Data protection declaration

  1. Scope
  2. Purposes and legal basis of processing – In general when visiting our website
  3. Purposes and legal basis of processing – When contacting us
  4. Purposes and legal basis of processing – Newsletter and journal
  5. Applications and careers
  6. Categories of personal data
  7. Recipients of the data
  8. Transfer to a third country
  9. Period of data storage
  10. Automated decision-making
  11. Your rights / Rights of the data subject
  12. Cookies
  13. Data protection declaration on the application and use of Twitter

Thank you for your interest in our Institute. Data protection is a top priority at the Institute for Rural Development Research. In principle, the websites of the Institute for Rural Development Research may be used without the need to submit personal data. However, if you (the "data subject") wish to use special services provided by us via our website, processing of personal data may become necessary. Where there is no statutory basis for such processing, we generally obtain consent from the data subject.

The processing of personal data, such as the name, address, email address, or telephone number of a data subject will always be done in compliance with the General Data Protection Regulation (GDPR) and in accordance with the country-specific data protection regulations applicable to the Institute for Rural Development Research. This data protection declaration informs data subjects about how their data is processed and about their rights in this context.

As the controller, the Institute for Rural Development Research has implemented numerous technical and organisational measures to ensure the fullest protection of personal data processed via this website. Nevertheless, as internet-based data transmissions can in principle have security gaps, absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, e.g. by telephone.

1. Scope

This data protection declaration applies to the Institute for Rural Development Research website at www.ifls.de and to the data collected via this website. For the websites of other providers to which reference is made, e.g. via links, the data protection information and declarations of those providers apply. We are not liable for their content and do not adopt their content as our own. In this data protection declaration, we explain, among other things, how we handle the personal data of data subjects and also how we use cookies.

Responsible body for the purposes of data protection

The controller for the purposes of the GDPR is:

Institute for Rural Development Research.
Kurfürstenstr. 49
60486 Frankfurt am Main

Telephone: 069 9726 683-10
E-mail: office[at]ifls.de

Contact details for our data protection officer

The data protection officer acting for the controller is:

Isgard Lugert
Institute for Rural Development Research
Kurfürstenstraße 49
60486 Frankfurt

Telephone: 069 9726 683-10
E-mail: lugert[at]ifls.de

Any data subject may make direct contact with our data protection officer at any time with any questions or suggestions relating to data protection.

2. Purposes and legal basis of processing – In general when visiting our website

Article 6 (1) (a) GDPR serves as the legal basis for processing operations by means of which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, e.g., when processing is necessary for the supply of goods or the provision of another service, the processing is based on Art. 6 (1) (b) GDPR. The same applies to such processing operations as are necessary for implementing pre-contractual measures, e.g. where enquiries are made about our products or services. If our Institute is subject to a legal obligation that mandates the processing of personal data, such as for the fulfilment of tax obligations, the processing is based on Art. 6 (1) (c) GDPR.

Finally, processing operations may be based on Art. 6 (1) (f) GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds if the processing is necessary for pursuing our legitimate interests or those of a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject.

3. Purposes and legal bases of processing – When contacting us

When you contact us (e.g., via a contact form – where available – or via e-mail), personal data is collected. This data is stored and used exclusively to respond to your request and for associated administrative purposes. The legal basis for processing the data is our legitimate interest in responding to your request in accordance with Art. 6 (1) (f) GDPR. If the purpose of your contact is the conclusion of a contract, Art. 6 (1) (b) GDPR constitutes an additional legal basis for the processing. Your data will be erased after your request has been fully processed; this is the case when it can be concluded that the matter has been resolved in full and provided that no statutory retention obligations prohibit us from erasing the data.

Further information can be found in our Data protection information for customers and interested parties. 

4. Purposes and legal bases for processing – Newsletter and journal

When you register for our e-mail newsletter and journal, we will regularly send you information about us and our offers. The only mandatory data that we need for sending the newsletter and journal is your e-mail address. We use the double opt-in procedure for sending the newsletter or journal. This means that we will send you an e-mail newsletter only if you expressly confirm that you consent to receiving newsletters. We will then send you a confirmation e-mail in which you will be asked to click on a corresponding link to confirm that you wish to receive the newsletter or journal in future. By clicking on the confirmation link, you give us your consent to use your personal data in accordance with Art. 6 (1) (a) GDPR.

When you register for the newsletter or journal, we will store the IP address assigned by your internet service provider (ISP), along with the date and time of registration, in order that we may follow up on possible misuse of your e-mail address at a later date. The data we collect when you register for the newsletter will be used only for advertising purposes via the newsletter or journal. You can unsubscribe from the newsletter or journal at any time via the link provided for this purpose on our website (https://www.ifls.de/en/news/newsletter-subscription/). Once you have unsubscribed, your e-mail address will be erased immediately from our newsletter distribution list, unless you have expressly consented to the further use of your data or unless we reserve the right to engage in further-ranging processing of the data which is permitted by law and about which we are informing you in this declaration.

5. Applications and careers

We cannot wholly guarantee that application documents and documents which you send us (unsolicited) by e-mail will be transmitted securely. E-mail is generally not a secure means of communication. We therefore recommend that confidential information and documents be sent by post or, if submitted electronically, with electronic protection.

Further information can be found in our Data protection information for customers and interested parties. 

6. Categories of personal data

If you use our website for purely informational purposes and do not send us any other information (e.g. via a website form), we will only collect the data that your browser transmits to our server (“server log files”). This data will be processed in accordance with Art. 6 (1) (f) GDPR on the basis of our legitimate interest to improve the stability and functionality of our website.

This data will not be used in any other way, nor will it be forwarded to third parties. However, we reserve the right to analyse the log files retrospectively should concerns of illegal use arise. This data is the standard data transmitted by your browser and generated by the web server:

  • IP address
  • Browser
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Date and time of the request
  • Time zone difference from Greenwich Mean Time (GMT)
  • Volume of data transmitted in each case
  • Originating website of the request
  • If applicable, the language and version of the browser software
  • If applicable, the operating system and its interface

7. Recipients of the data

"Recipient" means a natural or legal person, public authority, agency or another body, to which personal data is disclosed, whether a third party or not. In the course of maintaining our website and the tools used on it, the following categories of recipients may gain access to the personal data mentioned above:

  • IT providers or hosters
  • Centralised service providers in affiliated companies (e.g. subsidiaries)

8. Transfer to a third country

Personal data will not be transferred to a third country.

9. Period of data storage

One criterion for determining the period of storage of personal data is the respective statutory retention period. We therefore process and store personal data of the data subject only for the period necessary for achieving the purpose of storage or insofar as provision for this has been made by the European legislator or other legislators in laws or regulations to which the controller is subject. If the storage purpose is not applicable or if such a storage period expires, the personal data are routinely blocked or erased in accordance with legal requirements.

10. Automated decision-making

Automated decision-making for the purposes of Art. 22 GDPR does not take place.

11. Your rights / Rights of the data subject

You have the following rights:

  • the right of access (Art. 15 GDPR)
  • the right to rectification (Art. 16 GDPR)
  • the right to erasure (right to be forgotten) (Art. 17 GDPR)
  • the right to restriction of processing (Art. 18 GDPR)
  • the right to data portability (Art. 20 GDPR)
  • the right to object (Art. 21 GDPR)

To the extent that the processing is based on your consent (Art. 6 (1) (a) GDPR), you have the right to revoke your consent at any time, without affecting the lawfulness of the processing carried out on the basis of your consent up until the time of revocation.

If your personal data is processed on the basis of our legitimate interests (Art. 6 (1) (f) GDPR), you have the right, under Art. 21 GDPR, to object to the processing of your personal data at any time on grounds relating to your particular situation. Unless we can demonstrate compelling legitimate grounds for processing your personal data which override your interests, rights and freedoms, we will no longer process your personal data.

In addition, you also have the right to complain to a supervisory authority. The supervisory authority responsible for us is:

The Hesse State Commissioner for Data Protection
Postfach 3163
65021 Wiesbaden

Telephone: +49 611 1408 – 0
Telefax: +49 611 1408 – 900 / 901
E-mail: poststelle[at]datenschutz.hessen.de

You are welcome to contact us at any time to assert your rights (see above for the contact details of the responsible authority).

12. Cookies

Our website does not use cookies. Cookies are text files that are placed and stored on a computer system via an internet browser.

Many websites and servers use cookies. Many cookies contain a unique cookie identifier. This consists of a character string by means of which websites and servers can be assigned to the specific internet browser in which the cookie was stored. This enables visited websites and servers to differentiate the individual browser of the data subject from other internet browsers that contain other cookies. The unique cookie identifier can be used to recognise and identify a specific internet browser.

13. Data protection provisions about the application and use of Twitter

The controller has integrated into this website social plug-ins of the microblogging service Twitter, which is operated by Twitter Inc, 1355 Market St, Suite 900, San Francisco, CA 94103, USA ('Twitter'). The plug-ins are marked with a Twitter logo, e.g. in the form of a blue 'Twitter bird'.

When the browser calls up a given page on this website that contains such a plug-in, the browser establishes a direct connection to the Twitter servers. Twitter transmits the content of the plug-in directly to the browser of the data subject and it is then integrated into the page. As a result of the integration, Twitter receives the information that the browser has called up the given page of the website, even if the data subject does not have a profile on Twitter or is not currently logged in to Twitter. This information (including the IP address) is transmitted by the browser directly to a Twitter server in the USA and stored there.

If the data subject is logged in to Twitter, Twitter can directly assign the visit to that website to the data subject's Twitter account. If the data subject interacts with the plug-ins, e.g. by clicking on the 'Tweet' button, the corresponding information is also transmitted directly to a Twitter server and stored there. The information is also published on the corresponding Twitter account and displayed to contacts there.

The purpose and scope of data collection and further processing and use of the data by Twitter as well as the related rights and setting options for the protection of privacy can be found in Twitter's data protection information: {0>https://twitter.com/de/privacy<}0{>https://twitter.com/de/privacy

If the data subject does not wish the data collected by Twitter via our website to be directly assigned to their Twitter profile, the data subject must log off from Twitter before visiting our website.