The project team is pleased to welcome you to our website. Data protection and data security when using our website are very important to us. We would therefore like to provide you with information about which of your personal data we collect when you visit our website and the purposes for which this data is used.
The controller within the meaning of the EU General Data Protection Regulation (GDPR) and other national data protection laws of Member States, as well as other data protection provisions, is:
Assoc. Prof. Dr. Eva-Maria Graf
9020 Klagenfurt am Wörthersee
Personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, your age, your address, your telephone number, your date of birth, your email address, your IP address and user behaviour. Information that cannot be connected to you personally (or would require disproportionate effort to do so), e.g. on account of the anonymisation of the information, is not defined as personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission of said data) always requires a legal basis or your consent.
Processed personal data is deleted as soon as the purpose of processing has been achieved and there are no longer any statutory retention obligations that must be observed.
Where we process your personal data in order to provide certain offers, we have provided information on the specific operations, scope and purpose of the data processing, the legal basis and the applicable storage duration in the following.
Nature and scope of data processing
When you visit and use our website, we collect the personal data that your browser automatically sends to our server. This information is stored temporarily in a log file. When you use our website, we collect the following data, which we require for technical reasons in order to deliver our website to you and to ensure stability and security:
- IP address of the accessing computer
- date and time of access
- name and URL of file accessed
- data volume transferred
- notification of whether retrieval was successful
- identification data of the accessing browser and the operating system
- website from which our website was accessed.
Art. 6 (1) (f) GDPR serves as the legal basis for the specified data processing. The processing of the specified data is required in order to provide a website and is thus in the legitimate interests of our company.
As soon as the specified data is no longer required to deliver the website, it is deleted. The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, the user has no opt-out option. The data may be stored for longer than this period in individual cases if required by law.
We will only pass on your personal data to third parties if:
- you have given your express consent for us to do so in accordance with Art. 6 (1) (1) (a) GDPR
- this is permitted by law and required in accordance with Art. 6 (1) (1) (b) GDPR in order to carry out a contractual relationship with you
- there is a legal obligation to do so in accordance with Art. 6 (1) (1) (c) GDPR
- the disclosure is necessary in accordance with Art. 6 (1) (1) (f) GDPR for the purposes of legitimate company interests, or to establish, exercise or defend legal claims, and there is no reason to believe that you have an overriding legitimate interest in your data not being disclosed.
We maintain an online presence within social networks and platforms in order to communicate with the customers, interested parties and users who are active in these networks and platforms and to provide these parties with information about our services there. When accessing the relevant networks and platforms, the terms and conditions and data processing guidelines of the operators of these networks and platforms apply.
Integration of third-party services and content
Within our website, on the basis of our legitimate interests (i.e. interest in the analysis, optimisation and cost-effective operation of our website within the meaning of Art. 6 (1) (f) GDPR), we use content and service offers of third parties in order to integrate their content and services, such as videos or fonts (hereinafter collectively referred to as “content”).
This always requires that the third-party providers of this content are able to access users’ IP addresses because otherwise they cannot send the content to users’ browsers. The IP address is therefore required in order to display this content. We endeavour to only use content where the providers of the content concerned use the IP address solely for the purposes of delivering the content. Third-party providers may also use pixel tags (hidden graphics, also known as web beacons) for statistical or marketing purposes. Information such as visitor traffic on the pages of this website can be analysed using the pixel tags. The pseudonymous information may also be stored in cookies on the user’s device and may contain information such as technical information on the browser and operating system, referring websites, time of visit and other information on the use of our website. The pseudonymous information may also be combined with such information from other sources.
- Google Maps
- Use of Facebook social plugins
On the basis of our legitimate interests (i.e. interest in the analysis, optimisation and cost-effective operation of our website within the meaning of Art. 6(1)(f) GDPR), we use social plugins (“plugins”) provided by the social network facebook.com, which is run by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”). The plugins can represent interactive elements or content (e.g. videos, graphics or text) and can be identified by one of the Facebook logos (white “f” on blue tile, the “Like” term or a “thumbs up” icon) or by the text “Facebook Social Plugin”. The list and appearance of Facebook social plugins can be viewed here: https://developers.facebook.com/docs/plugins/.
If users access a function of this website that contains such a plugin, the user’s device will establish a direct connection to the Facebook servers. The content of the plugin is sent directly to the user’s device by Facebook and then integrated into the website by the device. Usage profiles of users may be created from the processed data during this process. We therefore have no influence over the scope of the data that Facebook collects via this plugin and provide users with information based on our knowledge.
Through the integration of the plugins, Facebook receives the information that a user has visited the relevant page on the website. If the user is logged into Facebook, Facebook can link the visit to the user’s Facebook account. If users interact with the plugins, for example clicking the “Like” button or adding a comment, the user’s device sends the relevant information directly to Facebook, where it is then stored. If users are not members of Facebook, it is still possible that Facebook may find out and store the user’s IP address. According to Facebook, only anonymised IP addresses are stored in Germany.
If users are members of Facebook and do not want Facebook to collect data about them via this website and link it to their member data stored by Facebook, they will need to log out of Facebook and delete their cookies before visiting our website. Other settings and options for opting out of the use of data for advertising purposes are available in the Facebook profile settings: https://www.facebook.com/settings?tab=ads or via the US site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. The settings are platform independent, meaning that they are configured for all devices, including desktop computers and mobile devices.
- How to prevent collected data being linked to you
If you do not want Facebook to link the data collected via our website directly to your Facebook profile, you will need to log out of Facebook before visiting our website. You can also prevent Facebook plugins from loading at all by means of add-ons for your browser, e.g.
a. for Mozilla Firefox: addons.mozilla.org/firefox/addon/facebook-blocker/
b. for Opera: addons.opera.com/extensions/details/facebook-blocker/
c. for Chrome: https://chrome.google.com/webstore/ [search for “Facebook Blocker”]
If you do not want Google or Twitter, for instance, to link the data collected via our website directly to your profile on YouTube (Google) or Twitter, you will need to log out of YouTube (Google) or Twitter before visiting our website. You can also prevent Google/Twitter plugins from loading at all by means of add-ons for your browser, e.g. with the script blocker NoScript (noscript.net).
Our website includes hyperlinks to websites provided by other parties. When you click on one of these hyperlinks, you are forwarded from our website directly to the website of the other provider. You can tell this has happened by the fact that the URL changes, among other things. We cannot accept any responsibility for the confidential handling of your data on these third-party websites because we have no influence over whether these companies comply with data protection regulations. For information on how these companies handle your personal data, please refer directly to the websites concerned.
As an individual affected by the processing of personal data, you have the following rights under the GDPR:
In accordance with Art. 15 GDPR, you may obtain information about your personal data that is being processed by us. In particular, you may obtain information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been or will be disclosed, the envisaged storage duration, the existence of a right to rectification, erasure and the restriction of processing and the right to object, the existence of the right to lodge a complaint, the source of your data if we did not collect it ourselves, any transmission to third countries or international organisations, and the existence of automated decision-making, including profiling, and meaningful information about the details thereof where applicable.
In accordance with Art. 16 GDPR, you may obtain the rectification of inaccurate personal data concerning you that is stored by us or the completion of such data without undue delay.
In accordance with Art. 17 GDPR, you may obtain the erasure of personal data concerning you that is stored by us provided that the processing is not necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.
In accordance with Art. 18 GDPR, you may obtain the restriction of the processing of your personal data where you contest the accuracy of the data, where the processing is unlawful, or where we no longer require the data but you oppose the erasure of the data because you need it to establish, exercise or defend legal claims. You are also entitled to the right specified in Art. 18 GDPR if you have objected to the processing in accordance with Art. 21 GDPR.
In accordance with Art. 20 GDPR, you may receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or have this data transmitted to another controller.
In accordance with Art. 7(3) GDPR, you may withdraw the consent that you have given to us at any time. If you do this, we will not be able to continue the data processing based on this consent in the future.
In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority. To do this, you can usually contact the supervisory authority for your habitual residence or place of work or the supervisory authority for our registered office. In Austria, the supervisory authority is the Austrian Data Protection Authority: Datenschutzbehörde, Wickenburggasse 8, 1080 Vienna, Austria, tel.: +43 1 52 152-0, email: dsb [at] dsb.gv.at, website: dsb.gv.at.
In the case of the processing of your personal data for the purposes of legitimate interests in accordance with Art. 6(1)(1)(f) GDPR, you have the right, in accordance with Art. 21 GDPR, to object to the processing of your personal data if there are grounds to do so in relation to your particular situation or if the objection is to direct marketing. In the case of direct marketing, you have a general right to object that we will implement without a particular situation being specified.
We are committed to protecting your privacy and treating your personal data as confidential. To prevent any manipulation, loss or misuse of your personal data that we store, we implement extensive technical and organisational security measures that are reviewed on a regular basis and adapted in accordance with technological developments. These measures include the use of recognised encryption methods (TLS).However, due to the structure of the internet, the data protection regulations and the security measures specified above may not be observed by other persons or institutions outside of our area of responsibility. In particular, data disclosed in unencrypted form (data sent via email) may be read by third parties. We do not have any influence over this from a technical perspective. It is the responsibility of the users to protect the data that they provide against misuse by means of encryption or by other means.