Logo des Max Delbrück Center auf einer Glasscheibe
© Katharina Bohm / MDC

Privacy policy - Nextcloud

Data protection notice for Nextcloud at MDC

Scope

This privacy policy applies to Nextcloud, which is offered behind the domain nextcloud.mdc-berlin.de.

With "Nextcloud", the MDC provides a central web-based service for the exchange and joint editing of data for MDC employees and guests. In addition, this data can also be made accessible to external persons via a link and editing rights can be individually adjusted.

Personal data is collected when using the "Nextcloud" service. Your personal data is very important to us. Therefore, we not only treat them extremely confidentially, but also take your right to information very seriously. The EU General Data Protection Regulation (GDPR) stipulates information obligations in this regard in Art. 13 GDPR, which we hereby comply with:

 

Accountability

Accountable in the sense of the Basic Data Protection Regulation and other national data protection laws of the EU member states as well as other data protection regulations is the:

Max Delbrück Center for Molecular Medicine in the Helmholtz Association
Robert-Rössle-Str. 10
13125 Berlin
Germany

Tel.: 030-9406-0

Website: www.mdc-berlin.de

Data protection officer

Ulrike Ohnesorge
E-mail: Datenschutz@mdc-berlin.de
Website: www.mdc-berlin.de

Personal data

We will process the following personal data from you:

  • Technical log and user data: IP address, BrowserType, Time

of access, address of origin

  • First and last name
  • Login name
  • Business e-mail address
  • Profile picture (if stored)
  • Share of the storage space limit
  • The user data you have deposited in the Nextcloud system

 

 

 

 

Processing activities

We will collect, record, store, use, delete and destroy your data

 

Processing purpose

The purpose for which the personal data are processed is to provide a service for the exchange and joint processing of data.

 

Legal basis

Legal basis of the processing is Art. 6 para. 1 lit. a and e / f of the German Data Protection Act (DSGVO)

 

Recipients and storage of personal data

Your user data in Nextcloud will be deleted 4 weeks after the MDC affiliation expires.

Technical log data (see above) is deleted after seven days at the latest.

Users have the option to delete content and communication data generated by them at any time.

Your data will not be passed on to third parties.

 

Your rights

You have the right to request free information about your stored personal data, its origin and recipient, the purpose and duration of data processing. In addition, under certain conditions, you have the right to correction, to restriction of processing (e.g. blocking), to deletion and to data portability of your data. You have the right to object to direct marketing as well as to the processing of your data, which is based on Art. 6 (1) lit. e and f DSGVO. If you wish to exercise your right to object to the processing of your personal data concerning you, we request that you inform us of the reasons arising from your particular situation so that we can carry out a balancing of interests in accordance with Article 21 (1) sentence 2 DSGVO.

Furthermore, you have the right to file a complaint with the competent supervisory authority for data protection if you believe that the processing of your personal data is not lawful. The competent supervisory authority is:

The Berlin State Commissioner for Data Protection and Freedom of Information.

 

Use of Cookies

Cookies are only used to simplify or enable the secure use of the website for users. No cookies from third-party providers are used.

 

Important Notice:

Please use Nextcloud only for business data and observe the data security at MDC for in-house data. In particular, caution should be exercised when synchronizing to mobile end devices.