Data Protection Statement Website

 1. General Information Regarding the Collection of Personal Data

1.1 In General
The safeguarding of your private sphere when using our website is very important to us. Accordingly, we utilize your personal data in compliance with the statutory regulations pertaining to data protection. Personal data are all data that are obtainable about you personally, for example name, address, email address, user behavior. In the following we provide you with information about how we handle your personal data.

1.2 Entity responsible
Responsible as “Controller” pursuant to Article 4 para. 7 of the EU General Data Protection Regulation (GDPR) is 
Else Kröner-Fresenius-Stiftung
Louisenstraße 120
61348 Bad Homburg v.d. Höhe, Germany.

You can reach our data protection officer,

Herrn Dr. Anton Peuser
SPIE Data Protection GmbH
Lyoner Str. 9
60528 Frankfurt am Main, Germany,

at Datenschutz_EKFS@spie.com or at our postal address by adding “Attn. Data Protection Officer” to the address.

1.3 No collection of data on minors
The foundation Else Kröner-Fresenius-Stiftung takes the safeguarding of children’s private sphere very seriously. We do not knowingly collect personal information from children under the age of 16 via our website. If you are younger than 16 years old, please obtain permission from a parent/legal guardian before you make personal data available to Else Kröner-Fresenius-Stiftung. 

2. Collection of Personal Data Upon Visiting Our Website

2.1 In general
Strictly speaking, you are able to use our website without notifying us as to who you are. If you do not convey information to us via another method, we collect merely the personal data that your browser communicates to our server. The following data are necessary for us due to technical features and ensure the stability and security of the website (The legal basis for this is Article 6 para. 1 (f) of the GDPR – Legitimate Interests): 

  • IP address
  • date and time of the query
  • time-zone difference in comparison to Greenwich Mean Time (GMT)
  • content of the request (concrete page)
  • access status/http status code
  • data volume transmitted in each case
  • website from which the request originates
  • browser
  • operating system and its interface
  • language and version of the browser software.

In the event of a case of system misuse, we are able to utilize the information captured by the web server to ascertain the initiator of this misuse in cooperation with your internet provider and/or local authorities.
The web server logs are automatically deleted after 60 days.

2.2 General information on the deployment of cookies
This website uses the following types of cookies, whose scope and operating principle are explained in the following:

  • transient cookies - refer to a)
  • persistent cookies - refer to b).

a) Transient cookies are deleted on an automated basis when you close the browser. They particularly include session cookies. Session cookies store a so-called session ID with which various queries from your browser can be assigned to a collective session. As a consequence your computer can be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

b) Persistent cookies are deleted on an automated basis after a predefined period of time which can differ depending on the cookie involved. You can delete the cookies at any time in the security settings for your browser.

You can configure your browser setting to correspond to your wishes and, for example, refuse to accept third-party cookies or all cookies. We point out to you that, in the event of refusal, you might possibly be unable to make use of all the functions on this website.

2.2.1 Deployment of cookies
In addition to the previously mentioned data, in the event of your usage of our website “cookies” are stored on your computer. Cookies deal with small text files that are stored on your hard-disk drive and assigned to the browser you utilize. As a result of the entity setting the cookie (in this case by us), certain information flows to these text files. Cookies are not able to execute any programs or transfer viruses to your computer. They serve towards making the internet offer more user-friendly and more effective on the whole.

You can configure how cookies are to be processed to correspond with your wishes before you use our website. You can give us your consent for the individual categories or even for individual cookies.
This consent approval refers to analytics cookies (in this case statistical cookies) which are addressed in more detail in the following. You can decide for yourself which cookies we are allowed to utilize. You can delete cookies at any time, even when they have already been utilized. In this regard, please note the instructions for settings issued by your browser provider. 
We utilize cookies without your consent that are necessary in a technical sense. These cookies are required due to technical reasons so that you are able to visit our website and make use of the functions offered by us.

The cookies we utilize are:

  1. Necessary Cookies:
    These cookies support the function and usage of our website and serve towards having the technical features of our website operate correctly. They are necessary to keep your visit to our website consistent. In other words, to ensure that, for example, your entries during the session are retained. These session cookies are automatically deleted after the end of the session.

    We utilize these cookies on the basis of our legitimate interests in providing you with an optimal and properly functioning website. The legal basis for this is Article 6 para. 1 (f) of the GDPR.

    In particular they are:Necessary Cookies
  2. Statistical Cookies (analytics cookies):
    In addition we make use of “analytics cookies” to analyze and improve the functionality of our website. These cookies help us to understand how visitors interact with a website by collecting and reporting information on an anonymous basis.

    We utilize these cookies on the basis of your consent to provide you with an optimal and properly functioning website. The legal basis for this is Article 6 para. 1 (a) of the GDPR.

    They are:

    Statistical Cookies

This website makes use of Google Analytics, a web analytics service from Google Inc. (“Google”). Google Analytics utilizes so-called “cookies”, text files which are stored on your computer and enable an analysis of your usage of the website. As a rule, the information generated by the cookies regarding your usage of this website is transmitted to a Google server in the USA and stored there. In the event of the enabling of IP anonymization on this website, however, within the member nations of the European Union or in other signatories to the Agreement on the European Economic Area (EEA Agreement) your IP address is abbreviated beforehand by Google. The full IP address is transmitted to a Google server in the USA and abbreviated there only in exceptional cases. Google shall make use of this information on behalf of the operator of this website to analyze your usage of the website, to compile reports on website activitites, and to render other services associated with website and internet use vis-à-vis the website operator. 
The IP address communicated by your browser within the course of Google Analytics is not merged with other data at Google.

You can prevent the storage of cookies via an appropriate setting in your browser software. However, we explicitly point out that in this case you might not be able to utilize all the functions on this website to their fullest extent. Above and beyond this, you can prevent the capturing of data generated by the cookie (including your IP address) and data referring to your usage of the website from going to Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=en

Information on the third-party supplier: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Tel.: +353 1 543 1000, Fax: +353 1 686 5660

Terms & conditions for users: http://www.google.com/analytics/terms/us.html 
Data privacy overview: https://support.google.com/analytics/answer/6004245?hl=en&ref_topic=2919631
Privacy policy statement: https://policies.google.com/privacy?hl=en-us

How you can manage cookies:

You have the possibility to accept or reject all or individual cookies, except for Necessary Cookies. However, you can specify that cookies are rejected via the browser settings. When cookies are rejected, it can occur that you are no longer able to make use of some functions on the website. When cookies are accepted, you can delete these accepted cookies again at a later point in time.
When you delete cookies, all of the settings that are controlled by these cookies are deleted, including ad settings, and might possibly not be restorable anymore.
When you delete cookies, it is possible that you are furthermore requested to confirm certain dialogues again. 

Please note that your cookies settings always refer to the internet browser you use. This means that if you want to call up our website using a different internet browser you have to perform the setting(s) again.

2.2.2 Integration of YouTube videos
We have integrated YouTube videos into our online offer which are stored at http://www.YouTube.com and can be played back directly from our website. [They have all been integrated within the “Enhanced Data Protection Mode”. In other words, no data about you as user is transmitted to YouTube when you do not play back the videos. It’s only when you play back the videos that the data stated in Section 2. are transmitted. We have no influence on this data transmission.]
As a result of visiting the website YouTube receives the information that you have called up the corresponding subpage on our website. In addition, the data stated in Section 2. of this document are communicated. This occurs independent thereof whether YouTube provides a user account through which you are logged in or no user account exists. If you are logged in at Google, your data are assigned directly to your account. If you do not want this assignment at YouTube using your profile, you must log out before activating the button. YouTube stores your data as usage profiles and makes use of the data for purposes of advertising, market research and/or demand-based design of its website. An analysis of this nature occurs especially (even for not logged-on users) towards providing demand-based advertising and to inform other users within the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must direct the objection to YouTube in order to exercise this right.
You obtain additional information pertaining to the purpose and scope of data collection and the processing thereof by YouTube in the Privacy Policy from YouTube, a subsidiary of Google LLC.. You also obtain further information pertaining to your rights and settings options towards protecting your private sphere there: https://policies.google.com/privacy?hl=en-us

2.3 Establishing contact
In the event of email queries addressed to us, the data you have disclosed (your email address, possibly or where required your name, telephone number and the institution on whose behalf you are active) are stored in order to reply to your questions. 
We process the information towards establishing contact on the basis of Article 6 para. 1 (b) of the GDPR (towards performance of a contract or towards implementation of steps prior to entering into a contract), and as needed possibly on the basis of Article 6 para. 1 (f) of the GDPR (Legitimate Interests).

We delete the data incurred in conjunction with the above context once the storage thereof is no longer necessary, or restrict the processing thereof in the event that statutory retention provisions exist.

2.4 Funding by the foundation
2.4.1 Implementation of funding
We require personal data towards implementing a case of funding and for upstream review of the application for funding 

  • first and last names
  • postal address
  • email address
  • institutional and private contact data 
  • position 
  • function 
  • date of birth 
  • gender 
  • occupational history 
  • letter of recommendation 
  • bank account data.

The processing of your personal data is fundamentally based on Article 6 para. 1 (b) of the GDPR, because no review of the application for funding or an actual case of funding itself can be carried out without your disclosures. 
Insofar as the provision of your personal data is necessary for funding by us, you are fundamentally obliged to provide us with your personal data. Should you decide not to provide us with your personal data, we cannot commence the funding with you or proceed any further with it.

No automatic decision-making shall be conducted which is based solely on automated processing, including profiling, and evolves to have legal effect for you or impairs you in a similar way.

We retain your data for as long as a funding relationship exists with you. Upon termination of the funding relationship, your data shall generally be retained for 10 more years insofar as no statutory retention periods exist to the contrary or you do not call on us for the deletion thereof. 

We point out that your right to deletion of data may be restricted due to statutory retention obligations we are obliged to comply with.
It may be necessary that we require the support of service providers. However, we divulge your personal data solely to such entities which require your data towards performance of tasks on our behalf. 
The foundation Else Kröner-Fresenius-Stiftung essentially processes your personal data within Germany. Due to the foundation’s funding activity we may transmit your personal data within the EU and also to the USA and to other countries whose data protection legislation is possibly less comprehensive than such laws within the EU. The access to your personal data is limited thereby to legal persons who must be familiar with this data for the purposes described in this Data Protection Statement. As a basic principle, a disclosure of your data to third countries with a commensurate level of data protection occurs solely under the application of appropriate protective measures.

The foundation Else Kröner-Fresenius-Stiftung furthermore utilizes various IT service providers. It is therefore not to be ruled out that personal data are transmitted within the EU and also to the USA and to other countries whose data protection legislation is possibly less comprehensive than such laws within the EU. As a basic principle, a disclosure of your data to third countries occurs under the application of appropriate protective measures.

2.4.2 Information about calls for applications
Furthermore, a legitimate interest on our part towards carrying out concomitant communications measures and/or calls for applications procedures can exist due to Article 6 para. 1 (f) of the GDPR to the extent that no consent is required on your part for these purposes.

2.5 Newsletter
You can subscribe to our newsletter via our website. The newsletter provides you with information about our activities – such as calls for applications, projects being funded or awards ceremonies. Your email address is required for registration. All other disclosures are voluntary.

Registration occurs via a double opt-in process. This means that following registration on our website you receive an email to the address indicated. The registration does not become effective until you click on the activation link enclosed in the confirmation email. The unconfirmed activation link remains valid for 4 weeks. Your email address subsequently remains in our database until you revoke your consent.

You can unsubscribe to our newsletter at any time and revoke your consent by clicking on the corresponding link at the end of each newsletter or by sending an email to kontakt@ekfs.de.

We evaluate your clicks in our newsletter with the help of so-called tracking pixels, in other words invisible image files. They are assigned to your email address and interlinked to a unique ID in order to clearly assign clicks within the newsletter to you. This usage profile is intended to serve towards enabling the newsletter offer to be tailored to your interests. We capture when you read the newsletter and which links you click on, then deduce an interest profile from this information.

You can object at any time by clicking on the corresponding link at the end of the newsletter or by contacting us. However, this means that you will not receive any more newsletters.

3. Your Rights
You have the following rights towards us with respect to the personal data affecting you:

  1. Right of access by the data subject (Art. 15 GDPR)
  2. Right to rectification (Art. 16 GDPR)
  3. Right to erasure (Art. 17 GDPR)
  4. Right to restriction of processing (Art. 18 GDPR)
  5. Right to data portability (Art. 20 GDPR)
  6. Right to object to processing (Art. 21 GDPR)

Insofar as the processing of your personal data is based on your consent, you have the right to revoke your consent at any time, effective as of the future. The legitimacy of the processing which has occurred until revocation due to the consent given remains unaffected.
To assert one of your rights listed above you can approach us at any time: 
Else Kröner-Fresenius-Stiftung, Louisenstraße 120, 61348 Bad Homburg v.d. Höhe, Germany, or at kontakt@ekfs.de
If you are of the opinion that we process your personal data in an impermissible manner, please contact us at Datenschutz_EKFS@spie.com or at our postal address by adding “Attn. Data Protection Officer” to the address.
You also have the right to apply to the German data protection supervision authority. 

The German government authority in charge is:
Der Hessische Beauftragte für den Datenschutz und die Informationsfreiheit
Postfach 3163
65021 Wiesbaden, Germany

4. Security Measures
Insofar as we forward data to our service providers within the framework of the services described here, in addition to mandatory statutory regulations these service providers are bound to contractual stipulations with us pertaining to the subject of data protection.
We employ security measures which we continuously optimize in accordance with technical and legislative development in order to safeguard your data to the best possible extent against accidental or willful manipulation, loss, destruction or access by unauthorized third parties.

5. Links to other websites / social media 
Our online offer can also contain links to other websites, for instance to social media platforms or universities. This Data Protection Statement does not extend to these providers.

If you wish additional information regarding the scope of personal data collected and processed by the providers of social media, regarding the purpose of data processing, as well as regarding your respective rights and measures towards safeguarding your personal data (including your right to object), please read the privacy policy of the respective social media networks: 

Twitter: https://twitter.com/en/privacy
Linkedin: https://www.linkedin.com/legal/privacy-policy
XING: https://privacy.xing.com/en/privacy-policy
YouTube: https://policies.google.com/privacy?hl=en-US

We have no influence over operators’ compliance with data protection provisions and therefore assume no responsibility whatsoever for the correctness, up-to-dateness and completeness of the information provided there.

6. Additional Questions Regarding the Subject
In the event that you have questions or remarks pertaining to this Data Protection Statement and explanatory guideline for cookies, please contact us via the contact data for the “Controller” indicated in this document (see section 1.2).

 
Status: January 2021