fortiss data privacy policy

Data protection policy

Responsible party with respect to data protection policies, particularly in terms of the EU General Data Protection Regulation (GDPR), is:

fortiss GmbH
Research Institute of the Free State of Bavaria for software-intensive systems
Guerickestraße 25
80805 München
Deutschland
Tel: +49 89 3603522 0
Fax: +49 89 3603522 50
Email: info@fortiss.org

Your rights

You may exercise your rights at any time by contacting the data protection representative using the aforementioned contact data:

  • Information regarding your personal data that is saved and processed (Art. 15 GDPR) by us.
  • Rectification of inaccurate personal data (Art. 16 GDPR).
  • Deletion (erasure) of your personal data stored by us (Art. 17 GDPR).
  • Restriction of processing, provided that we are not yet permitted to delete your personal data for legal reasons (Art. 18 GDPR).
  • Objection to processing of your personal data (Art. 21 GDPR).
  • Data portability, in the event you have given us your consent to process your personal data or have completed an agreement with us (Art. 20 GDPR).

If you have given us your consent, you may revoke it at any time effective for the future.

You have the right to file a complaint with an oversight organization, such as the responsible authorities in the Bundesland where you reside, or the authorities responsible for fortiss GmbH.

A list of the oversight authorities (for the non-public sector), including address, can be found at:  https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

Collection of general information when visiting our website

Type and purpose of processing

When you access our website, meaning that you do not register or convey information via other means, information of a general nature is automatically collected. This information (server log files) contains the type of web browser, the operating system being used, the domain names of your Internet service provider, your IP address and other similar information.

This information is processed especially for the following purposes:

  • To ensure a trouble-free connection to our website
  • To ensure trouble-free utilization of our website
  • To analyze system security and stability
  • To optimize our website

We do not use your data to draw conclusions about you as a person. When required, we use the data for the purpose of statistical anonymized analysis in order to optimize our Internet presence and the underlying technology.

Legal basis and legitimate interest

Processing occurs pursuant to Art. 6, Paragraph 1 f of the GDPR based on our legitimate interest in the stability and functionality of our website.

Recipients

Recipients of the data are technical service providers who are responsible as third-parties for the operation and maintenance of our website.

Retention duration

The data is deleted as soon as it no longer required for collection purposes. In principle this applies to data, which is used to provide the website, when the respective session has ended.

Mandated or required information

Providing the aforementioned data is neither legally nor contractually required. Without the IP address however, we cannot guarantee the functionality of our website. In addition, individual services may be unavailable or restricted. For this reason, objections are excluded.

Cookies

Like many other websites, we use so-called “cookies”, which are small data files stored by your browser on your end device (personal computer, smartphone, tablet) when you visit our website. You can delete individual cookies or the entire collection of cookies. You also receive information and instructions regarding how these cookies can be deleted or blocked before they are stored. Depending on the browser, you can find the required information under the following links:

Retention duration and cookies used

Provided you give us your consent to use cookies through your browser settings or through your permission, the following cookies could be potentially used by our website:

Name
Purpose
Expiry
Type
Provider
CookieConsent
Saves your consent to use cookies.
1 year
HTML
Website
_pk_id
Is used to store a few details about the user such as a specific visitor ID.
13 months
HTML
Matomo
_pk_ref
Is used to store information about the origin website of the user.
6 months
HTML
Matomo
_pk_ses
Cookie for temporarily storing data about the visit to the website.
30 minutes
HTML
Matomo
_pk_cvar
Cookie for temporarily storing data about the visit to the website.
30 minutes
HTML
Matomo
_pk_hsr
Cookie for temporarily storing data about the visit to the website.
30 minutes
HTML
Matomo

 

Technical cookies

Type and purpose of processing

We use cookies to make our website more user-friendly. Some elements of our website require that the browser be identified, including after switching pages.

The purpose of technical cookies is to simplify website utilization for users. Some functions in our website cannot be offered without the use of cookies. This requires identifying the browser again, including after pages have been switched.

We require cookies for the following applications:

Legal basis and legitimate interest

Processing occurs pursuant to Art. 6, Paragraph 1 f of the GDPR based on our legitimate interest in a user-friendly website design.

Recipients

Recipients of the data are technical service providers who are responsible as third-parties for the operation and maintenance of our website.

Mandated or required information

Providing the aforementioned data is neither legally nor contractually required. Without the IP address however, we cannot guarantee the functionality of our website. In addition, individual services may be unavailable or restricted. For this reason, objections are excluded.

Objections

You can read more about your right to object pursuant to Art. 21 of the GDPR in further sections of this data privacy policy.

 

Non-technical cookies

We also use cookies to better adapt the website offering to the interests of our visitors or in general to improve the website through statistical analysis.

To see which providers utilize cookies, read the information below regarding the viewing, tracking, remarketing and web analysis technologies that are employed.

Legal basis

Processing occurs pursuant to your consent in accordance with Art. 6, Paragraph 1 f of the GDPR.

Recipients

Recipients of the data are technical service providers who are responsible as third-parties for the operation and maintenance of our website.

For other providers, please refer to the information below regarding the viewing, tracking, remarketing and web analysis technologies that are employed.

Third-party transfer

For information regarding third-party transfers, please refer to the list of individual viewing, tracking, remarketing and web analysis providers.

Mandated or required information

You can of course view our website without cookies. Web browsers are normally configured to accept cookies. Generally speaking, you can deactivate cookies at any time by using the browser settings (refer to revocation of consent).

Please note that individual website functions may not work properly if you deactivate cookies.

Revoking your consent

You can revoke your consent at any time by using our cookie consent tool.

Profiling

To see the extent to which the behavior of website visitors with pseudonymized user profiles is analyzed, please refer to the information below regarding the viewing, tracking, remarketing and web analysis technologies that are employed.

Matomo

If you have given your consent, this website employs Matomo (previously Piwik), an open-source software for the statistical analysis of visitor access. Provider of the Matomo software is InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand.

Matomo stores a cookie (text file) in your device which allows your browser to be recognized again. If sub-pages on our website are retrieved, the following information is stored:

  • User’s IP-address, shortened by the last two bytes (anonymized)
  • The sub-page and the time it was retrieved
  • The page from which the use was referred (referrer)
  • Type of browser, plug-ins, operating system and screen resolution used
  • Duration of the visit
  • Pages that are accessed from the sub-page that was retrieved

Matomo is utilized for the purpose of improving the quality of our website and your content. This allows us to learn how the website is used and thus continuously optimize our services.

By anonymizing the IP-address to six digits, we are addressing the concerns of the website visitor in terms of data protection. The data is not used to personally identify the user and is not consolidated with other data. The information created by the cookie regarding your use of the website is not shared with third-parties.

Revoking your consent

You can revoke your consent to store and analyze your data through Matomo at any time by using the link listed below. A so-called opt-out cookie, valid for two years, will be stored in your device. The result is that Matomo will not collect any session data. Please note that the opt-out cookie will be deleted if you delete all cookies.

Further information regarding the Matomo software privacy settings can be found at: https://matomo.org/docs/privacy/.

Although you can also block cookies in your browser settings, please note that you may not have full access to all of the website functions.

Script libraries (Google web fonts)

To ensure that our content is displayed correctly and in a graphically-appealing manner in any browser, we utilize “Google Web Fonts” from Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, (hereafter referred to as Google) to display fonts on our website.

You can find additional information about Google Web Fonts at: https://developers.google.com/fonts/faq and in the Google data privacy policy: https://www.google.com/policies/privacy/.

Embedded YouTube videos

We embed YouTube videos in our website. Provider of the plug-ins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA (hereafter referred to as YouTube). YouTube, LLC is a subsidiary of Google LLC, 1600 Amphitheatre Pkwy, Mountain View, CA 94043, USA (hereafter referred to as Google). When you visit a page with the YouTube plug-in, a connection to YouTube servers is established, during which YouTube is notified which page you are visiting. If you are logged-on to your YouTube account, YouTube can correlate your surfing behavior to you personally. You can prevent this by logging-out from your YouTube account before calling up the video.

Once a YouTube video starts, the provider sets cookies that collect information about the user behavior.

Additional information regarding the purpose and scope of the data collection and processing by YouTube is available through the provider’s data privacy policy, where you can also obtain further information regarding your corresponding rights and setting options for protecting your private sphere. (https://policies.google.com/privacy).

Revoking your consent

The provider does not currently offer a simple opt-out or data transfer blocking. In the event you want to prevent the tracking of your activities on our website, please use the cookie consent tool to revoke your consent for the respective category of cookies, or all non-technical cookies and data transfer.

In this case you may have no, or only limited use of our website.

SSL encryption

To protect your personal data during transfer, we utilize state-of-the-art encryption methods, such as SSL, via HTTPS.

Information regarding your right to object pursuant to Art. 21 of the GDPR

Right to object on a case-by-case basis

You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Art. 6, Paragraph 1 f of the GDPR (data processing on the basis of legitimate interests), including profiling based on these provisions in accordance with Art. 4 of the GDPR.

In this case, we will no longer process your personal data unless we have legitimate grounds for the processing, which override your interests, rights and freedoms of or for the establishment, exercise or defense of legal claims.

Contact for objections

Datenschutzbeauftragter der fortiss GmbH
c/o activeMind AG
Potsdamer Str. 3, 80802 München
Tel.: +49 (0)89 - 91 92 94 900
datenschutzbeauftragter@fortiss.org

Changes to our data privacy policy

We reserve the right to modify this data privacy policy to ensure that it always complies with current legal requirements or to implement changes to our services in the data privacy policy, such as when new services are introduced. The new data privacy policy then applies the next time you visit our website.

Questions for the data protection representative

Should you have questions regarding data privacy, please send us an e-mail or contact the person responsible for data protection in our organization:

Datenschutzbeauftragter der fortiss GmbH
c/o activeMind AG
Potsdamer Str. 3, 80802 München
Tel.: +49 (0)89 - 91 92 94 900
datenschutzbeauftragter@fortiss.org

This data privacy policy was created with the assistance of activeMind AG, the experts for external data protection representatives (Version #2020-09-30).