The body responsible for data protection is the:
German Institute for Economic Research e.V. (DIW Berlin)
Mohrenstraße 58, 10117 Berlin, Germany
Phone: +49 30 897 89 0
Fax: +49 30 897 89 200
Our data security officer is Udo Wenzel.
Budapester Straße 31, 10787 Berlin
Phone: +49 30 2196 4390
Fax: +49 30 2196 4393
Information for visitors to our site
Every time our website is accessed, our system automatically collects data and information from the accessing computer. This information is temporarily saved in a log file. The following information will be collected automatically and stored until automated deletion:
· The IP address of the requesting client
· Date and time of access
· HTTP requests sent by the client
· HTTP status code the webserver sent back
· Size of the object returned to the client by our web server
· Referrer URL
· User agent (can contain information about the operating system and browser used)
The legal basis for storing this data is Article 6(1)(f) of the General Data Protection Regulation (GDPR). We have a legitimate interest in storing this data as we require it to guarantee and maintain the operational reliability of our system. We do not use the data to create personal user profiles. The data will be deleted after seven days.
Web analysis via Matomo
We use the web analysis software Matomo, which works without cookies. Matomo uses a tracking code that allow us to analyze how our website is used and these results are saved on our server. Under no circumstances will we pass this information on to third parties. For your protection, we store the IP address of your computer anonymously (shortened).
If you do not agree to your data being stored and used, you can deactivate Matomo HERE. In this case, an opt-out cookie is stored in your browser. The opt-out cookie prevents Matomo from providing usage data and us from saving it. Please note that by deleting cookies in your browser settings, you will also delete the Matomo opt-out cookie and you will have to reactivate it the next time you visit our website.
Privacy rights for website users
a) According to the General Data Protection Regulation (GDPR) of the European Union, you have the right of access under Article 15, the right to correction under Article 16, the right to deletion under Article 17, the right to restrict processing under Article 18, the right to oppose under Article 21, and the right to data transfer under Article 20.
The enforcement of these rights is subject to the conditions set out in the articles of the GDPR cited and is subject to the legal restrictions set out therein.
b) If you give us your consent to process personal data for certain purposes (such as signing up for the newsletter, registering for events), we will process your data on the basis of this consent. You may revoke your consent at any time. Please note that the revocation does not apply retroactively. Processing that took place before the revocation will not be affected and remains lawful.
c) You have a right of appeal to a data protection supervisory authority (Article 77 of the GDPR in conjunction with Section 19 of the BDSG)
You can find a list of supervisory authorities and their contact information by clicking here (in German).
The data protection supervisory authority responsible for DIW Berlin is the Berliner Beauftragte für Datenschutz und Informationsfreiheit.
Information for newsletter suscribers
If you would like to subscribe to our newsletter, we require your email address so you can receive the newsletter(s) as well as information to confirm that you are the owner of the email account and that you agree to receive the newsletter. Your data will exclusively be used to send you the newsletter and will not be given to third parties.
The data entered in the respective subscription or registration form will be processed on the basis of your consent (pursuant to Article 6(1)(a) of the GDPR). You can revoke your consent at any time. The legality of the data processing already carried out remains unaffected by your revocation. In the event of revocation, we will delete your data unless it is also stored by us for other purposes (e.g., your email addresses for the member area). If that is the case, we will only delete your data if we do not need it for another purpose. We will also deactivate them for the purpose for which you have revoked your consent.
The data you provide to subscribe to the newsletter is required, as you cannot receive the newsletter otherwise.
The data privacy rights listed under point 5 also apply to newsletter subscribers.
Information for those registering for events
We save your registration information for event logistics if you register for one of our events on our website. If the event is in coordination with another institution or occurring on behalf of another institution, we will send them your data as well so they can plan and organize the event.
The legal basis for this data processing is Article 6(1)(b) of the GDPR, as well as Article 6(1)(f), as we have a legitimate interest in storing your data and, if necessary, in its transmission to (co-)organizing institutes in order to organize events. Your data will be deleted after the event for which you registered has taken place.
You must provide us with the requested data because you cannot register for events via our website otherwise.
The data privacy rights under point 5 also apply to individuals who register for our events.
Information for users of WebEx applications
As an organizer of WebEx events (such as video conferences or online meetings), the German Institute for Economic Research e.V. (DIW Berlin) is the party responsible for data privacy. DIW Berlin has licensed the WebEx applications through Deutsche Telekom, which makes them additional data processors through a data processing agreement.
DIW Berlin processes the following personal data when a participant uses a WebEx application:
- User data (username, login credentials, such as name, usernames, email address, conference codes, assigned IP address)
- Usage data (IP address, beginning and end of use, event name, number of participants, host name, participation method – phone number if joining by phone)
- Shared data (such as text and documents)
- If WebEx events are recorded: MP4 data of the video and audio recordings as well as the text record of the meeting chat.
- If you use the chat, question, or survey functions, any text you input will be processed to be shown in the meeting and, if necessary, to be logged. To enable video and audio playback, the data from your device’s microphone as well as of your video camera will be processed during the entire WebEx event. You can turn off your video or mute your audio at any time during the event.
DIW Berlin uses WebEx to conduct online meetings in order to fulfill its statutory duties. If we wish to record an online meeting, we will inform the participants in advance and, if necessary, ask their permission. If necessary for the purpose of logging the results of an online meeting, we will log the chat content. We will also inform the participants of this in advance.
Automated decision making as in Article 22 of the GDPR is not used.
If personal data of DIW Berlin employees are processed, § 26 BDSG is the legal basis for data processing. If web meetings are held as part of contractual relationships, including cooperative relationships, the legal basis for data processing is Article 6, paragraph 1, subsection b of the GDPR. Otherwise, the legal basis is Article 6, paragraph 1, subsection f of the GDPR. In order to fulfill its statutory tasks, DIW Berlin has a legitimate interest in the effective conduct of online meetings.
The personal data processed when participating in online meetings is also received by Deutsche Telekom, through which DIW Berlin has licensed the WebEx applications on the basis of an order processing contract, and by Cisco Systems Inc. as supplier of the WebEx applications.
When using WebEx applications, the data collected by Cisco Systems Inc. is also processed at data processing centers in countries outside the European Economic Area (EU countries, Iceland, Liechtenstein, and Norway), including the USA. Deutsche Telekom and Cisco have concluded contractual arrangements according to the EU Standard Contractual Clauses and supplementary data protection agreements.
Please note that according to the highest European jurisdiction, the USA does not guarantee a level of data protection comparable to the level guaranteed under the GDPR and that such a level cannot be achieved by agreeing on standard contractual clauses.
Personal data will be stored until the data processing purpose no longer applies or after legal or official storage obligations have expired.
Participants in WebEx events also have the data protection rights mentioned under point 5.
Data security related to page visit
To protect the personal data of our website’s users, we use a secure online transmission procedure, the “Secure Socket Layer” (SSL) transmission. All information transmitted using this secure method is encrypted before being sent. Your personal data is processed exclusively on data centers and computers protected by security technologies and standards (e.g. firewalls, password protection, access controls, etc.).
Please use the above-mentioned contact information for DIW Berlin or our data protection officer to exercise your rights or if you have any further questions regarding data protection.