1. Information about the processing of your data in accordance with Article 13 of the General Data Protection Regulation (GDPR)
1. Controller and Data Protection Officer
The controller responsible for this website is
IZES gGmbH, Altenkesselerstr. 17 66115 Saarbrücken
General contact: izes@izes.de
You can reach the Data Protection Officer by email at
datenschutz@izes.de
or by mail to
IZES gGmbH, Altenkesselerstr. 17 66115 Saarbrücken, Attn: Data Protection Officer – Confidential
2. Data processed for the provision of the website and the creation of log files
a. Which data are processed and for what purpose?
Each time content from the website is accessed, data that may allow identification are temporarily stored. The following data are collected:
– Date and time of access
– IP address
– Hostname of the accessing computer
– Website from which the website was accessed
– Websites accessed via our website
– Visited page on our website
– Message indicating whether the retrieval was successful
– Amount of data transmitted
– Information about the browser type and version used
– Operating system
The temporary storage of the data is necessary for the duration of a website visit to enable the delivery of the website. Further storage in log files is carried out to ensure the functionality of the website and the security of information technology systems. These purposes also constitute our legitimate interest in data processing.
b. Are cookies used?
To ensure technical functionality, a CDN is used for the provision of JavaScript libraries. The CDN used, unpkg, is hosted by the provider Cloudflare. No personal data are transmitted in this process.
c. On what legal basis are these data processed?
The data are processed on the basis of Article 6(1)(f) GDPR.
d. Are there any other recipients of personal data besides the controller?
The website is hosted by [Name, postal address, and email address of the hosting provider]. The host receives the above-mentioned data as a processor.
e. How long are the data stored?
The data are deleted as soon as they are no longer necessary for the purpose for which they were collected. For the provision of the website, this is the case when the session ends. The log files are kept directly accessible to administrators only for […, up to a maximum of 24 hours]. Afterwards, they are only indirectly available through the reconstruction of backup tapes and are permanently deleted after […, up to a maximum of four weeks].
3. Rights of data subjects
a. Right of access
You may request information pursuant to Article 15 GDPR about your personal data that we process.
b. Right to object:
You have the right to object for reasons arising from your particular situation (see section II).
c. Right to rectification
If the information concerning you is not (or is no longer) accurate, you may request rectification pursuant to Article 16 GDPR. If your data are incomplete, you may request completion.
d. Right to erasure
You may request the deletion of your personal data in accordance with Article 17 GDPR.
e. Right to restriction of processing
Under Article 18 GDPR, you have the right to request the restriction of the processing of your personal data.
f. Right to lodge a complaint
If you believe that the processing of your personal data violates data protection law, you have the right under Article 77(1) GDPR to lodge a complaint with a supervisory authority of your choice. This also includes the supervisory authority responsible for the controller: Independent Data Protection Center Saarland, https://www.datenschutz.saarland.de/online-dienste/beschwerde-kontrollanregung.
g. Right to data portability
If the conditions of Article 20(1) GDPR are met, you have the right to receive data that we process automatically on the basis of your consent or in fulfillment of a contract, or to have them transmitted to third parties. The collection of data for the provision of the website and the storage of log files are necessary for the operation of the website. They are therefore not based on consent under Article 6(1)(a) GDPR or on a contract under Article 6(1)(b) GDPR but are justified under Article 6(1)(f) GDPR. Therefore, the conditions of Article 20(1) GDPR are not met in this regard.
II. Right to object in accordance with Article 21(1) GDPR
You have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data based on Article 6(1)(f) GDPR. The controller will then no longer process the personal data unless compelling legitimate grounds for the processing can be demonstrated which override the interests, rights, and freedoms of the data subject, or the processing serves the establishment, exercise, or defense of legal claims. The collection of data for the provision of the website and the storage of log files are essential for the operation of the website.