Deutsch | English
1. Name and Contact Details of the Data Controller
Franckeplatz 1 | Haus 37
Prof. Dr. Thomas Müller-Bahlke
Tel. 0345-21 27 400
Fax 0345-21 27 433
Name and Contact Details of the Data Protection Officer
Franckeplatz 1 | Haus 37
Dr. Jürgen Gröschl
2. Personal Data Processed by Us
The August Hermann Francke Study Centre offers various databases for conducting research in the holdings of the Archive and the Library. Registering for use is not necessary.
You may use the following databases:
- Archive database on the basis of the FAUST system of the company Land Software-Entwicklung,
- Database for the Digital Collections on the basis of the software platform Visual Library of the companies semantics GmbH and Walter Nagel GmbH & Co. KG,
- Special databases on the basis of SQL and the software Allegro-C of the TU Braunschweig.
Any time the databases of the Archive and the Library are accessed for research the following data is stored in a log file:
for all databases
- date and time of access,
- volume of data transferred in bytes,
- browser type and version
for the archive program FAUST
- the IP address of the accessing computer (anonymised as of version 9 of the program server),
- address of the website created by the search query (possibly including search query, encrypted with provision of the ID number of the object being looked for),
- if we have given you a user name and a password, the login name,
- information on the data sets downloaded using the download function (encrypted via object numbers)
for the Digital Collections in Visual Library
- anonymised IP address of the accessing computer (anonymisation is carried out by removing the final octet in IPv4 addresses, and by removing the last 80 bits of IPv6 addresses; the complete IP address is therefore never stored),
- name of the file accessed,
- notification of successful access,
- URL of the previously visited page (referrer URL),
- operating system used
for the special databases in Allegro-C and SQL
- anonymised IP address of the accessing computer,
- address of the website created by the search query (possibly including search query)
3. Purposes and Legal Basis of Processing
The data collected is solely processed to guarantee the proper operation of the databases and to improve their user friendliness, and to compile annual user statistics in an entirely anonymised form. A respective evaluation of the log files is only possible with evaluation tools, especially developed for the applications. The data is never assigned to specific persons, personal user profiles are not created. The data is not combined with other data sources. The legal basis for the processing of personal data is Art. 6 (1) point (f) GDPR. The legitimate interest of the Study Centre is hereby, to improve, on the basis of the anonymised research behaviour of the users, the databases with regard to their content and functionality, and to thus make the holdings of the Archive and Library of the Francke Foundations accessible to the general public.
The statistical data is part of the annual working report, with which the Study Centre fulfils its accountability to the Administration and the Board of Trustees of the Francke Foundations, in accordance with section 7, clause 7 of the statute of the Francke Foundations, and to third-party donors. The legal basis for the processing of personal data is Art. 6 (1) point (c) GDPR.
4. Categories of Recipients
The personal data gathered in the log files is solely processed in the August Hermann Francke Study Centre by the archivist responsible for the databases. There is no transfer of personal data to additional places within or outside the Francke Foundations or to a third country.
5. Data Transfer to Third Countries
The data is not transferred to third countries.
6. Retention Period
The data you provide us with is only stored for the duration of the given purpose. The log files are regularly erased after finalisation of the annual report.
Our website sometimes uses so-called cookies. Cookies do not harm your computer and do not contain any viruses. Cookies serve to make our website more user-friendly, effective and secure. Cookies are small text files that are placed on your computer and stored by your browser. In the Archive database, cookies are used to provide the service “watch list”. This cookie does not store personal data, it only stores database specific information (name of the FAUST iServer project, name of the database) and the FAUST object number of the remembered data set. Using cookies is necessary for the watch list function. The watch list continues to exist after the session has ended. By adjusting the browser, you can automatically delete cookies after finishing your research.
8. Contacting Us
If you contact us, we save your information in order to process the enquiry, and for the event of additional queries.
The contact function of the databases (special databases) is carried out with the contact form. You can contact us by email via the Archive database and the Digital Collections. Within the framework of your contacting us, your personal data is processed and used for the purpose of answering your query. The legal basis for the processing and storage of data is our legitimate interest in handling your enquiry in accordance with Art. 6 (1) point (f) GDPR. Please note that email communication cannot be entirely protected from access by third parties. Once your query has been answered, your data is erased, insofar as this does not contradict statutory retention periods.
9. Your Rights
You have the right to be provided with information at any time about your personal data processed by us. Please find a summary of your rights below.
Right of Access of the Data Subject Pursuant to Art. 15 GDPR and Section 34 of the DSAnpUG-EU [Act to Adapt Data Protection Law to Regulation (EU) 2016/679 and to Implement Directive (EU) 2016/680]
You have the right to obtain from us confirmation as to whether personal data relating to you is being processed. If this is the case, you have the right to obtain information from us, free of charge, about personal data relating to you which we have saved.
Right to Rectification Pursuant to Art. 16 GDPR
You have the right to request us to immediately rectify inaccurate personal data relating to you. Taking thereby the purposes of processing into consideration, you have the right to request that incomplete personal data is completed, including by means of providing a supplementary statement.
Right to Erasure Pursuant to Art. 17 GDPR and Section 35 DSAnpUG-EU
You have the right to request that personal data relating to you is immediately erased, insofar as the processing is not necessary, and insofar as one of the following grounds applies:
- The purpose for which personal data was processed has lapsed.
- You withdraw the consent on which the processing was based and there is no other legal ground for the processing.
- You object to the processing pursuant to Art. 21 (1) GDPR, and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
- The personal data has been unlawfully processed.
- The erasure of personal data is required in order to fulfil a legal obligation under EU law or the law of the EU Member States to which we are subject.
- The personal data was collected in relation to the offer of information society services as defined in Art. 8 (1) GDPR.
Right to Restriction of Processing Pursuant to Art. 18 GDPR
You have the right to obtain from us restriction of processing where one of the following applies:
- The accuracy of the personal data is contested by you, for a period enabling us to verify the accuracy of the personal data.
- The processing is unlawful, and you oppose the erasure of the personal data and request the restriction of its use instead.
- We no longer need the personal data for the purposes of processing, but it is required by you for the establishment, exercise or defence of legal claims.
- You have objected to processing pursuant to Art. 21 (1) GDPR pending a decision on whether our legitimate grounds override yours.
Right to Data Portability Pursuant to Art. 20 GDPR
In accordance with Art. 20 GDPR you have the right to receive the personal data relating to you, which you have provided to us, in a structured, commonly used and machine-readable format. Moreover, you have the right to transmit this data to another controller without hindrance from us, insofar as the processing is based on consent pursuant to Art. 6 (1) point (a) GDPR or Art. 9 (2) point (a) GDPR or based on a contract pursuant to Art. 6 (1) point (b) GDPR and the processing is carried out by automated means, unless processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, when exercising your right to data portability pursuant to Art. 20 (1) GDPR, you have the right to have the personal data transmitted directly from one controller to another, where technically feasible and where this does not adversely affect the rights and freedoms of others.
Right to Object Pursuant to Art. 21 GDPR and Section 36 DSAnpUG-EU
You have the right, on grounds relating to a particular situation, to object at any time to the processing of personal data relating to you which is necessary due to a legitimate interest on our part or to perform a task carried out in the public interest or in the exercise of official authority.
If you make use of your right, we will no longer process your personal data, unless we are able to demonstrate compelling legitimate grounds for processing which override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.
Right to Withdraw Consent
If you have given us consent, you have the right to withdraw your consent at any time. In this event, any data processing performed by us until such withdrawal shall remain lawful. With regard to this please notify us at firstname.lastname@example.org.
Right to Lodge a Complaint with a Supervisory Authority Pursuant to Art. 77 GDPR
You have the right to lodge a complaint with a supervisory authority at any time, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you believe that the processing of personal data relating to you violates applicable law.
Nevertheless, we would appreciate it if you could contact us before doing so.
The supervisory authority responsible for us is:
Landesbeauftragter für den Datenschutz Sachsen-Anhalt
Telephone: 0391 81803-0
Fax: 0391 81803-33
10. Automated Decision-Making Incl. Profiling
We do not use automated decision-making incl. profiling (Art. 22 GDPR).
You are not obliged to communicate data to us at any time.
We protect your personal data by taking all technical and organisational measures possible to meet the protection goals.
We are unable to guarantee data security when communicating by email, we therefore recommend communicating confidential information by post.
Halle, 25. January 2019