We take the protection of your personal data very seriously. We collect and use your personal data in accordance with the provisions of the Federal Data Protection Act of the Federal Republic of Germany.
Edaphobase does NOT participate in the internet or data economy. No data or information regarding data providers or data users is sold to, shared with, or in any form passed on to third parties. An exception regards the name(s) of the data provider(s)/owner(s)/author(s) to ensure their intellectual property rights. The personal data of data providers (including e-mail addresses, telephone numbers, postal addresses, etc.) are neither uploaded to the publically available Data-Query Portal nor made accessible to the public in any form nor given to requesting individuals without prior approval by the data provider.
Personal data of data providers is collected by Edaphobase solely for internal use to ascertain exact data ownership and allow contact (if necessary) with data providers and can only be accessed and viewed by the Edaphobase management and developers (see above) at the Senckenberg Museum of Natural History Görlitz
Data sharing with other biodiversity databases (as listed above) occurs only with the express approval of the data provider and does not include personal data of the data provider, with the exception of the data owner’s name.
Edaphobase and the Senckenberg Society for Nature Research (in operating Edaphobase) have no financial interests in operating Edaphobase. No paid advertisements occur in Edaphobase or are passed on to users.
1. Collection and processing of http-logfiles
If you visit the Data-Query Portal websites or use the desktop software (i.e., Edaphobase Data-Upload tool), our web servers temporarily collect each access in a log file. The following data are collected and stored ‑ until automatic deletion after seven (7) days ‑ for all users accessing the portal:
- IP address of the requesting Computer
- Date and hour of the access
- URL of the retrieved data
- Report if the retrieval was successful
- Data identifying the browser and operating System
- Website from which the access takes place
This data is processed for the purpose of enabling the use of the website (connection setup), for system security, for technical administration of the network infrastructure, and to improve the website. It is not possible to map this data to a specific person. These data are regularly deleted after a statistical analysis within one week. The IP address is used to log the number and map the distribution of users of the Edaphobase Query Portal, without identifying the specific IPs. The IP address can be evaluated in the case of attacks on the network infrastructure of Edaphobase.
For registered users, the following data is also collected and stored:
- First name
- Institute (or “private”)
- Username (given by the user him/herself)
- E-Mail address
- Password (stored as a “salted blowfish-Hash value”)
This data is collected and stored for the sole use of enabling a personal user connection to the Data-Query Portal and Data-Import Wizard, for compiling internal reports, to avoid misuse of additional Edaphobase functions activated for registered users, and to allow the opportunity to grant specific users access to otherwise restricted data sets (see above). It is not made available or passed on elsewhere (see point 2, below). This data remains stored in the internal Edaphobase administration modules until the user demands to have his/her account deleted, whereby the data listed here is also irretrievably deleted. Deleting a user account can be requested by contacting the Edaphobase developers at email@example.com. User data of inactive users can be purged after an inactive period of 3 years.
During the log-in procedure, a cookie with information regarding user identification is stored in order to allow an automatic re-log-in after leaving the website (Session Cookie). This cookie is no longer valid after logging out of the Query Portal or after 24 hours.
For registered users, the following data is also collected and stored:
- Telephone number
- Institute (or private) address
- User identification
- Date and hour of the access / data provision
- File name
- Project identification
- The data sent
- Results of the data check
This data is collected in order to allow contact with the data provider/owner if and when necessary, as well as to create a protocol of the origin and transmission of the provided data. This data is only deleted upon request of the data provider by contacting the Edaphobase developers at firstname.lastname@example.org, at which point the provided data is also deleted.
2. Use of personal data
If you use certain features of this database, we collect personal data when necessary for this purpose. Personal data is only collected by us and only to the extent that you provide us with your information. The use of certain parts of the database requires prior registration and the processing of personal data, such as longer-term storage of email addresses, user IDs, and passwords. Such data is only used if you have provided us with it, and have given your prior consent for its use.
All use of your personal data is limited to the indicated purposes and to the attainment necessary for these purposes. Disclosure to third parties will not occur. You always have the right to revoke this consent.
Personal data is transmitted to state institutions and authorities only when required by federal legislation or in the case of attacks on our network infrastructure when disclosure is required to take legal action. Disclosure for other purposes will not occur.
Cookies are data that are sent from the web server to the web browser of the user and stored for later retrieval. Edaphobase uses only one (1) cookie at log in (“session cookie”, see point 1 above). The records do not contain personal information. A compilation of any personal data provided by the user will not occur.
Whether cookies are collected may be decided by the user yourself by setting your browser so that you are notified before a cookie is saved, which is then stored only if you explicitly accept this. However, this might limit the functional scope of Edaphobase.
The Senckenberg Society for Nature Research (SGN) will keep your data safe. For this we use technical and organizational security measures to protect your stored personal data against accidental or intentional manipulation, loss, destruction, or access by unauthorized persons. Our security procedures are continually enhanced as new technology develops.
5. Links to websites of other provider
6. Right to access information
Stored data will be deleted when the statutory or contractual retention period has expired. You have the right at any time to obtain the information of the data stored about your person, including the origin and host of your data. You also have the right to correct inaccurate data, or to block or delete your existing data.
If you wish to obtain access to your personal data, to correct or delete it or have further questions about the use of your given personal data, please contact: info(at)edaphobase.org or Jan Henning Fahnster, SGN justice council / data protection, jan-henning.fahnster(at)senckenberg.de.
7. Inclusion, validity, and timeliness of privacy