Data Protection

The European Intellectual Property Institutes Network (hereinafter EIPIN) takes the protection of personal data very seriously. EIPIN processes personal data collected from visitors to the eipin.org website in accordance with the data protection regulations in force. Your data is neither published nor communicated to third parties without authorisation. The following explains how your data is recorded during your visit to the eipin.org website and exactly how it is used.

 

A. General information

1. Extent of data processing
As a matter of principle, EIPIN only records and uses users’ personal data to the extent necessary for the provision of an operational website and its contents and services. The users’ personal data are as a rule recorded and used after the users have given their consent. One exception is where statutory provisions permit the data to be processed.

2. Legal basis for data processing
If the processing is necessary to safeguard the legitimate interests of EIPIN or a third party, and if these interests are not overridden by the interests and fundamental rights and freedoms of the data subject, the legal basis is Article 6(1)(f) of the Regulation.

3. Deletion of data and period of storage
The data subject’s personal data are deleted or blocked once the purpose of the storage ceases to apply. The data may also be stored if this is laid down by the European or national legislatures in decrees, statutes or other regulations under European law that apply to EIPIN. The data is also blocked or deleted if a storage period laid down by the said regulations expires, unless the data must continue to be stored for the purpose of the conclusion or performance of a contract.

4. Controller’s contact details
Responsibility within the meaning of the GDPR and other national data protection legislation and other data protection provisions lies with the

Max Planck Society for the Advancement of Science
(Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V. (MPG)
Hofgartenstrasse 8
D-80539 Munich
Telephone: +49 89 2108-0
Contact form: www.mpg.de/kontakt/anfragen
Internet: www.mpg.de

5. Data protection officer’s contact details
The controller’s data protection officer is

Heidi Schuster
Hofgartenstrasse 8
D-80539 Munich
Telephone: +49 89 2108-1554
Conatkt: datenschutz[at]mpg.de

 

B. Provision of the website and creation of logfiles

Whenever our website is accessed, our servers and applications record automated data and information from the accessing computer’s system.
The following data are temporarily recorded:

  • Your IP address
  • Date and time of your access to the page
  • Address of the page accessed
  • Address of the website just visited (referrer)
  • Name and version of your browser/operating system (if communicated)

 

The data are stored in our system logfiles. These data are not stored together with the user’s other personal data.
The legal basis for the temporary storage of the data and the logfiles is Article 6(1)(f) of the GDPR. The data are stored in logfiles to ensure the operability of the website. In addition, the data help us to optimise the web pages, to eliminate faults and to ensure the security of our information system technology. These purposes also constitute our legitimate interest in the data processing in accordance with Article 6(1)(f) of the Regulation.
The data are deleted once they are no longer necessary to achieve the purpose for which they were recorded. Where data are recorded in order to make the website available, they are deleted at the end of the session in question. Where the data are stored in logfiles, they are deleted at the latest after seven days. A longer storage is possible, but in this case users’ IP addresses are deleted or distorted so that the accessing client can no longer be identified.
The recording of data for the provision of the website and the storage of data in logfiles is essential for the operation of the website. Hence the user cannot object to this recording.

 

C. Data communication

Your personal data will only be communicated to State institutions and authorities in the cases required by law and/or for the purpose of prosecuting offences due to attacks on our network infrastructure. Data will not be communicated to third parties for any other purpose.

 

D. Data subjects’ rights

As a data subject whose personal data are recorded within the framework of the above-mentioned services, you have the following rights as a matter of principle, unless statutory exceptions apply in the specific case:

  • Access (Article 15 GDPR)
  • Rectification (Article 16 GDPR)
  • Erasure (Article 17(1) GDPR)
  • Restriction of processing (Article 18 GDPR)
  • Data portability (Article 20 GDPR)
  • Right to object to processing (Article 21 GDPR)

Right to lodge a complaint with a supervisory authority (Article 77 GDPR). For the MPG, this is the Bayerische Landesamt für Datenschutzaufsicht (Bavarian State Office for Data Protection Supervision), PO Box 606, 91511 Ansbach.