Data Protection Information
The following data protection information will inform you about the processing of your personal data that we collect during your participation in the online survey »Conservation Summer Academy 2020 in Pompei: survey« in the framework of the project TransferFinanz. Your personal data will be processed with respect to the applicable data protection regulations.
Name and contact information of the controller and corporate data protection officer
This data protection information is applicable to data processing on the limesurvey.imw.fraunhofer.de, ls.imw.fraunhofer.de, umfragen.imw.fraunhofer.de and survey.imw.fraunhofer.de websites by the controller:
Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V.
Hansastraße 27 c,
on behalf of its Fraunhofer Center for International Management and Knowledge Economy IMW (hereinafter referred to as »Fraunhofer IMW«)
Telephone: +49 341/231039-0
Fax: +49 341/231039-190
The Data Protection Officer at Fraunhofer may be reached at the above-mentioned address, attention of Data Protection Officer or at email@example.com. In case you have any questions about data protection law or your rights as the data subject, you may directly contact our Data Protection Officer.
Processing of your personal data and purposes of data processing
Visiting the website
Every time you visit our web pages, our website servers save the data of your device accessing our website in a protocol file. This storage is temporary; our website server saves the following access data until their automated deletion:
- The IP address of the requesting device
- Access date and time
- Name and URL of the accessed data
- The data volume transmitted
- The message whether the access was successful
- The browser and operating system used
- The name of the Internet Provider (ISP)
- The referring website (referrer URL)
These data are processed for the following purposes:
- To enable the use of the website (connection setup)
- Administration of the network infrastructure
- Appropriate technical and organizational measures to ensure IT systems and data security taking into account the state-of-the-art technology
- To offer user-friendly service
- To optimize the Internet offering
Legal foundations for the above processing purposes:
- Processing in response to a website visit pursuant to numbers 1-2 the first sentence of Article 6(1), point (b) (requirement for compliance with provisions of the website user contract)
- Processing pursuant to number 3, the first sentence of Article 6(1), point (c) GDPR (legal obligation to implement technical and organizational measures to ensure secure data processing pursuant to Article 32 GDPR) and the first sentence of Article 6(1), point (f) GDPR (legitimate interests in data processing for the network and information security) as well as
- Data processing pursuant to numbers 4 – 5, the first sentence of Article 6(1), lit. f GDPR (legitimate interests). Our legitimate interests in the processing of data are based on our desire to offer user-friendly optimized web pages [our legitimate interests may also include the distribution of direct advertising.]
After the set period of 90 days, our web server automatically deletes the above-mentioned data. To the extent that data are processed longer for purposes pursuant to numbers 2 – 5, we will anonymize or delete the data as soon as their storage no longer serves the respective purpose.
Participating in a survey
Participation in the survey is voluntary. All information will be treated confidentially.
When answering the survey questions, the following personal data will be collected: gender, age, place of residence, educational background, information on employment, income and private household, interest in cultural heritage and personal priorities set in supporting crowdfunding campaigns.
This data will be used to compare two surveys carried out by the Fraunhofer IMW, one asking about the fictitious and the other about the real willingness to pay for the preservation of cultural heritage.
The data processing is carried out in order to safeguard our legitimate interests in accordance with Art. 6 Para. 1 S. 1 lit. f DSGVO. The survey will be used to investigate the success factors of crowdfunding campaigns and the importance of cultural heritage. This is to be seen as a legitimate interest within the meaning of the aforementioned provision.
The questions of and answers to the survey will be stored and the results evaluated and analyzed. Your answers will be linked to the results of related surveys and statistically evaluated. After the evaluation is completed, your survey questionnaire will be deleted and the personal reference to the answers will be removed. Unless there are reasons that justify longer storage (for example, if you have given your consent in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO).
Except for the aforementioned cases, we forward your personal data to third parties only if:
- you have given your express consent pursuant to the first sentence of point (a) of Article 6(1) GDPR,
- it is necessary for the performance of a contract with you pursuant to the first sentence of point (b) of Article 6(1) GDPR,
- A statutory obligation exists for transferring pursuant to the first sentence of point (c) of Article 6(1) GDPR.
Especially if you have registered for an event, it may be necessary within the scope of performance of the contract that your personal data needs to be transferred to an external organiser. In connection with an event registration, you will be informed about who the organiser is and whether it is an external organiser. This organiser will process personal data within the scope of the event and especially for the management of participants. Sending personal data to a third country (outside the EU) or an international organisation is excluded.
Rights of the data subject
You have the right:
- pursuant to Art. 7(3) GDPR, to revoke the consent given to us at any time. This means that in future we may no longer continue to process the data as based on this consent. The legality of the data processing carried out on the basis of the consent until revocation is not affected by this.
- pursuant to Article 15 GDPR, to demand information about your personal data processed by us. In particular, you may request information about the purposes of the processing, the categories of personal data concerned, the categories of recipients to whom the personal data has been or will be disclosed, the envisaged period for which the data will be stored, the existence of a right to rectification, erasure, restriction of the processing or to an objection to the processing, the existence of a right to lodge a complaint, the source of your data if it was not collected by us, as well as about the existence of an automated decision-making, including profiling, and, if applicable, meaningful information about its details;
- pursuant to Article 16 GDPR, to immediately demand the correction of incorrect data or the completion of your personal data stored with us;
- pursuant to Article 17 GDPR, to demand the deletion of your personal data stored with us unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a statutory obligation, for reasons of public interest, or to assert, exercise or defend legal rights;
- pursuant to Article 18 GDPR, to demand the restriction of the processing of your personal data if you contest the correctness of the data, the processing is illegal but you deny its deletion and we no longer require the data while you still require it for establishing, exercising or defending legal rights or if you have filed an objection to the processing pursuant to Article 21 GDPR;
- pursuant to Article 20 GDPR, to receive your personal data that you have provided to us, in a structured, customary and machine-readable format or to demand the transfer to another data controller and
- pursuant to Article 77 GDPR, to complain to a supervisory authority. Generally, you may contact the supervisory authority of your habitual residence or place of work or the registered offices of our enterprise.
All your personal data is transmitted in an encoded manner using the widely used and secure TLS (Transport Layer Security) encryption standard. TLS is a secure and proven standard that is also used in online banking, for instance. You will recognize a secure TLS connection by the additional s after http (i.e., https://..) in the address bar of your browser or from the lock icon in the lower part of your browser, among other things.
In all other regards, we use suitable technical and organizational security measures to protect your data against accidental or intentional manipulations, partial or complete loss, destruction, or the unauthorized access of third parties. We continuously improve our security measures in accordance with the technological development.
Should individual provisions of this data protection declaration be or become invalid either in part or in their entirety or prove infeasible at any time, this shall not affect the remaining provisions. This shall apply accordingly to gaps in this declaration.