The data controller as defined under the EU’s General Data Protection Regulation (hereinafter “GDPR”) – as well as other national data protection laws of individual member states and data protection regulations – is:

Freie Universität Berlin
represented by the President
Kaiserswerther Straße 16–18
14195 Berlin

Tel.: +49 (30) 838-1
E-Mail: info@open-encyclopedia-system.org

This privacy policy applies to the Open Encyclopedia System website, which is accessible at the domain www.open-encyclopedia-system.org and various subdomains (hereinafter referred to as ‘our website’).

Personal data are any information relating to an identified or identifiable natural person. This includes information such as your name, age, mailing or IP address, telephone number, date of birth, email address, and user behavior. Information that does not allow us to identify you (or would only enable us to do so with disproportionate effort) because the information is anonymized, for example, is not considered personal data.

The processing of personal data (for example, when said data are collected, retrieved, used, stored, or transmitted) must always have a legal basis and/or be based on your consent.

1. Website provision and usage

a. Type and scope of data processing

We collect and use personal data from our users only to the extent necessary to provide a functional website and our content and services.

Whenever you access and use our website, we only collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file. The following information is collected without your intervention and stored until it is automatically deleted:

• the website you visited
• the web page from which you accessed our web page (plus the terms entered if this was a search engine)
• date
• timethe operating system used
• features of the display (resolution in pixels and the pixel ratio for the detection of high-resolution displays) and
• the browser used (Internet Explorer, Firefox, Opera, etc.)

The log file also stores the volume of the transmitted data, an HTTP status code (for example, to identify a successfully transmitted web page), and the IP address of the device used to access the page (e.g., PC or smartphone) – whereby the IP address is immediately anonymized by the erasure of the last octet of the address.

The data stored in the log file is collected and used solely for anonymous evaluation for statistical purposes (for example, an analysis of user behavior, which pages of the website or subdomain are accessed, which browsers are used, etc.) and thereby serves to improve our services. As IP addresses are anonymized in the way described above, they cannot be mapped to a specific user and cannot be traced to a specific IP address.

b. Legal basis
The legal basis for our data processing is Article 6.1.1.e GDPR in conjunction with Section 3 of the Berlin Data Protection Act (BlnDSG) Section 4 of the Berlin Higher Education Act (BerlHG), and Article 6.1.1.c GDPR in conjunction with Section 13.7 of the German Teleservices Act (TMG). The processing of said data is required in order to provide and maintain the website and thus serves Freie Universität Berlin in performing a task carried out in the public interest.

c. Storage period
The log files for the ongoing and previous calendar year are stored for evaluation purposes. In this case, the IP addresses are anonymized. The data are then erased.

2. Newsletter

a. Type and scope of data processing
open-encyclopedia.org offers users the opportunity to sign up for a free newsletter and other free information sent via email. The data that you have provided us via the registration form will be transferred to the party responsible for the newsletter subscription.
The data you have provided within the context of subscribing to the newsletter will not be disclosed to third parties.

b. Legal basis
The processing of the aforementioned personal data for the purposes of distributing the newsletter is performed on the basis of your voluntarily given consent pursuant to Article 6.1.a GDPR.

c. Storage period
The personal data you have provided will be stored as long as the subscription to the newsletter is active. If you unsubscribe from the newsletter, then the personal data collected for distributing the newsletter will be erased. The data will only be stored in exceptional cases, for example, if required by law.

You can terminate subscriptions to the newsletter at any time. As a rule, you will usually find a link for this purpose in each newsletter. If you have any further questions, feel free to contact the Online Editorial Department via email at info@open-encyclopedia-system.org.

We will only disclose your personal data to third parties when:

• You have given your explicit consent pursuant to Article 6.1.1.a GDPR.
• This is legally permissible and required for the performance of a contract to which you are party pursuant to Article 6.1.1.b GDPR.
• Disclosure of personal data is necessary for compliance with a legal obligation pursuant to Article 6.1.1.c GDPR.
• Disclosure of personal data is necessary pursuant to Art. 6(1)(f) GDPR to safeguard legitimate business interests and to assert, exercise or defend legal claims, and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.

1. Use of cookies on our website

a. Type and scope of data processing

We use cookies on our website. Cookies are small files that are sent to the browser of your end device and stored there during your visit to our website. We are unable to offer some functions of our website without the use of certain cookies required for technical reasons. Other cookies allow us to carry out different analyses. For example, if you revisit our website, cookies are able to recognize the browser you use and transmit different kinds of information to us. Using cookies allows us to make our website more user-friendly and effective for you by tracing your use of our website and determining your preferred settings (for example, country and language settings). If third parties process information via cookies, they collect this information directly via your browser. Cookies do not inflict any damage on your end device. They cannot run programs on your end device and do not contain viruses.

b. Legal basis
Article 6.1.1.e GDPR in conjunction with Section 3 of the BlnDSG, Section 4 BerlGH, and Article 6.1.1.c GDPR in conjunction with Section 13.7 TMG, serve as the legal basis for data processing of technically necessary cookies. We must obtain your consent for cookies that are not technically necessary and third-party cookies. If you have given your consent to the use of cookies on the basis of one of the notifications on our website (“cookie banner”), the lawfulness of said use also complies with Article 6.1.1.a GDPR. You can revoke your consent at any time with future effect by deactivating cookies in your browser settings.

c. Storage period
As soon as the data transferred via cookies are no longer required to fulfill the purposes described above, this information will be erased, especially if you deactivate cookies. This is usually the case when you close your browser window. The data will only be stored in exceptional cases, for example, if this has been stipulated by law.

2. Configuring your browser settings

You can manage your cookie settings using the options described below or by configuring your browser settings.

Most browsers are pre-configured to accept cookies as the default, but you can also configure your browser to only accept specific cookies or not accept any at all. However, please note that you may not be able to use all functions of our website if you have deactivated cookies on our website via your browser settings. You can erase cookies that have been stored on your browser or display the storage period via your browser settings. You can also set your browser to notify you before cookies are stored. As different browsers tend to differ in terms of their functionality, we ask that you consult the help menu of your respective browser to access the configuration options available to you.

We recommend that you install specially developed plug-ins if you would like a comprehensive overview of all third-party access to your internet browser.

The website open-encyclopedia-system.org does not incorporate any external content such as external news feeds, e.g. from social media services.

Hyperlinks to the websites of third-party providers can be found on our website. Activating these hyperlinks will redirect you from our website to the website of said providers. You will recognize this from the change in URL. We bear no responsibility for the confidential processing of your data on these third-party websites, as we have no influence on whether or not these parties comply with data protection provisions. You can find further information on how your personal data are processed by these companies on their respective websites.

As a data subject, you have the following rights concerning the processing of your personal data in line with the GDPR:

• You have the right to request information as to whether or not personal data concerning you are being processed by us pursuant to Article 15 GDPR. In particular, you are entitled to information on: the purposes of the processing, the categories of personal data concerned, the categories of recipient to whom your personal data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing, the right to lodge a complaint with a supervisory authority, any available information as to the data’s source if we did not collect it, any transfer of data to a third country or to an international organization, the existence of automated decision-making, including profiling, and, where applicable, meaningful information about the logic involved.
• You shall have the right to obtain from us without undue delay the rectification of inaccurate or incomplete personal data concerning you pursuant to Article 16 GDPR.
• You have the right to request from us the erasure of your personal data pursuant to Article 17 GDPR, provided that processing is not required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims.
• Pursuant to Article 18 GDPR, you have the right to the restriction of processing where the accuracy of the personal data is contested by you, the processing is unlawful, or we no longer need the personal data but you reject their erasure because they are required by you for the establishment, exercise, or defense of legal claims. You are also entitled to this right to restriction of processing pursuant to Article 18 GDPR if you have submitted an objection to processing pursuant to Article 21 GDPR.
• Pursuant to Article 20 GDPR you shall have the right to receive the personal data concerning you which you have provided to us, in a structured, commonly used, and machine-readable format and you have the right to transmit those data to another controller.
• You have the right to withdraw your consent at any time pursuant to Article 7.3 GDPR. Subsequently we shall no longer have the right to continue the data processing based on your consent, with future effect.
• You have the right to lodge a complaint with a supervisory authority pursuant to Article 77 GDPR. Generally, you should be able to contact the supervisory authority of your regular place of residence, your place of work, or our offices to do so.

Pursuant to Article 21 GDPR, you have the right, at any time, to object to the processing of your personal data based on Article 6.1.1.e or Article 6.1.1.f GDPR for reasons arising from your particular situation. Freie Universität Berlin will cease to process the personal data, unless we are able to demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject or where processing is necessary for the establishment, exercise, or defense of legal claims.

We are committed to protecting your privacy and handling your personal data confidentially. To prevent the manipulation, loss, or misuse of your personal data we have stored, we implement comprehensive technical and organizational security precautions that are regularly reviewed and adapted to the latest state of technological progress.


However, due to the structure of the internet, it is possible that data protection regulations and the aforementioned security measures are not observed by other individuals or institutions who do not fall within the sphere of our responsibility. Data disclosed by unencrypted means, for example via email, is especially vulnerable to third-party access. We are unable to influence this by technical means. It is the responsibility of the user to protect the data they have made available against misuse by using encryption or other similar methods.

The external Data Protection Officer of the Controller is:

Dr. Karsten Kinast, LL.M., Attorney at Law
KINAST Rechtsanwaltsgesellschaft mbH
Nordstraße 17a
50733 Cologne
Tel.: +49 (0)221 – 222 183 – 0
Email: datenschutz@fu-berlin.de

The Deputy Data Protection Officer of Freie Universität is:

Andreas Hübinger
Email: datenschutz@fu-berlin.de