At a glance


The Max Planck Digital Library (MPDL) attaches great importance to the protection and security of personal data. In doing so, we comply with the relevant provisions of data protection laws, in particular the EU General Data Protection Regulation (GDPR), the German Federal Data Protection Act (BDSG) and the German Telecommunications and Telemedia Data Protection Act (TTDSG).

In the following, we would like to inform you about the use of your data when visiting our websites and inform you about your options as well as your rights under the data protection laws.

General notes and mandatory information

Data controller


Responsible party for the processing of your data is:

Max Planck Digital Library
Landsberger Straße 346
80687 München

Phone: +49 89 909 311-0
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

as institution of the registered association

Max-Planck-Gesellschaft zur Förderung der Wissenschaften e.V.
Hofgartenstr. 8
80539 Munich, Germany
(hereinafter referred to as Max Planck Society)
Registry of associations no. VR 13378 B
Competent county court: Amtsgericht Berlin-Charlottenburg

Data protection officer (DPO)

The data protection officer of the Max Planck Society can be reached by email:
This email address is being protected from spambots. You need JavaScript enabled to view it. or by phone: +49 89 2108-1554.

Description and scope of data processing

Provision of the website and log files

 

Each time you visit our website, our system (the web server) automatically collects information from the system of your calling computer or terminal.

The following data is collected by us:

  • Type, used version and language of the browser
  • Operating system and user interface of the device
  • Internet service provider (ISP)
  • IP address
  • Date and time of access
  • Time zone difference to Greenwich Mean Time (GMT)
  • previous website from which the user reached our website (referrer URL)

a) Purpose of data processing

The temporary storage of this data by our system is necessary to enable delivery of the website to your device. For this purpose, in particular the IP address of the used device must necessarily remain stored for the duration of the session. The storage of the above data in so-called log files is done to ensure the functionality of our website. In addition, we use this data to optimize the website and to ensure the security of our information technology systems (e.g. for attack detection).

b) Legal basis

The legal basis for the temporary storage of the data and the log files is Art. 6 (1) (f) GDPR (legitimate interests of us as website operators in the secure, trouble-free and legally compliant provision of the website).

c) Duration of storage

The above data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

In the case of storage of data in log files, this is the case after 14 days at the latest. Storage beyond this period is possible. In this case, the IP address of the user is deleted or alienated by us, so that an assignment of the calling client is no longer possible and the data contained no longer have any personal reference.

Session cookies


In order to guarantee certain functions in some areas of our websites, it is technically necessary to use so-called session cookies. These are data records (character strings) that are temporarily stored on your terminal device.

a) Purpose of data processing

The purpose of setting session cookies is to recognize a calling browser even after a page change. The data is not used to enable an analysis of the behavior of users.

b) Legal basis

The legal basis for the storage of session cookies is Art. 6 (1) (f) GDPR in conjunction with § 25 (2) No. 2 TTDSG (our legitimate interest in providing certain functions on our websites).

c) Duration of storage

Session cookies are deleted again when the browser is closed.

Email

We can be contacted via the email addresses provided. In this case, the personal data of the sender transmitted with the request (in any case, the e-mail address) will be stored together with the content of the message.

a) Purpose of data processing

The processing of this personal data serves us to process the content of the communication.

b) Legal basis

The legal basis for the processing of this data, which is transmitted in the course of sending an inquiry, is Art. 6 (1) (f) GDPR (legitimate, similar interest of us as the controlling party in communicating with the person transmitting the message).

If the request is aimed at the conclusion or fulfillment of a contract, the legal basis is Art. 6 (1) (b) GDPR (fulfillment of a contract or pre-contractual measures for this).

c) Duration of storage

The above data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For personal data sent via e-mail, this is the case when the respective conversation with the user has ended. As a rule, the conversation is ended when it can be inferred from the circumstances that the relevant facts have been conclusively clarified. In the case of the preparation or execution of contracts, longer retention periods may result from legal (e.g. tax law) requirements.

d) Right to object

As a user, you have the possibility at any time to object to the data processing with effect for the future on one of the contact channels mentioned under section II. 1.
In this case, all personal data stored in the course of contacting us will be deleted immediately, unless there are legal retention periods or other legal reasons to the contrary.

Analysis of our website (Matomo)

We use the open source web analytics service Matomo (formerly Piwik).

a) Purpose of data processing

We use Matomo to analyse the use of our website and to make regular improvements. The statistics obtained enable us to optimise our offer and make it more interesting for you as a user.

Each time our website is accessed, our system collects the following data and information from the computer system of the accessing computer:

- IP address, anonymised by shortening
- Two cookies to distinguish between different visitors (pk_id and pk_sess)
- Previously visited URL (referrer), if transmitted by the browser
- Name and version of the operating system
- Name, version and language setting of the browser

Additionally, if JavaScript is enabled

- URLs visited on this website
- Time of page views
- Type of HTML requests
- Screen resolution and colour depth
- Techniques and formats supported by the browser (e.g. cookies, Java, Flash, PDF)

The data is stored and analysed exclusively on a central server operated by the MPG.

Only anonymised data is stored and used with Matomo technology.
The IP addresses are anonymised immediately after processing and before they are stored. They do not allow identification of visitors to this website. As a matter of principle, your data will not be passed on to third parties. Matomo uses cookies. The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to a website and is not merged with personal data about the bearer of the pseudonym.

b) Legal basis

The legal basis for the use of Matomo is Art. 6 (1) (a) GDPR (your consent, which you have declared via our consent banner). You can revoke this consent at any time with effect for the future.

c) Duration of storage

The data is usually stored for 30 days and deleted after the final annual totals have been calculated for the access statistics.

d) Revocation of consent

Of course, you have the possibility to revoke your consent to this data collection with effect for the future. Data that has already been lawfully collected up to the time of revocation of consent is not affected by this.

You have the following option to prevent data collection by the central server:

- Activate the "Do-Not-Track" or "Do not follow" setting in your browser. As long as this setting is active, our central Matomo server will not store any data from you. Important: The Do-Not-Track statement usually only applies to the one device and browser in which you activate the setting. If you use several devices/browsers, you must activate Do-Not-Track separately for each.

Your rights


According to the General Data Protection Regulation (GDPR), you have the right:

- to request information about your personal data processed by us pursuant to Art. 15 GDPR. This includes, among other things, the processing purposes, the categories of personal data, the categories of recipients of the data, the planned storage period, the origin of your data, as well as about the existence of automated decision-making, including profiling;

- pursuant to Art. 16 GDPR, to request the correction of incorrect or completion of your personal data stored by us

- pursuant to Art. 17 GDPR, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims

- in accordance with Art. 18 GDPR, to request the restriction of the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful and you refuse the erasure of your data, as well as in cases where we no longer need your data but you need it to enforce legal claims. Restriction of processing will also be carried out if you have objected to the processing but it has not yet been determined whether our legitimate interests override yours

- pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller

- in accordance with Art. 7 (3) GDPR, to revoke any consent given to us at any time. The legality of the data processing carried out until the revocation remains unaffected by the revocation

- PURSUANT TO ART. 21 GDPR THE RIGHT TO OBJECT
If the data processing is carried out on the basis of Art. 6 (1) (e) or (f) GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis on which processing is based can be found in this privacy policy. If you object, we will no longer process your personal data concerned unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims (objection under Article 21(1) GDPR)

If your personal data is processed for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing; this also applies to profiling, insofar as it is related to such direct marketing. If you object, your personal data will subsequently no longer be used for the purpose of direct marketing (objection pursuant to Art. 21 (2) GDPR)

- complain to a supervisory authority in accordance with Art. 77 GDPR. If you believe that we have not sufficiently complied with your rights and our obligations under data protection laws, you have the right to lodge a complaint with any data protection authority in the European Union.