Data Protection

The controller within the meaning of the EU General Data Protection Regulation (hereinafter: GDPR) and other national data protection laws of the Member States, as well as other data protection regulations is

Austrian Science Fund (FWF)

Georg-Coch-Platz 2
1010 Vienna

Phone: +43-1-505 67 40-0
Email: office(at)fwf.ac.at
Website: www.fwf.ac.at

This privacy policy applies to the FWF’s online presence, available under the domain www.fwf.ac.at and its various subdomains (hereinafter referred to as “our website”).

The controller’s data protection officer is

Elvisa Seumenicht
FWF
Georg-Coch-Platz 2
1010 Vienna

+43 676 83487 8412
datenschutz(at)fwf.ac.at

Personal data are all information relating to an identified or identifiable natural person. This includes information such as your name, age, address, telephone number, date of birth, email address, IP address, or user behavior. Information that cannot (or only with disproportionate effort) be used to identify you, e.g., by anonymizing the information, is not personal data. The processing of personal data (e.g., the collection, retrieval, use, storage, or transmission) always requires a legal basis or your consent.

Any personal data processed will be deleted as soon as the purpose of the processing has been fulfilled and no legal obligations to retain the data apply.

If we need to process your personal data for the purpose of providing certain offers, the following information describes the specific processes, the scope and purpose of data processing, the legal basis for processing, and the respective storage period.

As a research funding institution, individual provisions of the Research Organization Act (Forschungsorganisationsgesetz, FOG) apply. For this reason, the FWF reserves the right to use the provisions of the Austrian Research Organization Act as a legal basis for the processing of personal data in connection with its activities, in addition to the other legal bases listed in this Privacy Policy.

1. Provision and use of our website

a. Description and scope of data processing

When you access and use our website, we collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a log file. When you use our website, we collect the following data, which are technically necessary for us to display our website to you and to guarantee stability and security:

• IP address of the requesting computer
• Date and time of access
• Name and URL of the retrieved file
• Website from which the access is obtained (referrer URL)
• Browser used and, if applicable, your computer’s operating system, as well as the name of your access provider

b. Legal basis

Art. 6 (1) item f of the GDPR serves as the legal basis for the aforementioned data processing. The processing of this data is necessary for the provision of our website and thus serves the protection of a legitimate interest of our organization.

c. Storage period

As soon as the abovementioned data required for the display of our website are no longer necessary, they will be deleted. The collection of data for the provision of our website and the storage of data in log files is absolutely necessary for the operation of our website. It is therefore not possible for the user to opt out. Further storage may take place in individual cases if this is required by law.

2. Ordering print media

a. Description and scope of data processing

On our website, we offer users the opportunity to order print media; personal data is required for this service. The necessary data is entered into an input mask, transmitted to us, and stored. The data will not be passed on to third parties. The following data is collected during the ordering process:

• Name
• Address
• Email address
• Telephone number

Your data will be forwarded to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of the goods.

If you order print media on our website and enter your email address, we may use it to send you a newsletter about similar goods or services we provide.

b. Legal basis

When processing the personal data (see § 4 2. a.) necessary for the fulfillment of a contract concluded with us, Art. 6 (1) item b of the GDPR serves as the legal basis. This also applies to any processing required to carry out pre-contractual measures.

c. Storage period

After complete processing of the contract, your data will be blocked for further use and deleted after expiry of the tax and commercial retention periods, unless you have expressly consented to the further use of your data. Further storage may take place in individual cases if this is required by law.

3. Newsletter

a. Description and scope of data processing

On our website, you can subscribe to a free newsletter. In order to be able to send you the newsletter regularly, we need the following information from you:

• Email address
• Name
• Address

Your data will not be passed on to third parties in the connection with sending the newsletter.

We use a double opt-in procedure for sending the newsletter, i.e. we will only send you the newsletter if you first confirm that you signed up for it by clicking a link in the confirmation email sent to you for this purpose. This is to ensure that you are the owner of the email address provided when you signed up for the newsletter. Please confirm your email address promptly after receipt of the confirmation email, otherwise your newsletter request will be automatically deleted from our database.

b. Legal basis

Pursuant to Art. 6 (1) item a of the GDPR, the processing of your email address to be able to send you the newsletter is based on the declaration of consent, which you have voluntarily given as follows:

Declaration of consent:

By entering my data and clicking the “Subscribe now” button, I declare my consent to the processing of my email address, name, and address for the purpose of sending me newsletters on a regular basis. I can unsubscribe from the newsletter at any time by clicking on the link at the end of the newsletter.

I can withdraw my consent to the processing of personal data collected during the registration process at any time. 

Should you have any questions or concerns about unsubscribing from FWF newsletters, you can also contact the FWF’s web content team directly: wcm(at)fwf.ac.at

c. Storage period

Your email address, name, and address will be stored for as long as you remain subscribed to the newsletter. After you unsubscribe from the newsletter, your email address and contact details will be deleted. Further storage may take place in individual cases if this is required by law.

4. Application and project data

a. Description and scope of data processing

The following personal data of researchers, project participants, and other persons associated with the application will be processed during the application and project management process:

• First name
• Name
• Address
• Email address
• Contact details
• Qualifications
• Date of birth
• Date of PhD
• Country of PhD
• Research institution of PhD
• ORCID (Open Researcher and Contributor ID)
• Language of correspondence
• Educational level
• Marital status
• Number of children
• Nationality
• Academic degrees
• Employment contract details
• Personal ID (identifier)

b. Legal basis

Pursuant to Art. 6 (1) item a of the General Data Protection Regulation (GDPR), in conjunction with § 2g of the Austrian Research Organization Act (Forschungsorganisationsgesetz, FOG), the FWF processes and publishes personal data (e.g. the title of the submitted project, members of the Board of Directors and associated research institutions, academic abstract) necessary for the administration of the funding by the FWF – while safeguarding business and trade secrets – for the purposes of research policy (especially presentation of the development of basic research in Austria, economic analyses, funding impact reports, etc.) and for public relations work (publication of excerpts in the FWF annual report, on the FWF website, in press releases, media collaborations, etc.). If necessary, these data are also transmitted to third parties (e.g., for the preparation of research policy studies, on the basis of supervisory duties, in particular §§ 2d and 3a of the Research and Technology Funding Act [Forschungs- und Technologie-förderungsgesetz, FTFG], to bodies and agents of the Federal Ministry of Education, Science and Research and, in particular, pursuant to § 3 [2], § 4 [1], and § 13 [3] of the Court of Audit Act 1948 [Rechnungshofgesetz, RHG], to the Austrian Court of Audit as well as to bodies and institutions of the European Union in accordance with European legal provisions). Transmission of data is also based on Art. 6 (1) item c of the GDPR in conjunction with § 2g of the FOG.

In the Cluster of Excellence program, personal data will be published on the FWF website in connection with your application. In particular, this concerns the key data provided when you submitted your Letter Of Interest. The publication of this information is intended to enable you and other funding applicants to submit joint applications in the second stage of the above-mentioned program. The legal basis for the processing of this personal data on the FWF website is § 2g (1) item 2 FOG.

c. Storage period

The personal data will be deleted after the end of the legal retention periods.

d. Evaluation of funding programs

If your application has been rejected, the FWF will continue to process your data for the legally permissible period. The data processing is based on Art. 6 (1) item f of the GDPR and/or § 2g of the FOGGeneral Data Protection Regulation. The FWF has a legitimate interest in the evaluation and analysis of its allocation of funding.

5. Whistleblower system

The whistleblower system is used to receive, process, and manage information on violations of the Whistleblower Protection Act (HinweisgeberInnenschutzgesetz, HSchG) and the compliance rules of the Austrian Science Fund (FWF) in a secure and confidential manner. This flow of information allows us to preventively counter any potential risks from unlawful acts without restriction. The establishment of a whistleblower system is necessary in this sense. The legal basis for the processing of personal data within the framework of the whistleblower system is for the purpose of implementing the HSchG and the associated legal obligations pursuant to Art. 6 (1) item c of the GDPR in conjunction with Art. 9 (2) item g of the GDPR. The specific legal basis for the processing of personal data is § 8 of the HSchG. Furthermore, the processing of personal data may be necessary for the implementation of follow-up measures within the meaning of § 5 line 3 of the HSchG.

The processing of personal data for information that does not fall within the scope of the HSchG is based on the overriding legitimate interest of the FWF pursuant to Article 6 (1) item f of the GDPR in the detection and prevention of abuses and thus in the prevention of damage, as well as the processing of personal data pursuant to Article 9 (2) item f of the GDPR with regard to the duty of care and the obligations under labor law.

The whistleblower system is used on a voluntary basis. If you submit a report to the whistleblower system, we collect the following personal data and information:

• Your name, if you disclose your identity.
• If applicable, names of persons and other personal data of the persons you name in your report
• Email address or contact details, if you disclose them
• Nature of the complaint
• Language
• Message

6. Cloud services

a) Description and scope

The FWF collects and uses users’ personal data only to the extent necessary to achieve the purpose of the individual services offered by the FWF; this naturally also applies in connection with cloud services.

Users’ personal data is collected and used only if a corresponding legal basis within the meaning of the GDPR is given, such as a legitimate interest pursuant to Art. 6 (1) item f of the GDPR.

No further personal data is used by the FWF. However, it should be noted in this context that cloud service providers, for example, process data for analysis. Please refer to the terms of use of the respective cloud service provider. Please note that the FWF confirms that this data processing is compliant with the GDPR before using cloud services.

b) Legal bases

Insofar as the FWF obtains the consent of the data subject for the processing of personal data, Art. 6 (1) item a of the GDPR serves as the legal basis for the processing of personal data. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) item b of the GDPR serves as the legal basis. This also applies to such processing that is necessary to carry out pre-contractual measures.  Insofar as the processing of personal data is required to fulfill a legal obligation, Art. 6 (1) item c of the GDPR serves as the legal basis. 

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 (1) item d of the GDPR serves as the legal basis. If the processing is necessary to safeguard a legitimate interest of the FWF or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 (1) item f of the GDPR serves as the legal basis for the processing. 

We only share your personal data with third parties if:

• You have given your express consent pursuant to Art. 6 (1) sentence 1 item a of the GDPR
• It is legally permissible and necessary for the fulfilment of a contractual relationship with you pursuant to Art. 6 (1) sentence 1 item b of the GDPR
• There is a legal obligation to pass on the data in accordance with Art. 6 (1) sentence 1 item c of the GDPR
• The disclosure pursuant to Art. 6 (1) sentence 1 item f of the GDPR is necessary to protect legitimate company interests and to assert, exercise, or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data

In order to review your funding application, your personal data is transferred to external reviewers who are potentially located in countries outside of the European Union or the European Economic Area. It may be that these countries have a lower level of protection guaranteed by law; however, the transfer of your personal data is necessary to review your funding application. The data processing itself is based on Art. 6 (1) item c of the GDPR and § 2g of the Austrian Research Organisation Act (FOG). The permissibility of the data transfer is based on Art. 49 (1) items b and c of the GDPR.

a. Description and scope of data processing

We use cookies on our website. Cookies are small files which are sent by us to the browser of your terminal device and stored there as part of your visit to our website. Some functions of our website cannot be offered without the use of technically necessary cookies. Other cookies allow us to perform various analyses. Cookies are, for example, able to recognize the browser you are using when you visit our website again and to transmit various information to us. We can use cookies to make our website more user-friendly and effective, for example, by tracking your use of our website and by determining your preferred settings (e.g., country and language settings). In case third parties use cookies to process information, they will collect the information directly from your browser. Cookies do not cause any damage to your device. They cannot run programs or contain viruses.

Various types of cookies are used on our website, the type and function of which are explained in more detail below.

Our website uses transient cookies, which are automatically deleted when you close your browser. This type of cookie allows us to collect your session ID. This makes it possible to assign different requests from your browser to a common session and enables us to recognize your terminal device during subsequent visits to the website.

Our website also uses persistent cookies that are stored in your browser for a longer period of time and transmit information to us. The respective storage period differs depending on the cookie. You can delete persistent cookies yourself using your browser settings.

The legal basis for the processing of personal data using cookies is Art. 6 (1) item f of the GDPR on account of the purposes described above. If you have granted your consent in response to a notice (“cookie banner”) on the website, then lawfulness is also based on Art. 6 (1) item a of the GDPR.

Function 1: Technically necessary cookies

These cookies are required for technical reasons so that you can visit our website and use the functions we offer. This applies, for example, to the following applications: Usercentrics cookie consent, website session cookies.

The legal basis for these technically necessary cookies is § 165 of the Telecommunications Act 2021 (Telekommunikationsgesetz, TKG) sowie and Art. 6 (1) item b of the GDPR.

Function 2: Functional cookies

These cookies enable us to analyze website usage and improve the performance and functionality of our website. Information is collected, for example, about how visitors use our website, which pages are most frequently accessed, or whether error messages are displayed on certain pages.

The legal basis for the use of functional cookies and the associated services is Art. 6 (1) item a of the GDPR.

Function 3: Marketing cookies

Advertising cookies (third-party providers) allow us to show you various offers that match your interests. These cookies can be used to record the web activities of users over a longer period of time. Cookies may be used to identify you on the various devices you use.

In addition, certain cookies allow us to connect to your social networks and share content from our website within your networks.

The legal basis for the processing of personal data using non-essential cookies as well as tracking and analysis tools is Art. 6 (1) item a of the GDPR. The declaration of consent is made via the cookie banner on the FWF website.

c. Storage period

As soon as the data transmitted to us via cookies is no longer necessary for the purposes described above, this information will be deleted. Further storage may take place in individual cases if this is required by law.

d. Cookie settings

You can change your cookie settings at any time by clicking on the cookie consent banner at the bottom left of each subpage. There you will also find detailed information about the cookies used and, if applicable, connected third-party services as well as the purpose and type of processing of personal data and, if applicable, the transfer of data to insecure third countries.

This website also uses Google LLC’s Google Maps. For this purpose, Google uses cookies, which are only set with your consent when you click on the map. The legal basis for this data processing is based on Art. 6 (1) item a of the GDPR. We would like to point out that Google processes this data as an independent controller and may also transfer your data to third countries. You can find more information on how Google processes your data at policies.google.com/privacy

We use tracking and analysis tools to ensure the continuous optimization and needs-based design of our website. With the aid of tracking measures, it is also possible for us to statistically record visitors’ use of our website and further develop our online features for you with the help of the information obtained. The legal basis for this data processing is based on Art. 6 (1) item a of the GDPR. Consent is given via the cookie banner. The following description of the tracking and analysis tools also provides information on the purposes of the processing concerned and the data that are processed.

Matomo

Our website uses Matomo, an open-source software for the statistical analysis of visitor traffic. We use Matomo in a self-hosted version on an FWF server in Austria, so that no data is transmitted to third parties.

Matomo uses functional cookies, see above.

When you visit the website, your IP address is transmitted to Matomo, but it is anonymized before storage. Please note that despite the fully activated anonymization function, total anonymization cannot be achieved, only pseudonymization. During use, Matomo creates an internal hash value, which is generated from various factors such as the IP address, resolution, browser, the plugins used, and the operating system. Even with the anonymization function activated, this heuristic uses the full IP address for internal purposes so, with some effort, it is possible to convert the values back to the IP address and thus reliably determine the other information.

The legal basis for the processing of personal data using non-essential cookies as well as tracking and analysis tools is Art. 6 (1) item a of the GDPR. The declaration of consent is made via the cookie banner on the FWF website.

New Relic

Monitoring tool for error detection, performance measurement, etc. See https://newrelic.com/termsandconditions/services-notices

Facebook, Instagram, and X (previously Twitter)

Social media share buttons

The FWF website has social media buttons to allow users to share content from the page to their social networks. Unlike other share buttons, the solution used here does not pass on any data to social network operators simply by accessing the FWF website. Only when you actively click on the share button will your data be transmitted to the respective social network. However, if the share button is not clicked, there will be no exchange between you and the respective social network.

Our website uses social plugins from the social networks Facebook (Meta Platforms, Inc., One Hacker Way, Menlo Park, CA 9402, USA), Youtube (Google Inc., 1600 Amphitheatre Parkway, Mountain View, California 94043, USA), Instagram (Meta Platforms, Inc., One Hacker Way, Menlo Park, CA 9402, USA), X (X Corp., 1355 Market St, Suite 900, San Francisco, California 94103, USA), Xing (New Work SE, Am Strandkai 1, 20457 Hamburg, Germany), LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland), and Vimeo (Vimeo Inc., New York, NY HQ, United States, 555 W 18th St). These services are provided by the respective companies (“providers”). As part of our online presence, the social plugins are identified by the respective buttons belonging to the service. On the basis of the data transmitted to the respective service via the social plugins, the service can associate you with the account you have with it. We ourselves do not collect any personal data via the social plugins and their use, andin order to increase the protection of your data on our website, the social plugins are only integrated into our website as static graphics using the Shariff extension. These graphics contain a link to the websites of the corresponding provider of the plugin. This ensures that when a page of our website containing such social plugins is accessed, no automatic connection is established with the servers of the respective providers and therefore personal data is not automatically forwarded to the providers of the respective social plugins.

By clicking on the graphic you will be redirected to the service of the respective provider, just as with normal links. The provider only receives information about you, such as your IP address, when you access the provider's website. If you do not click on the button graphics, no data exchange will take place.

The function of the respective social plugin is activated in two steps. To activate a social plugin, you must first click on the link on our website. This first activates the social plugin and your browser establishes a connection with the servers of the provider in question. With a second click, you can now interact with the social plugin and submit your recommendation, for example. If you are already logged in to one of the social networks of the providers, the providers can immediately associate the visit to this website with your profile. If you interact with social plugins by clicking on them, the corresponding information is also transmitted directly to a server of the providers and stored there. The information may also be published on the social network and displayed there under your contacts. If you wish to prevent the immediate assignment of your data collected via our website to your profile, you must log out of your account of the respective provider before visiting our website.

For information about the collection and use of your data in social networks, the scope and purpose of the data collection by the respective service, and the further processing and use of your data there, please refer to the data protection information directly from the service's website. There you can also learn more about your data protection rights and about adjusting your settings to protect your privacy.

a) Meta Platforms, Inc, One Hacker Way, Menlo Park, CA 9402, USA

• facebook.com/policy.php
• facebook.com/help/186325668085084

b) Google Inc., 1600 Amphitheater Parkway, Mountain View, California 94043, US

• google.com/policies/privacy/partners/

c) X Corp., 1355 Market St, Suite 900, San Francisco, California 94103, USA

• twitter.com/privacy

The legal basis for the processing of the data after the consent of the user is Art. 6 (1) item a of the GDPR in accordance with the cookie banner and the legitimate interest within the meaning of Art. 6 (1) item f of the GDPR.

Vimeo

Our website uses plugins from Vimeo.com, which is operated by Vimeo, Inc, 555 West 18th Street, New York, New York 10011, USA. If you visit one of our web pages equipped with such a plugin, a connection to Vimeo’s servers is established and the plugin is displayed on the web page by notifying your browser. Here the Vimeo server is informed about which of our web pages you have visited. If you are logged in as a member of Vimeo, Vimeo will associate this information to your personal user accounts on these platforms. When using these plugins, such as clicking/launching a video or sending a comment, this information is also associated to your Vimeo user account, for example, which you can only prevent by logging out before using the plugin.

Information on the collection and use of data by the above platform or plugins can be found in the privacy policy: http://vimeo.com/privacy.

LinkedIn

Our website uses the functions of the LinkedIn network. The service is provided by the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA (hereinafter referred to as “LinkedIn”).

Each time one of our web pages containing LinkedIn features is accessed, a connection to the LinkedIn server is established. LinkedIn is informed about the visit with your IP address on our website. By clicking the LinkedIn “Recommend” button, LinkedIn is able to associate this visit to your LinkedIn user account. This information is then processed further by LinkedIn.

The relevant provisions and setting options can therefore be found in the privacy policy of LinkedIn at https://www.linkedin.com/legal/privacy-policy.

Research Gate

Our website uses the functions of the ResearchGate researcher network of ResearchGate GmbH, Invalidenstrasse 115, 10115 Berlin, Germany. For further information, see https://www.researchgate.net/privacy-policy.

Our website contains hyperlinks to websites of other providers. When you activate these hyperlinks, you will be redirected from our website directly to the other providers’ website. You can recognise this, for example, by the change in the URL. We cannot accept any responsibility for the confidential handling of your data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. Please inform yourself about how your personal data is handled by these companies directly on their websites.

Under the GDPR, you generally have the right to information, rectification, erasure, restriction of processing, and a right to object to the processing of your personal data.

Please note that the data protection rights of data subjects under the GDPR cannot be asserted or can only be asserted to a limited extent when using the whistleblower system in accordance with § 8 (9) of the HSchG as long as and to the extent that this is necessary to protect the identity of the persons involved and to prevent attempts to prevent, undermine, or delay whistleblowing or follow-up measures based on whistleblowing.

Under the GDPR, you, as the data subject of the processing of personal data, have the following rights:

• Pursuant to Article 15 of the GDPR, you can request information about your personal data processed by us. In particular, you can request information about the purposes of the processing; the categories of personal data concerned; the categories of recipients to whom your data have been or will be disclosed; the envisaged period for which your personal data will be stored; the existence of the right to rectification, erasure, restriction of processing, or objection to such processing of your personal data; the existence of the right to lodge a complaint; the source of your data where the personal data is not collected by us; the transfer of your personal data to third countries or international organisations; as well as the existence of automated decision-making, including profiling, and if necessary, meaningful information about the logic involved.
• Pursuant to Article 16 of the GDPR, you can request the immediate rectification of inaccurate personal data concerning you or the completion of incomplete personal data stored by us.
• Pursuant to Article 17 of the GDPR, you can request the erasure of your personal data stored by us, provided that the processing is not necessary for exercising the right of freedom of expression and information; for compliance with a legal obligation; for reasons of public interest; or for the establishment, exercise, or defence of legal claims.
• Pursuant to Article 18 of the GDPR, you can request the restriction of the processing of your personal data if you contest the accuracy of the data, the processing is unlawful, we no longer need the data and you oppose their erasure because you require them for the establishment, exercise, or defence of legal claims. You are also entitled to the right under Article 18 of the GDPR if you have objected to processing pursuant to Article 21 of the GDPR.
• Pursuant to Article 20 of the GDPR, you can request that the personal data you have provided us with be received in a structured, current, and machine-readable format, or you can request that the data be transmitted to another controller.
• Pursuant to Article 7 (3) of the GDPR, you can withdraw your consent at any time. As a consequence, we will in future no longer be permitted to continue the data processing based on this consent.
• Pursuant to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your habitual residence or place of work, or our registered office. In Austria, the supervisory authority is the Austrian Data Protection Authority (Datenschutzbehörde), Barichgasse 40-42, 1030 Vienna, tel: +43-1-52 152-0, email: dsb(at)dsb.gv.at, web: www.dsb.gv.at.

The FWF would like to point out that the personal data required for the allocation of monetary funds are processed, among others, on the basis of § 2g of the Austrian Research Organization Act (FOG). Here you will find a list of which processes these are.

If the FWF acts as joint controller with one or more legal entities for the allocation of funding, the decisive factor in determining responsibility for data protection as defined by Article 26 GDPR is to which controller the application for funding was submitted. If such an application is submitted to the FWF, it shall be contacted in connection with the exercise of the data subject’s rights as defined by Article 26 of the GDPR and shall be responsible for this privacy policy. If an application is submitted to another (joint) controller, this controller shall be contacted in connection with the exercise of data subject’s rights as defined by Article 26 of the GDPR and shall be responsible for its privacy policy or the like.

When processing your personal data on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 item f of the GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 insofar as there are reasons which arise from your particular situation or if the objection refers to direct marketing. In the case of direct marketing, you have a general right to objection, which we will implement without you needing to specify any particular situation.

We are committed to protecting your privacy and treating your personal data confidentially. In order to avoid manipulation, loss, or misuse of your data stored by us, we take extensive technical and organizational security precautions that are regularly reviewed and updated to reflect technological progress. This includes the use of recognized encryption methods (TLS), but we would like to point out that due to the structure of the internet, it is possible that the rules of data protection and the above-mentioned security measures may not be observed by other persons or institutions not within our area of responsibility. In particular, unencrypted data – e.g. if sent by email – can be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data provided by him/her against misuse by encryption or in any other way.