Skip to main content
DKFZ-Hector Krebsinstitut logo DKFZ-Hector Krebsinstitut logo

Privacy Policy

Name and address

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States of the European Union as well as other data protection regulations is: 

German Cancer Research Center - Foundation under public law
Im Neuenheimer Feld 280
69120 Heidelberg
Germany
Telephone: +49 (0)6221 420
Email: kontakt@dkfz.de
Website: www.dkfz.de
 

Name and address of the Data Protection Officer

Data Protection Officer
German Cancer Research Center - Foundation under public law
Im Neuenheimer Feld 280
69120 Heidelberg
Telephone: +49 (0)6221 420
Email: datenschutzdkfz.de
 

General information on data processing

1. Extent of processing of personal data

We only process the personal data of our users insofar as it is necessary to ensure the functions of the website or our content and services. We only process the personal data of our users after they have given their consent. Data may be collected in exceptional cases in which prior consent is not possible for practical reasons or the data processing is permitted by legal regulations.

2. Legal basis for the processing of personal data

Insofar as we receive a data subject’s consent for the processing of personal data, Article 6 (1) lit. a) GDPR serves as the legal basis. 

For the processing of personal data that is necessary for the performance of a contract concluded with the data subject, this is done as pursuant to Article 6 (1) lit. b) GDPR. This also applies to data processing operations that are necessary prior to entering into a contract.

Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, this is done in accordance with Article 6 (1) lit. c) GDPR.

In the event that the processing of personal data is necessary to protect the vital interests of the data subject or of another natural person, Article 6 (1) lit. d) GDPR serves as the legal basis.

If the processing is required for the purposes of legitimate interests on the part of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former’s interests, this is carried out according to Article 6 (1) lit. f) GDPR.

3. Erasure of data and retention duration

The personal data of the data subject will be deleted or blocked as soon as the intended purpose of the processing is no longer valid. In addition, data may be stored if the processing of said data is provided for by European or German legislation or by regulations, laws or other directives that are compatible with the rules of the European Union. A blocking or erasure of data is also carried out when a retention deadline prescribed by the aforementioned standards expires, unless the further storage of the data is required for the conclusion or the performance of a contract.
 

Provision of the Website and creation of log files

1. Description and scope of data processing

Each time our Website is accessed, our system automatically records data and information from the system of the computer that accesses the site.
The following data are collected: 

(1) Information on the type and version of the browser being used
(2) The user’s operating system
(3) The user’s internet service provider
(4) The user’s IP address
(5) Time and date of retrieval
(6) Websites from which the user’s system accesses our Website


2. Legal basis for data processing

The legal basis for the temporary storage of data and log files is Article 6 (1) lit. f) GDPR.

3. Purpose of data processing

The temporary storage of the IP address on the system is necessary to ensure the delivery of the site to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session. 

The data are stored in log files to ensure the functionality of the website. In addition, the data also serve to ensure the security of our IT systems. The data are not analyzed for marketing purposes.

The purposes also include our legitimate interest in data processing as pursuant to Article 6 (1) lit. f) GDPR.

4. Duration of storage

The data will be deleted when they are no longer necessary for the intended purpose for which they have been collected. In the event that data are collected for the provision of the Website, they are deleted as soon as the session is completed. 

In the event that data are stored in log files, they are deleted no later than seven days afterwards. The data may be stored for a longer time. In this case, the user’s IP addresses are deleted or modified so that the client retrieving the Website can not be identified.

5. Usage of storage

A technically necessary cookie is used to operate the website. It provides the basic functions of this website. It does not require approval and cannot be deactivated.
Name: be_typo_user
Provider: Owner of this website
Cookie expiration date: When the browser session ends

6. Options for objection and removal

Data must be collected to ensure the functioning of the site and they must be stored in log files for the operation of the website. Consequently, the user is not granted a right to object in this case.

7. web analysis by Matomo

On this website, data is collected and stored using the web analysis service software Matomo(www.matomo.org), a service provided by InnoCraft Ltd, 150 Willis St, 6011 Wellington, New Zealand, ("Matomo") on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes in accordance with Art. 6 para. 1 lit. f GDPR. This enables us to find out, among other things, when which pages were accessed and from which region. We also record various log files (e.g. anonymized IP address, referrer, browser and operating system used) and can measure whether our website visitors perform certain actions (e.g. clicks, downloads and others).

Legal basis for data processing

The legal basis for the processing of users' personal data is Art. 6 para. 1 lit. f GDPR.

Purpose of the data processing

The processing of users' personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. These purposes also constitute our legitimate interest in processing the data in accordance with Art. 6 para. 1 lit. f GDPR. By anonymizing the IP address, the interest of users in the protection of their personal data is adequately taken into account.

Cookie-free analysis

We have set up Matomo so that no cookies are used for the analysis.

Hosting

We operate Matomo exclusively on our own servers. Data is not passed on to third parties.
Anonymization of the IP address

IP anonymization by Matomo means that the IP address is shortened and can no longer be assigned.

Objection and removal option

If you do not agree with the storage and analysis of this data from your visit, you can object to the storage and use of this data at any time by clicking below. In this case, a so-called opt-out cookie will be set in your browser, which means that Matomo will not collect any session data. Please note that the complete deletion of your cookies means that the opt-out cookie will also be deleted and may have to be reactivated by you.