Privacy Policy
DLR takes the protection of personal data very seriously. We want you to know when we
store data, which types of data are stored and how it is used. As an incorporated
entity under German civil law, we are subject to the provisions of the
EU General Data Protection Regulation (GDPR) (refer to https://gdpr-info.eu/),
the Federal Data Protection Act (BDSG) and the Telemedia Act (TMG). We have taken
technical and organisational measures to ensure our compliance and the compliance of
external service providers with the data protection regulation.
This website uses SSL - that is, TLS encryption - in order to protect the transfer
of personal data and other confidential information (for example, orders or enquiries
sent to the controller). A connection is encrypted if you see the character sequence
'https://' and the padlock icon in your browser's address bar.
I. Name and address of the controller
The controller in the meaning of the General Data Protection Regulation,
other national data protection laws in the Member States and related data protection regulations is:
Deutsches Zentrum für Luft- und Raumfahrt e. V. (DLR)
Linder Höhe
51147 Cologne
Telephone: +49 2203 601-0
Email: datenschutz@dlr.de
WWW: https://www.dlr.de
The controller's appointed data protection officer is:
Der/die Datenschutzbeauftragte, Deutsches Zentrum für Luft- und Raumfahrt e. V., Linder Höhe, 51147 Cologne
Email: datenschutz@dlr.de
II. General information on data processing
We process personal data concerning our users exclusively to the extent
required to provide a functioning website, as well as our content and
services. Ordinarily, we will only process the personal data of our
users after obtaining their consent. An exception to this rule is where
obtaining prior consent is factually impossible and the processing of
the data is permitted by law.
The personal data of the data subject will be deleted or blocked as soon
as the purpose of storage no longer applies. In addition, storage takes
place if authorised by Union or Member State directives, laws or other
regulations to which the controller is subject. Blocking or deletion of
the data shall also take place when a storage period stipulated by one
of the above standards comes to an end, except where it is necessary to
continue storing the data to enter into or perform a contract.
II.1 Provision of the website and log files
a) Description and scope of data processing
Our system automatically collects data and information from the accessing computer system each time our website is visited.
The following data is collected in this context:
- Source IP address of accessing system
- Date and time
- Browser version and operating system of accessing system
- Web address from which the accessing system arrives on our website (referrer URL)
- Requested web address of our server
Furthermore other similar data and information that is used to protect
against risks in the case of attacks on our Information Technology
systems.
The data is also stored in log files kept on our system. This data is
not stored together with other personal data concerning the user.
b) Legal grounds for data processing
The legal grounds for temporary storage of the data and log files are
set out in Art. 6, paragraph 1, part (f) of the EU General Data
Protection Regulation (GDPR).
c) Purpose of data processing
Temporary storage of the IP address by our system is necessary to
deliver the website to the computer of the user. For this purpose, the
source IP address of the request must be stored for the duration of the
session.
Storage in log files takes place to ensure functionality of the website.
In addition, the data is used to optimise the website and to ensure
security of our Information Technology systems. Data analysis for
marketing purposes does not take place in this context.
d) Duration of storage
The data is deleted as soon as it is no longer needed for the purpose
for which it was collected. In the case of data collection for the
provision of this website, this applies at the end of each session.
In the case of data stored in log files, this occurs after no longer
than seven days. Further storage is possible; in these cases, the IP
addresses
are deleted or pseudonymised to prevent any association with the
accessing client or user.
e) Right to objection and removal
The collection of data for the provision of our website and the storage
of data in log files is crucial to operation of the website.
Hence, users are not granted a right to object.
II.2 Contact form and email contact
a) Description and scope of data processing
A few of our web pages provides contact forms.
The data entered in the input screen will be transferred to us and stored. This applies to the following data:
- First name
- Family name
- Email address
The following data is stored additionally when sending a message:
- IP address of the user
- Date and time of submission
Your consent for data processing will be obtained, and you will be referred to this Privacy Notice during the sending process.
Alternatively, it is possible to contact us using the email address
provided. The personal data of the user transferred with the email will
be stored in this case.
The data is not transferred to third parties in this context. The data is used exclusively for processing the correspondence.
b) Legal basis for data processing
The legal basis for processing of the data in the event that consent has
been received from the user is set out in Art. 6, paragraph 1, part (a)
of the EU General Data Protection Regulation (GDPR).
The legal basis for processing of the data sent to us by email is set
out in Art. 6, paragraph 1, part (f) of the GDPR. Where email contact is
established with the intention of entering into a contract, additional
legal bases for the processing are set out in Art. 6, paragraph 1, part
(b) of the GDPR.
c) Purpose of data processing
We use the personal data you provide in the contact form exclusively to
process your enquiry. In the case of contact by email, this represents
our necessary, legitimate interest in data processing.
Any other personal data that is processed when you send us the contact
form is used to prevent abuse of the contact form and to protect the
security of our Information Technology systems.
d) Duration of storage
The data is deleted as soon as it is no longer needed for the purpose
for which it was collected. For personal data entered in the input
screen of the contact form and personal data sent to us by email, this
is the case when correspondence with the user has come to an end. A
conversation has come to an end when the circumstances indicate that the
relevant matter has been dealt with definitively.
Any additional personal data collected during the sending process will be deleted after a maximum of seven days.
e) Right to objection and removal
The user is entitled to revoke their consent to the processing of
personal data at any time. The user may object to the processing of
personal data at any time by contacting datenschutz@dlr.de.
Correspondence will be discontinued in these cases.
All personal data stored in connection with contacting us will be deleted in this case.
II.3 Registration to events
a) Description and scope of data processing
Some web pages of this web server provides registration forms for events.
Beside the provided form field content (name, email address, ...)
date and time are saved.
b) Legal grounds for data processing
The legal basis for processing of the data is set out in Art. 6, paragraph 1,
part (a), (b) and (f) of the EU General Data Protection Regulation (GDPR).
c) Purpose of data processing
The data is used for the realisation of the event, eg. room planning, ordering of meals,
reservations for excursions, participants list.
The registration data are made available to the event organisation committee.
The members of the committee are listed on the event web pages
and have often international provenance.
The registration data can be used afterwards to inform about succeeding events
or scientific events with similar topics.
Your consent for possible data uses will be obtained at registration and is optional.
d) Duration of storage
Deletion of registration data happen after 3-5 years after the event.
e) Right to objection and removal
Over the given contact address of the organiser of the event, data can be
corrected or requested to be removed.
II.4 Use of cookies
a) Description and scope of data processing
Only a few parts of our website uses cookies. Cookies are text files
placed on the user's computer system by a browser and stored there.
We use technically necessary cookies to improve our website's user friendliness. Some elements
on our website make it necessary to recognise the accessing browser when moving from page to page
(eg. for login).
b) Legal basis for data processing
The legal grounds for the processing of personal data using technically
necessary cookies are set out in Art. 6, paragraph 1, part (f) of the EU
General Data Protection Regulation (GDPR).
c) Purpose of data processing
Technically necessary cookies are used to make our website user
friendly. Some functions on our website cannot be provided without the
use of cookies, as they require that the browser is recognised when
moving from page to page.
The user data collected with technically necessary cookies is not used to produce user profiles.
d) Duration of storage
Cookies have an expire date an are removed after expiration by the internet browser.
technically necessary cookies are implemented as session cookies, which are removed when closing the browser.
e) Right to objection and removal
You can change the settings of your Internet browser to disable or
restrict the transfer of cookies at any time. Cookies that have already
been placed on your computer can be deleted at any time.
III. Rights of the data subject
Where personal data concerning you is processed, you are the data
subject as defined in the EU General Data Protection Regulation (GDPR)
and you have the following rights with respect to the controller:
- Right to information
- Right to correction
- Right to limit processing
- Right to deletion
- Right to notification
- Right to data portability
- Right to object
- Right to withdraw consent pursuant to Art. 7, paragraph 3 of the GDPR
- Right to lodge a complaint with a supervisory authority
This rights are independent from the services of this web server. Please see details
at https://www.dlr.de/Privacy, Section
"Rights of the data subject".
Impressum / Imprint - Datenschutzerklärung / Privacy Policy