Privacy statement

Among other responsibilities, the Centre for Research on Sexual Violence against Children and Adolescents (ZEFSG) is tasked with informing the public about its work.

This includes providing information about the ZEFSG's functions as well as the "Safe!" study. The ZEFSG website also provides the opportunity to contact an ombudsperson with suggestions, ideas for improvement or complaints.

If personal data has to be processed during these activities, then this will be based on the legal provisions, especially the Europäischen Datenschutz-Grundverordnung (EU DSGVO) and the Bundesdatenschutzgesetz (BDSG).

Personal data is any information relating to a living individual who has already been identified or who becomes identifiable through this information. Identifiability can be realised either by merging the available information or by incorporating additional measures, e.g. by assigning a name identifier, an identification number, location data, an online identifier or searching through generally accessible information pools such as databases, libraries or the internet.

Name and contact data of the person responsible under the GDPR

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend 

Glinkastraße 24
10117 Berlin
Tel.: +49 3018 555 0
Fax: +49 3018 555 1145
E-Mail: poststelle@bmbfsfj.bund.de

Contact details of the data protection officer

Bundesministerium für Bildung, Familie, Senioren, Frauen und Jugend
Glinkastraße 24
10117 Berlin
Tel.: +49 3018 555 0
E-Mail: datenschutzbeauftragte@bmbfsfj.bund.de

Personal data recipient

Deutsches Jugendinstitut e.V., Nockherstr.2, 81541 Munich (Auftragsverarbeiter).

Susanne Porzelt, ombudsstelle@zefsg.de, c/o Deutsches Jugendinstitut e.V., Nockherstr.2, 81541 Munich (Unterauftragsverarbeiter Ombudsperson)

Hetzner Online GmbH (data processor for hosting and operation of the website), Industriestr. 25, 91710 Gunzenhausen, Germany;

Heinlein Hosting GmbH (email service provider for the complaint management system), Schwedter Straße 8/9A, 10119 Berlin, Germany;

Which data will be processed when you visit this website?

When visiting the website, personal data are processed in the form of log files.
 

Log files

For security reasons, the following information from the accessing computer is automatically stored in a log file for each access:

• date and time of the access
• name and URL of the file accessed
• anonymised IP address
• http status code and size of the data transfer

These data are saved on the server belonging to our Hostingdienstleisters for a maximum of seven days and then they are deleted. Backups of the log files are stored in encrypted form for 14 days. The legal basis is Article 6(1)(e) and (2) of the GDPR in conjunction with Section 5 of the Federal Office for Information Security Act.

This data will only be given to third parties if there is a legal obligation, e.g. if this data is erforderlich for criminal or legal prosecutions.
 

Cookies

No cookies are used when accessing the website.
 

Web analysis

Users’ web behaviour is not analysed.

Which data will be processed if you contact the ZEFSG?

Which personal data is processed when you contact the ZEFSG will mainly depend on the type of service you are requesting and the communication channel that you use.
 

Complaints procedure contact form

You can send messages to an ombudsperson using the contact form on this website. The complaints procedure is primarily available to school survey participants and people interested in participating in the “Safe!” study, their guardians, all members of ZEFSG committees, and the staff of the Centre for Research (including co-researchers). 

These messages are sent to an independent ombudsperson, currently Susanne Porzelt, via the email service provider Heinlein Hosting Gmbh. 

The contact form can be completed entirely anonymously, without providing any personal data. If not submitted anonymously, the personal information you provide in the contact form (e.g. surname, first name, e-mail address or telephone number) will be processed for the purpose of handling your request. The legal basis for the processing is Article 6(1)(e) & (2) of the GDPR in conjunction with Section 3 of the Federal Data Protection Act (performing the task for which the controller is responsible).

The personal data will be deleted if it is no longer required for fulfilling our ZEFSG tasks or in accordance with the applicable regulations covering the necessity of records management.
 

Contacting us via telephone

When contacting ZEFSG staff via telephone, the information you provide will be processed to the extent necessary to respond to your enquiry and any subsequent actions requested.
 

Contacting us via e-mail

You can send messages to the ZEFSG research team via e-mail. When communicating via email, the email addresses of both the recipient and the sender are processed, as well as other information related to sending the email (e.g. the providers involved) and the content of the respective e-mails. The data mentioned above may also be processed for the purpose of detecting spam. Please note that e-mails sent over the internet are typically not encrypted. In general, e-mails are encrypted in transit, but not on the servers from which they are sent and received (unless an end-to-end encryption method is used). We are therefore unable to accept responsibility for the transit of e-mails between being sent and being received on our server.
It is possible to share data with us securely by encrypting the data with a suitable Zip programme (e.g. the free 7-Zip software) and sending it as an e-mail attachment. The password for decryption should be shared with the responsible staff members at the German Youth Institute via another communication method (e.g. by telephone).

• Processed data types: Personal data (e.g. names, addresses), contact data (e.g. e-mail addresses, telephone numbers), content data (e.g. text input, photographs, videos).
• Data subjects: Communication partners.
• Purposes of processing: Contact requests and communication.
• Legal Basis: Performance of a contract and pre-contractual enquiries (Article 6(1)(b) GDPR); legitimate interests (Article 6(1)(f) GDPR).
   

Services and service providers being used:

• DFN e-mail support: Virus and spam protection; service provider: Verein zur Förderung eines Deutschen Forschungsnetzes e.V., Alexanderplatz 1, 10178 Berlin, Germany; Website (in German): https://www.mailsupport.dfn.de; Privacy statement (in German): https://www.mailsupport.dfn.de/datenschutz.

Which data are processed when attending ZEFSG events?

When organising ZEFSG professional events or committee meetings, personal data are processed for administrative purposes and security reasons. In particular, these may include:

Surname, first name;

Title and role, if applicable;

Sending institution, if applicable;

Address and contact data, if applicable.

The legal basis for the processing is Article 6(1)(e) of the GDPR in conjunction with Section 3 of the Federal Data Protection Act.

The personal data will be deleted if it is no longer required for fulfilling our ZEFSG tasks or in accordance with the applicable regulations covering the necessity of records management.

What rights do data subjects have?

Data subjects whose data have been processed have the following rights with regard to the controller within the meaning of the GDPR:  

• Right of Access (Article 15 GDPR)
• Right to Rectification (Article 16 GDPR)
• Right to Erasure (Article 17 GDPR)
• Right to Restriction of Processing (Article 18 GDPR)
• Right to Data Portability, where processing is based on consent (Article 20 GDPR).
• Right to Object, where processing is based on a statutory legal basis (Article 21 GDPR).

Where personal data are processed on the basis of consent (Article 6(1)(a) GDPR), data subjects may withdraw their consent at any time. The legality of processing carried out prior to the withdrawal remains unaffected (Article 7(3) GDPR).

According to Article 77 of the GDPR, survivors also have the right to lodge a complaint with a data protection supervisory authority.