Privacy Policy at DIW Berlin

We take your privacy very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations and this privacy policy. The following information will give you an overview of how we process your personal data and your rights in regards to data protection.

1. Who is responsible for processing data and who can I contact?

The body responsible for data protection is the:

German Institute for Economic Research e.V. (DIW Berlin)
Mohrenstraße 58, 10117 Berlin, Germany
Phone: +49 30 897 89 0
Fax: +49 30 897 89 200
Website: www.diw.de/en
E-Mail: datenschutzfragen@diw.de

Our data security officer is Thorsten Ritter.

DIW Berlin's data security officer—personal

Thorsten Ritter
agentia wirtschaftsdienst
Budapester Straße 31, 10787 Berlin
Phone: +49 30 2196 4390
Fax: +49 30 2196 4393

E-Mail: thorsten.ritter@agentia.de

2. Who does this data privacy statement apply to?

This data privacy statement applies to the visitors of our website, including the visitors who subscribe to our newsletter and other publications such as datasets, those who want to register for our events or sign a contract with us, those who apply for a job at our institute, and tenderers (or their employees) participating in tender procedures.

3. Information for visitors to our site

Usage-related data

Every time our website is accessed, our system automatically collects data and information from the accessing computer. This information is temporarily saved in a log file. The following information will be collected automatically and stored until automated deletion:

  • The IP address of the requesting client
  • Date and time of access
  • HTTP requests sent by the client
  • HTTP status code the webserver sent back
  • Size of the object returned to the client by our web server
  • Referrer URL
  • User agent (can contain information about the operating system and browser used)

The legal basis for storing this data is Article 6(1)(f) of the General Data Protection Regulation (GDPR). We have a legitimate interest in storing this data as we require it to guarantee and maintain the operational reliability of our system. We do not use the data to create personal user profiles. The data will be deleted after seven days.

Use of cookies

You can prevent the use of cookies by adjusting your browser settings. You may then no longer be able to use certain functions.

a) Session cookies

In order for you to use password-protected areas and formulas, we use session cookies, which are deleted when you close your browser. Session cookies do not collect or store personal data.

b) Persistent cookies

aa) Favorites list

We use persistent cookies so that you are able to use the favorites list.

bb) Web analysis via Matomo

We use the web analysis software Matomo, which also works with cookies. The text files that Matomo stores on your computer allow us to analyze how our website is used. The information these cookies provide us regarding how our website is used are saved on our server. Under no circumstances will we pass this information on to third parties. For your protection, we store the IP address of your computer anonymously (shortened). Matomo cookies remain on your computer until you delete them.

If you do not agree to your data being stored and used, you can deactivate Matomo HERE. In this case, an opt-out cookie is stored in your browser. The opt-out cookie prevents Matomo from providing usage data and us from saving it. Please note that by deleting cookies in your browser settings, you will also delete the Matomo opt-out cookie and you will have to reactivate it the next time you visit our website.

Matomo/ Piwik

4. Use of social media plugins

We have embedded YouTube videos into our website, which are stored at http://www.YouTube.com and can be played directly from our website. These videos are included in “Advanced Privacy Mode,” which means that no user data will be transferred to YouTube if the videos are not played. Data will be sent to YouTube only once you start playing a video. We have no influence on this data transmission.

By playing the video on our website, YouTube receives the information that you have accessed the corresponding subpage of our website and are playing the video. This occurs whether or not you are logged in to a YouTube account. When you are logged in to Google, your information will be directly associated with your account. If you do not want your information associated with your account, you must log out of Google before activating the button. YouTube stores your data as usage profiles and can use them for advertising, market research, and/or for the design of its website according to your needs, for example. The data is evaluated (even for users who are not logged in) in order to provide demand-oriented advertising and to inform other users of the social network about your activities on our website.

Further information on the purpose and scope of data collection and processing by YouTube as well as information on your rights and privacy settings can be found in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy

Google also processes your personal data in the USA.

5. What data privacy rights do users of this website have?

a) According to the General Data Protection Regulation (GDPR) of the European Union, you have the right of access under Article 15, the right to correction under Article 16, the right to deletion under Article 17, the right to restrict processing under Article 18, the right to oppose under Article 21, and the right to data transfer under Article 20.

The enforcement of these rights is subject to the conditions set out in the articles of the GDPR cited and is subject to the legal restrictions set out therein.

b) If you give us your consent to process personal data for certain purposes (such as signing up for the newsletter, registering for events), we will process your data on the basis of this consent. You may revoke your consent at any time. Please note that the revocation does not apply retroactively. Processing that took place before the revocation will not be affected and remains lawful.

c) You have a right of appeal to a data protection supervisory authority (Article 77 of the GDPR in conjunction with Section 19 of the BDSG).

You can find a list of supervisory authorities and their contact information by clicking here (in German).

The data protection supervisory authority responsible for DIW Berlin is the Berliner Beauftragte für Datenschutz und Informationsfreiheit.

6. Information for applicants

DIW Berlin processes applicants’ personal data for the application and selection process to establish an employment relationship. The legal basis is Article 26 of the BDSG. Exclusively employees involved in the application process for the purpose of the selection process will receive application documents.

If DIW Berlin does not hire you, we will delete your application documents five months after we inform you of your rejection. We do not delete the documents immediately upon notification of rejection because we have a legitimate interest in keeping the documents due to legal deadlines. The legal basis is Article 6(1) of the GDPR.

We will only keep documents longer than five months if it has been explicitly agreed upon with the applicant.

Data we request as a part of the application process must be sent to us in order to be considered in the application procedure.

Job applicants also have the data protection rights mentioned in point 5.

7. Information for newsletter subscribers and for those registered to receive press releases

If you would like to subscribe to any newsletters offered on our website, we require your email address so you can receive the newsletter(s) as well as information to confirm that you are the owner of the email account and that you agree to receive the newsletter. Your data will exclusively be used to send you the newsletter and will not be given to third parties.

The data entered in the respective subscription or registration form will be processed on the basis of your consent (pursuant to Article 6(1)(a) of the GDPR). You can revoke your consent at any time. The legality of the data processing already carried out remains unaffected by your revocation. In the event of revocation, we will delete your data unless it is also stored by us for other purposes (e.g., your email addresses for the member area). If that is the case, we will only delete your data if we do not need it for another purpose. We will also deactivate them for the purpose for which you have revoked your consent.

The data you provide to subscribe to the newsletter is required, as you cannot receive the newsletter otherwise.

The data privacy rights listed under point 5 also apply to newsletter subscribers.

8. Information for those registering for events

We save your registration information for event logistics if you register for one of our events on our website. If the event is in coordination with another institution or occurring on behalf of another institution, we will send them your data as well so they can plan and organize the event.

The legal basis for this data processing is Article 6(1)(b) of the GDPR, as well as Article 6(1)(f), as we have a legitimate interest in storing your data and, if necessary, in its transmission to (co-)organizing institutes in order to organize events. Your data will be deleted after the event for which you registered has taken place.

You must provide us with the requested data because you cannot register for events via our website otherwise.

The data privacy rights under point 5 also apply to individuals who register for our events.

9. Information for tenderers in tender procedures

DIW Berlin processes the personal data of bidders or their employees during the tender process exclusively to execute said tender process. The legal bases are Article 6(1)(b), Art. 6(1)(c), and Article 6(1)(f) of the GDPR. At DIW Berlin, only the employees involved in the tender process receive personal data. If the legal requirements are met, we must also submit the tender documents to the responsible authorities, thereby forwarding the bidders’ personal data, to fulfill our legal obligations (e.g., to show accordance with the Minimum Wage Act, the Employee Secondment Act, or the Act to Combat Undeclared Work and Unlawful Employment).

You must provide us with the data requested in order for your offer to be evaluated and considered in the tender process.

We will delete the data immediately after the tender process has ended unless we are obliged by law to store the data until a certain time. In that case, we will delete the data as soon as the retention period has expired.

The data privacy rights under point 5 also apply to bidders or their employees participating in the tender process.

10. Information for users of our social media channels

We maintain an online presence on Facebook, Twitter, and YouTube to communicate with people interested in our research and to inform them about our work. When visiting these websites, your personal data may be processed outside the territory of the European Economic Area, which can mean an increased risk for your data. As a rule, the operators of the aforementioned social media websites process the data of the users for the purposes of market research and advertising and can also create user profiles from your usage behavior. These usage profiles can be used to place targeted advertisements on the Internet platform concerned, but also when visiting other websites. For these purposes, cookies are set by the operators of the platforms which store the usage behavior and the interests of the users.

According to a ruling of the European Court of Justice, the operator of a profile page on Facebook is jointly responsible with Facebook for processing the personal data of users. The processing of the personal data of the users is carried out on the basis of Article 6(1)(f) of the GDPR. We have a legitimate interest in communicating with users. You can find information on data protection policies and opt-out options for the respective providers at the following links:


Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland):
Data policy: https://www.facebook.com/about/privacy/
Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=…
 
Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA):
Privacy policy: https://twitter.com/de/privacy
Opt-Out: https://twitter.com/personalization 
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=…

Youtube
YouTube (YouTube LLC , 901 Cherry Ave, San Bruno, CA 94066 USA – Represented by: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA):
Privacy & Terms:
https://policies.google.com/privacy?hl=en
Opt-Out:
https://policies.google.com/privacy?hl=en&gl=en#infochoices

11. How safe is my data?

To protect the personal data of our website’s users, we use a secure online transmission procedure, the “Secure Socket Layer” (SSL) transmission. All information transmitted using this secure method is encrypted before being sent. Your personal data is processed exclusively on data centers and computers protected by security technologies and standards (e.g. firewalls, password protection, access controls, etc.).

Please use the above-mentioned contact addresses for DIW Berlin or our data protection officer to exercise your rights or if you have any further questions regarding data protection.