Data Protection Policy

Version 2.0 of 15 March 2019

The protection of your personal data is very important to us. In accordance with the relevant data protection regulations we inform you in the following about the collection, processing and use of your data in the context of our


Website

Within the use of the website www.algorithmwatch.org, we – AW AlgorithmWatch gGmbH – as the data controller (hereinafter also referred to as “we” or “us”), collect and store the data you provided as long and so far this is necessary to fulfil the specified purposes and legal obligations. In the following, we will inform you about what data is involved, how the data is processed and what rights you have, especially in regard of the General Data Protection Regulation (EU) 2016/679 (GDPR).

Collection and processing of personal data and their purposes

Webhosting

For the provision of this website, we use the web hosting service wservices GmbH, Züricherstrasse 161, 8010 Zürich / Schweiz (hereinafter “wservices”).

The offer if the website requires the commissioning of a webhost service.
The legal foundation for utilization of wservices is Art. 6 Subs. 1 Sentence 1 lit. f GDPR due to our legitimate economic interest to make our offer available on this website. In connection with the hosting wservices collects data in our behalf, which accrues while the use of the website.
We have concluded a data processing agreement with web hosting wservices. Through this agreement the service provider ensures, that he processes the data in accordance with the General Data Protection Regulation and ensures the protection of the data subject rights.

When visiting the website

You can access the website www.algorithmwatch.org without disclosing your identity. The browser on your end device automatically sends information to our website server (e.g. IP address of the querying computer, date and time of the access, name and URL of the accessed file, browser type and version and also further information sent by the browser (such as your computer’s operating system, the name of your access provider, geographical origin, etc.).

This information, which also includes your ip-address, is temporarily stored in a log file. The following information is collected without any action on your part and deleted automatically after 1 month.

We process these data to ensure trouble-free connection to the website, comfortable use of our website, for evaluating system security and stability and also for further administrative purposes.

The legal foundation for the data processing is Art. 6 (1) lit. f GDPR. Our legitimate interest follows from the above purposes for the data collection.

Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.

Improvement of our offering using visit statistics

To improve our online services, we occasionally evaluate how the site is used.

For this purpose, we create visitor statistics by using the web analytics software Matomo (formerly Piwik). In doing so we don’t collect personal data.

Matomo saves two anonymized identification numbers in your browser (HTTP cookies), in order to differentiate between the different website users. In this context your IP address is used for the analysis, while being shortened in a manner that makes it impossible to link it to you.

You have two options, should you not agree to us using your visits of our website in order to create these statistics:

  • You can block and delete the cookies which are used by our website using your browser settings;
  • You can disable javascript on our website.

Newsletter subscription

Our website gives you the option to subscribe to our newsletter in order to stay up to date and informed about news and new developments. To be able to complete your subscription, it is necessary to process your personal data automatically.

We charged MailChimp (The Rocket Science Group LLC, 675 Ponce de Leon Avenue NE, Suite 5000, Atlanta, GA 30308, USA) with this task. Please note that MailChimp is a third-party service that is not owned or managed by AlgorithmWatch. MailChimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.

Your data will be used exclusively in accordance with your given consent under Art. 6 (1) lit. a GDPR (see also newsletter section below).

Comment function and spam protection

If you choose to use the comment function at the end of articles, we will collect the data on the commenting users name or used nickname, the email address, the website if applicable as well as the IP address. This data is stored with the comment. The processing of data in the course of publishing online comments and user reactions is justified because it is in our legitimate interest to partake in an opinion and information exchange pursuant to Article 6 (1) lit. f GDPR. To prevent the misuse of this function we use the plug-in Aksimet which is used to detect comments containing spam.

Youtube

With consent pursuant to the first sentence of Article 6 (1) lit f) GDPR, we use components (videos) of YouTube, LLC, 901 Cherry Avenue, 94066 San Bruno, CA (USA) (hereinafter referred to as ‘YouTube’), a company of Google Inc., Amphitheatre Parkway, 94043 Mountain View (USA), (hereinafter referred to as ‘Google’).

We use the ‘extended data protection mode’ option provided by YouTube.

Upon requesting an Internet page with embedded video, our website connects to the YouTube servers and renders the content on the Internet page using your browser.

According to the information provided by YouTube, in the ‘extended data protection mode’, your data will be transferred to the US YouTube servers only while you watch the video. The transferred data include the Internet page you just viewed and device-specific data including your IP address. By clicking ‘run’ on the video you agree to this transfer.

Should you be logged into your YouTube account at the same time, YouTube will associate these collected data with your member account. You may prevent this by logging out of your YouTube account prior to visiting our website.

Google complies with the data protection regulation of the US Privacy Shield and is registered with the US Privacy Shield Program of the US Department of Commerce.

  • You may find further information on data protection in context with YouTube in Google’s Data Protection Regulations: https://www.google.de/intl/de/policies/privacy/

Data security

All the data you personally transfer will be sent encrypted with the customary and secure TLS standard (Transport Layer Security). TLS is a secure and proven standard, which is also used for online banking, for example. You can recognize a secure TLS connection inter alia by the “s” appended to the http (i.e. https://..) in the ad-dress bar of your browser or by the lock symbol at the bottom of your browser.

We also use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorized access by third parties. Our security measures are continually monitored and improved to reflect technological developments.

Data subjects rights

Please see below.


Newsletter

Information about the subscription, procedure, content, frequency and statistics when you subscribe to the AlgorithmWatch newsletter.

Subscription to the newsletter

Our website gives you the option to subscribe to our newsletter in order to stay up to date and informed about news and new developments. To be able to complete your subscription, it is necessary to process your personal data automatically.

We charged MailChimp (The Rocket Science Group LLC, 675 Ponce de Leon Avenue NE, Suite 5000, Atlanta, GA 30308, USA) with this task. Please note that MailChimp is a third-party service that is not owned or managed by AlgorithmWatch. MailChimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.

Your data will be used exclusively in accordance with your given consent under Art. 6 (1) lit. a GDPR (see paragraph below).

Double-Opt-In and Opt-Out

You will receive a double opt-in e-mail asking you to confirm your subscription. You can object to receiving the newsletter at any time (so-called opt-out). You will find an unsubscribe link in each newsletter and the double opt-in e-mail.

Statistics and evaluation

To improve our newsletter, we  analyze how the newsletter is used, like how often the newsletter is opened and on which links the readers click.

We create reader statistics by using the web analytics software Matomo (formerly Piwik). In doing so we don’t collect personal data.

What content can I expect?

We inform you about the activities of AlgorithmWatch, our projects as well as publications and upcoming events relevant to our organization and our fields of competence.

How often will the newsletter be sent?

The newsletter will be sent once or twice a month. The frequency depends on the topics and current developments.


Job applications

Thank you for your interest in our job vacancies. The protection of your personal application data is very important to us. Therefore we inform you in the following about the collection, processing and use of your data in the context of the email application, in accordance with the relevant data protection regulations.

Data collection

In the context of your email application, we will collect and process the personal application data listed below:

  • Name, first name
  • Address
  • telephone number
  • email
  • Application documents (letter of motivation, curriculum vitae, certificates etc.)

Insofar as special categories of personal data within the meaning of Art. 9 para. 1 GDPR are voluntarily disclosed in the application process, their processing is also carried out in accordance with Art. 9 para. 2 lit. b GDPR (e.g. health data or ethnic background).

Purpose of data collection / dissemination

The collection and processing of your personal application data is carried out exclusively for the purpose of filling positions within our organisation.

As a matter of principle, your data will only be forwarded to the employees* of our organisation responsible for the specific application procedure. Your application data will not be used or passed on to third parties beyond this.

Retention period of application data

Your personal application data will be deleted automatically six months after completion of the application process, except in the case of a justified revocation, so that we can answer any follow-up questions regarding the application and meet our obligations to provide evidence under the Equal Treatment Act.

Storage for future job advertisements

If we are unable to offer you a position that is currently vacant, but believe, on the basis of your profile, that your application may be of interest for future openings, we will store your personal application data in our talent pool for a period of twenty-four months, provided that you expressly consent to such storage and use.

Data subjects rights

Please see below.


Events

By registering online to attend an event of AlgorithmWatch, you consent to the collection, retention and use of your personal information in accordance with the terms of this policy.

Processing of your data

When you register for an event, we require certain data from you, depending on the type of event. The invitation or registration form indicates which information is required and which is voluntary. Your data will not be passed on to third parties, except service operators listed below. Any exceptions (e.g. at cooperation events with partners) will be clearly communicated during the registration.

We may use your personal data only for the following purposes:

  • for the organisation, realisation and processing of the event,
  • (if applicable) to network the participants of the event by issuing name tags and displaying lists of participants if necessary: on your name tag we only list your name; on the list of participants your name, your function and your institution, unless you object to this,
  • to prove that we may process your data, in particular send you information by e-mail,
  • to fulfil our statutory, fiscal and budgetary obligations and interests including controlling, the fight against fraud and corruption and the documentation of our activities; in particular if the event includes catering or in case you receive refunds, we must store your registration and, if applicable, invoice and payment data,
  • only if expressly pointed out, also for the documentation of the event by photo and film recordings, which can also be used for public relations work of AW.
  • Depending to the security requirements of the event (e.g. by the cooperation partner or event location), you must present a valid photo ID for admission to the events. It is used for comparison with the ID indicated in the registration process and/or the participant list. Data for potential and explicitly communicated identity checks is not stored by AW, but forwarded to the respective cooperation partner or event location after the registration deadline. The data is deleted from AW documentation immediately on the day of the event.

Your data will not be used by us for automated decision-making or for profiling within the meaning of Art. 22 GDPR.

Recipient of your data and third party services

To be able to complete your registration, it is necessary to process your personal data automatically.

We charged MailChimp (The Rocket Science Group LLC, 675 Ponce de Leon Avenue NE, Suite 5000, Atlanta, GA 30308, USA) with this task. Please note that MailChimp is a third-party service that is not owned or managed by AlgorithmWatch. MailChimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework.

Access to your data at AW is limited to

  • Our conference management team and the persons entrusted with the organization, execution and handling of the event;
  • Our communication and PR team for the relevant tasks
  • (If applicable) for the purpose of networking, your name, and if applicable and necessary function and institution are also accessible to other participants.
  • Photographs and films, which are published or otherwise processed for documentation or public relations purposes, may be accessible to anyone. In individual cases, we may use an order processor who uses your data exclusively for these purposes on our behalf for certain activities. The latter is strictly bound by our instructions and may not process or pass on the data for own purposes.

Voluntary disclosure of your data

The provision of your personal data is not mandatory and we try to strictly limit the processing of your personal information. However, we cannot accept your registration without stating the data indicated as required in the registration form of the respective event. If you do not provide us or our cooperation partner with proof of your identity at the entrance if requested, you will not be able to enter the event.

If you have any questions or comments, please contact events(at)algorithmwatch.org.

Data subjects rights

Please see below.


Data subject rights

You have the right:

  • pursuant to Art. 15 GDPR to demand information about your personal data we process. In particular, you can demand information about
    • the purposes of the processing,
    • the category of the personal data,
    • the categories of recipients to whom your data were or will be disclosed,
    • the planned storage period,
    • the existence of a right to rectification, deletion, restriction or revocation of processing,
    • the existence a right to lodge a complaint,
    • the origin of your data, in so far as not collected by us,
    • and also about the existence of automated decision-making including profiling and where appropriate meaningful information about to details thereof;
  • pursuant to Art. 16 GDPR to demand immediate rectification of inaccurate or completion of your personal data saved with us;
  • pursuant to Art. 17 GDPR to demand deletion of your personal data saved with us, in so far as the processing is not required for exercising the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest or to establish, exercise or defend legal claims;
  • pursuant to Art. 18 GDPR to demand restriction of processing of your personal data, in so far as you contest the accuracy of the data, the processing is unlawful but you oppose deletion and we no longer need the data but you do to establish, exercise or defend legal claims or you have objected to processing pursuant to Art. 21 GDPR;
  • pursuant to Art. 20 GDPR to receive your personal data you have provided us in a structured, commonly used and machine-readable format or to demand transmission to another controller;
  • pursuant to Art. 7 Subs. 3 GDPR to withdraw your consent to us at any time. This means that we may no longer continue processing the data based on that consent for the future and
  • pursuant to Art. 77 GDPR to lodge a complaint to a supervisory authority. As a rule, you can contact the supervisory authority for your habitual residence or place of work or our registered offices.

If you want to exercise your data subject rights, simply send an email to privacy(at)algorithmwatch.org

Right to object

You have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data, insofar as there are grounds arising from your particular situation or it relates to objection to direct advertising. In the latter case, you have a general right to object which we shall heed without the stating of a particular situation.

Data controller

Postal address of the data controller:

AW AlgorithmWatch gGmbH

Bergstr. 22

10115 Berlin

If you want to exercise your right to object, simply send an email to privacy(at)algorithmwatch.org

Corrections

AlgorithmWatch will endeavour to keep your personal information accurate. If you require access to personal information we hold on you, wish to amend an inaccuracy, or have your information deleted from our files then please contact privacy(at)algorithmwatch.org.

Actuality and changes to this Data Protection Policy

This data protection policy is the latest version and amended as of 15 March 2019.

The further development of our website and online services or changes in statutory or public-authority requirements may render it necessary to amend this Data Protection Policy. The latest version of Data Protection Policy can be downloaded and printed out at any time from the website under https://algorithmwatch.org/en/privacy/

Questions

If you have any questions regarding our Data Protection Policy or require any clarifications, please contact us:

  • by Email: privacy(at)algorithmwatch.org
  • by phone: +49 (0)30 99 40 49 000
  • by mail: AW AlgorithmWatch gGmbH, Bergstr. 22, 10115 Berlin, Germany
Supported by