DATA PRIVACY POLICY FOR THE SOCIAL MEDIA ACTIVITIES OF CISPA
Under Articles 13 and 14 DSGVO – This privacy policy informs about the manner, scope and purpose of processing personal data (hereinafter referred to as data) as well as your rights regarding this data processing within our social media activities.
Quick start: Facebook, X (formerly Twitter), LinkedIn, Instagram, Netiquette
We, CISPA – Helmholtz-Zentrum für Informationssicherheit gGmbH, operate our own Facebook fan page at https://www.facebook.com/CispaSaarland/. As the operator of this Facebook page, we, together with the provider of the social network Facebook (Facebook Ireland Ltd.), are responsible within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR). When visiting our Facebook page, personal data of the page visitors are processed by both controllers.
We have concluded an agreement with Facebook on joint data protection controllership (Page Controller Addendum). With this agreement, Facebook acknowledges its joint responsibility with regard to so-called Insights data and assumes essential data protection obligations to inform data subjects, to ensure data security or to report data protection violations. In addition, the agreement stipulates that Facebook is primarily the point of contact for the exercise of data subjects' rights (Art. 15 - 22 GDPR). As a provider of the social network, Facebook alone has direct access to the required information and can also immediately take any necessary measures and provide information. Should our support nevertheless be necessary, we can be contacted at any time.
In connection with the operation of this Facebook fan page, we use the Insights function of Facebook to obtain anonymous statistical data on the users of our Facebook fan page. Facebook provides information on the insights and Facebook fan pages, for example, through its privacy policy.
In connection with visiting our and other Facebook Fan pages, Facebook also uses cookies and other similar storage technologies. For more information about Facebook's use of cookies, please see Facebook's cookie policy.
On our Facebook fan page you also have the opportunity to comment on our contributions, rate them and get in touch with us via private messages or take part in competitions.
We operate this Facebook Page to present, interact and communicate with Facebook users, other interested persons and our customers who visit our Facebook Page. The processing of users' personal data takes place on the basis of our legitimate interests in an optimized company and product presentation (Art. 6 Para. 1 lit. f GDPR) as well as when participating in competitions or answering product application questions on the basis of a (pre-)contractual relationship pursuant to Art. 6 Para. 1 lit. b) GDPR.
The processing of the information generated by Insights is intended to enable us, as the operator of the Facebook fan page, to obtain statistics that Facebook generates on the basis of visits to our Facebook fan page. The purpose of this is to control the marketing of our activities. For example, it allows us to learn about the profiles of visitors who value our Facebook Page or use applications on the Page to provide them with more relevant content and develop features that may be of greater interest to them.
To better understand how our Facebook page can help us better achieve our business goals, we also use the information we collect to create demographic and geographic reports that we provide to us. We may use this information to serve targeted, interest-based advertisements without immediately obtaining knowledge of the visitor's identity. If visitors use Facebook on several end devices, the recording and evaluation can also be carried out across devices if they are registered visitors logged into their own profile.
The visitor statistics created are transmitted to us exclusively in anonymous form. We do not have access to the underlying data.
We also use our Facebook page to communicate with our customers, prospects and Facebook users and to inform them about us and our products. In this context we may receive further information, e.g. from user comments, private messages or because you follow us or share our content. The processing takes place exclusively for the purpose of communication and interaction with you.
Your data will be deleted if it is not used for the purpose for which it was collected, as long as there is no obligation to retain it.
Facebook users can influence the extent to which their user behavior is captured when they visit our Facebook page under Advertising Preference Settings. Further possibilities are offered by the Facebook settings or the right of objection form.
It cannot be ruled out that some of the information collected may also be processed outside the European Union by Facebook Inc. based in the USA. Facebook Inc. has subjected itself to the standard contractual clauses adopted by the EU Commission and thus undertakes to comply with European data protection requirements.
We ourselves do not pass on any personal data that we receive via our Facebook page.
For further information on our contact data, including our data protection officer, the rights of data subjects vis-à-vis us and how we process personal data, please refer to the relevant sections of this data protection declaration.
We, CISPA – Helmholtz-Zentrum für Informationssicherheit gGmbH, use a X (formerly Twitter) fan page under the name @CISPA. In the following we would like to inform you about the processing of your personal data on our Twitter fan page.
X (formerly Twitter) is a service provided by X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103 U.S.A.
We would like to point out that you use the services provided by X Corp. (formerly Twitter Inc.) and all related functions (e.g. sharing and rating of content) on your own responsibility.
Information about the data processing carried out by X Corp. (formerly Twitter Inc.) and the corresponding purposes pursued can be found in the data protection declaration of X Corp. (formerly Twitter Inc.).
The privacy policy of X (formerly Twitter) can be found here: https://twitter.com/de/privacy
We have no influence on the type and scope of the data processed by X Corp. (formerly Twitter Inc.) or its transfer to third parties. We have no means of control in this regard.
Your data is collected and processed by X Corp. (formerly Twitter Inc.). Your personal data is transferred to the United States, Ireland and any other country in which X Corp. (formerly Twitter Inc.) does business, regardless of your place of residence.
Data that you have voluntarily submitted to X Corp. (formerly Twitter Inc.) will be processed by X Corp. (formerly Twitter Inc.) (e.g. name and user name, email address, telephone number or the contacts in your address book) if you upload them.
In addition, X Corp. (formerly Twitter Inc.) evaluates the content you share. As a result, X Corp. (formerly Twitter Inc.) determines the topics and content you are interested in. Furthermore, confidential messages that you send to other users of X (formerly Twitter) are processed. GPS data, wireless network information or your IP address are used to determine your location and to send you content, usually advertising.
The evaluation is carried out with the help of various analysis tools, such as Google Analytics. The use of such analysis tools by X (formerly Twitter) is not subject to our control or influence. If such analysis tools are used by X Corp. (formerly Twitter Inc.), we were not informed about the use of such tools. As a result, X Corp. (formerly Twitter Inc.) has not been engaged by us to provide support or assistance in the use of such analysis tools. Furthermore, the results of such analysis are not made available to us. Only anonymised information about the response generated by tweets (clicks, likes, etc.) can be viewed by us. The use of analysis tools on our X (formerly Twitter) account cannot be turned off and there are no other ways to prevent such use.
Twitter also receives data from visitors who do not have a X (formerly Twitter) account when they view content on X (formerly Twitter). This log data includes the IP address, the type of browser used, the operating system, information about the website and pages you have previously visited, location, mobile phone provider, cookies or search terms and the end device used.
X (formerly Twitter) also has the option of recording visits to websites and assigning them to the corresponding Twitter account if so-called X (formerly Twitter) buttons or widgets have been embedded in the respective website.
It is possible for you to restrict the processing of your data by X (formerly Twitter). To do so, you can open the general settings of your X (formerly Twitter) account and change your privacy settings under "Privacy and Security".
You can control and individualize your privacy settings here:
- https://twitter.com/personalization
- Additional assistance is available for this purpose:
- https://support.twitter.com/articles/105576#
- https://help.twitter.com/de/search?q=datenschutz
You can also change certain settings for your mobile devices (e.g. smartphones, tablets, etc.) so that X (formerly Twitter) has limited access to your contact data, location data, calendar data or photos, among other things. These setting options differ depending on the operating system used on your mobile device.
For more information and assistance, please visit
- https://support.twitter.com/articles/20172711# (possibility to view your own data processed by X (formerly Twitter)
- https://twitter.com/your_twitter_data (Information about conclusions from X (formerly Twitter) about you)
- https://support.twitter.com/forms/privacy (form to receive further information from X (formerly Twitter))
- https://support.twitter.com/articles/20170320# (possibility to download your own X (formerly Twitter) archive)
When we process your personal data on X (formerly Twitter), it is not collected via our X (formerly Twitter) account. A transmission of data to X (formerly Twitter), such as IP addresses, due to the embedding of tweets on homepages or the like does not take place.
However, it is possible that we retweet tweets from you, reply to tweets from you or write tweets that refer to you or to your Twitter account. In this respect, your public data on X (formerly Twitter) can be made accessible to followers of our site.
The purpose of processing on our X (formerly Twitter) site is to provide information about our products and services, combined with the possibility for users to interact with us in a targeted manner. The legal basis for the data processing is Art. 6 para. 1 lit. f GDPR. Our legitimate interest is in particular our business interest in sharing information with our users and being able to communicate with them.
Data will only be passed on to public authorities in the event of overriding legal provisions.
If we publish pictures of people, this is done via consent (legal basis: Art. 6 para. 1 lit. a GDPR), on the basis of a contractual agreement (legal basis: Art. 6 para. 1 lit. b GDPR) and in exceptional cases on the basis of legitimate interests (legal basis: Art. 6 para. 1 lit. f. GDPR).
It is not excluded that data from users may be processed on systems outside the European Union. X (formerly Twitter) has subjected itself to the standard contractual clauses and has thus committed itself to comply with EU data protection standards.
You can exercise your right to access, rectification and erasure of data at any time. Simply contact us using the methods described above. If you wish to have your data erased, but we are still legally obliged to retain it, access to your data will be restricted (blocked). The same applies in the event of an objection. You can exercise your right to data portability as long as the technical possibilities are available to the recipient and to us.
You have the opportunity to object to the processing of your personal data at any time on the basis of a legitimate interest in accordance with Art. 6 Para. 1 letter f GDPR or on the basis of public interests in the sense of Art. 6 Para. 1 letter e GDPR.
If we process your personal data for the purposes of direct advertising, you also have the opportunity to object to this processing at any time.
Please communicate your objection via the above-mentioned e-mail address.
If your rights must be asserted against Twitter International Company, we will forward your request to X Corporation (formerly Twitter International Company).
You have the possibility to lodge a complaint with a data protection authority at any time.
We also use a page on the platform of the provider LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. We use this page to:
- Present our company and services
- Get and stay in touch with the community and followers
- Inform the community and followers about current developments and events in our research area
- Address questions and concerns from customers and followers
When visiting our site, personal data of users is collected by LinkedIn as the controller, for example through the use of cookies. Such data collection by LinkedIn may also occur for visitors to this site who are not logged in or registered with LinkedIn. Information about data collection and further processing by LinkedIn can be found in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy?_l=de_DE.
LinkedIn erfasst, kann CISPA – Helmholtz-Zentrum für Informationssicherheit gGmbH (CISPA) cannot track which user data LinkedIn collects. Nor does CISPA have full access to the data collected or your profile data. CISPA can only see the public information of your profile. You decide what this information is in your LinkedIn settings.
If our site offers a chat function, CISPA uses your data when using the chat function to answer your inquiry. The service and customer care information collected in this way is used to contact you in order to provide you with the requested information and offers.
CISPA receives anonymous statistics on the use and usage of the Page due to legitimate interest of LinkedIn. The following information is provided:
- Followers: number of people who follow CISPA - including increases and development over a defined time frame.
- Reach: Number of people who see a specific post. Number of interactions on a post. This can be used, for example, to determine which content is better received by the community than others.
- Ad performance: How many people were reached and interacted with a post or paid ad.
CISPA uses these statistics, from which we cannot draw any conclusions about individual users, to constantly improve its online offering on LinkedIn and to better respond to the interests of our community. We cannot link the statistical data with the profile data of our followers. You can decide via your LinkedIn settings in which form targeted advertising is displayed to you.
CISPA receives personal data via LinkedIn if you actively communicate this to us via a personal message on LinkedIn. We use your data (e.g., first name, last name, company and position) to respond to your request. Your data will be stored for this purpose.
We, CISPA – Helmholtz-Zentrum für Informationssicherheit gGmbH, operate our own Instagram fan page at https://www.instagram.com/c_i_s_p_a. As the operator of this Instagram page, we, together with the provider of the social network Instagram (Instagram Inc.), are responsible within the meaning of Art. 4 No. 7 of the General Data Protection Regulation (GDPR). When visiting our Instagram page, personal data of the page visitors are processed by both controllers.
We have concluded an agreement with Instagram on joint data protection controllership (Page Controller Addendum). With this agreement, Instagram acknowledges its joint responsibility with regard to so-called Insights data and assumes essential data protection obligations to inform data subjects, to ensure data security or to report data protection violations. In addition, the agreement stipulates that Facebook is primarily the point of contact for the exercise of data subjects' rights (Art. 15 - 22 GDPR). As a provider of the social network, Instagram alone has direct access to the required information and can also immediately take any necessary measures and provide information. Should our support nevertheless be necessary, we can be contacted at any time.
In connection with the operation of this Instagram fan page, we use the Insights function of Instagram to obtain anonymous statistical data on the users of our Instagram fan page. Instagram provides information on the insights and Instagram fan pages, for example, through its privacy policy.
In connection with visiting our and other Facebook Fan pages, Facebook also uses cookies and other similar storage technologies. For more information about Facebook's use of cookies, please see Instagram´s cookie policy.
On our Instagram fan page you also have the opportunity to comment on our contributions, rate them and get in touch with us via private messages or take part in competitions.
We operate this Instagram Page to present, interact and communicate with Instagram users, other interested persons and our customers who visit our Instagram Page. The processing of users' personal data takes place on the basis of our legitimate interests in an optimized company and product presentation (Art. 6 Para. 1 lit. f GDPR) as well as when participating in competitions or answering product application questions on the basis of a (pre-)contractual relationship pursuant to Art. 6 Para. 1 lit. b) GDPR.
The processing of the information generated by Insights is intended to enable us, as the operator of the Instagram fan page, to obtain statistics that Instagram generates on the basis of visits to our Instagram fan page. The purpose of this is to control the marketing of our activities. For example, it allows us to learn about the profiles of visitors who value our Instagram Page or use applications on the Page to provide them with more relevant content and develop features that may be of greater interest to them.
To better understand how our Instagram page can help us better achieve our business goals, we also use the information we collect to create demographic and geographic reports that we provide to us. We may use this information to serve targeted, interest-based advertisements without immediately obtaining knowledge of the visitor's identity. If visitors use Instagram on several end devices, the recording and evaluation can also be carried out across devices if they are registered visitors logged into their own profile.
The visitor statistics created are transmitted to us exclusively in anonymous form. We do not have access to the underlying data.
We also use our Instagram page to communicate with our customers, prospects and Instagram users and to inform them about us and our products. In this context we may receive further information, e.g. from user comments, private messages or because you follow us or share our content. The processing takes place exclusively for the purpose of communication and interaction with you.
Your data will be deleted if it is not used for the purpose for which it was collected, as long as there is no obligation to retain it.
Instagram users can influence the extent to which their user behavior is captured when they visit our Instagram page under Advertising Preference Settings. Further possibilities are offered by the Instagram settings or the right of objection form.
It cannot be ruled out that some of the information collected may also be processed outside the European Union by Instagram Inc. based in the USA. Instagram Inc. has subjected itself to the standard contractual clauses adopted by the EU Commission and thus undertakes to comply with European data protection requirements.
We ourselves do not pass on any personal data that we receive via our Instagram page.
For further information on our contact data, including our data protection officer, the rights of data subjects vis-à-vis us and how we process personal data, please refer to the relevant sections of this data protection declaration.
On our social media channels, the Corporate Communications department publishes content on behalf of CISPA and allows users to express their opinions on our latest posts. Please observe our rules of netiquette when posting comments and messages. Please use a friendly tone, treat other users as you would like to be treated and respect everyone's opinion.
We welcome sharing and liking, praise, criticism, suggestions and discussions. We would like to see these basic rules for dealing with each other:
Everyone has the right to a free opinion - within the legal framework. What we do not accept:
In the event of violations of this netiquette, we reserve the right to hide or delete comments. In the event of multiple violations of the netiquette, the user may be temporarily or completely excluded from using our social media channels.