Rechtliches und Copyright

A.            Data provision to the data warehouse (data providers)

To protect the intellectual property rights of the original data providers, the Edaphobase data-release management policy (and software procedures) from the internal source database (which is not publically available) to the publicly accessible Data-Query Portal allows a staggered data availability in the Query Portal to external users by offering three different “data-access options”, which can be chosen by the data provider:

1. The default setting for data availability and re-use is “open access”. In this case, all data delivered by the data provider (with the exception of personal data, see Section VI) can be accessed, viewed and potentially downloaded (as stipulated in Section I.B) by users of the Edaphobase Data-Query Portal. This includes the soil-biodiversity data itself, data on the data source and name of the provider/owner, as well as environmental and methodological metadata. All of these data types are linked in the individual data records of a data set and – in open access ‑ are freely available to the public.  Such data is also available for internal Edaphobase data-assessment and analyses tools (see Section I.B.ii) and the individual data records or data sets used in these analyses can be viewed by registered Query-Portal users.
2. To restrict public accessibility to data pertaining to research results that have not yet been published (for instance, in scientific journals, reports or theses), provided data may be conferred a priori with a temporary embargo period of three (3) years, during which public access to the data is prevented. Embargoed data is treated as totally anonymized data (the data exists in the database, but is “anonymous” to all external users). The embargo period automatically expires after the three-year period. After expiration of the embargo period, data is publically available at the level determined by the data provider (preferably freely available as open access). Data providers are automatically notified per e-mail four (4) weeks before an impending expiration of an embargo period. Any extension of the embargo period (for a further 3-year period) takes place only after a request by the data provider to Edaphobase, otherwise expiration occurs automatically. The embargo may be cancelled before the 3-year period at the request of the data provider.  Such data is also available for internal Edaphobase data-assessment and analyses tools (see Section I.B.ii). However, individual data records or the data sets used in these analyses cannot be viewed or downloaded by a Query-Portal user.
3. To, e.g., protect sensitive data and sites, or similar, the original data provider can specify a priori whether public access to their data sets be permanently restricted or blocked (= so-called “partially anonymized data sets”). The aim of such anonymized data sets is to render the exact localities, examination schemes (“sampling design”), etc. of such data unrecognizable, so that the sites of occurrence cannot by determined, or the original investigation cannot be reproduced, by external users.  Such data sets remain in Edaphobase and are available for internal Edaphobase data-assessment and analyses tools (see Section I.B.ii). However, when moved to table views (of the external-user-specific queries or analyses), the following data are not visible to external users and the corresponding data fields are marked as “data field restricted”, i.e. data exists, but is not publicly accessible.

• Geographic coordinates of the sites (see next paragraph for site-of-occurrence mapping procedures with anonymized data),
• Region, site and plot names or abbreviations are marked “data restricted” (only natural landscape unit [e.g., “Deciduous forest”], etc. are displayed, but not detailed site data),
• Treatment, plot and similar detailed habitat descriptions (free-text data fields) as well as characteristics of individual studies that might permit precise spatial identification,
• Sample numbers, volumes, etc., which may allow identification of the sampling design,
• Taxon quantities (absolute numbers, densities, etc.),
• All data fields containing remarks or original quotations.

At the same time, however, external users are provided the opportunity to use such data when researching or analyzing the distribution area of individual taxa (for which the center point of a topographic 1:25,000 map section or coordinates rounded to the second decimal position are deemed sufficient) as well as habitat preferences (“niche space”, for which taxon name, abundance and habitat parameters such as pH value, biotope type, etc. are necessary, but not the exact location or the location description). Furthermore, some data provided by the Query Portal, i.e. in contingency tables (“matrices”), are not primary data, but aggregated (e.g., sums, averages of data records; to allow cross-project data evaluations). Anonymized data are aggregated and provided in contingency tables, but the corresponding specific data records are not available to the external user.

Embargoed or anonymized data sets are not forwarded to networked databases, such as GBIF, the BonaRes Data Centre, or European and National Research-Data Infrastructures (see section IV).

Full access to embargoed or anonymized data sets by an external user (different from the data provider) can be granted only after a specific, personal request by the external user (which data, for which purpose, etc.) and subsequent referral of the request by Edaphobase to and approval by the respective original data provider. Raw data may then be provided to an external user only upon this direct request by the user to the Edaphobase scientist responsible for the respective animal group, who in turn consult the original data provider. Upon approval, access to the data is then provided only to the specific (= requesting) user and only for the requested taxa and only for a limited period of time. Thereby, in-depth research with detailed data views of „anonymized“ data sets can only be performed after personal consultation with the person responsible for the respective organism group (named below), and Edaphobase is shown that “personal, explicit, informed consent” exists between data provider and date user. The Edaphobase team provides the possibility of sending a request to the responsible scientist and/or original data provider (contact: info@edaphobase.org).

• The scientists responsible for taxon-specific data at the Senckenberg Museum for Natural History Görlitz are Dr. Axel Christian (for Gamasina), Dr. Clément Schneider (for Collembola), Dr. Ricarda Lehmitz (for Oribatida), Dr. Karin Voigtländer (for Myriapoda), and Dr. Karin Hohberg (for Nematoda and Tardigrada); Dr. Daniel F. Marchan (for Lumbricidae) and Dr. Rüdiger Schmelz (for Enchytraeidae).

   B.            Data provision from the data warehouse (data users)

To protect against data misuse, the data-release policy in the publicly accessible Edaphobase Data-Query Portal uses a general two-stage data availability to external users with different “data-access depths”:

1. All users can perform general, rather coarse queries (for example species lists, distribution maps) without registration in the database (= anonymously). For example, a taxon’s sites of occurrence may be represented on a map differentiated by pH value, biotope type, etc. However, the points are only mapped and displayed in a generalized, „unfocussed“ manner (= center point of a topographic 1:25,000 map section or 10×10 km quadrats). A table view is not possible; deeper queries with analysis options and, especially, data-export (download) functions are not possible (these are only possible for registered users with a login; option 2, next).
2. Full access to the publicly available data via the Query-Portal, including the exact coordinates of the sites of occurrence and table views, is available to registered users. This represents the „normal“ case. User registration and the issuance of a password, etc., occur via automated processes (see Section V.2). A password is assigned by the user him/herself. Registered users can see precisely mapped data and individual data records in a table. The production of contingency tables is allowed. In the table views (“record-list tables” or contingency tables), all (queried) data records are visible in the normal case. Exception: in museum-collection data, the attribute “collector” is never shown. Only registered users can export (download) data.

The main functionality of data (re-)use in Edaphobase is to filter (query) a data extract from the current data pool in the Data-Query Portal. Subsequent use of this data extract usually entails mapping the sites of occurrence, viewing the data in table views (the columns of such tables can be user defined), creating contingency tables (matrices) for this data extract, and/or using internal data-analysis tools (Section I.B.ii). Any and all use of these products requires the acknowledgement by the user that the data was derived from Edaphobase and visualizations (maps, graphs) were created by the Edaphobase software.

Created data tables or contingency tables can be exported (downloaded) from the Query Portal by registered users (subsequent to the data-access options determined by the individual data providers, described above), to be used by the user in his/her own analyses. It is prohibited to further disseminate this data in other databases, repositories or public/private data collections. Distribution of this data to other individual cooperating researchers/persons automatically and explicitly transfers the rights and requirements detailed in this data policy to that person, who is thereafter also considered an Edaphobase data user with the same obligation to follow the requirements of this data policy. All data downloads include the terms of use of the downloaded data (= relevant extracts from this data policy), metadata on the data query used to create data extracts (for reproducing the query, or use in Methods sections of publications or reports) as well as the data itself. The first columns of data tables provide the information necessary for the correct citation of data providers (i.e., the correct citation of the publication / project / collection from which the data derives, data collection dates, name of author / PI / data provider, any available data DOIs). Use of the downloaded data in publications or reports, including if “only” for the creation of overview graphics and similar, requires the correct citation of the original data providers in the publication/report, as described in the following section.

Commercial use of data downloaded from Edaphobase is explicitly prohibited, unless the data user has obtained the expressed permission of the individual data providers. It is the responsibility of the data user to obtain this permission. Edaphobase and Senckenberg accept no responsibility for commercial (mis-)use of downloaded data.

 

 

1. Scope of service

Data research with the Edaphobase Data-Query Portal in the framework of scientific research is fundamentally open to the public (via https://portal.edaphobase.org). The Senckenberg Society for Nature Research (SGN) provides the contents of the database at no charge. However, administrative fees required by individual data-providers could occur for some data due to their data-provision effort, i.e., from state agencies. These data are generally marked (“anonymized”, see Section I.A above). Any such fees required for granting access to limited-access data are the sole responsibility of the data provider and are not shared with or involve the Senckenberg Society for Nature Research or Edaphobase.

To protect the rights of the original data providers and their data against misuse, the online access to the Edaphobase Data-Query Portal for external users is staggered in various stages of different “data-access depths” (for further details see above in Section I.B). General queries (for example species list, coarse distribution maps) can take place without registration in the database (anonymously). The occurrence points are mapped only in an „unfocussed“, generalized manner (= center point of a TK 25 map section or 10x10km quadrats). A table view is not possible. Advanced data research with analysis options, table view, and data export functions can only be performed by registered users after a login. Only registered users have access to stored data in the Portal database, including the exact coordinates of the sites of occurrence and a table view. Registered users can see precisely mapped data and individual data records in a table. The generation of contingency tables is allowed. Furthermore, only registered users may locally save “projects” (= complex queries) and export data.

Registered users may download data for analyses within their own scientific questions. However, a re-analysis of specific data sets and publication of the results as „own“ research without the express approval of the data provider is prohibited and will be considered plagiarism (with the appropriate legal repercussions). Edaphobase and the Senckenberg Society for Nature Research assume no liability for plagiarized data. Any fundamental changes to the content of downloaded data (besides that necessary for harmonizing data for an analysis) without the express approval of the data provider is prohibited.

Any commercial use of data downloaded from Edaphobase requires the prior approval of the original data providers listed in the metadata of the respective data sets.

If limited access to anonymized data sets is granted after a personal request (see Section I.A), sharing or further dissemination of such data is only possible with the express approval of the original data provider.

2. Registration

For a complete utilization of existing services in accordance with Section V.1 of this data policy, the user is required to register via a log-on mask and the transmission of user data (see Section VI). A password is chosen by the user during the registration process. The user subsequently receives an e-mail confirming the registration at the e-mail address provided during registration. In this e-mail a link is given with which the registration can be activated and thereby be successfully completed. The access to the database is only possible with the individual password given by the user during the initial registration. To prevent misuse, the password must be carefully kept by the user and must not be disclosed to third parties.

Edaphobase reserves the right to refuse registration without stating reasons.

All statements and declarations made via the access of the user will be attributed to that user. The user is liable for any misuse by a third party unless s/he furnishes proof that s/he bears no fault thereto.

3. Use authorization

The database and its contents are protected by copyright regulations under German jurisdiction. The information may only be used for personal use and may be printed and saved for purposes of science, research or (pubic) education.

A systematic download of information or query results, especially by robots, is prohibited.

Information from the database may neither be shared electronically or in printed form nor given gratuitously to third parties. For users it is forbidden to change articles and texts from the database, to cut, edit, and otherwise to sublicense, sell, transfer, divide or distribute them.

On demand from the website operator, the user will immediately terminate the use of the information and articles within. This applies in particular if copyright claims or property rights are asserted against the operator or user.

The user will inform the website operator immediately if a third party asserts copyright claims or property rights.

The unlawful use, duplication, dissemination, or publication of contents of the database is subject to civil and, if need be, criminal prosecution.

4. Copyright wording and source disclosure

The Edaphobase database is a database with various digital documents that are protected by copyright. The publicly visible data records are linked to a citable source and are thus assigned to the originator’s (author’s) copyright of the respective data.

In case of the use of the information and data sets in scientific or other texts, the respective copyright of the original data provider to the database must be stated and the database named (see SectionI.B.i). Following the citation rules of printed publications, author, title, year, and the internet address are to be cited. Furthermore, the date of creation or last modification and last access date must be specified in the citation.

5. Database rights

The retrievable data and documents in Edaphobase represent in total a copyrighted database. It is forbidden to copy or change the database and its structure in parts or in total without the explicit approval of the Senckenberg Society for Nature Research (SGN).

6. Availability

The operator can change the contents of the database at any time and edit or delete any or all content. The user has no claim to the provision of certain content. The website operator can close the database without stating reasons at any time, especially to carry out maintenance and implement technical changes.

There is no contractual entitlement to the permanent availability of the database.

7. Liability

According to the state of technology, it is not possible to produce software so that it can be applied error-free in all its variants and combinations. For this reason, the operator accepts no liability for the flawlessness of the software or any damage arising therewith. In particular, no guarantee is given that the application will be sufficient for the requirements and purposes of the user. The operator is also not liable for indirect damages or consequential damages, especially not for lost profit.

The liability of the website operator and its agents and assistants for breach of contractual obligations and from tort is limited to intent and gross negligence. This does not apply to injury of life, body, and health; it also does not apply if essential contractual obligations are affected.

8. User lockouts

In the event of breach of the data policy and especially the terms of use therein, Edaphobase/Senckenberg has the right to terminate the access of the user to Edaphobase with immediate and permanent effect. A blocked member is prohibited from re-registering under a different user profile or from using Edaphobase in any other fashion. Edaphobase reserves the right to initiate legal action and to make claims (including claims for damages) asserted against the user.

9. Termination

The access to the Edaphobase database remains at the user’s disposal for an indefinite time. It may be cancelled at any time either by the operator, especially for non-compliance against the data policy and terms of use therein, or by the user. Cancellation of a user registration by the external user him-/herself is performed by an according e-mail to the Edaphobase staff (info@edaphobase.org). If a user registration is cancelled by Edaphobase, the user will be informed of the action per e-mail.

10. Final provisions

This data policy and the terms of use therein are subject exclusively to the laws of the Federal Republic of Germany, insomuch as they are conform with European directives.

The municipal of the city of Frankfurt am Main holds jurisdiction for all disputes arising from or in connection with these terms of use. Any party may, however, also be sued in its general place of jurisdiction.

Should any clause of this data policy and especially the terms of use therein be or become invalid, the effectiveness of the remaining provisions shall not be affected thereby. The invalid specifications will be replaced by a single control that comes as close as possible to the intended purpose of the invalid specifications. The same applies if the terms of use contain a regulatory gap.

 

Data providers retain the rights to their data while acknowledging that data uploaded to Edaphobase are in principle open access. Data providers recognize and acknowledge that public and free searches of data are generally possible via the Edaphobase Data-Query Portal (https://portal.edaphobase.org). To prevent data misuse, the data provider of the original data can specify a priori the type of access with which their data will be made available (see Section I.A above): available in open access, temporarily blocked from public availability („embargoed“, e.g. until after publication in a scientific article), or with permanent limited public visibility („anonymised“). Temporarily embargoed or permanently anonymized are only made available upon request by the user to the original data provider (and subsequent release of this data by the original provider with visibility of all details only to the requesting user). However, it is requested that data providers only ask for such access limitations in exceptional circumstances. If overused, the administration effort of managing external requests for access to such limited-access data could exceed staff possibilities and render Edaphobase unmanageable. Data providers should acknowledge that they are sharing data with the public.

Data providers assume the sole responsibility for the correct and truthful representation as well as assure the quality (see Section I.A.ii) of the data they are providing. The data provider exempts Senckenberg from all claims of third parties. The indemnity order includes the costs of legal defense and /or legal prosecution.

Data providers ensure the timely and accurate quality correction after being informed of the Edaphobase review and quality-control results (see http://edaphobase.org for a description of the quality control reviews). A timely and accurate review and quality-control test after preliminary provision (“upload”) of data in the Data-Query Portal will be carried out by data providers after being informed of the data upload by the Edaphobase staff.

Data providers do not assume any responsibility or liability for changes or misrepresentations of their data caused by the Edaphobase staff or software.

Data providers assure that they (the provider) have the rights to the data and thus the legal capacity to share the data with Edaphobase (and thereby the public) as well as that no copyrights or other legal rights or potential interests of third parties have been infringed upon.

Data providers retain the right to withdraw (remove) their data from Edaphobase at any time, with the exception of data that has been provided a permanent digital identifier (DOI; being “permanent” and registered internationally, this data must remain publicly available under the terms and conditions of DataCite). The Edaphobase staff will remove the data within two (2) weeks after confirming the removal request.

We take the protection of the personal data of data providers and external Query-Portal users very seriously. Except for the names of the data providers/owners/authors, the personal data of data providers (including e-mail addresses, telephone numbers, postal addresses, etc.) are neither uploaded to the publically available Data-Query Portal nor made accessible to the public in any form nor given to requesting individuals without prior approval by the data provider. Personal data of Data-Query users are never provided to third parties. Personal data of data providers is collected by Edaphobase solely for internal use to ascertain exact data ownership and allow contact (if necessary) with data providers and can only be accessed and viewed by a small group of Edaphobase administrators (project management and software developers) at the Senckenberg Museum of Natural History Görlitz (see Section VII). Personal data of Data-Query Portal users is never passed on to third parties (see point (2) below)

The Senckenberg Society for Nature Research will keep your data safe. For this technical and organizational security measures are used to protect stored personal data against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security procedures are continually enhanced as new technology develops.

Edaphobase does NOT participate in the internet or data economy. No data or information regarding data providers or data users is sold to, shared with, or in any form passed on to third parties. Data sharing with other biodiversity databases (as listed in Section IV) occurs only with the express approval of the data provider and does not include personal data of the data provider (see Section IV), with the exception of the data owner’s name[1]. Edaphobase and the Senckenberg Society for Nature Research (in operating Edaphobase) have no financial interests in operating Edaphobase. No paid advertisements occur in Edaphobase or are passed on to users.

Within the Edaphobase Query Portal, we collect and use the personal data of external users only for internal management reasons and in accordance with the provisions of the Federal Data Protection Act of the Federal Republic of Germany. In the following, the type, scope, and purpose of the collection and use of all personal data are listed. You can view the following information at any time from the Edaphobase website (http://edaphobase.org).

(1) Collection and processing of http-log files as well as internal user recognition

If you visit the Data-Query Portal websites or use the desktop software (i.e., Edaphobase Data-Upload tool), the web servers temporarily collect each access in a log file. The following data are collected and stored ‑ until automatic deletion after seven (7) days ‑ for all users accessing the portal:

• IP address of the requesting computer
• Date and hour of the access
• URL of the internet resource
• Report if the retrieval was successful
• Data identifying the browser and operating system
• Website from which the access takes place

This data is processed for the purpose of enabling the use of the website (connection setup), for system security, for technical administration of the network infrastructure, and to improve the website. It is not possible to map this data to a specific person. The IP address is used to log the number and map the distribution of users of the Edaphobase Query Portal, without identifying the specific IPs. The IP address can be evaluated in the case of attacks on the network infrastructure of Edaphobase.

For registered users, the following data is also collected and stored:

• First name
• Surname
• Institute (or “private”)
• Username (given by the user him/herself)
• E-Mail address
• Password (stored as a “salted blowfish-Hash value”)

This data is collected and stored for the sole use of enabling a personal user connection to the Data-Query Portal and Data-Upload software, for compiling internal reports, to avoid misuse of additional Edaphobase functions activated for registered users, and to allow the opportunity to grant specific users access to otherwise restricted data sets (see Section I.A). It is not made available or passed on elsewhere (see point (2), below). This data remains stored in the internal Edaphobase administration modules until the user demands to have his/her account deleted, whereby the data listed here is also irretrievably deleted. Deleting a user account can be requested by contacting the Edaphobase developers at info@edaphobase.org. User data of inactive users can be purged by Edaphobase after an inactive period of 3 years.

During the log-in procedure, a cookie with information regarding user identification is stored in order to allow an automatic re-log-in after leaving the website (Session Cookie). This cookie is no longer valid after logging out of the Query Portal or after 24 hours.

Furthermore, for data providers, the following data regarding the data owners is also stored in the internal Edaphobase administration modules:

• Telephone number
• Institute (or private) address
• User identification
• Date and hour of the access / data provision
• File name
• Project identification
• The data sent
• Results of the data quality-control review and any undertaken revisions

This data is collected in order to allow contact with the data provider/owner if and when necessary, as well as to create a protocol of the origin and transmission of the provided data. It is never passed on to the browser-based Data-Query Portal or to any third parties. This data is only deleted upon request of the data provider by contacting the Edaphobase developers at info@edaphobase.org, at which point the provided data is also deleted.

(2) Use of personal data

Personal data management is in compliance with applicable German and EU legislation, such as the Bundesdatenschutzgesetz (BDSG) and the General Data Protection Regulation (GDPR). If you use certain features of the Data-Query Portal, Edaphobase collects personal data when necessary for this purpose. Personal data is only collected and only to the extent that the user provides this information. The use of certain parts of the Data-Query Portal requires prior registration and the processing of personal data, such as longer-term storage of e-mail addresses, user IDs, and passwords. Such data is only used if you have provided it and have given prior consent for its use. All use of personal data is limited to the indicated purposes and to the attainment necessary for these purposes. Disclosure to third parties will not occur. The user always maintains the right to informally revoke this consent at any time. Personal data is transmitted to state institutions and authorities only when required by federal legislation or in the case of attacks on our network infrastructure when disclosure is required to take legal action. Disclosure for other purposes will not occur. At the request of the user, all of his/her data can be viewed by the user, changed, amended or deleted (see point (5) below).

(3) Cookies

Cookies are data that are sent from the web server to the web browser of the user and stored for later retrieval. Edaphobase uses only one (1) cookie at log in (“session cookie”, see point (1) above). The records do not contain personal information. A compilation of any personal data provided by the user will not occur. Whether cookies are collected may be decided by the user him/herself by setting his/her browser so that they are notified before a cookie is saved, which is then stored only if you explicitly accept this. However, this might limit the functional scope of Edaphobase.

(4) Links to websites of other providers

The Query-Portal and Edaphobase desktop Data-Upload software may contain links to websites of other data providers as well as project partners. Please note that the privacy policy stated here only applies for the Edaphobase Query-Portal and desktop software. We have no influence on and cannot monitor whether other providers comply with the applicable data-protection regulations. We embed data from other data websites in the Query Portal (i.e. Open Street Map, Google Maps, maps-for-free.com and similar); the data-protection policies of these sites apply (e.g., these sites may log your personal IP data).

(5) Right to Access Information

Stored personal data can be deleted when the statutory or contractual retention period has expired. You have the right at any time to obtain the information of the data stored about your person, including the origin and host of your data. At the request of the user, all of his/her data can be viewed by the user, changed, amended, inaccurate data corrected, or existing data blocked or deleted. If you wish to obtain access to your personal data, to correct or delete it or have further questions about the use of your given personal data, please contact: info@edaphobase.org or Senckenberg’s data protection officer via datenschutz@senckenberg.de.

(6) Inclusion, validity, and timeliness of privacy

By using the Query-Portal website, you consent to the data use specified above. The privacy policy is current as of 18.06.2014. Through the further development of the Query-Portal website or the implementation of new technologies, it may be necessary to amend this privacy policy. The Senckenberg Society for Nature Research (SGN) reserves the right to the change the privacy policy at any time with effect for the future. We recommend that you re-read the current privacy policy from time to time.

^[1]     Necessary in order for external users to give credit to data owners, when appropriate.