The providers of "PiA - Physik im Advent" (hereinafter PiA) and the Georg-August-Universität Göttingen consider pay great attention to the careful and secure handling of the personal data of PiA participants and visitors to our website and third parties in compliance with legal data protection regulations (DSGVO). With this declaration, we would like to inform you about the type, scope and purpose of the processing of your personal data. With your consent to PiA's data protection declaration, you give your consent that PiA providers may collect, process and use your personal data for the operation, further development and improvement of "PiA - Physics in Advent". You can revoke this consent at any time with effect for the future.
For reasons of better readability, the male form is used in this text; of course, both the female and the male form are always meant.
The person responsible within the meaning of the Data Protection Basic Regulation (DSGVO) is
Prof. Dr. Arnulf Quadt
data security officer
The data protection officer of the person responsible is:
Data Protection Officer of the University of GöttingenMr. Prof. Dr. Andreas Wiebe
1. collection of http protocol data
Each time a user accesses the PiA website, data about this process is stored and processed in a log file. In detail, the following data is stored for each access: Anonymised IP address, date and time of access, browser type and version, operating system, URL and previously visited website. The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the IP address of the user must remain stored for the duration of the session. The data is stored in log files to ensure the functionality of the website. In addition, we use the data for statistical evaluations and to improve our services for our participants and visitors and third parties interested in PiA, as well as to ensure the security of our information technology systems. In this context, the data is not evaluated for marketing purposes, nor is it stored together with other personal data of the user. Before data is stored that goes beyond one session, each data record is anonymised by changing the IP address. It is therefore not possible to assign the collected data to a specific natural person.
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f DSGVO. The processing serves to safeguard a legitimate interest of the PiA provider or a third party. This interest does not outweigh the interests, fundamental rights and fundamental freedoms of the data subject.
The data are deleted as soon as they are no longer required for the purpose of their collection. Long-term storage is possible if the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the calling client.
Since the collection of the data for the provision of the website and the storage of the data in log files are absolutely necessary for the operation of the website, there is no possibility of objection on the part of the user.
3. participation in "PiA - Physics in Advent"
On our website, we offer PiA participants the opportunity to register as PiA participants from November 1 of each year, stating their personal data. Only a functioning email address is required. Other information is voluntary and is only required for the creation of an individual certificate after the end of the Advent calendar or for the statistical evaluation of educational aspects of the PiA Advent calendar. Address information is required so that participants can take part in the prize draw and, if they win, prizes can be sent to them by post. The data is entered into an input mask, transmitted to us via an encrypted SSL connection and stored in the PiA participant database. Within the framework of the registration process, the user's consent to the processing of this data is obtained and reference is made to this data protection declaration. In the event of a win, your email addresses will be transmitted to the donors of the winnings if required, provided this is necessary for making appointments to redeem the winnings. These service providers are obliged by means of agreements to protect and later delete your personal data.
The legal basis for the processing of data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.
In general, data are deleted as soon as they are no longer required for the purpose of their collection. This is the case for the measures taken during the registration process as a PiA participant or for the implementation of preparatory measures if the data is no longer required for the implementation of the participation. Even after completion or termination of participation, it may be necessary to store the member's personal data in order to comply with contractual or legal obligations.
All personal data of the PiA Advent calendar of one year will be deleted after 31 January of the following year. Individual certificates can no longer be issued after this date.
As a PiA participant you have the possibility at any time to terminate your participation by deleting your participant account.
The data stored about you can also be changed via the online change form or in writing.
4. contact forms and e-mail contact
If you contact us by e-mail or contact form, the information you provide will be stored for the purpose of processing your inquiry and for possible follow-up questions. If you use the contact form, your consent to the processing of the data will be obtained during the sending process and reference will be made to this data protection declaration.
Alternatively, you can contact us via the e-mail address provided. In this case the personal data of the user transmitted with the e-mail will be stored. The data will be used exclusively for the processing of the conversation. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent. The legal basis for the processing of data transmitted in the course of an e-mail is Art. 6 para. 1 lit. f DSGVO. If the purpose of the e-mail contact is to conclude a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.
The user may revoke his consent to the processing of personal data in writing at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case, the conversation cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.
5. dispatch of newsletters and mailings
On our website, we offer PiA participants and those interested in PiA the opportunity to register to receive newsletters or mailings by providing personal data.
As part of your registration as a PiA participant, you have the opportunity to receive the PiA newsletter and mailings on PiA activities. The e-mail addresses provided by the users to the PiA operator are used for this purpose. Your consent will be obtained for the processing of your data during the registration process and reference will be made to this data protection declaration.
Users can register for the PiA project or the PiA newsletter at various points on the PiA website. The personal data transmitted in these input masks are stored and used in these cases exclusively for the purpose of sending.
The collection of the user's e-mail address serves to deliver the newsletter. The collection of other personal data as part of the registration process serves to prevent misuse of the services or the e-mail address used.
The legal basis for the processing of data by the user after registration for the newsletter is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.
The data are deleted as soon as they are no longer required for the purpose of their collection. The e-mail address of the user will therefore be stored as long as the subscription of the newsletter or the participation at PiA is active, unless contractual or legal obligations prevent a deletion.
The subscriptions to the newsletters can be cancelled at any time by the user concerned in writing, by means of an online change form or with the help of a corresponding link in the newsletter.
6. web analysis by Matomo (formerly PIWIK)
On our website we use the open source software tool Matomo (formerly PIWIK) to analyze the surfing behavior of our users. The software places a cookie on the user's computer. If individual pages of our website are accessed, the following data is stored: Two bytes of the IP address of the user's calling system, the web page called up, the website from which the user accessed the web page called up (referrer), the subpages called up from the web page called up, the time spent on the web page and the frequency with which the web page was called up.
The software runs exclusively on the servers of our website. The personal data of the users is only stored there. The data will not be passed on to third parties. The processing of the users' personal data enables us to analyse the surfing behaviour of our users. By evaluating the data obtained, we are able to compile information on the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. The software is set so that the IP addresses are not stored completely, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer. This anonymisation of the IP address takes sufficient account of the user's interest in the protection of personal data.
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f DSGVO. The processing serves the protection of a legitimate interest of our association or a third party. This interest does not outweigh the interests, fundamental rights and fundamental freedoms of the person concerned.
This anonymisation of the IP address takes sufficient account of the user's interest in their protection of personal data, so that permanent storage of the anonymised data is possible.
7. embedded YouTube videos
On some of our websites we embed YouTube videos. YouTube is an Internet video portal that allows video publishers to post video clips and other users to view, rate and comment on them for free. The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc, 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
When you visit a page with a YouTube plug-in, it connects to YouTube servers. As part of this technical process, YouTube and Google will know which specific pages on our website you are visiting. If you are logged in to YouTube at the same time, YouTube recognizes which specific subpage of our website you are visiting by calling up a subpage containing a YouTube video; this takes place regardless of whether the person concerned is playing a YouTube video or not. This information is collected by YouTube and Google and assigned to your YouTube account. If you do not want this information to be transmitted to YouTube and Google in this way, you can prevent it from being transmitted by logging out of your YouTube account before visiting our website. The data protection regulations published by YouTube, which can be accessed at https://www.google.de/intl/de/policies/privacy/, provide information about the collection, processing and use of personal data by YouTube and Google.
8. integration of external links
The consent of the legal guardian is required for the transmission of personal data of minors.
10. data security
We take state-of-the-art precautions to protect your data from loss, destruction, falsification, manipulation and unauthorized access. If your data is collected and recorded by us, it is stored on specially protected GWDG servers. These are protected by technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. Access to your data is only possible for a few authorised persons. They are responsible for the technical, commercial or editorial support of the servers. All our employees are obliged to maintain confidentiality.
11. your user rights
You can exercise the following rights at any time using the contact details provided by our data protection officer:
Information about your data stored with us and their processing,
Correction of incorrect personal data,
Deletion of your data stored with us,
Restriction of data processing if we are not yet allowed to delete your data due to legal obligations,
Objection against the processing of your data by us and
Data transferability if you have consented to data processing or have concluded a contract with us.
If you have given us your consent, you can revoke it at any time with effect for the future. You can at any time complain to the supervisory authority responsible for you. Your responsible supervisory authority depends on the federal state of your residence, your work or the presumed violation. A list of the supervisory authorities (for the non-public sector) with addresses can be found at: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
12. changes to the data protection declaration