Dear visitors to the Web App of the MOSAiC expedition.
To ensure that you feel secure when visiting our website, we would like to inform you below about how we handle your data. We neither publish your data nor pass it on to third parties without your consent. Below we explain what types of data we collect when you visit our web pages and precisely how it is used:
A. General information
1. Extent of data processing
We only process personal data collected from our users insofar as this is necessary for the provision of a functional web presence and our content and services. As a rule, personal data provided by our users is only processed with their consent. One exception is where statutory regulations permit the processing of data.
2. Legal basis for data processing
Art. 6 (1)(a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis whenever we obtain the consent of the person concerned (“data subject”) for the processing of their personal data.
Art. 6 (1)(b) of the EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data which is necessary for performing a contract to which the data subject is a party. The same applies to processing that is required for carrying out pre-contractual measures.
Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR) serves as the legal basis when processing is necessary to safeguard a legitimate interest of AWI or a third party, and provided this legitimate interest is not outweighed by the data subject’s interests and fundamental rights and freedoms.
3. Data erasure and storage duration
The personal data of the data subject is erased, anonymised or blocked as soon as the purpose of the storage ceases to apply. In addition, storage may take place if required by European or national law in EU regulations, laws or other regulations to which AWI is subject. Blocking, anonymisation or deletion of the data also takes place if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data in order to conclude or fulfil the contract.
4. Contact details of the data protection officer:
Data controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection legislation as well as any other data protection regulations:
Helmholtz-Zentrum für Polar-und Meeresforschung
Am Handelshafen 12
The controller’s data protection officer is:
Tel.: +49 (471) 4831-1637
B. Provision of the website and creation of log files
We store data relating to individual visits to our website for statistical purposes to improve the quality of our web pages. This data record consists of:
- the page from which the data file was requested,
- the name of the data file,
- the date and time of the query,
- the quantity of data transmitted,
- the status of access (the file was transmitted or the file was not found),
- a description of the type of web browser used,
- the IP address of the inquiring computer.
The data is stored in the log files of our systems. Storage of this data together with other personal data of the user does not take place.
The legal basis for the temporary storage of data and the log files is Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR). Storage in log files is carried out to ensure the functionality of the website. In addition, the data is used to optimise the web pages, to carry out troubleshooting and to ensure the security of our IT systems. These purposes also constitute our legitimate interest in the data processing pursuant to Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR).
The data is deleted as soon as it is no longer needed to achieve the purpose for which it was collected. In the case of data collection for the provision of the website, the data is deleted when the respective session has ended. If the data is stored in log files, it will be deleted after seven days at the latest. Further storage is possible, in which case the IP addresses are deleted or altered so that identification of the calling client is no longer possible.
The collection of data for the purpose of providing the website and storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no right to objection on the part of the user.
C. Web analysis
- IP address, anonymised through abbreviation
- Two cookies for distinguishing between different visitors (_pk_id.44.a4d7 and _pk_ses.44.a4d7)
- Previously visited URL (referrer), if sent from the browser
- Name and version of the operating system
- Name, version and language setting of the browser
- Visited URLs on this website
- Times of page visits
- Type of HTML enquiries
- Screen resolution and colour depth
- Technologies and formats supported by the browser (e.g. cookies, Java, Flash, PDF, WindowsMedia, QuickTime, Realplayer, Director, SilverLight, Google Gears)
The storage and evaluation of data is carried out solely on a central server operated by AWI.
The legal basis for the processing of users’ personal data is Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR). Processing the personal data of users enables us to analyse how our users utilise the website. By evaluating the acquired data, we are able to compile information on the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. These purposes also constitute our legitimate interest in the data processing pursuant to Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR). By anonymising the IP address, sufficient consideration is given to the interests of users in protecting their personal data.
The data is erased after formation of the final annual totals for the access statistics.
Of course, you have the option of objecting to the data collection. You have the following independent ways of objecting to data being acquired through the central server:
1. Activate the “do not track” setting in your browser. As long as this setting is active, our central server will not be able to store any of your data. Important: The “do not track” instruction usually only applies to the device and the browser in which you activate the setting. If you use several devices/browsers, you have to activate “do not track” separately everywhere.
2. Use our opt-out function. Click on the tick in the following option box to stop or reactivate data collection. As long as this option box is deactivated, our central server will not be able to store any of your data. Important: For the opt-out, we need to store a special recognition cookie in your browser. If you delete it or utilise a different PC/browser, you will need to revoke data collecting again on this page.
Storage of this data together with other personal data of the user does not take place.
- “_pk_id.44.a4d7” – Piwik (Matomo) ID for tracking.
- “_pk_ses.44.a4d7” – Piwik (Matomo) session for tracking.
- Transferring the browser’s language setting: automatic selection of the homepage and spellcheck
User data gathered by technically necessary cookies is not utilised to prepare user profiles. These purposes also constitute our legitimate interest in processing personal data, pursuant to Art. 6 (1)(f) of the EU General Data Protection Regulation (GDPR).
Cookies are stored on the user’s computer, which transmits them to our site. For this reason, you, as the user, also have full control over the utilisation of cookies. You can deactivate or restrict the transmission of cookies by changing your Internet browser settings. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, you may find that not all of the website’s functions can continue to be utilised in full.
E. Rights of the data subject
As the data subject whose personal data is collected within the scope of the above-mentioned services, you have the following rights, unless any legal exceptions apply in individual cases:
- Information (Art. 15 GDPR)
- Rectification (Art. 16 GDPR)
- Erasure (Art. 17 (1) GDPR)
- Restriction of processing (Art. 18 GDPR)
- Data portability (Art. 20 GDPR)
- Objection to processing (Art. 21 GDPR)
- Withdrawal of consent (Art. 7 (3) GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR). For AWI, this is the Landesbeauftragte für den Datenschutz und Informationssicherheit (State Data Protection and Freedom of Information Officer), Arndtstrasse 1, 27570 Bremerhaven.
F. Social media
We also use YouTube for the embedding of videos.
Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of YouTube under
G. Local Storage
To allow you to tailor the MOSAiC progressive web app to your personal needs and usage, we use so-called local storage technology (also known as “local data” or “local storage”). This means that data is stored in your browser cache, and – providing the cache is not cleared – remains there even when the browser window is closed or the program ended, and can be retrieved when it is reopened.
Local storage makes it possible for your preferences when using the MOSAiC progressive web app to be saved on your computer and used by you. Data from the local storage is used e.g. to display your selected language or to allow the app to be used offline. The MOSAiC progressive web app stores the following information as local data:
- The user’s language.
- Whether or not the intro has already been opened.
- Whether an item has been liked.
- The last dataset (blogs, …). This is loaded if no connection to the server can be established.
- In order to restore the PWA after a reload:
- Active expedition: MOSAiC or Fram.
- Active date (datepicker).
- Current date in order determine when the last reload took place.
Third parties cannot access the data in the local storage. The data is not passed on to third parties and is not used for advertising purposes.
In addition, the following content is stored in the “cache storage” via the “service worker” in order to maintain the application’s offline functionality:
- Style sheets (CSS)
- HTML content
We use these technologies in order to be able to offer you an attractive and fully functional service. This constitutes a legitimate interest on the basis of Article 6, Paragraph 1 (f) of the General Data Protection Regulation (GDPR).
If you do not wish online services to use the local storage function, you can control this by altering the browser settings in the relevant app’s platform-dependent operating system.