Data security
The protection of your personal data is important to us. On this page you will find out in our Privacy Protection Statement what we do for data protection and what your rights are.
§ 1 Information on the collection of personal data
(a) In the following we provide information about the collection of personal data when using our website or other services. Personal data are all data that are personally identifiable to you, e.g. name, address, e-mail address and – with your consent - user behavior.
(b) The Kiel Institute for the World Economy, Kiellinie 66, 24105 Kiel, Germany, info@ifw-kiel.de (see our Legal Notice) is responsible according to Art. 4 Sect. 7 EU General Data Protection Regulation (GDPR). You can reach our data protection officer at: datenschutz@ifw-kiel.de or at our postal address with the addition "The Data Protection Officer".
§ 2 Collection of personal data when visiting our website
(a) When using the website for information purposes only, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which are technically necessary for us to present our website to you, to guarantee stability and security and to perform the task assigned to us in accordance with our statutes the knowledge transfer to the interested public. (legal basis is Art. 3 Sect 1 LDSG Schleswig-Holstein; Art. 6 Sect. 1 lit e GDPR):
- IP address
- date and time of the request
- Content of the request (specific page)
- Access status/HTTP status code
- the amount of data transferred in each case
- Website from which the request originates
- Browser software, including language and version
- Operating system and its interface
(b) We store this data in so-called server log files. We neither pass on this data nor do we merge it with other data sources. We need this data in order to be able to analyze errors or track illegal use. This interest justifies the storage of the IP address that cannot easily be personalized by us for 180 days.
§ 3 Further processing of personal data and their deletion
(a) On the legal basis of Art. 3 Sect. 1 LDSG and Art. 6 Sect. 1 lit. e GDPR we process generally accessible contact data, which we have included in our mailing list after a targeted and conscientious search. We inform these contacts exclusively about our work and events, in order to fulfill our public statutory mandate and purpose. A transfer of the data to third parties or a use for commercial purposes does not take place.
However, we use service providers for the operation of this website or for our mailing services. In doing so, it is possible that the service provider obtains knowledge of personal data. To protect your data, we conclude the legally necessary contracts with these service providers and take the measures required by data protection law.
(b) Processing and storage of this data will only take place for the period required to achieve the purpose of storage and in accordance with the General Data Protection Regulation and the federal state regulations. Upon achievement of the purpose, the data will be deleted in accordance with the law.
§ 4 Use of cookies
In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk in the browser you use and through which certain information flows to the place that sets the cookie (here by us). Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective.
This website uses the following types of cookies:
- Necessary cookies: These are technically necessary session cookies that are mandatory for the function of our website. They are deleted when the browser is closed. The name is "fe_typo_user", the cookie is needed to generate a honeypot field on websites with forms, this is used for SPAM prevention, e.g. by bots.
- Website statistics: Our website uses the open source web analysis service Matomo. Matomo is operated on one of our servers. Matomo generates two cookies (_pk_id.##### and _pk_ses.####). If you agree to accept cookies, the data generated by the cookie about your use of our website will be stored on our server together with additional usage data. These statistics serve us to improve the usability of the website and the usefulness of its contents. We keep these statistics for several years. To protect your identity, the second half of your IP address is omitted when saving. These data cannot be assigned to specific persons.
We request your consent to accept cookies when you visit the website (legal basis is Art. 6 Sect. 1 lit. a GDPR). If you agree, your consent will be stored as a cookie (cookienote) in the browser program of your device for one year.
You can configure your browser settings according to your wishes and, for example, refuse the acceptance of third-party cookies or all cookies. Please note that you may not be able to use all functions of this website.
§ 5 Contacting us
When you contact us by e-mail or via a contact form, the data you provide in the form will be stored by us in the mail program of the responsible employee in order to be able to enter into dialogue with you. When contacting us by e-mail, we assume your consent so that we can reply to you (legal basis is Art. 6 Sect. 1 S. 1 lit. a GDPR). We delete the data arising in this context after the storage is no longer necessary, or limit the processing if statutory retention obligations exist.
§ 6 Third-Party Supplier
We maintain profile pages on several social media platforms. We have no knowledge of the content of the data transmitted during the use of these platforms and their use by the operators and do not receive any information about this. Further information on this can be found in the data protection declarations of the operators linked below.
Our website also contains links that activate the functions of individual social networks. If you click on one of these links, a direct connection is established between your browser and the social network, even if you do not leave our website. The social network server receives the information that you have visited our website with your IP address. If you click such a link while logged in to the relevant service, your visit to our pages may be associated with your user account at that service. You can prevent this by logging out of the corresponding account before clicking the link.
The services we use:
Facebook, Instagram & Threads
Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Irland
Data privacy policy: https://www.facebook.com/privacy/explanation (Facebook)
Data privacy policy: https://help.instagram.com/519522125107875 (Instagram)
Data privacy policy: https://help.instagram.com/515230437301944 (Threads)
Joint processing agreement: https://www.facebook.com/legal/terms/page_controller_addendum
Information on page insights data can be found here: https://www.facebook.com/legal/terms/information_about_page_insights_data
LinkedIn Inc.
505 N Mathilda Ave, Sunnyvale, CA 94085, USA
Data privacy policy: http://www.linkedin.com/legal/privacy-policy
X Corp.
1355 Market Street, Suite 900 San Francisco, CA 94103, USA
Data privacy policy: http://twitter.com/privacy
XING AG
Dammtorstraße 29- 32, 20354 Hamburg, Deutschland
Data privacy policy: http://www.xing.com/app/share?op=data_protection
YouTube LLC und GoogleMaps
901 Cherry Ave., San Bruno, CA 94066, USA
Data privacy policy: www.google.de/intl/de/policies/privacy
23 degrees GmbH
Westbahnstraße 7/20, 1070 Wien, Österreich
Data privacy policy: https://app.23degrees.io/privacy-policy
§ 7 Further functions and services
In addition to the purely informational use of our website, we offer various services that you can use if interested, such as subscription to our newsletter. In some cases, we use external service providers to process your data. These have been carefully selected by us, commissioned and committed to confidentiality and are bound by our instructions. We do not sell or rent your personal data.
a. Mailing lists
At various places you can actively subscribe to one of our mailing lists, which we use to inform you about our current work or our events. In the registration forms, we partly use the reCAPTCHA service from Google for security reasons to protect our website from cyber-attacks.
For registrations, we use the double-opt-in procedure of the service provider Brevo. This means that after your registration, we will send you an e-mail to the e-mail address you provided, in which we ask you to confirm that you want the requested information to be sent. Only when you confirm your registration, your e-mail address will be stored by us. In addition, we process your IP address used, the time of registration and confirmation and, if applicable, opening and click rates of our mailings.
The mandatory fields in our subscription forms are marked. The provision of further data is voluntary and is used to tailor our offers more specifically to you. Even in the forms where your name is not required, we recommend that you provide this information so that we can address you personally and thus increase your protection against possible forged e-mails. After your confirmation, we store the data provided for the purpose of sending the mailing (Legal basis is Art. 6 para. 1 p. 1 lit. a DSGVO). You can revoke your consent to the sending of the information at any time, unsubscribe and have your e-mail deleted from the subscription. You can declare the revocation by clicking on the link provided in each subscription email.
b. Online Meetings, Conference Calls and Webinars
We use the tools "Zoom", "Cisco WebEx", which is provided via the systems of Telekom Deutschland GmbH and "Microsoft Teams" to conduct conference calls, online meetings, video conferences and/or webinars. „Zoom“ is a service provided by Zoom Video Communications Inc. based in the USA. "Cisco WebEx" is a service provided by Cisco Systems Inc. Technology Suites based in the USA. Microsoft Teams is a service of the Microsoft-Corporation based in the USA.
Thus, a processing of personal data takes place in non-European third countries. An adequate level of data protection is guaranteed by the conclusion of the so-called EU standard contractual clauses (Commission Implementing Decision 2021/914).
The Kiel Institute is thus responsible for data processing directly related to the conduct of online meetings.
Note: If you access the service providers website, the provider is responsible for data processing. However, you only need to access the website in order to download the software.
Which data are processed?
Various types of data are processed when using the service providers. The extent of the data also depends on what data you provide before or during participation in an "online meeting".
Information about the user: first name, last name, telephone (optional), email address, password (if "Single-Sign-On" is not used), profile picture (optional), department (optional).
Meeting metadata: topic, description (optional), participant IP addresses, device/hardware information.
For recordings (optional): MP4 file of all video, audio and presentation recordings, M4A file of all audio recordings, text file of the online meeting chat.
When dialing in by telephone: Information about the incoming and outgoing phone number, country name, start and end time are registered. If necessary, further connection data such as the IP address of the device can be saved.
Text, audio and video data:You may be able to use the chat, question or survey functions in an "online meeting". To this extent, the text entries you make are processed in order to display and, if necessary, log them in the "online meeting". In order to enable the display of video and the playback of audio, the data from the microphone of your device and from any video camera of the device will be processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time using applications.
In order to participate in an "online meeting", you must at least provide information about your name in order to enter the "meeting room".
Scope of processing
We use the service providers to conduct online meetings. If we want to record online meetings, we will inform you transparently in advance and – if necessary – will ask for your consent. The fact of the recording is also displayed in the app.
If it is necessary for the purposes of recording the results of an online meeting, we will log the chat content. However, this will usually not be the case.
In the case of webinars, we may also process the questions asked by webinar participants for the purpose of recording and follow-up of webinars.
If you are registered as a user at the service providers, reports of online meetings (meeting metadata, data on telephone dial-in, questions and answers in webinars, survey function in webinars) can be stored for up to one month by the service providers.
The possibility of software-based "attention tracking" in "online meeting" tools is deactivated.
Legal basis for data processing
For participants in "online meetings" - insofar as the meetings take place within the framework of contractual relationships - Art. 6 para. 1 lit. b) GDPR is the legal basis for data processing.
If there is no contractual relationship, the legal basis is Art. 6 Para. 1 lit. e) DSG-VO, § 3 para. 1 LDSG. Here, we also need the effective implementation of "online meetings" in order to fulfill our statutory tasks.
Personal data that are processed in the context of attending "online meetings" are not passed on to third parties, unless they are explicitly intended to be passed on.
c. Events and CO2 balancing
Registration for events
When registering for events, you will be asked for the data required to achieve the purpose of the event. You can also voluntarily enter additional data. The voluntary information also includes the possible input fields for greenhouse gas balancing. Once the purpose (participation in the event) has been achieved, the data will be deleted in accordance with the statutory provisions. As far as the data for greenhouse gas balancing is concerned, this is stored anonymously immediately after the event has taken place. The data will not be passed on to third parties or used for commercial purposes. You can obtain information about your data at any time and request its release, deletion or correction (see § 8 of our data protection information).
Photography/filming
During events organized by the Institute, we take photos and films for our public relations work in online and print media, including social media channels, and in individual cases pass them on to third parties for reporting purposes. The recordings will be deleted as soon as they have fulfilled the purpose for our public relations and documentation work (Legal basis Art. 6 para. 1 lit. e), § 3 para. 1 LDSG SH). If you do not wish to be photographed, please inform one of our local employees.
§ 8 Your rights
(a) You have the following rights towards us with regard to personal data concerning you:
- Right to information,
- Right to correction or deletion,
- Right to limitation of processing,
- Right of opposition to the processing,
- Right to data transferability.
(b) If you have given your consent to the processing of your data, you have the right to revoke this at any time. Such a cancellation affects the permissibility of processing your personal data for the future.
(c) You also have the right to complain to the responsible data protection supervisory authority, e.g. Unabhängiges Landeszentrum für Datenschutz (Independent National Centre for Data Protection) at www.datenschutzzentrum.de about our processing of your personal data.
(d) You can inform us about your objection under the following contact data: info@ifw-kiel.de or datenschutz@ifw-kiel.de.
If you have any further questions about our data protection and the processing of your data, please contact our data protection team: datenschutz@ifw-kiel.de
You can also contact our data protection officer directly: dsb@ifw-kiel.de