We take the protection of your personal data very seriously. We treat your personal information as confidential and handle it in compliance with the statutory data privacy regulations and this Privacy Statement.
The following information provides an overview of how we process your personal data and your rights under data protection law.
1. Who is responsible for processing the data and who can I contact?
The data controller is:
10115 Berlin, Germany
T +49 (0)30 20 60 49 0
F +49 (0)30 20 60 49 55
You can contact our external Data Protection Officer at:
10115 Berlin, Germany
T +49 (0)30 20 60 49 0
F +49 (0)30 20 60 49 55
2. Who does this Privacy Statement apply to?
This Privacy Statement is aimed at
- all visitors to our website
- individuals who take advantage of services offered on our website (subscribe to magazines, sign up to receive press releases, register for events, enter prize draws, etc.)
3. What data do we use?
As a rule, you can visit our web pages without revealing your identity. If you send us an email or contact form, your message and your email address will be used exclusively for correspondence with you. In individual cases, e.g. when using our participant management system, we may need to process your personal data. This data includes participant contact details and, where applicable, other data that is necessary for running the event, such as specific customer requirements or data on speaker biographies.
4. For what purposes and on what lawful basis do we use your data?
We process your personal data in compliance with the provisions of the General Data Protection Regulation (GDPR) and the German Data Protection Act (BDSG):
a) to fulfil contractual obligations (Article 6 (1) (b) GDPR)
Personal data is processed to carry out commercial activities in the context of running events for our customers or for our own events, and to carry out pre-contractual activities in response to a request from you, e.g. via a contact form.
b) in the balance of interests (Article 6 (1) (f) GDPR)
Where necessary, we process your data beyond the actual performance of the contract to protect legitimate interests of ourselves or third parties. Examples:
- Asserting legal claims and defence in legal disputes
- Safeguarding IT security
c) on the basis of your consent (Article 6 (1) (a) GDPR)
If you have given consent for us to process your personal data for certain purposes (e.g. when subscribing to a magazine) your consent provides the lawful basis for this processing. Consent can be withdrawn at any time. Please note that the withdrawal can only apply to future processing. Data processing that took place before consent was withdrawn is not affected.
If you would like to subscribe to the newsletter offered on this website or to the Leibniz magazine, we will need an email address from you and information that allows us to verify that you are the owner of the email address provided and that you consent to the receipt of the newsletter. No further data – or only data that is provided voluntarily – will be collected. We will use such data only for the sending of the requested information and will not share it with any third parties.
The processing of the information entered in the subscription form will occur exclusively on the basis of your consent (Art. 6 (1) (a) GDPR). You may withdraw your consent to the archiving of the data, email address and their use for the sending of the newsletter or magazine at any time, for instance by clicking on the ‘Unsubscribe’ link in the newsletter or by sending an email cancelling your subscription. This shall be without prejudice to the lawfulness of any data processing transactions that have previously taken place.
The data we hold about you for the purpose of the newsletter subscription will be archived by us until you unsubscribe from the newsletter. Once you cancel your subscription to the newsletter, the data will be deleted. This shall not affect data we have stored for other purposes.
The legal basis for processing your personal data in the context of a job application is primarily § 26 of Germany’s Data Protection Act (BDSG) of 25 May 2018. Under these provisions, it is permissible to process the data required to make a decision concerning the establishment of an employment relationship. If the data is required after the conclusion of the application process (e.g. for litigation reasons), data processing may take place on the basis of the provisions of Article 6 of the GDPR, in particular for the exercise of legitimate interests pursuant to Article 6 (1) (f) of the GDPR. In this case our legitimate interest consists in asserting or defending ourselves against claims.
By sending your application you consent to us storing and processing your data for the purposes of your application, recruitment and employment. You may withdraw this consent at any time and withdraw your application.
We will process the personal data in your application exclusively for the purpose of dealing with your application and in the recruitment process. Recruitment takes place in collaboration with the responsible members of staff in our HR department and managers in the specialist departments.
Your data will be deleted six months after the conclusion of the application process, unless you agree to a longer storage period, for instance in order to be considered for future job vacancies. If you are recruited, your data will be transferred into our personnel data.
4.3 Data protection information for users of Leibniz.Cloud
The Leibniz.Cloud is a Nextcloud online file storage service hosted by the German National Research and Education Network (DFN) at TU-Berlin. All the data is stored in Germany and is subject to German and European data protection legislation. The service allows us to collaborate with other users. The personal details (first name, last name and email address) of each user are therefore also visible to all other users of the service, and to a few IT staff at TU-Berlin who maintain the system. The users include all Leibniz Headquarters employees and selected small groups of users from committees and working groups.
User accounts are set up for employees of Leibniz Institutes at the request of a representative from the relevant committee. As soon as a user account has been set up, the users in question receive an automated welcome email containing a link to these data protection notices and a note about the right to object. Users can ask for their account to be deleted at any time by writing to it(at)leibniz-gemeinschaft.de.
5. Who has access to my data?
Access to your data within the Leibniz Association is restricted to the offices that need it to fulfil our contractual and statutory obligations. Our contracted service providers and agents may process data for these purposes if they respect its confidentiality and our data protection guidelines. We may pass on data that we receive from you through our participant management system to the organiser of the event.
6. Is data transmitted to third countries?
Data will not generally be transferred to countries outside the EU or EEA (“third countries”).
7. How long will my data be kept?
We process and hold your personal data for as long as is needed to fulfil our contractual and statutory obligations. Data that is no longer necessary for the fulfilment of contractual or statutory obligations is regularly deleted, unless further – temporary – processing is necessary to comply with retention periods under commercial and tax law, for instance under the Handelsgesetzbuch (German commercial code) or Abgabenordnung (German fiscal code). The retention/documentation periods specified there are between six and ten years.
8. What are my rights in terms of data privacy?
You have the right to access your personal data under Article 15 GDPR, the right of rectification under Article 16 GDPR, the right of erasure under Article 17 GDPR, the right to block data processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR. In addition, you have the right to complain to a data protection supervisory authority (Article 77 GDPR in conjunction with § 19 BDSG).
A list of supervisory authorities and their contact details can be found here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
If you have given consent for us to process your personal data, you may withdraw it at any time. Please note that the withdrawal can only apply to future processing. Data processing that took place before consent was withdrawn is not affected. Please also see our Information about your right to object under Article 21 GDPR (see point 11).
To exercise your rights, please use the contact details for our Data Protection Officer given above.
9. Is there any obligation to provide data?
When hiring premises, registering for events or booking services (such as a magazine subscription), you must provide us with the personal data necessary for us to hire out the premises and/or carry out the event or provide a service and to fulfil the associated contractual obligations, or which we are required to collect by law. These data fields are indicated as mandatory during data collection. Without this data, we will generally be forced to decline to conclude the contract or carry out the assignment, or to terminate/stop fulfilling an existing contract.
10. Are there any automated decision-making processes, including profiling?
As a rule, we do not use any fully automated decision-making processes, including profiling pursuant to Article 22 GDPR.
In the event that we use profiling for targeted marketing, you will be informed of the fact separately.
11. Information about your right to object under Article 21 GDPR
a) Right to object on a case-by-case basis
You have the right to object, on grounds relating to your particular situation, to the processing of your personal data. The prerequisite for this is that data is being processed in the public interest or on the basis of a balancing of interests. This also applies to profiling. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing the data which override your interests, rights and freedoms, or if your personal data is being used for the establishment, exercise, or defence of legal rights.
b) Objection to the processing of data for direct marketing
In individual cases, we use your personal data for our direct marketing. You have the right to object to this at any time; this also applies to profiling, where it is related to direct marketing. If you object to processing for direct marketing purposes, we will no longer process your personal data for this purpose. You may communicate your objection in any form, ideally to our data protection officer using the above contact details.
12. What data is processed when I use the website?
a) Data relating to use of the website
When you visit our website, we receive usage data. This includes information such as your screen resolution, browser version, internet access, operating system, language, plug-ins used, country/region of origin and search engines. The stored data is analysed solely for statistical purposes. It is not transferred to third parties or subject to a user-related analysis.
To facilitate browsing, session cookies are used when visitors open individual pages. These cookies expire at the end of the session and do not contain any personal data, i.e. no user-related analysis of the contents of the cookies is conducted. You can configure your browser to allow cookies only on a case-by-case basis or not at all.
Cookies required for electronic communications or to perform specific functions (e.g. registrations, subscriptions, payment transactions) are stored on the basis of Article 6 (1) (f) of the GDPR. In this case, cookies are stored for the purpose of providing our services free from technical errors and in the best possible way. Disabling cookies may reduce the functionality of this website.
13. How secure is my data?
To protect the personal data of our customers and interested parties, we use a secure online data transfer process called Secure Socket Layer (SSL). All information transmitted using this secure method is encrypted before being sent. Processing of your personal data takes place exclusively in data centres and on computers protected by security technology in line with industry standards (e.g. firewalls, password protection, access controls, etc.).
14. Which plugins and tools are used on the website?
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is
b) Matomo (formerly Piwik)
This website uses the Matomo open source web analytics service. Matomo uses so-called “cookies”. These are text files that are stored on your computer and that make it possible to analyse your use of the website. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymised before it is stored. Matomo cookies will remain on your device until you delete them. The storage of Matomo cookies is based on Art. 6 (1) (f) of the GDPR. The website operator has a legitimate interest in the anonymised analysis of user behaviour in order to optimise its website.
The information generated by the cookie about your use of this website will not be disclosed to third parties. You can prevent cookies from being saved by changing the settings in your browser software; however, please be aware that doing so may prevent you from being able to make full use of all the functions of this website.
If you do not agree to the storage and use of your data, you can disable this feature here. In this case, an opt-out cookie will be stored in your browser to prevent Matomo from storing your usage data. If you delete your cookies, this will mean that the Matomo opt-out cookie will also be deleted. You will then need to reactivate the opt-out when you return to our site.
c) Meltwater / Meltwater News
d) Integration of Google Maps
(1) This site uses the Google Maps service. It enables us to display interactive maps directly on our website and allows convenient use of the map function.
(2) When you visit our website, Google receives information that you have visited the relevant page on our website. In addition, the data listed under point 3 of this statement is also transmitted. This occurs even if you do not have an account with Google or are not currently logged in. If you are logged in to a Google account, your data will be directly associated with your account. If you do not want your data to be associated with your Google profile, you will need to log out before activating the button. Google stores your data as user profiles and uses it for purposes of advertising, market research and/or tailoring the design of its website. In particular, this kind of analysis is carried out (even for users who are not logged in) to provide tailored advertising and to inform other users of the social network about your activities on our website. You have a right to object to the development of these user profiles; to exercise this right, you must contact Google.
(3) For further information about the purpose and scope of data collection and processing by the plug-in provider, see the provider’s privacy policies. There you can also find more information about your rights and settings options in this regard for protecting your privacy: policies.google.com/privacy. Google processes your personal data in the USA as well and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Execution of a contract data processing agreement
We have entered into a contract data processing agreement with the provider of Zoom and implement the strict provisions of the German data protection agencies to the fullest when using Zoom.
Last updated December 2018