Effective 01 January 2021.
In this privacy policy, we describe how we process your personal information when you visit the Privacy Icons Forum website.
We have set the mission to constantly improve our privacy policy: we wish to make it easy to understand how and why we collect and use your data. If you have ideas on how we can improve this privacy policy, you have any questions or you encounter any issues, we would be happy to receive your feedback.
1. At a glance
1.1 Who are “we”?
“We” are a consortium of research partners. For questions regarding your personal data, you can find our point of contact at the end of this page.
1.2 What data do we collect?
Depending on how you use our website, we collect different data:
- Your IP address ⓘ IP addressThe IP address is a code that identifies your device on an internet network. If we anonymise it, we can only deduce the region where you are located when you visit our website
- Your email address and, if visible in your email address (or if you give it to us otherwise), your name
- Information about your device, like the type of internet browser you use, your operating system and the size of your browser window
- The page you visited before landing on our website and the pages you visited on our website
- The time and date you accessed our website
- Your port for file transfers ⓘ portA port is a communication endpoint that allows data to flow in and out your computer.
- The size of the requests and the responses between your browser and the server hosting our website
- The HTTP status codes issued by our server when it responds to your browser’s request
1.3. Why do we collect and use your data?
We collect and use your data for four purposes:
1.4 Who else gets access to your data?
We never share the data we collect with third parties. ⓘ third partiesaccording to Art. 4(10) GDPR
We only share this data with the University of Siegen (Germany), which hosts our website, stores and uses the data for our purposes, only.
Read more
1.5 How long do we keep your data?
For displaying the website, we keep your data only during your visit. However, we may keep some of your data longer for other purposes, especially, for security reasons or if you contact us.
1.6 What are your rights?
When we collect your personal data, generally you have the following rights: the right to access, rectify and erase the data we hold about you; the right to transfer your data; and the right to restrict and object to the processing of your data.
These rights do not apply when we collect data that are not personal and, mostly, when we anonymise your personal data.
2. What data do we process to display our website?
We collect certain data to display the website in the best manner and to enable navigation. For example, we adapt the display of the website’s content to the size of your screen and to your browser characteristics.
2.1 What data do we collect?
- Your operating system (Windows 10, macOS Mojave, etc.)
- The page you visited before landing on our website
- The page or pages you visited on our website
- The time and date you accessed our website
2.2 Who else gets access to your data?
We do not share your data with third parties. We only share this data with the Humboldt University Berlin (Germany) which hosts our website and uses the data for our purposes.
2.3 Why are we allowed to process this data?
We have a legitimate interest to process this data to inform you and other visitors about our research projects in the best possible manner ⓘ legitimate interestaccording to Art. 6(1)(f) GDPR
2.4 How long do we keep your data?
Our server stores your data only during the time that you are visiting our website. The same data might be saved longer for security purposes.
2.5 What are your rights?
Regarding the data we process to show you our website, your rights as data subject do usually not apply in practice, because we do not keep your data for this purpose after you leave our website and there is usually no need to enforce your rights during your visit.
Read moreWhen we use your data for other purposes after you leave our website, check out your rights in below
3. What data do we process to ensure the security of our website?
We collect certain data to maintain our website’s security, for example to analyse technical problems and malicious attacks.
3.1 What data do we collect?
We collect the following data:
- Your IP address ⓘ IP addressThe IP address is a code that identifies your device on an internet network.
- Your port for file transfers ⓘ portA port is a communication endpoint that allows data to flow in and out your computer. Data can be received from and be sent to the Internet or other computers in a network.
- The type and version of your internet browser (Chrome, Safari, Firefox, etc.)
- The size of your browser window
- Your operating system (Windows 10, macOS Mojave, etc.)
- The page you visited before landing on our website
- The page or pages you visited on our website
- The size of the data sent by your request and the responses sent between your browser and the server hosting our website
- The HTTP Status Codes ⓘ HTTP Status CodeStatus codes are issued by our server in response to a request made to the server. issued by our server when it responds to your browser’s request
- The time and date you accessed our website
3.2 Who else gets access to your data?
We have a legitimate interest to analyse your activity on our website in order to identify technical problems and protect it from cyberattacks. The data are used to ensure protection for the personal data on the server of our hosting institution. ⓘ legitimate interestaccording to Art. 6(1)(f) GDPR
In case of a cyberattack, we may be required to provide the data to law enforcement authorities for criminal prosecution.
Read moreWe might be obliged by law (according to Art. 6 sect. 1 lit. c GDPR) to cooperate with law enforcement authorities.
3.4 How long do we keep your data?
The data are stored on our server for one week and then they are erased. However, if our website has a security incident, we have alegitimate interest to keep the data as long as necessary to investigate the incident. For example, we might look into the IP addresses we collected to identify the origin of the attack.
3.5 What are your rights?
Your rights as data subject ⓘ IP addressyour right of access, to erasure, to rectification, to limit processing, to data portability, under Articles 15-20 GDPR do not apply because we are not able to link your IP address to your identity without your help.
However, your internet access provider, which assigned to you a certain IP address for a certain period of time, can make this connection and reveal your identity.
Read moreWe can ask your internet access provider to disclose your identity only if we have a justified reason, for example, if we can prove that an attack on our website originated from your IP address.
This means that if you want to exercise your rights, you will need first to allow us to link your identity with your IP address.Your right to object to our processing ⓘ IP addressunder Article 21 GDPR may not apply because of our legitimate ground to investigate security incidents.
4. What data do we process when you contact us?
When you send us an email to pm [at] gecko-project [dot] eu or when you use our other contact persons, we use your data to answer you and to be able to keep our conversation ongoing.
5. What data do we process to evaluate and optimise the website?
When you navigate our website, we collect and immediately anonymise your data to create statistics about how visitors use our website, which is helpful to evaluate and enhance our website appearance.
5.1 What data do we collect?
We collect the following data:
- Your IP address in an anonymised form ⓘ IP addressThe IP address is a code that identifies your device on an internet network. If we anonymise it, we can only deduce the region where you are located when you visit our website
- The type and version of your internet browser (Chrome, Safari, Firefox, etc.)
- The size of your browser window
- Your operating system (Windows 10, macOS Mojave, etc.)
- The page you visited before landing on our website
- The page or pages you visited on our website
- The time and date you accessed our website
5.2 Who else gets access to your data?
We do not share your data with third parties. We only share this data with the Humboldt-University Berlin (Germany), which analyses the anonymised data for our statistical purposes.
5.3 Why are we allowed to process this data?
We have a legitimate interest to collect this data to create statistics about how visitors of our website use it to evaluate and enhance our website.
Read more(Art. 6(1)(f) GDPR) to collect this data to enhance the website.
5.4 How long do we keep your data?
We do not store your personal data, because we immediately anonymise the data we collect.
5.5 What are your rights?
Your rights as a data subject ⓘ IP addressyour right of access, to erasure, to rectification, to limit processing, to data portability, under Articles 15-20 GDPR do not apply because the data we collect is anonymised.
6. Will this privacy policy change?
Yes, the information on this page may change, for example when the law or the way we process personal data change. When this happens, we will always make it clear and publish the changes on our website.
You can access older versions of our privacy policy under “Version history”.
7. How can you contact us and exercise your rights?
If you have questions, doubts or complaints about the way we process your personal data, please contact us. You can send an email to pm[at] uni-siegen [dot] de. We will do our best to answer quickly and address your concerns.
Read more We will review your request and do everything we can to accommodate it. If we conclude that the rights concerning your personal data do not apply, we will explain to you why. We may require proof of your identity (for example, by presenting your identity card) to ensure that we do not reveal your information to an unauthorised person.
If you are not satisfied with our answers, you have the option to issue a formal complaint with the relevant supervisory authority in the state of North-Rhine Westfalia. Alternatively, you can contact the supervisory authority of the federal state of Germany or of the European Member State where you reside or work.