(updated on 2019-06-28)
The careful handling of our users' personal data is an essential principle of our daily work at FIAS. For this purpose, technical and organisational measures are taken within the institute at all levels of processing, which are regularly checked by internal and external bodies. In addition, we collect individual data only to the extent necessary for the type of contact or cooperation with the institute.
Of course we comply with the applicable regulations of the Bundesdatenschutzgesetz (BDSG), the Telemediengesetz (TMG) and in particular the EU General Data Protection Regulation (GDPR).
In addition to this basic privacy notice, we selectively and as needed make available additions concerning the respective processing for specific purposes. Details depend on the purpose of the processing and are provided separately for different groups of people (external website visitors, FIAS members, event participants, etc). This privacy notice therefore covers basic information for all users and details for general visitors.
If the relevant regulations have been accepted, we will process respective data accordingly. Requests for information, corrections and objections can be sent at any time in writing to
Frankfurt Institute for Advanced Studies (FIAS)
60438 Frankfurt am Main
or electronically to
Please consider our instructions for secure e-mail use.
Further information on the right to information, correction, and restriction/erasure can be found in the relevant subsections of section "Collecting and processing of personal data".
Web presences concerned
Controller according to GDPR
Controller in the sense of GDPR and its current national implementation and amendments (BDSG):
Institute for Advanced Studies (FIAS)
60438 Frankfurt am Main
+49 69 798 47600
Fax: +49 69 798 47611
Please consider our instructions for secure e-mail use.
External Data Protection Officer
Inquiries and complaints can be addressed to our external data protection officer, who can be reached as follows:
rehm Datenschutz GmbH
Please consider our instructions for secure e-mail use. In particular, please note that messages sent to dpo_at_fias.uni-frankfurt.de are forwarded to the responsible contact in the context of rehm Datenschutz GmbH without additional encryption.
Responsible supervisory authority
You can contact the Hessian Data Protection Officer as follows:
Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 31 63
Please consider our instructions for secure e-mail use. In particular, please note that you may send PGP-encrypted messages to the above e-mail address. The corresponding PGP key is available on the above web pages.
Filing a complaint
If you are of the opinion that the processing of your personal data violates the GDPR, you may complain to the above-mentioned data protection officer, and you have the right to file a complaint with the above-mentioned supervisory authority or another competent supervisory authority of the Federal Republic of Germany, your place of work or the place of presumed violation, notwithstanding any other administrative or judicial remedy.
The supervisory authority to which the complaint has been lodged shall inform the complainant of the status and results of the complaint, including the possibility of a judicial remedy under Art. 78 GDPR.
Collecting and processing of personal data
Volume of data
We process personal data of our users only as far as necessary to provide our web presences and contents as well as other services and merits. Processing of personal data is only carried out with consent of the affected user, with an exception for cases precluding prior consent for substantial reasons if such processing of data is permitted by legal regulations.
General legal basis
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a GDPR serves as the legal basis.
In the processing of personal data required for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
Insofar as the processing of personal data is required to fulfil a legal obligation to which FIAS is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis.
If processing is necessary to safeguard a legitimate interest of FIAS or a third party and if the interests, fundamental rights, and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 letter f GDPR serves as the legal basis for processing. This aspect is taken into account as required in the respective context of the following subsections.
Visiting our web pages
In principle, no explicit transmission of personal data (registration, etc) is necessary for the use of our public web pages. Nevertheless, implicit usage data is generated during each visit, which can also be personal data.
For technical reasons, we temporarily store the following information for each retrieval of a web page, a web page component or a download from one of the FIAS web presences: the IP address of the visitor, the time stamp of the retrieval, the address of the referencing web page, the address of the retrieved resource, the method of retrieval (GET/POST/....), the status/error code of the request, the size of the data transmitted, and information provided by the visitor's system on version and type of web browser and possibly operating system. This information is required to deliver the Web content and, if necessary, to support session management.
In addition, this information is fully stored in our log files and archived for at most seven days for security and technical optimization purposes. Such data will not be used for other purposes, in particular not transmitted to third parties. Furthermore, it is stored separately from other personal data of the user.
After at most seven days in the log archive, the IP address is automatically anonymized by suitable means. To this end we remove or irreversibly replace the least significant 16 bits (IPv4), 80 bits (IPv6), or 9 bits (IPv4 domain esforum.de for technical reasons) of the IP address. The remaining data is then only used in long-term technical/statistical evaluations and can no longer be traced back to individuals.
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR. Both aspects are absolutely necessary for the operation of the web presences; in this regard the user has no possibility of objection.
To provide essential basic functions (individual settings, session management and recognition of the login status) we use so-called cookies. These are small data records that are stored on the visitor's browser by the respective web service and either contain the corresponding information directly or allow it to be associated on the server side. This can already occur the first time you visit a web page.
This mechanism allows a longer-term identification of the user, which is necessary for authentication purposes and for the full function of the pages, but also enables tracking of visitors.
Cookies set by us can be deleted directly by the user at any time in order to prevent further storage/use of the respective information. This can cause session management to be interrupted, web-based services to be logged off, and/or individual settings to be reset. Furthermore, permanent deactivation of cookies can lead to permanent problems or restrictions in this context.
Furthermore, our web pages do not apply cookies or external resources for tracking or advertising purposes. The creation of content is subject to corresponding internal guidelines; problematic embeddings/transmissions are technically prevented (as far as possible) or at least regularly checked for.
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f GDPR. Our legitimate interest arises from the above description.
Enquiries, contributions, registration, and individual access
Some areas of our website and other services are subject to access restrictions or are explicitly activated for optional use.
These include forums, mailing lists, newsletters, project work, events (participation/organization), version control systems, ticket systems, and areas for file exchange.
The majority of these areas require an existing FIAS membership, a cooperation agreement with FIAS, or at least guest status. Further details of the associated data processing are regulated by a corresponding initial agreement and our IT usage regulations, which are handed out to the persons concerned.
Other areas, however, also allow use by a wider audience. This will be indicated by appropriate information, especially when
registering for events,
subscribing to forums, mailing lists, newsletters,
submitting support requests, or
applying for a position.
In these cases, we usually store at least the transmitted name, further contact data, and (if necessary) a user name and/or password.
A registration or request can be made via a corresponding web form. Further details are described in the subsection "Web forms".
In some cases it is also possible to register or make an enquiry by e-mail. This may result in automated processing, registration, and associated storage of your contact details on first contact to allow you to track further processing. You will be notified of this in an automated reply. For more information on the use of e-mail in general, please refer to the subsection "Use of e-mail".
The legal basis for processing of such data is the existence of the user's consent within the context of a membership, a cooperation agreement, or an explicit registration pursuant to Art. 6 para. 1 lit. a GDPR.
Withdrawal of consent within the scope of an explicit registration is possible at any time. In most of the cases mentioned above, this can be done by the affected person oneself with the help of the mechanisms documented or regularly communicated in the individual areas. Registration data is typically deleted within a few days. An exception are the contributions made within the above-mentioned areas, provided that they are part of a discussion or project treatment. This content data is usually kept for the purpose of comprehensibility and to ensure the consistency of the course of discussions and of contribution history, and is anonymized only within the limits of technical feasibility. Explicit deletion requests are nevertheless possible and will be carried out by us under the constraints described under "Restriction and erasure".
Please note that consent given within the framework of an initial agreement (as a member, cooperation partner, guest) with FIAS cannot be withdrawn selectively for an individual scope if the corresponding registration serves to establish regular contact and the minimum participation in the work of the institute, i.e. is part of a higher-level agreement. The possibility of premature termination of the relevant relationship with FIAS (membership, cooperation, guest status) remains unaffected.
In relation to the registration for restricted areas, the activation of optional services, and the transmission of other requests, FIAS operates pages with corresponding web forms.
Information provided in this context, an associated time stamp, and possibly other technical form features are always stored for processing of the request and, if required, beyond that. See the storage subsections for more details.
The forms primarily record necessary information, which is marked accordingly and mandatory for further processing. This includes, for example, contact or identity information and/or the subject of the request or contribution.
In some cases, further information must be provided in free form (text field, upload of a file).
Optional form fields do not have to be filled in. They are only used to improve documentation (for example, an event attendee's affiliation) or to provide further means of contact.
In this context, one should only provide information necessary for the relevant transaction or desirable for the person concerned, since we usually keep the complete record of data transmitted by means of a form for as long as it takes to process the request or contribution, for the duration of the resulting relationship with FIAS, and for any subsequent minimum storage periods. Correction and reduction of the data set is possible even at a later date within the bounds of the usual claims.
The above-mentioned technical form features include functional attributes that are necessary for processing, and features to prevent misuse of our pages (attacks, spam). No further use (e.g. tracking) takes place.
The transmitted data will only be transferred to third parties if this is necessary or unavoidable for processing of the request. The fact and the extent of the data transmitted will be indicated in good time as required.
For example, organising and carrying out events with the help of third parties constitutes such necessary transfer, while contributions to discussion forums involving external participants constitute unavoidable transfer.
Use of e-mail
When contacting us by e-mail, please note that during transmission, sensitive data is only protected if e-mail encryption is used. You will find more information in the section "Data protection by encryption".
Messages sent to us should only include data that is required for the respective transaction, as we usually need to keep an original message for the time of processing the request, the duration of the resulting relationship with FIAS, and any subsequent minimum storage periods. Selective deletion of unintentionally transmitted data is therefore not always possible. Alternatively, blocking may be an option (see "Restriction and erasure").
The obligation to retain original e-mail messages also implies the recording of all information contained in message headers (including delivery logging, IP addresses contained therein, time stamps, and other message attributes).
Messages or message components are only forwarded to third parties if this is necessary or unavoidable for processing of the request. The fact and the extent of the data transmitted will be indicated in good time as required.
For example, necessary forwarding includes events for which we provide support with the help of third parties (eg when booking a hotel), while unavoidable forwarding includes posting to a mailing list that also contains external e-mail recipients.
Notwithstanding the above handling, we will report obviously misdirected messages to the sender (if possible) and delete them immediately (without further retention).
Furthermore, if you are the recipient of a misdirected message from our side, we ask you to inform us and to delete the message immediately.
Use of IT services of FIAS in general
In addition to the above-mentioned web services, other technical services can be involved in dealing with FIAS. These include common functionality already mentioned, such as e-mail, but also further, technically more specialized services such as name resolution, mail access (IMAP), calendar access (CalDAV), remote login (SSH) and chat services (XMPP).
Services intended for purely internal use or for use by other service providers for the general maintenance of basic functions do not normally come into direct contact with external visitors and their personal data. Even if IP addresses are stored for technical reasons, corresponding log files do not contain any personal data of external visitors then.
Irrespective of this, log files are also stored here for seven days with the full IP address for technical reasons and to avert danger, and only kept in anonymised form after this period.
Further incident-related data storage
Persons associated with FIAS in the context of employment, scholarship, other contractual relationship, application, and/or accounting/reimbursement are also subject to recording of their personal data, as customary and required in the respective context. We provide more detailed information on an individual and context-specific basis. Explicit inquiries are possible at any time.
Storage of required data
Duration and extent of the preservation of personal data depend on the respective requirements in order to carry out desired or necessary processes. Corresponding obligations on reporting and storage arise from (among other things) legal requirements and significantly define the overall parameters.
In principle, we only store objectively required data, and such preservation ends with the end of the requirement, i.e. erasure is performed immediately without further request, if no legal regulation opposes it.
For reasons of traceability, some processes require a minimum storage period of three to six months. These include application documents (maximum six months after rejection) and information on physical admission or logical access (maximum six months after the end of the regular period). The storage periods can be further extended by legal obligation.
Furthermore, former members of FIAS are usually considered as alumni and in the context of recording the history of the institute. Inherently, constraints on the corresponding storage periods cannot be applied too narrowly.
However, this as well as other uses can be objected to. Further information can be found in the subsection "Objection".
Storage of other content data
Other content data, on the other hand, is only stored within the scope of the actual function, depending on the service. Without further action,
e-mail messages are stored in the respective target mailbox of the recipient only,
files are stored in the selected file storage area only, and
database entries are stored in the respective designated database only.
Preservation of such data is linked to the continued existence of the storage target and the specific regulations for further handling of data. These are specific to the respective use case, and may be inquired individually.
Content data linked to a full-featured personal account are subject to the IT usage agreement, which is handed out when a FIAS account is created.
Irrespective of the above, automated copies are made within the scope of data redundancy (RAID) and data backup. However, these do not extend the circle of authorized users and only serve availability and security.
Audiovisual recordings, publication of name
Members of FIAS are regularly listed on our web pages (both by name and image). This is done on the basis of a corresponding agreement with the respective persons at the time of their admission as members of the institute, provided they do not object to this use. An objection does not result in any disadvantage and can later be lodged at any time.
External visitors as well as members of FIAS can (in the context of events, if common) be the subject of lists of names and/or visual or audio recordings by FIAS, which are made accessible to the public. This will be communicated in the course of their registration. A rejection is possible at that time and will be taken into account in the preparation of lists and recordings.
As above, after approval has been given, it can subsequently be withdrawn at any time. It should be noted that a late decline of a person's named or audiovisual reproduction, once prepared, cannot have a retroactive effect on past publication. It only prevents further publication by FIAS.
If in doubt regarding such publication, we therefore ask you not to give your consent or to withdraw it as early as possible.
Disclosure of data to third parties
Data will only be passed on to third parties if
required by the specific relationship with the person concerned or by the nature of the service (performance of a contract, service supported by third parties, participation of third parties),
requested by supervisory authorities, inspection bodies, or law enforcement authorities in the context of threat prevention, security auditing, or law enforcement, or
required by other legal obligations.
Right to information and rectification
In principle, every person has a right of access to his/her personal data stored at FIAS, including the possibility of negative information, i.e. the confirmation that no personal data of the respective person is available or can be attributed to him/her. If such data is available, a request for information by the data subject may cover the following information:
Purposes for which your personal data is processed;
categories of such data;
recipients or categories of recipients (third parties) to whom this information has/will be disclosed;
intended retention period of this data (if palpable) or criteria for a foreseeable determination of the storage period;
applicable right to rectification, erasure, or restriction of this data, to limitation of processing by FIAS or to objection to such processing;
existing right of complaint to a supervisory authority;
available information on the origin of the data if it was not collected in direct contact with the person concerned;
the existence of automated decision-making in accordance with Art. 22 paras. 1 and 4 GDPR and, if applicable, meaningful information on the logic involved and the significance and intended effects of such processing for the data subject;
completed or intended transfer of data to a third country or an international organisation, as well as appropriate safeguards in accordance with Art. 46 GDPR relating to the transfer.
Please note that an attribution to a person must be possible. Corresponding identifying features have to be provided to us and, if necessary, authenticated by further information. This is needed in order to protect the data from unauthorized external access.
In addition, we can only consider data that has unique identifying features. We cannot provide information on data that is only linked to IP addresses or other features that we cannot attribute to a person.
Naturally, you may submit requests to rectify verifiable errors or augment insufficient information in the corresponding databases for continued adequate use. We will take them into account immediately (after checking for authenticity, if necessary).
See also subsection "Restriction of data-related rights".
Right to data portability
The data subject has the right to receive the personal data concerning him/her, which he/she has provided to FIAS, in a structured, common and machine-readable format. Furthermore, he/she has the right to transmission of this data to another controller without obstruction by FIAS, or to have it transferred directly between two controllers, provided
processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR or Art. 9 para. 2 lit. a GDPR, or on a contract pursuant to Art. 6 para. 1 lit. b GDPR and
processing is carried out by means of automated procedures and the desired transmission is technically feasible.
This must not adversely affect rRights and freedoms of other persons.
The right to data portability does not apply to the processing of personal data necessary for the performance of a task in the public interest that has been vested in FIAS.
The data subject has the right not to be subject to a decision based exclusively on automated processing which has legal effects against him/her or significantly affects him/her in a similar manner. This right does not apply if the decision
is necessary for entering into, or performance of, a contract between the person and FIAS, and FIAS takes "appropriate measures" as set out below,
is permitted by law of the Union or the Federal Republic of Germany, and that law lays down "appropriate measures" as set out below, or
is made with express consent of the person, and FIAS takes "appropriate measures" as set out below.
The right does apply if the decision is based on special categories of personal data pursuant to Art. 9 para. 1 GDPR, unless Art. 9 para. 2 lit. a or g GDPR applies.
The so-called appropriate measures required by the referring cases above are those which are suitable to safeguard the rights, freedoms, and legitimate interests of the person, including at least the right to obtain human intervention on the part of FIAS, to express one's point of view, and to contest the decision.
FIAS does not apply automated decision making (in particular, does not apply profiling) pursuant to Art. 22 GDPR. Nevertheless, we use automated treatment of spam or malware in e-mail messages and in the context of input or contributions on our web pages, to the extent necessary for operational security or at the express request of the respective recipient. According to the current interpretation, this type of automation does not fulfil the criteria of Art. 22 para. 1 GDPR.
Withdrawal of consent
The data subject may withdraw her/his consent to the processing of her/his data at any time pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR, which, if possible, puts an end to the processing and leads to immediate erasure or, alternatively, restriction of the data concerned. Further details are described in the subsection "Restriction and erasure".
See also subsection "Restriction of data-related rights".
Pursuant to Art. 21 para. 1 or 2 GDPR, the data subject may at any time object to the processing of data carried out pursuant to Art. 6 para. 1 lit. e or f GDPR, which, if possible, puts an end to the processing and leads to immediate erasure or, alternatively, restriction of the data concerned. Further details are described in the subsection "Restriction and erasure".
Notwithstanding Directive 2002/58/EC, data subjects may exercise their right of objection in relation to the use of information society services by means of automated procedures using technical specifications (defensive measures).
See also subsection "Restriction of data-related rights".
Restriction and erasure
Unneeded personal data will be regularly and immediately deleted by us. This also covers the deletion of all redundantly stored copies and backups of data (possibly with a technical delay), as well as informing all third parties that have been recipients of permissible/necessary transmission of data (if possible, and with a potential delay caused by further storage obligations).
Upon request, we also arrange for the premature delisting or deletion of existing, originally necessary data, based on
withdrawal of consent pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a GDPR in the absence of any other legal basis for processing,
an objection to the processing pursuant to Art. 21 para. 1 GDPR in the absence of overriding justified grounds,
an objection to processing pursuant to Art. 21 para. 2 GDPR, or
the notification of unlawful processing.
Even without explicit withdrawal or objection, previously required data will be deleted at the earliest possible time; more details are given in the subsection "Storage of required data".
Please note that data whose publication has been approved can only be deleted to the extent of copies within the scope of FIAS. Copies already made within the scope of independent third parties naturally remain unaffected by this. In accordance with Art. 17 para. 1 GDPR, we will attempt, within the bounds of possibility, to arrange for the erasure of further copies or at least of references thereto, but are subject to practical restrictions.
It should be noted that in individual cases, due to
legal storage obligations,
pending enforcement of rights and claims,
legitimate interests of the data subject,
legitimate interests of another natural or legal person, or
other public interest of the Union or of a Member State,
erasure may be postponed. We will inform you of this in the given case and will arrange for the corresponding data to be restricted, i.e. its use to be limited to the remaining necessary/permissible purpose, as a substitute or as a transitional measure.
Restriction also applies if
the data subject has lodged an objection to the processing pursuant to Art. 21 para. 1 GDPR and it has not yet been determined whether justified reasons of FIAS predominate,
the accuracy of the data is in doubt, for as long as further clarification continues, or
after unlawful processing, if the data subject explicitly objects to the required erasure of her/his data.
If the remaining grounds for the restriction no longer prevail, automatic erasure is performed as soon as possible.
See also subsection "Restriction of data-related rights".
Restriction of data-related rights
The right to information, rectification, restriction, and erasure may be limited insofar as its fulfilment can be expected to substantially hamper or prevent research or statistical purposes pursuant to Art. 89 para. 1 GDPR. This restriction can result from the necessity of general research of the institute, statistical evaluations in the context of reporting, archiving purposes, and/or the recording of the institute's history.
In addition, there are restrictions insofar as the processing of existing data is necessary
to exercise freedom of expression and information;
to fulfil a legal obligation which requires processing under the law of the Union or the Federal Republic of Germany, or to perform a task in the public interest that has been vested in FIAS;
for reasons of public interest in the area of public health in accordance with Art. 9 para. 2 lit. h and i and Art. 9 para. 3 GDPR;
for archiving purposes in the public interest, for scientific or historical research purposes, or for statistical purposes pursuant to Art. 89 para. 1 GDPR, insofar as the above-mentioned law is likely to make it impossible or seriously impair the attainment of the objectives of such processing; and
to assert, exercise, or defend legal claims.
In order to protect stored data against unauthorized access, manipulation, and loss, we regularly check the security of our systems as part of suitable technical and organisational measures.
Within this context, both internal and external security checks are carried out. Automated internal security checks also cover passwords for individual restricted access. Both newly selected and existing passwords are subjected to adequate triviality tests and checked for other known weaknesses. The user will be notified of any weaknesses found. If they pose an imminent danger, access restrictions may temporarily be imposed until all weaknesses have been remedied.
Personal passwords of FIAS users will never be stored in clear text or transmitted to third parties in any form during the course of such security measures or regular operation, with the exception of notification of initial passwords using specially protected form sheets and the short-term processing on FIAS systems for registration or authentication. Such procedures are limited to the necessary exchange of information between the user and FIAS.
Data protection by encryption
For the best possible protection of the data of our visitors, partners, and members, our web pages and all other services dealing with personal data apply encryption on the basis of SSL or TLS.
In the case of web services, this is indicated by addresses with the prefix https://.
In addition, our systems declare obligatory encryption for visitors of our web pages (HSTS), which leads to an encrypted connection being established by current browsers even after a web address of an unencrypted resource (i.e. without prefix or with prefix http://) has been entered.
With a modern browser, this protects all transmitted data (especially login data and other sensitive information) against reading by unauthorized third parties.
In addition, we support common methods for e-mail encryption (PGP, S/MIME) and, on request, file exchange via an institute-owned platform.
Links to external resources
Our web presences contain links to other web pages and to external downloads which are beyond our sphere of influence. By selecting such links you will leave the scope of this privacy notice.
Accordingly, we cannot assume any responsibility for the use of those external resources and traces of data left there. Nevertheless, if we are made aware of problematic offers, we will immediately remove the corresponding links.