Privacy Policy

Name of the Service HZDR Research Data Management Organiser (RDMO) Service
Description of the Service

The HZDR Research Data Management Organiser (RDMO) Service is a tool to support the planning, implementation, and organisation of research data management for Helmholtz users.

Data Controller and a contact person Helmholtz-Zentrum Dresden - Rossendorf e. V.
Bautzner Landstraße 400
01328 Dresden
Zentralabteilung Informationsdienste und Computing
E-Mail: rdmo@hzdr.de
Data Controller’s data protection officer (if applicable) Dresdner Institut für Datenschutz
Stiftung bürgerlichen Rechts
Hospitalstraße 4
01097 Dresden
E-Mail: dsb@hzdr.de
Jurisdiction and supervisory authority DE-SN – Germany Saxony

A complaint can be lodged at: Sächsischer Datenschutzbeauftragter, Web: www.saechsdsb.de
Personal data processed and the legal basis A. Personal data retrieved from your Home Organisation:
  • your email address *
  • your profile: *
    • name
    • given name
    • family name
    • preferred username
    • entitlements (e. g. virtual organisation/group/project membership)
  • your unique user identifier eduPersonUniqueID *
B. Personal data gathered from yourself
  • IP address *
  • access time and duration *
  • browser data *

* = the personal data is necessary for providing the service. The processing is based on Art. 6 (1) lit. f GDPR. It is the justified interest of the Data Controller.

Purpose of the processing of personal data

Personal data retrieved from your Home Organisation is used to identify you to give you the permissions to access your resources with your account by associating your unique user identifier. Name and e-mail address are used to contact you.

Personal data gathered from you is needed to provide the service technically. It is written to log files. Log files are consulted in case of service malfunction to technical and forensic purposes.

Third parties to whom personal data is disclosed

No personal data is disclosed to third parties without your explicit request.

How to access, rectify and delete the personal data and object to its processing

Contact the contact personal above or rectify the data manually within the service, if possible. To rectify the data released by your Home Organisation, contact your Home Organisation’s IT helpdesk.

Withdrawal of consent

To withdraw your consent, contact the contact personal above.

Data portability

Contact the contact personal above to retrieve your personal data.

Data retention

Personal data is deleted on request of the user or if the user hasn't used the Service for 18 months.

Data Protection Code of Conduct

Your personal data will be protected according to the Code of Conduct for Service Providers [1], a common standard for the research and higher education sector to protect your privacy.

Your rights Data protection rights: If you have any questions or wish to exercise your rights in accordance with Chap. 3 GDPR, please contact our data protection officer. You also have a right of lodging a complaint to the local supervisory authority.

References

[1] GÉANT Data Protection Code of Conduct - https://www.geant.net/uri/dataprotection-code-of-conduct/v1