Privacy Policy

Information about the processing of your personal data

Welcome to the website of the Center for Social and Economic Behavior, hereafter referred to as C-SEB. We are pleased that you are visiting our website and we thank you for your interest in our center. The protection of your privacy is important to us. Therefore, we comply with the data protection regulations when processing your personal data. Below we inform you in accordance with Art. 13 of the General Data Protection Regulation (GDPR) about the purpose, collection, use, and protection of your data when using our website. The legal basis for the use and storage of anonymized as well as personal data is Art. 6 (1) of the GDPR. For terms such as “personal data” or “processing”, the legal definitions from Art. 4 GDPR are authoritative.

We reserve the right to adapt the privacy protection statement with future effect, in particular in the event of further development of the website, the use of new technologies, or changes to the legal bases or the corresponding jurisdiction. We recommend that you read this privacy protection statement from time to time and take a printout or a copy for your documents.

Scope

This privacy policy applies to all pages of https://c-seb.de/. It does not cover any linked websites of other providers.

Controller

The Center of Excellence for Social and Economic Behavior, hereafter referred to as C-SEB.

Responsible for data protection

University of Cologne
Corporation under public law
represented by the Rector
Albertus-Magnus-Platz | 50923 Cologne
Phone: +49 221 470-0
E-mail: online-redaktion@uni-koeln.de

Responsible for the department

University of Cologne
C-SEB Center for Social and Economic Behavior
Albertus-Magnus-Platz | 50923 Cologne
Dr. Jennifer Mayer
Phone: +49 221 470-1146
E-mail: c-seb@uni-koeln.de

Data protection officer

Data Protection Officer of the University of Cologne
Albertus-Magnus-Platz | 50293 Cologne
Phone: +49 221 470-3872
E-mail: dsb@verw.uni-koeln.de

Safety

We have taken technical and organizational precautions to protect your personal data from unauthorized access, abuse, loss, and other external disruption. To this end, we regularly review our security measures and adapt them to current standards.

Your rights

You have the following rights that you can assert against us regarding the personal data concerning you:

  • Right of access by the data subject: You can request information about your personal data that we process (Art. 15 GDPR).
  • Right to rectification: If the information concerning you is not (or is no longer) correct, you can request a correction (Art. 16 GDPR). If your data is incomplete, you may request it to be completed.
  • Right to erasure: You can request the erasure of your personal data (Art. 17 GDPR).
  • Right of restriction of processing: You have the right to request a restriction of processing your personal data (Art. 18 GDPR).
  • Right to object: You have the right to object to the processing of your personal data which is carried out based on Art. 6 (1) sentence 1 lit. e) or lit. f) GDPR in accordance with Art. 21 (1) GDPR due to reasons relating to your situation at any time. In this case, we will not further process your data unless we can demonstrate compelling legitimate reasons for the processing which outweigh your interests, rights, and freedoms, or if the processing serves the assertion and exercise or defense against legal claims (Art. 21 (1) GDPR). In addition, you have the right to object at any time to the processing of personal data concerning you for the purpose of direct marketing in accordance with Art. 21 (2) GDPR. This also applies to any profiling insofar as it relates to such direct marketing. We draw your attention to the right to object in this data protection declaration in connection with the respective processing.
  • Right to withdraw your consent: If you have given your consent for processing, you have a right of withdrawal in accordance with Art. 7 (3) GDPR.
  • Right to data portability: You have the right to receive the personal data you have provided to us in a structured, common, and machine-readable format (“data portability”) as well as the right to send this data to another responsible person if the conditions of Art. 20 (1) lit. a, b GDPR are met.

You can assert your right by contacting the address listed in the section “Controller” or by contacting our designated data protection officer.

If you believe that the processing of your personal data violates the general data protection regulation, you have the right to lodge a complaint with a supervisory authority of your choice in accordance with Art. 77 GDPR. This also includes the supervisory authority which is responsible for the accountable person for the department:

State Commissioner for Data Protection and Freedom of Information
North Rhine-Westphalia 20 04 44
40102 Düsseldorf
Phone: +49 211 38424-0
Fax: + 49 211 38424-10
E-mail: poststelle@ldi.nrw.de

use of our website

In principle, you can use our website without disclosing your identity for purely informational purposes. In this sense, the retrieval of the individual sites of the website will cause a transmission of data to our web space provider so that the website can be displayed to you. On this occasion, the IP address, directory protection user, date, and time, accessed pages, logs, status code, data volume, referrer, user agent, and the name of the accessed host are processed. The IP addresses are stored anonymously. For this purpose, the last three digits of the IP address are removed. IPv6 addresses are also anonymized. The anonymized IP addresses are retained for 60 days. Details of the directory protection user are anonymized after one day. The temporary processing of this data is necessary to technically enable the process of visiting a website and the delivery of the website to your terminal device. The access data is not used to identify individual users and is not merged with other data sources. Nor is there any evaluation for marketing purposes. Further storage in log files takes place to ensure the functionality of the website and the security of the information technology systems. The legal basis for the processing is Art. 6 (1) sentence 1 lit. f) GDPR. Our legitimate interests lie in ensuring the functionality of the website and the integrity and safety of the website. Storing access data in log files, in particular the IP address, for a longer period enables us to recognize and ward off misuse. This includes, for example, the defense against requests that overload the service or any bot use. The access data are deleted as soon as they are no longer necessary for achieving the purpose of their processing. In the case of the collection of data for the provision of the website, this occurs when you end your visit to the website. Insofar as personal data (e.g., name, address, or e-mail addresses) is collected on our pages, this is done on a voluntary basis. Personal data will only be transmitted to state institutions and authorities in cases required by law or for criminal prosecution due to attacks on our network infrastructure. You can object to the processing. You have the right to object for reasons relating to your situation. You can send us your objection at the contact details mentioned in the section “Responsible provider”.

Cookies

Our website uses so-called cookies. Their purpose is to make our website more user-friendly, effective, and secure. Cookies are small text files that are saved by your browser and stored on your terminal device. Some of the cookies we use are deleted after the end of the browser session, i.e., after you close your browser (so-called “session cookies”). Other cookies remain on your terminal device and enable us to recognize your browser on your next visit (so-called “persistent cookies”). Cookies do not cause any damage to your computer and do not contain viruses. Some of the cookies are mandatory (so-called “essential cookies”), others are used to integrate external content or for statistical analysis.

Data protection settings

We have integrated a consent management tool on our website to request consent for the use of cookies or comparable functions. You can use the “Cookie Settings” to give or refuse your consent for certain functionalities of our website, e.g., for the purpose of statistical analysis and range measurement. You can give your consent for all functions in the “Cookie Settings” (“Accept All”) or reject (“Reject All”) or give your consent for individual purposes or individual functions. Selecting “Reject All” will disable all cookies except the essential ones. The settings you have made can also be changed by you later. The purpose of integrating the tool is to allow users of our website to decide whether to allow cookies and similar functionalities and to offer them the option of changing settings they have already made when they continue to use our website. While using the Consent Management Tool, personal data as well as information about the terminal devices used are processed. You can change your consent at any time by clicking on the “Cookie Settings” button. The legal basis for the processing is Art. 6 (1) sentence 1 lit. f) GDPR. Our justifiable interests in the processing lie in the storage of the user’s settings and preferences in relation to the use of cookies and other functionalities. The user settings are stored via cookies, which have a storage period of one year. After the storage period has expired, consent will be requested again. The user settings made will then be saved again for this period. You can object to the processing of your data. You have the right to object for reasons relating to your situation. You can prevent data processing based on cookies: by deactivating, restricting, or deleting cookies in the settings of your browser software or by opening the browser you are using in “private mode”.

Essential Cookies

Essential cookies are required for basic website functions. They ensure that the website functions properly. Essential cookies are stored on our website to save data protection settings and language settings. The legal basis for this processing is Art. 6 (1) sentence 1 lit. f) GDPR. Our justifiable interests in processing are to provide the special functionalities and thereby to make the use of the website more attractive and effective.

You can object to the processing of your data. You have the right to object for reasons relating to your situation. You can prevent data processing based on cookies: by deactivating, or restricting, or deleting cookies in the settings of your browser software or by opening the browser you are using in “private mode”.

Statistical Analysis

The web analysis services GoAccess and AWStats are used. A web analysis service collects, among other data, information about the page from which a person came to a website (so-called “referrers”), which sub-pages of the website were accessed or how often and for how long a sub-page was viewed.

The purpose of the application is the evaluation of the use of web pages to improve the service and the utilization. Through the evaluation, it is possible to find out how the respective website is used and thus constantly optimize the service. The user data collected in this way for analysis purposes is anonymized by technical precautions. Therefore, it is no longer possible to assign the data to a person. The data is not stored together with other personal data of the user. These purposes also constitute the justifiable interest of the website operator in the processing of personal data pursuant to Art. 6 (1) f) GDPR.

Both services store the processed data without any time limit. No cookies are used for this purpose, but only the data of the access log is processed. IP addresses are stored in the access log in a partially anonymized form and therefore lack the characteristic of being personal.

External content

Youtube

Videos from the platform YouTube.de or YouTube.com, a service of YouTube LLC (headquarters at 901 Cherry Avenue, San Bruno, CA 94066, USA; hereinafter “YouTube”), for which Google (Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland) is responsible within the meaning of data protection law, are embedded on our website. This embedding serves the purpose of embedding visual content (“videos”) published on YouTube.de or YouTube.com also on our website. The embedding is done by the plugin YouTube Lyte. Through this measure, YouTube does not receive any data about you if you do not start the playback of the corresponding video yourself.

When using the streaming function, information is also processed that is stored on your terminal device (e.g., IP address). While playing videos on our website, YouTube receives the information that you have accessed the corresponding sub-page of our website. In addition, some of the data mentioned in the section “Use of our website” will be transmitted to Google. This takes place regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to Google, your data will be directly assigned to your account. If you do not wish to be associated with your profile on YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and processes them independently of the existence of a user account with Google for the purposes of advertising, market research, and/or demand-oriented design of its own website.

The legal basis for the processing is Art. 6 (1) sentence 1 lit. a) GDPR. Google also processes some of the data in the USA. There is no EU Commission adequacy decision for a data transfer to the USA; the legal basis for the transfer to the USA is your consent pursuant to Art. 49 (1) sentence 1 lit. a) GDPR. For further information on the purpose and scope of processing by YouTube and the storage period at YouTube, please refer to the privacy protection statement at https://policies.google.com/privacy.

Newsletter

You have the option of subscribing to our e-mail newsletter, with which we inform you at irregular intervals about current news, a selection of the latest publications, and other information. A valid e-mail address is required to receive the newsletter.

The registration for our e-mail newsletter takes place in the so-called double opt-in procedure. After entering your e-mail address, you will receive an e-mail asking you to explicitly confirm your subscription to the newsletter – this confirmation is done by clicking on a confirmation link. This ensures that you want to receive our e-mail newsletter. When registering for the newsletter, you must enter your e-mail address so that the link can be sent to you. By doing so, you consent to your data being used for the newsletter. Your e-mail address will not be used for any other purpose and will not be passed on to third parties.

You can revoke your consent to the processing of your e-mail address, which is used for the newsletter at any time, either by sending a message to us (cf., contact details in the section “Responsible provider”) or by clicking directly on the unsubscribe link contained in the newsletter. The legality of the processing carried out based on the consent until the revocation shall not be affected by the revocation.

For further information regarding the mailing list servers, please visit the privacy protection statement of the University of Cologne.

Contacting C-SEB

When contacting C-SEB, e.g., by e-mail or contact form, the personal data you provide will be processed by us to answer your enquiry. It is mandatory to provide a valid e-mail address for the processing of enquiries. When using contact forms, your IP address and the date and time of sending are also processed at the time of sending the message.

The legal basis for the processing is Art. 6 (1) sentence 1 lit. f) GDPR or Art. 6 (1) sentence 1 lit. b) GDPR if the purpose of the contact is to conclude a contract. If the request is intended to conclude a contract, the information you provide is necessary and obligatory for the conclusion of a contract. If the data is not provided, it is not possible to conclude or implement a contract by contacting or processing the enquiry. The processing of personal data from input masks and from an e-mail sent to us serves solely to process the contact, which is also our necessary legitimate interest in processing the data. The other data processed during the sending process is used to prevent misuse of contact forms and to ensure the safety of our information technology systems. We delete the data accruing in this context after the processing is no longer required or, if necessary, restrict the processing to compliance with the existing legally mandatory retention obligations. The personal data that you provide to us in the context of a contact enquiry will only be used to answer your enquiry and for the related technical administration. The data will not be passed on to third parties. You have the right to revoke the consent given at any time. In this case, your personal data will be deleted immediately. You can object to the processing. You have the right to object for reasons relating to your situation. You can send us your objection via the contact details mentioned in the section “Responsible provider”.

Processing for contractual purpose

We process your personal data in case it is necessary for the initiation, establishment, execution, and/or termination of a legal transaction with C-SEB, for example registration for one of our events. The legal basis for this is Art. 6 (1) sentence 1 lit. b) GDPR. The provision of your data is necessary for the conclusion of the contract, and you are contractually obliged to provide your data. If you do not provide your data, it will not be possible to conclude and/or execute a contract. After the purpose has been achieved (e.g., processing of the contract), the personal data will be blocked for further processing or deleted, unless we are authorized to further process the data on the basis of your consent (e.g., consent to the processing of the e-mail address for sending our newsletter), a contractual agreement, a legal authorization (e.g., authorization to send advertising to existing customers) or on the basis of legitimate interests (e.g., storage for the enforcement of claims).

Your personal data will be passed on to third parties if

  • it is necessary for the establishment, implementation, or termination of legal transactions with C-SEB (e.g., in the case of the transfer of data to a payment service company/ a shipping company for the processing of a contract with your person)(Art. 6 (1) sentence 1 lit. b) GDPR), or
  • subcontractors or agents that we use exclusively while providing the offer or service you have requested and who need this data (such agents are only authorized to process the data to the extent necessary for the provision of the offer or service unless you are expressly notified otherwise), or
  • there is an enforceable official order (Art. 6 (1) sentence 1 lit. c) GDPR), or
  • there is an enforceable court order (Art. 6 (1) sentence 1 lit. c) GDPR), or
  • we are obliged to do so by law (Art. 6 (1) sentence 1 lit. c) GDPR), or
  • the processing is necessary to protect the essential interests of the person concerned or of another natural person (Art. 6 (1) sentence 1 lit. d) GDPR), or
  • it is necessary for the performance of a task which is in the public interest or in the exercise of official authority (Art. 6 (1) sentence 1 lit. e) GDPR), or
  • we can rely on our predominant legitimate interests or those of third parties for disclosure (Art. 6 (1) sentence 1 lit. f) GDPR).

Your personal data will not be passed on to other persons, companies, or bodies unless you have effectively consented to such a transfer. The legal basis of the processing is then Art. 6 (1) sentence 1 lit. a) GDPR.

Routine Deletion and Blocking of personal data

The controller shall process and store personal data of the data subject only for the time necessary to achieve the purpose of storage. Or if this has been intended by European Directive and Regulation legislation or other legislation in laws or regulations to which the controller is subject. If the purpose of storage no longer applies or if a storage period prescribed by the European Directive and Regulation or other competent legislation expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

Further Information

If you have any further questions, you can contact us at any time using the contact details given in the imprint. However, we cannot guarantee complete data security when communicating by e-mail, so we recommend that you send confidential information by regular mail. General information on the use and storage of data can also be found in the privacy protection statement of the University of Cologne.If you have any questions regarding data security at the University of Cologne, you are welcome to contact the data protection officer of the University of Cologne directly.

Our partners