The following pertains to the use of this website. As the party responsible for the data processing (controller), we process the personal data collected via our website and store them for the period, which is required to achieve the specified purpose and to comply with the statutory requirements. The following text informs you of the data we collect and the way we process the collected data. We also inform you about on data privacy rights as they pertain to the use of our website.
Pursuant to Article 4 No. 1 GDPR, personal data are all data referring to a specific or identifiable natural person.
1. Name and contact information of the person who signs responsible for the data processing (controller) and of the society’s data protection officer
2. Processing of Personal Data and Purposes of the Data Processing
3. Transfer of Personal Data to Third Parties
5. Web analysis/Tracking
6. Social Plugins
8. Your Rights as Affected Person
9. Information on your Right of Objections according to Article 21 GDPR
10. Data Security
11. Timeliness of the Data and Amendments to this Data Protection Information
This data protection information shall apply to the processing of data on our institute’s website www.igd.fraunhofer.de by the controller, the:
Fraunhofer Gesellschaft zur Förderung der angewandten Forschung e.V.
Hansastrasse 27 c, 80686 München, Germany
On behalf of your Fraunhofer Institute for Computer Graphics Research IGD
(in the following referred to as “Fraunhofer Institute”)
Telephone: +49 6151 155-0
Fax: +49 6151 155-199
You can reach the data protection representative of the Fraunhofer Institute at the above address c/o Data Protection Officer or at email@example.com.
Please feel free to contact the data protection officer directly at any time with your questions concerning your data protection rights and/or your rights as affected person.
a) During your Website Visit
Every time you visit our web pages, our website servers save a protocol of your device accessing our website. This storage is temporary and lasts only until the automated deletion. Our website server saves the following access data until their automated deletion:
- The IP address of the requesting device
- Access date and time
- Name and URL of the accessed data
- The transmitted data volume
The message whether the access was successful
- The used browser and operating system
- Name of the Internet Provider (ISP)
- The referring website (referring URL)
The server processes these data for the following purposes:
- To enable the use of the website (link connection [forward setup])
- Administration of the network infrastructure
- Appropriate technical and organisational measures to ensure IT systems and data security commensurate with the available state of the art technology
- To offer user-friendly service
- To optimize the Internet offering
Legal foundations for the above processing purposes:
- Processing in response to a website visitor according to numbers 1-2 Article 6 para. 1, page1, lit. b (Requirement for compliance with provisions of the website user contract)
- Processing pursuant to numbers 3, Article 6 para. 1, page 1, lit. c GDPR (legal obligation to implement technical and organisational measures to ensure secure data processing according to Article 32 GDPR and Article 6 para. 1, page 1, lit. f GDPR (legitimate interests in data processing for the network and information security) as well as
- Data processing pursuant to numbers 4 – 5, Article 6 para. 1, page1 lit. f GDPR (legitimate interests) - our legitimate interests in the processing of data are based in our desire to offer user-friendly optimised web pages [our legitimate interests also include direct advertising.]
After the specified period of 35 days, our web server automatically deletes the above-mentioned data. To the extent that data are processed longer for purposes according to numbers 2 – 5, we will anonymise or delete the data as soon as their storage no longer serves the respective purpose(s).
b) Visitor Registration for Events
On a regular basis, we invite web visitors to different kinds of events. Our website visitors are able to register online.
In order to register online, our website visitors have to provide required data. These data include
- First and last name
- Email address
Should we request additional required data, we will specifically identify them (using an * for example). In addition, our website users often have the opportunity to volunteer additional information.
We process the required data mostly to identify you as event participant and to reserve a place for you. In addition, we agree with you on the type of event, provide you with information for and after the event and overall ensure that you enjoy your participation and the event proceeds smoothly. The volunteered data help us to plan and organise our events in tune with your interests and age.
We collect the data in response to the enquiries of interested parties. According to Article 6 para. 1, page 1, lit. b GDPR, the data collection is necessary for the mentioned purposes, to perform according to the participation contract and to meet the conditions precedent to entering into the participation contract.
We store data, which we collect in context with registrations to events, for six (6) months providing you did not agree to a longer storage period as outlined in Article 6 para. 1, page 1, lit. a GDPR.
c) Subscriptions to our Newsletter
Only if you explicitly agreed to it pursuant to 6 para. 1, page 1 lit. a GDPR, we will use your email address to send our regular newsletters to you. The newsletters contain information on our institute and other facilities and events of the Fraunhofer Society (Fraunhofer e.V.)
After you have subscribed to our newsletter, we will email a subscription confirmation to you. You must confirm the receipt of this email to receive our newsletter. This procedure is known as double opt-in procedure. For us, your email response serves as confirmation that you are in fact the person who subscribed to our newsletter.
You may opt out of receiving our newsletter at any time. At the end of each newsletter, you will find a link, which makes opting out easy. Alternatively, feel free to express your desire to cancel your subscription by email: firstname.lastname@example.org
Once we have received your cancellation of the newsletter subscription, we will immediately delete your email address from our distribution list.
Except for the aforementioned cases (registration for events, using the ordering service, subscription to a newsletter), we forward your personal data to third parties only if:
- you have given your express consent pursuant to the first sentence of point (a) of Article 6(1) GDPR,
- it is necessary for the performance of a contract with you pursuant to the first sentence of point (b) of Article 6(1) GDPR,
- A statutory obligation exists for transferring pursuant to the first sentence of point (c) of Article 6(1) GDPR.
In the event that personal data is transferred to a third country (outside the EU) or an international organisation, we will provide information accordingly.
We use server-side cookies. Cookies are small files, which are automatically created by the browser of the user device and stored in your device (PC, laptop, tablet, smartphone or similar device) when you visit our website. Cookies do not harm your computer, and they do not contain viruses, Trojans or other malware. Cookies contain information pertaining to the specific device, which accessed our website. However, this does not give us direct knowledge of your identity.
We also use temporary cookies to optimise the user-friendliness of our website. Your device stores these cookies temporarily for a specific time. The next time you visit our website, our server will recognise your device as prior visitor and remembers your settings and preferences. You will not have to enter these parameters again.
The data obtained with the help of cookies serve us to pursue our legitimate interests as website owners and serve the legitimate interests of third parties according to Article 6 para. 1, page 1 lit. f GDPR.
Most browsers accept cookies automatically. However, you are able to configure your browser in such a way that the application does not store cookies on your computer or always shows an alert before storing new cookies. The complete deactivation of cookies may prevent you from using all functions on our website.
On our website, we use the open source service Matomo by InnoCraft Ltd in New Zealand to analyse the activities of our website users and to optimise our website and its content based on this analysis. In the process, we do not receive any information, which identifies our users.
Without your specific permission, we do not use the collected data to identify you personally and will not combine the data with personal data about you under a pseudonym associated with you.
To the extent that we collect IP addresses in our analysis, these addresses are stripped of their last control number block upon collection to anonymise the IP addresses instantly. We delete further personal data stored in the cookie after 13 months.
We process the statistical data based on our legitimate interests in the optimisation of our online offerings and our web presence according to Article 6 para.1 lit. f GDPR.
We use social plug-ins (media buttons) on our website. These are small box-like buttons. Click on them to place the content of our website under your profile in social network sites.
If you click on such a button, a link will be established between our website and the social network to which you subscribe. Aside from the respective content, the social network provider will receive other personal information. This includes the information that you visit our website at that time.
We integrate the following social plug-in on our website:
a) Facebook Ireland Limited: Sharing on Facebook
Information is partly transferred to the parent company Facebook Inc., headquartered in the USA, to other Facebook-companies and external partners of Facebook, each of which may be located outside the European Union. Facebook utilizes standard contractual clauses approved by the European Commission and relies on the European Commission's adequacy decisions about certain countries.
For the purpose and scope of the data collection, further processing and use of the data by Facebook as well as your related rights and configuration options for protecting your private, please refer to the Facebook's privacy notice.
b) Twitter International Company: Sharing on Twitter
Information is partly transferred to the parent company Twitter Inc., headquartered in the USA, to other Twitter-companies and external partners of Twitter, each of which may be located outside the European Union. Twitter utilizes standard contractual clauses approved by the European Commission and relies on your consent.
For more information on data protection on Twitter, please refer to the Twitter privacy statement.
c) Google+ Sharing Google LLC
Google complies with the Data Protection Regulations of “US Privacy Shield” and is registered with the US Privacy Shield Program of the US Department of Trade.
Please find more information on Google data protection in the Google Data Protection Declaration.
d) NEW WORK SE (formerly: XING SE): Sharing on XING
In part, information is transmitted to other NEW WORK-companies and external partners of NEW WORK, each of which may be located outside the European Union. NEW WORK utilizes standard contractual clauses approved by the European Commission or other appropriate safeguards as set forth in article 46 GDPR and relies on the European Commission's adequacy decisions about certain countries as well as your consent.
For the purpose and scope of data collection, further processing and use of data by NEW WORK as well as your related rights and configuration options for protecting your privacy, please refer to the XING's privacy statement.
e) Pinterest Sharing by Pinterest Europe Ltd
Please find more information on Pinterest data protection in the Pinterest Data Protection Statement.
f) LinkedIn Corporation: Sharing on LinkedIn
Information is partly transferred to the parent company LinkedIn Corporation, headquartered in the USA, to other LinkedIn-companies and external partners of LinkedIn, each of which may be located outside the European Union. LinkedIn utilizes standard contractual clauses approved by the European Commission.
For more information on data protection on LinkedIn, please refer to the LinkedIn privacy statement.
We embed components (videos) of the video hosting service “YouTube” of the company Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter “Google”) in our websites. We use components (videos) of YouTube, LLC, 901 Cherry Ave., 94066 San Bruno, CA, USA (hereinafter “YouTube”), a company of Google Inc., Amphitheatre Parkway, Mountain View CA 94043, USA, (hereinafter “Google”) on our websites. The implementation is based on Art. 6 (1) lit. f GDPR; our legitimate interest in this case is the smooth integration of the videos and the attractive design of our website.
We use the option of "privacy-enhanced mode” provided by Google.
When you access a page containing an embedded video, a connection to the Google servers is established and the contents are displayed on the Internet page through a notification to your browser.
Pursuant to Google specifications, in the “extended data protection mode” your data - especially which of our Internet pages you have visited as well as device-specific information including the IP address - is sent to the Google servers in the US only when you view the video. By clicking on the video, you give your consent to this transfer.
If you are simultaneously logged on to Google, this information is assigned to your Google member account. You may prevent this by logging out of your member account before visiting our website.
In part, information is transmitted to the parent company Google Inc., headquartered in the USA, to other Google-companies and external partners of Google, each of which may be located outside the European Union. Google utilizes standard contractual clauses approved by the European Commission and relies on the European Commission's adequacy decisions about certain countries.
For more information on data protection in connection with YouTube, please refer to the data protection regulations of Google.
You have the right:
- pursuant to Article 7(3) GDPR, to withdraw the consent given to us at any time. This means that in future we may no longer continue to process the data as based on this consent;
- pursuant to Article 15 GDPR, to obtain information about your personal data processed by us. More particularly, you may obtain information about the purpose of processing, the category of the personal data, the categories of recipients, to whom your data has been or is disclosed to, the storage period planned, the existence of a right to request from the controller rectification , erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the source of your data if it has not been collected by us, as well as about the existence of automated decision-making including profiling and, if applicable, significant information about its details;
- pursuant to Article 16 GDPR, to obtain the rectification of inaccurate personal data without undue delay or the completion of your personal data stored with us;
- pursuant to Article 17 GDPR, to obtain the erasure of your personal data stored with us unless processing is necessary to exercise the right to freedom of expression and information, for compliance with a legal obligation , for reasons of public interest, or to establish, exercise or defend legal claims;
- pursuant to Article 18 GDPR, to obtain the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful but you deny its erasure and we no longer need the data while you still require it for establishing, exercising or defending legal claims or if you have objected to processing pursuant to Article 21 GDPR;
- pursuant to Article 20 GDPR, to receive your personal data that you have provided to us, in a structured, commonly used and machine-readable format or to obtain the transmission to another data controller and
- pursuant to Article 77 GDPR, to lodge a complaint with a supervisory authority. For this, you may normally contact the supervisory authority of your habitual residence or workplace or our company headquarters.
You have the right to object, on grounds relating from your particular situation, at any time to processing of your personal data, which is based on point (e) of Article 6(1) GDPR (data processing for the performance of a task carried out in the public interest) and on point (f) of Article 6(1) GDPR (data processing for the purposes of the legitimate interests); this is also applicable to profiling pursuant to Article 4(4) GDPR based on this regulation.
If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless processing serves the establishment, exercise or defence of legal claims. If your objection is directed against the processing of data for the purpose of direct marketing, we will stop the processing immediately. In this case, citing a special situation is not necessary. This is also applicable to profiling, insofar as it is related to such direct marketing.
If you wish to make use of your right to object, please send an email to email@example.com.
All your personal data is transferred in an encoded manner using the widely used and secure TLS (Transport Layer Security) encryption standard. TLS is a secure and proven standard that is also used for online banking, for instance. You will recognise a secure TLS connection by the additional s after http (i.e., https://..) in the address bar of your browser or from the lock icon in the lower part of your browser, among other things.
Besides, we use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously being improved as the technology advances.
This data protection information as amended in January 2020 is currently applicable.
It may become necessary to change this data protection information due to the further development of our website and its offers or on account of amended legal or official requirements. You may always access and print the latest data protection information on the website at