As you use this website, personal data about you will be processed by us as the data controller and stored for as long as necessary to fulfill the specified purposes and legal obligations. Below, we inform you about the types of data involved, how they are processed, and what rights you have in this regard.
Personal data, as defined in Art. 4 No. 1 of the General Data Protection Regulation (GDPR), refers to any information relating to an identified or identifiable natural person.
2 Name and Contact Information of the Controller and the Corporate Data Protection Officer
3 Processing Personal Data and Purposes of Data Processing
10 Timeliness and Amendments to this Data Protection Information
This privacy information applies to the data processing on the website https://www.ibp.fraunhofer.de of Fraunhofer-Institut für Bauphysik, which refers to this privacy information.
Fraunhofer-Gesellschaft
for the Advancement of Applied Research e.V.
Hansastraße 27 c
80686 Munich
for its
Fraunhofer-Institut für Bauphysik IBP
Nobelstraße 12
70569 Stuttgart
(hereinafter Fraunhofer-IBP)
The data protection officer of Fraunhofer can be reached at the above address in Munich, for the attention of: Data Protection Officer or at datenschutz@zv.fraunhofer.de. You can contact our data protection officer directly at any time with questions regarding data protection law or your rights as a data subject.
Alternatively, our contact person für Datenschutzfragen is available at website@ibp.fraunhofer.de.
When you access our website and retrieve its content, temporary data is stored that may allow identification. The browser used on your device automatically sends the information to the server of our website. The following data is collected:
The temporary storage of data is necessary for establishing the connection and the course of a website visit so that we can provide you with the content on our website.
Further storage in log files occurs to ensure the functionality of the website, the security of the information technology systems, and to enable the uninterrupted provision of our website as well as to track any unlawful attacks if necessary.
If technical data from your device is processed to enable access to our website, this is done because such data is required in accordance with § 25 para. 1 no. 2 TDDDG.
The storage of the IP address is done anonymously by removing the last block of characters.
We regularly offer events of various kinds on our website for which you can register online.
As part of the registration for an event, certain mandatory information must be provided. These typically include:
Any additional mandatory information is marked as such (e.g., with *). Furthermore, additional information can often be provided voluntarily.
The processing of mandatory information is carried out in order to identify you as a participant in the event, to reserve your participation spot, and to establish or execute the contract for participation with you, as well as to provide you with information about the event before, during, and after the event to enable optimal participation and to allow us to plan and ensure a smooth process. If we collect your payment information for paid events, we need this for billing the participation fee. Providing voluntary data allows us to plan and conduct the event in line with interests.
Data processing occurs at your request and is necessary for fulfilling the participant contract and for pre-contractual measures in accordance with Art. 6 Abs. 1 S. 1 lit. b DSGVO for the stated purposes.
The personal data we collect for the event will be stored by us for a period of 6 months, unless you have consented to a longer storage period in accordance with Art. 6 Abs. 1 S. 1 lit. a DSGVO.
In the context of event registration through our web forms, we work with the service provider Mailingwork GmbH, Birkenweg 7, 09569 Oederan ("Mailingwork"). The purpose of the collaboration is the professional management of online registrations. The entered data is stored on the servers of Mailingwork in Germany.
We have concluded a data processing agreement with Mailingwork. Through this agreement, Mailingwork assures that they process the data on our behalf in accordance with the General Data Protection Regulation and ensure the protection of the rights of the affected individuals.
To document the event visually, photos and videos will be taken. It cannot be ruled out that you may be identified directly or indirectly in the recordings, making it personal data.
The recordings are created for Fraunhofer and used for news directly related to the event and for internal and external reporting by and through Fraunhofer.
Furthermore, the recordings will be published for follow-up reporting on our media platforms such as LinkedIn, Instagram, YouTube, Xing or our website. This processing is particularly necessary to document our event and promote future events.
The data processing is based on Art. 6 Abs. 1 S. 1 lit. f DSGVO. The stated purposes are legitimate interests within the meaning of the mentioned regulation.
The recordings will be stored for 3 Jahre.
If you have explicitly consented in accordance with Art. 6 Abs. 1 S. 1 lit. a DSGVO, we will use your e-mail address to regularly send you selected information that informs you about the work at our institute and/or other institutions and/or events of the Fraunhofer Society. The topics and contents of the selected information are determined by the distribution list you have signed up for.
For receiving the newsletter, we collect the following mandatory information:
We need your name and title to personally address you in our newsletter.
You can voluntarily provide additional information about yourself (e.g., address and phone number). We use this data to contact you by phone or post (e.g., for press invitations).
After your registration, you will receive a registration notification by e-mail, which you must confirm to receive the newsletter (so-called Double Opt-In). This serves as proof that the registration was indeed initiated by you.
Unsubscribing is possible at any time, e.g., via a link at the end of each newsletter. Alternatively, you can also send your unsubscribe request at any time to website@ibp.fraunhofer.de via e-mail or unsubscribe via the following link: https://www.fraunhofer.de/de/fraunhofer-newsletter-abmeldung.html.
Your e-mail address will be deleted immediately after you withdraw your consent to receive the newsletter.
We send our newsletter using the provider Mailingwork GmbH, Birkenweg 7, 09569 Oederan ("Mailingwork"). The e-mail addresses of our newsletter recipients are stored on the servers of Mailingwork in Germany on our behalf.
Mailingwork uses this information to send and evaluate the newsletters on our behalf. We have signed a data processing agreement with Mailingwork for this purpose. Through this agreement, Mailingwork assures that they process the data in accordance with the General Data Protection Regulation and ensure the protection of the rights of the affected individuals.
Mailingwork assures that personal data is comprehensively protected against unauthorized access. Mailingwork does not use the data of our newsletter recipients to contact them directly or pass the data on to third parties. As a reputable e-mail sender, Mailingwork is also certified by the Certified Senders Alliance.
If we pass on personal data collected through the website to processors, we will inform you about this in this privacy notice for each data processing procedure, naming the specific recipient.
Otherwise, we will only share your personal data if
The data passed on may only be used by the recipients for the stated purposes.
We use the LeadLab service from Wiredminds GmbH on our website, along with its tracking pixel technology, to analyze user behavior and optimize our site accordingly. In particular, the service allows us to identify which companies have visited our site. We do not receive any information that directly identifies you.
In connection with the use of LeadLab, cookies and tracking pixels are employed, enabling a statistical analysis of the use of this website through your visits. The information is processed by Wiredminds using a pseudonym in a usage profile for analysis purposes and is anonymized whenever possible.
The data obtained in this way will not be used to personally identify you without your separate consent, and the data will not be merged with personal data about you as the holder of the pseudonym.
If IP addresses are collected, they will be anonymized immediately after collection by deleting the last block of numbers.
Information on data protection at Wiredminds can be found on the company's website at https://www.wiredminds.de/datenschutz/.
The data processing is based on our legitimate interest according to Art. 6 Abs. 1 S. 1 lit. f GDPR for the purpose of optimizing our online offerings and our web presence. Wiredminds processes the data on our behalf based on a data processing agreement between us and Wiredminds. This ensures that the data processing on our behalf is carried out in accordance with the General Data Protection Regulation while ensuring the protection of the rights of the data subjects.
We use so-called social media buttons (also social media plugins) on our website. These are small buttons that allow you to publish content from our website on social networks under your profile.
If you activate such a button, a connection will be established between our website and the social network. In addition to the relevant content, the operator of the social network receives further information, some of which may be personal. This includes the fact that you are currently visiting our site.
The integration of the social media buttons is done using the so-called Shariff solution. This solution prevents a connection to a social network from being established simply by visiting a page with a social media button without activating it. This means that information is only transmitted to the social network when you activate the button.
We use the following social media plugins:
Information is sometimes transmitted to other NEW WORK companies and to external partners of NEW WORK, which may be located outside the European Union. NEW WORK uses standard contractual clauses approved by the European Commission or other appropriate safeguards according to Art. 46 GDPR and relies on adequacy decisions issued by the European Commission regarding certain countries as well as your consent.
For the purpose and scope of data collection and the further processing and use of the data by NEW WORK, as well as your related rights and options for protecting your privacy, please refer to the privacy policy of XING at https://www.xing.com/privacy.
Information is sometimes transmitted to the parent company LinkedIn Corporation, based in the USA, to other LinkedIn companies, and to external partners of LinkedIn, which may be located outside the European Union. LinkedIn uses standard contractual clauses approved by the European Commission for this purpose.
For more information on data protection at LinkedIn, please refer to their privacy policy at https://www.linkedin.com/legal/privacy-policy.
Information is sometimes transmitted to the parent company Facebook Inc., based in the USA, to other Facebook companies, and to external partners of Facebook, which may be located outside the European Union. Facebook uses standard contractual clauses approved by the European Commission and relies on adequacy decisions issued by the European Commission regarding certain countries.
For the purpose and scope of data collection and the further processing and use of the data by Facebook, as well as your related rights and options for protecting your privacy, please refer to Instagram's privacy policy at https://help.instagram.com/519522125107875.
We integrate components (videos) from the video portal YouTube of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: "Google") on our websites. The implementation is based on Art. 6 Abs. 1 S. 1 lit. f GDPR, with our interest being the smooth integration of the videos and the appealing design of our website.
The integration is done using a solution that prevents a connection to Google from being established just because you visit a page with an embedded video without activating the video. This means that information is only transmitted to Google when you click on the video to watch it.
Information is sometimes transmitted to the parent company Google Inc., based in the USA, to other Google companies, and to external partners of Google, which may be located outside the European Union. Google uses standard contractual clauses approved by the European Commission and relies on adequacy decisions issued by the European Commission regarding certain countries.
For more information on data protection in connection with YouTube, please refer to Google's privacy policy at https://policies.google.com/privacy/.
You have the right to:
• According to Article 7(3) of the GDPR, withdraw your consent at any time. This means that we
may no longer continue processing the data based on that consent in the future;
• According to Article 15 of the GDPR, request information about your personal data processed
by us. In particular, you can request information about the purposes of processing, the category of personal
data, the categories of recipients to whom your data has been disclosed or will be disclosed, the planned
storage duration, the existence of the right to rectification, erasure, restriction of processing, or objection,
the existence of a right to lodge a complaint, the origin of your data, if not collected by us, as well as the
existence of automated decision-making including profiling and, if applicable, meaningful information about its
details;
• According to Article 16 of the GDPR, request the immediate rectification of inaccurate or
completion of your personal data stored with us;
• According to Article 17 of the GDPR, request the erasure of your personal data stored with
us, unless processing is necessary for exercising the right to freedom of expression and information, for
compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise, or
defense of legal claims;
• According to Article 18 of the GDPR, request the restriction of processing of your personal
data, as long as you contest the accuracy of the data, processing is unlawful, but you oppose erasure, and we no
longer need the data, but you need it for the establishment, exercise, or defense of legal claims or you have
objected to processing according to Article 21 of the GDPR;
• According to Article 20 of the GDPR, receive your personal data provided to us in a
structured, commonly used, and machine-readable format or request the transfer to another controller;
• According to Article 77 of the GDPR, lodge a complaint with a supervisory authority. In
general, you can contact the supervisory authority of your usual residence or workplace or our association's
registered office for this purpose.
Information about your right to object under Article 21 of the GDPR
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, which is based on Article 6(1)(e) of the GDPR (processing in the public interest) and Article 6(1)(f) of the GDPR (processing based on legitimate interests); this also applies to profiling based on this provision as per Article 4(4) of the GDPR.
If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing is necessary for the establishment, exercise, or defense of legal claims.
If your objection is directed against the processing of data for direct marketing purposes, we will cease processing immediately. In this case, it is not necessary to specify a particular situation. This also applies to profiling insofar as it is related to such direct marketing.
If you wish to exercise your right to object, it is sufficient to send an email to datenschutzkoordination@zv.fraunhofer.de.
All your personal data are transmitted in encrypted format, using the widely used and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard that is also used, for instance, in online banking. You will recognize a secure TLS connection by the additional s after http (i.e., https://...) in the address bar of your browser or by the lock icon in the bottom part of your browser window.
In all other regards, we use suitable technical and organizational security measures to protect your data against accidental or intentional manipulations, partial or complete loss, destruction, or the unauthorized access of third parties. We continuously improve our security measures in accordance with the state of the art.
The further development of our website and the products and services offered or changed due to statutory or regulatory requirements, respectively, may make it necessary to amend this data protection information. You may access and print out the latest data protection information at any time from our website.