ECACTJ

The European Criminology Group on Atrocity Crimes and Transitional Justice

Data Protection

The protection of your data at ecactj.org

General

We,

ecactj.org
Dr. Nandor Knust
Max Planck Institute for Foreign and International Criminal Law (MPICC)
Günterstalstraße 73
79100 Freiburg i. Br.
Germany

(hereinafter referred to as “ecactj.org”), take the protection of your personal data very seriously, and we strictly comply with the regulations of the data protection statutes. The following declaration provides you with an overview as to how we ensure this protection. In particular, we would like to explain to you – as a visitor to our website, a subscriber to our newsletter or as an applicant to eactj.org – which types of data we gather, why we collect these types of data, how we use this data, and how you at any and all times can determine how your personal data is treated.

According to the General Data Protection Regulation (GDPR) you have various rights which you can assert in relation to us. This includes, among others, the right to withdraw consent to the processing of data, in particular data processing for the purposes of marketing. The possibility to withdraw consent is typographically highlighted.

Should you have questions regarding this Privacy Policy, you can contact our data protection officer at any time. The contact details can be found below.

Name and contact details of the person responsible for processing and the data protection officer

This Privacy Policy applies to the processing of data by

ecactj.org
Dr. Nandor Knust
Max Planck Institute for Foreign and International Criminal Law (MPICC)
Günterstalstraße 73
79100 Freiburg i. Br.

Germany


(“person responsible”), and for the website ecactj.org.

Purpose of data processing, legal basis, and legitimate interests that are pursued by ecactj.org or a third party, and categories of recipients

Surfing on this website

ecactj.org gathers and automatically stores log file information in its server, which your browser deposited with us while you were surfing. Examples of information that we gather and analyze include the Internet Protocol Address (IP), which connects your computer with the Internet, as well as acknowledgments of receipt and reading confirmations of emails, logins, email addresses, passwords, information about the computer and connection to the Internet such as type of browser, browser version and number, operating system and platform. Furthermore, we record the complete Uniform Resource Locator (URL) Clickstream through and from our website, i.e. the sequence of the pages of our website that you visit, including date and time, cookie or flash cookie number, and the content that you viewed or for which you searched.


In brief, here is the key data that we store:

  • Type of browser/browser version
  • The operating system used
  • Referrer URL (the page visited previously)
  • URLs / pages on this website that have been accessed
  • IP address of the accessing computer along with its name
  • Time of the server request

The legal basis for the processing of the IP address is Article 6, Para 1f) of the GDPR. Our legitimate interest results from the following list of purposes of the data processing. Please note on this point that it is not possible for us to draw any direct conclusions about your identity on the basis of the data collected, nor do we attempt to draw such conclusions.

The IP address of your device and the remaining data listed above is used by us for the following purposes:

  • Ensuring a seamless establishment of the connection
  • Ensuring the comfortable use of our website
  • Assessing the system security and stability

The data is saved for a period of 7 days, after which it is automatically deleted or anonymized.   

Online presence and website optimization

Cookies

Our Internet sites use so-called cookies (one, until today).  Insofar as these cookies contain personal data, the use of these takes place on the basis of Article 6 Para 1f) of the GDPR. Cookies are small text files that are automatically generated by your browser and saved on your device (laptop, tablet, smartphone, etc.). Cookies do not cause any damage to your device and they do not contain any viruses, Trojans, or other malware. In the cookie, information is stored which results from the connection with each specific device respectively. However, this does not mean that we gain any direct knowledge regarding your identity.

These cookie is automatically deleted after a respectively defined period of time. You can, however, configure your browser so that no cookies are stored on your computer, or so that a warning always appears before a new cookie is created.

In the cookies we use, we store:

  • a token preventing cross site request forgery (csrftoken)

Webanalytics

We do not use any  web analytics service.

Social Media Plugins

We do not use any social media plugins on our website.

Your rights

Overview

Alongside the right to withdraw the consent given to us, you also have the following rights, when the respective legal conditions are extant:

  • Right of information regarding your personal data stored by us in accordance with Article 15 of the GDPR; in particular, you can obtain information about the purpose of processing, the category of personal data, the category of recipient for whom your data is or has been made available, the planned period of retention, the origin of your data, insofar as it was not collected directly from you,
  • Right of rectification of erroneous or to completion of correct data in accordance with Article 16 of the GDPR,
  • Right to deletion of your data stored by us in accordance with Article 17 of the GDPR, insofar as there are no legal or contractual requirements to retain the data, or other legal obligations or rights to the continued retention of the data,
  • Right to limit the processing of your data in accordance with Article 18 of the GDPR, insofar as you dispute the correctness of the data, the processing is illegal, but you oppose the deletion of said data; the data controller no longer requires the data, but you require said data for the assertion, exercise or defense of legal claims, or you have filed an objection to the processing in accordance with Article 21 of the GDPR,
  • Right to data portability in accordance with Article 20 of the GDPR, i.e. the right to receive selected data about you stored by us in a standard, machine-readable format, or to have this transmitted to another data controller,
  • Right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your normal place of residence or work, or of our association headquarters to do this.

Right to object

Under the conditions of Article 21, Para 1 of the GDPR, the data processing can be objected to on grounds arising out of the special situation of the person affected.

The above general right to object applies for all purposes of processing described in this Privacy Policy that are processed on the basis of Article 6, Para 1f) of the GDPR. In contrast to the special right to object to data processing for marketing purposes (see Section III.2.1.2 above), we are, according to the GDPR, only obligated to implement such a general right to object if you can provide grounds of superordinate importance (e.g. a possible risk to life or health).

Forwarding to third parties

The data collected by us are not sold. We provide information that we obtain to third parties exclusively to the extent described in the following:

  1. Service providers

    We commission other companies and individuals to fulfill tasks for us. Examples include the the hosting and maintenance of this website. These service providers have access to personal information that is necessary for fulfilling their tasks. However, they are not permitted to use this for other purposes. In addition to this, they are obligated to handle the information in accordance with this Privacy Policy and applicable data protection laws.

  2. Protection of ecactj.org and third parties

    We disclose personal data when we are legally obliged to do so, or when such disclosure is necessary to protect our rights and those of third parties.

  3. Recipients outside of the EU

    We do not forward your data to recipients with headquarters outside of Germany.  

Further information and notes

Our website, services, and initiatives evolve continuously. Equally, this Privacy Policy and our conditions of use change on occasion. Therefore, you should regularly visit our website and take note of any changes. Insofar as nothing is regulated in another manner, the use of all information that we have about you is subject to this Privacy Policy. We assure you that significant changes to our Privacy Policy that would result in weakened protection of already collected data will always only be made with your agreement as the respective affected party.

Your trust is very important to us. Therefore, we are available to answer your questions at any time regarding the processing of your personal data. If you have questions that could not be answered in this Privacy Policy, or if you would like more detailed information on one of the points, please contact at any time at the email address n.knust@mpicc.de.