I. Name and Address of the Persons Responsible
The following persons are responsible for the project in accordance with the General Data Protection Regulation as well as all other national and international data security laws and regulations:
Prof Dr Marietta Horster
Arbeitsbereich Alte Geschichte
Johannes Gutenberg-Universität Mainz
Tel. +49(0)6131 39-22751
E-Mail: horster (at) uni-mainz.de
Prof Dr Andrea Rapp
Fachgebiet Germanistik – Computerphilologie und Mediävistik
Institut für Sprach- und Literaturwissenschaft
Technische Universität Darmstadt
Tel. +49(0)6151 16-57408
E-Mail: rapp (at) linglit.tu-darmstadt.de
Prof Dr Sven Pagel
Professur für Wirtschaftsinformatik und Medienmanagement
Tel. +49(0)6131 628-3287
E-Mail: sven.pagel (at) hs-mainz.de
II. General Information on Data Processing
1. Extent of the Processing of Personal Data
We process user-related data only if it is necessary to run our website and to provide our contents and services. The processing of user-related data is only carried out after users have agreed. Exceptions are made in cases when the agreement cannot be obtained previously due to factual reasons and the processing of the data is permitted through legal provisions.
2. Legal Basis for the Processing of Personalised Data
If we ask for an agreement of the respective persons concerning the processing procedures of personalised data, art. 6 par. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis. Regarding the processing of personalised data needed to fulfil a contract involving the person concerned, art. 6 par. 1 lit. b GDPR serves as the legal basis. The same applies to processing procedures that are necessary to carry out pre-contract measures. If processing personalised data is necessary to fulfil a legal obligation of our company, art. 6 par. 1 lit. c GDPR serves as the legal basis. If vital interests of the persons concerned or another natural person makes the processing of personal data necessary, art. 6 par. 1 lit. d GDPR serves as the legal basis. If the processing is necessary to protect a justified interest of our project or of a third party and if the interests, fundamental rights and fundamental freedoms of the person concerned do not outweigh the interests previously mentioned, art. 6 par. 1 lit. f GDPR serves as the legal basis for the processing.
3. Deletion of Data and Storage Period
The personalised data of the persons concerned will be deleted or the access to them will be blocked as soon as there is no more reason to store them. They can, however, be stored for a longer period, if it is intended by European or national legislation in Union law or regulations or in other provisions, which the person responsible is subjected to. The blocking of access to or the deletion of the data is also carried out at the time of expiration of the storage period prescribed by one of the standards mentioned above, unless it is necessary to further store the data for concluding or maintaining a contract.
III. Provision of the Website and Creation of Logfiles
1. Description and Extent of Data Processing
Our system automatically collects data and information about the computer systems used by persons visiting our website. The following data is collected during this process:
(1) Information about the web browser and the respective version installed
(2) The operating system used by the visitor
(3) The internet service provider of the visitor
(4) The IP address of the visitor
(5) Date and time of the visit
(6) The websites from which the user was forwarded to our website
(7) The websites to which the user is forwarded from our website
This data is stored in the logfiles of our system as well. The data is, however, not saved together with the other personalised data of the user.
2. Legal Basis for the Data Processing
The legal basis for the temporary storage of the data and logfiles is art. 6 par. 1 lit. f GDPR.
3. Purpose of the Data Processing
The temporary storage of IP addresses by our system is necessary to transmit our website to the users’ computers. To ensure this, the IP address must be stored for the duration of the session. The data is stored in logfiles to ensure that our website functions as intended. The data also helps to optimise our website and to ensure the security of our IT systems. The data is not analysed for marketing purposes.
These purposes justify our interest in data processing according to art. 6 par. 1 lit. f GDPR.
4. Duration of Data Storage
The data is deleted as soon as it is no longer required for achieving the purposes it was collected for. In case the data is collected to ensure the website’s functionality, it is deleted at the end of the respective session. If the data is saved in logfiles, it is deleted after seven days at the latest. Data may be stored beyond this time span. In this case, the IP addresses of the users are deleted or anonymised, making it impossible to match the visiting user to the IP address.
5. Possibility to Object or to Remove the Data
The collection of data to ensure the website’s functionality and the storage of data in logfiles is necessary to run the website. Thus, users are not able to object to these conditions.
IV. Use of the Content of Third-Party Providers
1. Description and Extent of the Data Processing
Some of our contributions contain content of third-party providers. This is due to scripts that are embedded in our website and that receive and display their content directly from the respective third-party providers. In this case, your system stands in direct contact to the system of the third-party provider. During this process, personalised data might be collected. The description, extent and duration of the storage of processed data and information on the possibilities to object or to have the data removed is to be taken from the privacy statements of the third-party providers.
We use content of the following third-party providers:
2. Purpose of the Data Processing
The process described above is necessary to provide content coming from the systems of third parties. Further information is to be taken from the privacy statements of the respective third-party providers. The persons responsible have a justified interest in making content of third-party providers accessible over their own website, as this process is necessary to undertake their editorial activity.
Moreover, the persons responsible are interested in providing the users of their website with their own editorial content, which is only accessible through systems of third-party providers. Embedding content of third-party providers is only user-friendly option to fulfil this purpose.
3. Legal Basis
The legal basis for the processing date for the purpose of providing third-party content is art. 6 par. 1. Lit. f GDPR.