Information to be provided pursuant to Art. 12, 13 et seq. of the GDPR
1. Name and Address of Controller
Your contact and the controller within the meaning of the General Data Protection Regulation of the European Union ("GDPR"), national data protection laws of the member states, and other data protection regulations is:
ifo Institute – Leibniz Institute for Economic Research at the University of Munich
Poschingerstr. 5
81679 München
(hereinafter referred to as "we", "us", "our" or "ifo Institute").
2. Name and Address of Data Protection Officer
The protection of your personal data is of great importance to the ifo Institute – Leibniz Institute for Economic Research at the University of Munich. To demonstrate our commitment to protecting your personal data, we have commissioned a consulting firm specialising in data protection and security to handle these important issues. Our data protection officer is part of a team of highly experienced professionals at our consulting firm. The firm that provides us with consulting services is:
Legaltech GmbH
Augustaanlage 32
68165 Mannheim
https://www.schutz-von-daten.de/
If you have any questions concerning data protection and data security at the ifo Institute, please contact our data protection officer Legaltech GmbH directly:
Email: datenschutz@ifo.de
Tel.: +49 621 43179339
3. General Information on Data Processing
3a. Scope of Personal Data Processing
As a matter of principle, we will only process your personal data to the extent that is necessary to provide our services. Any processing of your personal data is, as a rule, subject to your prior consent, except in cases where prior consent cannot be obtained for factual reasons or the processing of your personal data is permitted by law.
3b. Legal Basis for Processing Personal Data
In cases where we seek your consent to process personal data, the legal basis for doing so is set out in Art. 6(1)(a) of the GDPR.
In cases where we process personal data in the execution of a contract between you and us, the legal basis for doing so is set out in Art. 6(1)(b) of the GDPR. This also applies to processing operations necessary for the implementation of pre-contractual measures.
In cases where personal data must be processed to comply with a legal obligation that we are subject to, the legal basis for doing so is set out in Art. 6(1)(c) of the GDPR.
In cases where your vital interests, or those of another natural person, require the processing of personal data, the legal basis for doing so is set out in Art. 6(1)(d) of the GDPR.
In cases where the processing of personal data is necessary for the purposes of the legitimate interests pursued by us or a third party and those interests are not overridden by your interests, fundamental rights and freedoms, the legal basis for doing so is set out in Art. 6(1)(f) of the GDPR.
3c. Deletion and Storage Period
Your personal data will be deleted or blocked if they are no longer required for the purposes for which they were stored or otherwise processed. In addition, data may be stored to meet the legal obligations stipulated by the European or national legislator in EU regulations, laws or other standards that we are subject to. Data will also be blocked or deleted if the storage period stipulated in the above-mentioned regulations, laws or standards expires unless longer storage is necessary for the purpose of entering into or performing a contract.
4. Website Provision and Creation of Log Files
4a. Legal Basis for Data Processing
The legal basis for processing your personal data in the context of website provision and the creation of log files is set out in Art. 6(1)(f) of the GDPR.
4b. Purpose of Data Processing
The temporary storage of your personal data is necessary to enable us to deliver the website to your computer. To this end, your personal data need to be stored for the duration of the session.
Your personal data are stored in log files to ensure the operability of the website. We also use your personal data to optimise our website and safeguard the security of our information technology systems. In this context we will not analyse your personal data for marketing purposes.
The above is necessary for the purposes of the legitimate interests pursued by us referred to in Art. 6(1)(f) of the GDPR.
4c. Storage Period
Your personal data will be deleted once they are no longer required for the purposes for which they were collected or otherwise processed. In cases where your personal data are collected for the purpose of providing the website, they will be deleted each time a session ends.
If personal data are stored in log files, they will be deleted after fourteen days at the latest. In some cases data may be stored for a longer period of time, in which case your personal data will be deleted or masked, thus making identification of the requesting client impossible.
4d. Objection, Removal
Recording your personal data for the purpose of providing the website and storing your personal data in log files are essential for the operation of the website. You therefore have no right to raise any objection to these activities.
5. Use of Cookies
When you visit our website, our cookie banner informs you that we use cookies. In the following we would like to inform you about which cookies we use and how you can prevent our cookies from being set.
In order to expand the range of functions of our web offering and to make its use more convenient for you, we use so-called “cookies” on some of our pages, which primarily serve to identify the site visitors or contain information about user activity on the web pages. Cookies are small text files that are stored on your computer. Some of these cookies are deleted after the browser session ends (so-called session cookies). Other cookies remain on your computer and enable us or our partner companies (third-party cookies) to recognize your browser the next time you visit us (so-called persistent cookies). If cookies are set, they collect and process certain user information to an individual extent, such as browser and location data and IP address values.
5a. Legal Basis for Data Processing
The legal basis for processing your personal data in the context of using cookies required for technical purposes is set out in Art. 6(1)(f) GDPR.
The legal basis for data processing in the context of the use of technically unnecessary cookies is Art. 6(1)(a) GDPR.
5b. Purpose of Data Processing
The use of cookies required for technical purposes is designed to simplify your use of our website. Some features of our website cannot be offered without the use of cookies. For these features it is necessary that your web browser is recognized even after a page change. The user data collected through cookies required for technical purposes will not be used to create user profiles.
Such processing is therefore necessary for the purposes of the legitimate interests pursued by us as referred to in Art. 6(1)(f) GDPR.
The use of technically not necessary cookies serves to further simplify the use of our website and to make it more convenient for you, as well as for the statistical recording and analysis of general usage behaviour based on access data. These cookies are set only with your express consent, which you give by selecting the checkboxes in our cookie banner.
5c. Storage Period
Your personal data will be deleted once they are no longer required for the purposes for which they were collected or otherwise processed; this will particularly be the case when cookies are deactivated. The respective lifetime of the individual cookies can be seen from the list in section 5e.
5d. Objection, Removal
Cookies are stored on your computer and transmitted to our website from your computer. You therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your web browser. You can delete cookies that have already been saved at any time. This can also be done automatically. If you deactivate cookies in your browser settings for our website, you may not be able to fully use all of the website’s features.
6. Web Tracking and Web Analysis by Matomo (formerly PIWIK)
6a. Legal Basis for Data Processing
The legal basis for processing your personal data is set out in Art. 6(1)(f) of the GDPR.
6b. Purpose of Data Processing
Processing your personal data enables us to analyse your surfing patterns. By evaluating the collected data, we are able to compile information on your use of specific components of our website. This helps us to continuously improve our website and its user-friendliness. Such processing is therefore necessary for the purposes of the legitimate interests pursued by us, as referred to in Art. 6(1)(f) of the GDPR. By anonymizing your IP address, your interest in protecting your personal data is sufficiently taken into account.
6c. Storage Period
Your personal data will be deleted once they are no longer required for the above-mentioned purposes. In our case, this will be after 14 days.
6d. Objection, Removal
Cookies are stored on your computer and transmitted to our website from your computer. You therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your internet browser. You can delete cookies that have already been saved at any time. This can also be done automatically. If you deactivate cookies in your browser settings for our website, you may not be able to fully use all features of our website.
More detailed information on the privacy settings of the Matomo software may be found at:
https://matomo.org/docs/privacy/