Banner Banner

Data privacy

Thank you for your interest in the Berlin Institute for the Foundations of Learning and Data (BIFOLD) website. The protection of the personal data of visitors to the BIFOLD website is very important to us. We therefore would like to inform you about data privacy for websites under *.bifold.berlin

Subject of data privacy

Data privacy addresses issues concerning personal data. According to Article 4 no. 1 of the General Data Protection Regulation (GDPR), these are data referring to an identified or identifiable individual, in other words all data which could be used to identify you. This applies to data such as your name, private address, email address, and telephone number but also to usage data such as your IP address.

As a matter of course BIFOLD observes the legal requirements of data privacy and other applicable regulations.

We are committed to ensuring that you can trust us concerning your personal data. For this reason transfers of personal or sensitive data are encrypted. In addition, our websites are protected by technical measures against damage or unauthorized access.

General data privacy

  1. When you visit the BIFOLD website or download data from its web pages, the following information is saved in a log file:
    - IP address of yor device,
    - the date and time you accessed the site,
    - the web page you visited or name of the downloaded file,
    - the amount of transferred data,
    - the “user agent-string” of your web browser,
    - the website from which you were referred to the current web page or file and
    - a status notification of successful or unsuccessful access.
    Non-depersonalized data will be deleted after one month and will not be stored. This data will only be used for non-commercial purposes: It will only be reviewed manually if necessary for error analysis, optimization or investigation of misuse or performance issues.
    This represents a legitimate interest within the meaning of Art. 6 (1) lit. f EU-DSGVO. A right of objection according to Art. 21 EU-DSGVO is not possible due to lack of technical feasibility.
  2. In order to protect your transmitted data as best as possible, we use SSL encryption for any data transmission. You can recognize such encrypted connections by the prefix "https://" in the page link in the address line or by the green/closed lock symbol of your browser. Unencrypted pages are marked by "http://" or an open or red lock symbol.
    All data that you transmit to this website - for example when making inquiries or logging in - cannot be read by third parties thanks to SSL encryption.
  3. Cookies are often additionally used for data collection and storage. Cookies are small data packets consisting of text that are stored by your web browser when you call up a website.
    Cookies are used by us to enable you to make optimal use of the websites. They are never used to track personal user actions or for behavioral analysis. They are only used where they are technically necessary or more useful than other techniques (in the sense of Art. 6 para. 1 lit. f EU-DSGVO): to record your login status, your consent to the display of external content (opt-in) and your deactivation of cookie-less Matomo tracking (opt-out). As a result, the use of the websites is mainly possible without the use of cookies. However, for functions or pages that require a login or password, cookies are technically necessary.
    We use temporary and permanent cookies. Temporary cookies (also known as session cookies) are automatically deleted when you close your web browser. Permanent cookies, on the other hand, have a set lifetime. You can set your web browser to delete cookies that have already been placed.

Overview of our used cookies:


Overview of our used providers:


Please refer to our imprint for general responsibilities.

Scope of data collection and storage

For information about how we handle personal traffic data, please refer to the “General data policy” section and the section on “Usage data”.

The active communication of your personal data is not required for the use of our websites - in order for BIFOLD to fulfill its service mandate, however, we require personal data in individual cases, the processing of which is carried out in accordance with Art. 6 (1) lit. a EU-DSGVO. This applies in particular to answering individual e-mail inquiries or ordering special services.

If you commission us to provide a service, we will generally only collect and store your personal data to the extent necessary for the provision of the service.

In exceptional cases, e.g. in the context of event registrations, you will be asked whether your data may be stored for the purpose of providing information on similar events that go beyond pure event management. In this case, your consent is voluntary; refusal will not result in any disadvantages for you.

At the BIFOLD, mailing lists may be used as an instrument for the targeted distribution of information. If you have subscribed to one of our mailing lists with your e-mail address or have given your consent for this, we will use your e-mail address to inform you about important and new information until you unsubscribe or are removed from the list.

You can revoke your consent at any time and without giving reasons and request the deletion of your data. You can request the latter by sending an e-mail to the institution holding the data.

Collection and storage of usage data

Log data

To optimize our website, we store data such as the IP address of your device, the page accessed, the date and time of the page access, the page from which you accessed our site. 
This data is held for error handling and to detect misuse attempts, automatically deleted after one month and not archived; permanent storage is excluded. This represents a legitimate interest within the meaning of Art. 6 para. 1 lit. f EU-DSGVO. A right of objection according to Art. 21 EU-DSGVO is not possible due to lack of technical feasibility.

Contact forms

The data you send us via contact form, including your contact details, will be stored so that we can process your request or ask follow-up questions. This data will not be passed on to third parties without your consent.

The processing of the data entered in the contact form is based exclusively on your consent (Article 6 paragraph 1 lit. a EU-GDPR). A revocation of your already given consent is possible at any time. For the revocation, an informal notification by e-mail to the institution providing the respective contact form is sufficient. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation.

Data transmitted via the contact form will remain with the institution contacted until there is no longer any need to store the data, you request us to delete it or revoke your consent to storage. Mandatory legal provisions - in particular retention periods - remain unaffected.

Matomo

Our websites additionally use the web analytics application Matomo (see www.matomo.org) to anonymously collect web statistics, based on the qualified interest of BIFOLD in the statistical analysis of user behavior for optimization and marketing purposes according to Art. 6 (1) lit. f GDPR.:

If you have selected the “Do not track” option in your browser, Matomo will neither save nor process any information about your visit.

However, if you have not selected the “Do not track” option and do not consent to the storage and analysis of your data collected by Matomo, you can opt out. Below is a special iFrame, which is linked to our Matomo system and offers you the option to opt out from tracking. By checking the box to deactivate Matomo, an opt out cookie is placed in your browser thus disabling further data collection.

Please note that if you delete all of your cookies you must opt out again.

Social media content

Social media links

On our web pages we link to BIFOLD accounts or profiles on social media networks of the third-party providers listed below. We also offer the option to share our website content on the social media networks of the third-party providers listed below. The social media account is embedded via a share button for the respective network, preventing a connection from automatically being established to the respective server of the social network when visiting any of our web pages with such linked social media content, for instance in order to display a post on the respective network itself. Only by your active click on the corresponding graphic you will be directed to the service of the respective social network. The legal basis is Art. 6 para. 1 lit. a EU-GDPR).

Information about you is then collected by the respective network. Initially this includes data such as your IP address, the date, time, and page visited. We do not know if or how this data is processed in the USA.

If you are signed in to your user account with the respective social network, the network provider is able to attribute the collected information about your visit to your personal account. If you interact via the respective network’s “share” button, this information may be saved to your user account and published. If you would like to prevent the collected information from being directly associated with your user account, you must first sign out before clicking the button. You also have the option of configuring your user account accordingly.

Third-party social media providers

facebook
Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA
Data policy: https://en-gb.facebook.com/policy.php
Opt-out settings for ads: https://en-gb.facebook.com/settings?tab=ads

Instagram
Instagram of Instagram LLC, now Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Data policy: https://help.instagram.com/155833707900388

LinkedIn
LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of the LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA
Privacy policy: https://www.linkedin.com/legal/privacy-policy

twitter
Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA
Privacy policy: https://twitter.com/en/privacy

xing
XING SE, Dammtorstraße 30, 20354 Hamburg, Germany
Privacy policy: https://privacy.xing.com/en 

YouTube
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Irland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA
Privacy policy: https://policies.google.com/privacy/?hl=en

Vimeo
To share video content, our website uses plugins from the Vimeo video sharing platform, a service provided by Vimeo LLC, 555 West 18th Street, New York, New York 10011.

When a page with an integrated Vimeo plugin is called up, a connection to the Vimeo servers is not immediately established. Instead, a local image ("thumbnail") is loaded to announce the video and refers to Vimeo as a third-party provider. Users must actively start the Vimeo video. Only then does Vimeo learn the IP address of your end device and the page with Vimeo video that you have just called up, even if you are not logged into the video portal or do not have an account there.
The information collected by Vimeo is transmitted to servers of the video portal in the USA.

If you are signed into your Vimeo account, Vimeo will be able to store this information in your user account. You can prevent this by first signing out of your Vimeo account.

The use of Vimeo takes place only with your consent through your active start of the video within the meaning of Article 6 paragraph 1 lit. a GDPR.

Specific details about how user data are handled are available on Vimeo’s privacy page: https://vimeo.com/privacy

YouTube

To share video content, our website uses plugins for YouTube videos from the video sharing platform operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

When a page with an integrated YouTube plugin is called up, a connection to YouTube's servers is not immediately established. Instead, a local image ("thumbnail") is loaded to announce the video and refer to YouTube as a third-party provider. Users must actively start the YouTube video. Only then does YouTube learn the IP address of your end device and the page with the YouTube video that you have just called up, even if you are not logged into the video portal or do not have an account there.

If you are signed into your YouTube account, YouTube will be able to store this information in your user account. You can prevent this by first signing out of your YouTube account.

The use of YouTube takes place only with your consent by your active start of the video within the meaning of Article 6 paragraph 1 lit. a GDPR.

Specific details about how user data are handled are available on YouTube’s privacy page: https://www.google.de/intl/de/policies/privacy

Storage location and data usage for a specific purpose

We collect, process and store your personal data exclusively internally only for the purpose for which you have communicated it to us and thus observe the principle of purpose-bound data use. Your personal data will not be passed on to third parties without your express consent, unless this is necessary for the provision of the service or the execution of the contract. The transfer to state institutions and authorities requesting information will also only take place within the framework of the legal obligations to provide information or if we are obliged to provide information by a court decision.

We also take the University's internal data protection very seriously. Our employees and contracted service providers are bound to confidentiality and compliance with data protection law.

Right to information

You can obtain information about the data we have stored about you free of charge at any time without having to give a reason. For this purpose, please contact us at the address given in the imprint. We will be happy to answer any further questions you may have about our privacy policy.

In addition, you have the right to correct, delete, restrict and transfer your data.

You also have the right to object at any time to the processing of personal data concerning you that is carried out on the basis of Article 6 paragraph 1 lit. e and f EU-GDPR. Thereafter, the institution responsible may no longer process the personal data concerning you, unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of asserting, exercising or defending legal claims.

Right of complaint

If you recognize any indications that we are not handling your data in a data protection-compliant manner, you can contact the supervisory authority at any time.

Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstr. 219 / visitor entrance via Puttkamerstr. 16 -18
10969 Berlin Phone: +49 30 13889-0
Fax: +49 30 2155050
Email: 
mailbox@datenschutz-berlin.de

Final information

Please note that data privacy regulations and handling of data privacy are subject to change requiring you to regularly inform yourself about changes of data privacy laws and company policies.

This data privacy statement only applies for content of the domain *bifold.berlin and does not include the linked websites of secondary or external web servers.
For links to third-party applications and systems the privacy policy of the respective site applies.