Right to lodge a complaint with an Oversight Authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a data protection oversight authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the DSGVO. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Art. 78 DSGVO.
If you believe that the processing of your personal data is in violation of the DSGVO, then we request that you first turn to the officer responsible for the content of the particular internet page, who is named in the copyright statement, and/or to the official data protection officer at the Linser LAB, since this will allow a rapid examination or remedy, if necessary, of your concerns. It is our goal and responsibility to examine all arriving questions of data protection immediately and to solve potential problems under data protection law.
This general data protection policy was created June 2019. We reserve the right to update this data protection policy on a regular basis in order to take proper account of current legal requirements and technical changes, and also to implement our services and offers in compliance with data protection. The most recent version of this policy applies to your visit to an Linser LAB web page.