(1) Who is CO:RE?
Wherever you see a reference to “CO:RE” or “we”, it refers to the coordinators of the CO:RE Project:
CO:RE – Children Online: Research and Evidence
Leibniz Institute for Media Research | Hans-Bredow-Institut (HBI)
Rothenbaumchaussee 36
20148 Hamburg
GERMANY
The HBI is responsible for the compliance to the European Union’s General Data Protection Regulation (GDPR), and acts as data processor and data controller.
If you have any questions regarding this data protection declaration or if you wish to assert your rights in data protection (see # 8 below), please contact the data protection officer of the Leibniz Institute for Media Research | Hans-Bredow-Institut:
Jennifer Jähn-Nguyen
datenschutz nord GmbH - Standort Hamburg
Sechslingspforte 2
22087 Hamburg
Germany
email: datenschutz@leibniz-hbi.de
TAKEPART Media GmbH advises the HBI and provides the technical infrastructures necessary.
TAKEPART Media + Science GmbH
Maria-Hilf-Str. 15 -17
50670 Cologne
GERMANY
(2) What is the purpose for processing your personal data?
The CO:RE website provides a pan-European knowledge platform (CO:RE Knowledge Base) that offers directories to published evidence, empirical data and provides a range of original resources and materials, such as blog posts, reports and e-brochures for stakeholders concerned with children and youth online in research, education, and policy-making.
We process your personal data (legal basis: Art. 4 (1) GDPR) within the scope of this privacy policy only to the extent necessary to provide a functioning website and the contents and services made available here. You are providing personal data, for instance, by using a contact form, sharing or commenting a blog post or registering for the newsletter. The purpose of processing your data is to provide you with the services of the CO:RE website and/or the services you registered for. Besides these, some personal data are automatically captured by IT systems every time you visit the CO:RE website. CO:RE uses these data to assist in providing and improving effective services and analysing the use of the CO:RE pages (see 4.2).
(3) What personal data does CO:RE process and how?
[3.1] to provide a functional website
When you visit the CO:RE website without registering for any services listed below (see 3.2) and without providing CO:RE with personal data in any other form, the CO:RE website server automatically collects information about you, including personal data. The data you provide are:
IP address
Referrer URL
Host name
Cookies
your device type, name and IDs
date and time
content of your request
your browser version
your screen resolution
your operating system, and language settings.
CO:RE uses such information to provide a functional website (legal basis: Art. 6 (1) b GDPR), for instance, by adapting the pages to the requirements of your device. Furthermore, we safeguard the website’s stability and security (legal basis: Art. 6 (1) f GDPR). We have reasonable state of the art security measures in place to protect against the loss, misuse and alteration of personal data under our control, e.g., SSL/TLS-encryption. While we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it. You should bear in mind that submission of information over the internet is never entirely secure. We cannot guarantee the security of information you submit via our website while it is in transit over the internet and any such submission is at your own risk. Lastly, we use your information to capture broad demographic information for anonymised, aggregated traffic analysis (see 4.2 below).
The data listed above are stored at our server host
Domainfactory GmbH
Oskar-Messter-Str. 33
85737 Ismaning
GERMANY
and are irreversibly erased within no more than 14 days; unless continued storage is required for evidentiary purposes, for instance, a project review by the European Commission after the project duration (01 January 2020 – 31 December 2022) has ended.
You can find the privacy policy statement of our host service provider here.
[3.2] to provide specific CO:RE services
Comment function:
The data you provide are:
You can choose to share a comment below a blog posting on our website. The data you provide are used to process your comment. Your name and comment are displayed below the specific posting after review. Your data are irreversibly erased after the end of the project duration (01 January 2020 – 31 December 2022).
Contact via email or contact form:
The data you provide are:
If you contact us via email or the contact form, the data you provide are used to process your request (legal basis: Art. 6 (1) b GDPR). Your data are irreversibly erased once we have fully answered your inquiry and there is no further legal obligation to store your data.
Newsletter:
The data you provide are:
You have the option to subscribe to our newsletter with which we keep you posted on any activities taking place on our website, on events, news and much more. Your data are retained as long as you subscribe to our newsletter. You can unsubscribe from receiving this newsletter at any time via an unsubscribe button at the bottom of all newsletters sent out. If you choose to unsubscribe, all data are irreversibly erased from our servers (legal basis: Art. 6 (1) a GDPR).
The data described above are encrypted and stored on our technical infrastructure provider’s (TAKEPART) server.
(4) What are cookies and for what purpose does CO:RE use them?
Cookies are text files placed on your computer to collect standard Internet log information and visitor behaviour information When you visit our website, we may collect information from you automatically through cookies.
If you have given your consent, the CO:RE website uses cookies to, for instance, retain preferences you set on the page or to follow your journey through our website – fully anonymised, of course! Generally speaking, using cookies makes for a smoother browsing experience.
Allowing our cookies means, when you visit the CO:RE website, we track your browsing on our page based on your IP address, which is anonymised and cannot be linked to you. This tracking includes which pages you visit, the time you spend, and where your IP address is located.
However, you have the possibility to withdraw your consent by using the button “Privacy & cookie settings” at the top of this page. Further, you can choose to deactivate cookies in your browser at any time with effect for the future by blocking the storage of cookies.
Legal basis: Art. 6 (1) f GDPR
Learn more about cookies: https://www.allaboutcookies.org/
Learn more about your choices online: https://www.youronlinechoices.com/
[4.1] Essential cookie: Oreos
This cookie enables a basic function and is necessary for managing your cookie preferences.
Oreos Cookie
Provider: Website owner
Purpose: Saves visitors’ preferences selected in the Cookie Preference Box.
Cookie name: TP_OREOS
Cookie expiry: 1 month
[4.2] Statistical web analytics cookie: Matomo
This cookie enables us to track and analyse visitor behaviour on our pages. If the pages of the CO:RE website are called up, the following data are stored:
Two bytes of your IP address
Page accessed and clickstream (the chronological order of CO:RE pages you visited)
Geographic location
Time, duration and frequency of visit
Referring site
We use these data only to determine the most useful information you are looking for, and to improve and optimise the CO:RE website. We do not combine the data collected through the use of the tools with personal data.
The software runs exclusively on the servers of the HBI. Your personal data will only be stored there. The data will not be passed on to third parties. The software is set up in such a way that the IP addresses are not stored completely, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer.
These data are irreversibly erased after 90 days. Aggregated and anonymised data are erased after the end of the project duration (01 January 2020 – 31 December 2022).
Content from video platforms and social media platforms is blocked by default. If external media cookies are accepted, access to those contents no longer requires manual consent.
YouTube Cookie
Provider: YouTube
Purpose: Used to unblock YouTube content
Privacy Policy: https://policies.google.com/privacy/
Host: .google.com
Cookie name: NID
Cookie expiry: 1 month
[4.4] External service cookie: Google Translate
If translation cookies are accepted, access to the automated translation service is granted, provided by Google Translate and GTranslate.io. Cookies are only set if the service is actively used.
Google Translate / GTranslate.io Cookie
Provider: Google Translate
Purpose: Used to grant access to translation service
Privacy Policy: https://policies.google.com/privacy/
Host: .google.com
Cookie name: OTZ
Cookie expiry: 1 month
(5) Is CO:RE analysing web traffic?
Yes, we do track our web traffic. For this purpose, we use the open source software tool by Matomo (see also 4.2 above).
(6) Does CO:RE integrate third-party content, services and social media plug-ins?
Yes, we do by embedding CO:RE videos from YouTube. Furthermore, a third-party is involved when you decide to use the “share this post” button below all blog postings and updates. In this case, the terms and privacy policies of the respective third-party applies (see below).
Technically, it is a prerequisite that the third-party providers are aware of your IP address so that they can deliver the content or services to your browser. It is possible that third-party providers may use tracking and web analysis technologies for statistical or marketing purposes, but these must also be designed to comply with GDPR. Examples of such technologies are cookies, web beacons, pixel tags. In addition, data may be collected that your browser and/or system provides. Such pseudonymous data may also be combined with information from other sources.
The integration of third-party content and services is intended to make the offer on the website as a whole more attractive, more user-friendly and more relevant to the target groups (legal basis: Art. 6 (1) f GDPR).
[6.1] Share to Facebook & Whatsapp
When sharing a posting to Facebook or via Whatsapp, these terms apply: https://www.facebook.com/about/privacy & https://www.whatsapp.com/privacy/.
Provider: Facebook Inc., 1 Hacker Way, Menlo Park, Silicon Valley, CA 94025, USA.
When sharing a posting to Twitter, these terms apply: https://twitter.com/de/privacy/.
Provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
[6.3] Share to LinkedIn
When sharing a posting to LinkedIn, these terms apply: https://www.linkedin.com/legal/privacy-policy/.
Provider: LinkedIn Corporate Office HQ, 2029 Stierlin Ct. Ste 200, Mountain View, CA 94043, USA.
[6.4] View embedded content from YouTube
You have to consent in order to display embedded content from YouTube. When you choose to consent, these terms apply: https://www.google.com/policies/privacy/.
Provider: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
(7) How long does CO:RE retain your data?
We strive to keep our processing activities concerning your data as limited as possible. In the absence of specific retention periods set out in this policy, your data will be retained only for as long as we need it to fulfil the purpose for which we have collected it and, if applicable, as long as required by statutory retention requirements.
(8) What are your rights?
Under the legislation applicable to you (Art. 15-21 GDPR),
you can ask us anytime to give you free access to your data (including the source of the personal data, the purpose of the processing and recipients of these data) or give you a copy thereof.
You can demand that we delete any of your data.
You can anytime withdraw your given consent and object to the future processing of your data without impact to data processing activities that have taken place before such withdrawal. Just send an Email to info@core-evidence.eu.
You can deny all cookies used by Google Analytics.
You can update your data anytime or request rectification.
You can require to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and to transmit those data to another controller.
You can lodge complaints concerning any potential breach of your rights regarding the processing of your data before the supervisory data protection regulators.
Learn more about data protection and your rights as data subject: The European Data Protection Board lists all national contacts of Data Protection Authorities of EU Member States under https://edpb.europa.eu/about-edpb/board/members_en.