Data Privacy Statement

1. Data Storage and Data Use

The HPI OpenID Provider stores given name and family name as well as email adresses of the users. We also store additional attributes of the user if he enters them on the web page. This is optional. The additional attributes are:

Gender
Phone numbers(Home, Work, Mobile)
Date of Birth
Address
Locality or Geographic Region
State or Province
Postal Code
Country

This data is used to authenticate against other websites which support OpenID. The websites can request specific attributes. The user needs to confirm the attributes before they are transferred. We have no influence if these data are processed by these websites (see point 3)

Under no circumstances is the data disclosed to unauthorized third parties, unless required by law. You may revoke the consent you have given at any time and/or object to the future use of your data.

2. Right of Objection and Right of Access

Your consent regarding the receipt of information offers by post and/or by email, or any other kinds of consent granted, can be revoked at any time with future effect by sending an informal letter to: Hasso Plattner Institute for Digital Engineering gGmbH, Prof. Dr. Helmert Strasse 2–3, 14482, Potsdam, Germany or by sending an email to our data protection officer (datenschutz(at)hpi.de).

Furthermore, our data protection officer can also provide you information about your data stored with us.

At your request, we will undertake the necessary steps to erase or block your data completely. In this case, please send your request in writing to:

Hasso Plattner Institute for Digital Engineering gGmbH
Data Protection Officer (Datenschutzbeauftragter)
Campus Griebnitzsee
Prof.-Dr.-Helmert-Str. 2-3
14482 Potsdam

or alternatively by email to: datenschutz(at)hpi.de.

At all times you have the right to disclosure of your stored, personal data, as well as its provenance, recipients and the purpose of its use. You also have a right to the correction, blocking or deletion of your data. In the event of such queries, please use the addresses stated in the imprint to contact us.

3. Links to Other Websites

Our website contains links to the websites of other, unrelated providers. After clicking on such a link, we no longer have any influence on the processing of any data that is transferred to the third party (such as the IP address or the URL on which the link is located), since the behavior of third parties is beyond our control. Therefore, we cannot accept any responsibility for the processing of any such data by third parties.

4. Server Log Files

The page provider collects and stores information in so-called “server log files,” which your browser automatically transmits to us.

To provide the best quality of service we store the following information for each authentication action for 14 days in the log files:

user, who wants to authenticate at some service
time of authentication request
service for authentication
attributes requested by the service
result of authentication action (success, failure)

5. SSL Encryption

This site uses SSL encryption for security reasons and to protect the transmission of sensitive content—such as the requests you send to us as site operator. You can recognize an encrypted connection in the change of the browser’s address line from "http: //" to "https: //" and by the lock symbol in your browser line. When SSL encryption is activated, the data you have sent us cannot be read by third parties.


Version 22.05.2018