Privacy Policy and Data Protection

     1. Data collection and storage:

The Helmholtz Information & Data Science Academy (HIDA) of the Helmholtz Association attaches great importance to protecting personal data. Personal data are items of information that can be used to ascertain your identity. This includes information such as your name, street and/or postal address, telephone number and e-mail address. Information that cannot be directly associated with your identity (such as the number of users of the site) is not considered to be personal data. Personal data is collected on our website only insofar as required for technical purposes and is stored if you send us information in connection with a call for application. 


    2. Legal basis of data processing:

To the extent that permission of the affected individual is obtained for the processing of personal data, Article 6 (1) lit. a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis. 

In the processing of personal data to fulfil a contract whose contractual party is the individual affected, Article 6 (1) lit. b) GDPR serves as the legal basis. This also applies to processing required to implement pre-contractual measures.

If processing is required to safeguard the justified interest of the Helmholtz Association or a third party and the interests, basic rights and basic freedoms of the affected individual do not outweigh the first-mentioned interest, Article 6 (1) lit. f) GDPR serves as the basis for such processing.


     3. Storage of IP addresses, use of JavaScript and cookies:

In order to access our website the short-term registration of your IP address is required. An IP address is a unique, globally valid identifier of your computer. As a private user, in most cases you will not use a constant IP address because an IP address is only assigned to you temporarily by your provider. However, the connection of user data to particular individuals is in principle possible with static IP addresses. Our server stores IP addresses for up to 24 hours. After this the access data is automatically anonymized. 

We use cookies (small text files containing visitor information that are temporarily stored on your computer's hard drive) in order to track frequency of use, repeated use and number of users of our website. The cookies used by us are anonymized and are used exclusively for the above purposes. We do not use them to learn about your personal user behavior or to adapt the content of our website to your personal browsing habits. 

The data relating to your visit is collected via a JavaScript program embedded in the source code of our website and forwarded to our web server. If JavaScript is disabled in your browser settings, only some of the information will be recorded and the number of page views counted.


During your visit to our website the following information may automatically be logged in our user statistics:

    • Your IP address - abbreviated after a maximum of 24 hours and thereby anonymized *

    • A unique number to distinguish visitors (if cookies are enabled) 

    • URLs visited within our website 

    • Timing of page views 

    • Type of HTML queries 

    • Previously visited URL (if transmitted by browser) *

    • Name and version of your operating system *

    • Name, version and language preference of your browser *

    • Screen resolution and colour depth 

    • Technologies and formats supported by browser (cookies, Java, Flash, PDF, WindowsMedia, QuickTime, Realplayer, Director, SilverLight, Google Gears).

 If JavaScript is disabled only the information marked with an asterisk (*) will be collected.


Our website can generally be used without you having to disclose your identity. It is possible to configure your browser by modifying the browser settings so that cookies are rejected and the execution of JavaScript programs is disabled. If you want to do this, we recommend that you consult the information provided by your browser maker (for example, in the Help menu of your internet browser or on the relevant website), or contact your browser supplier for further assistance and information. In addition, you can delete already enabled cookies yourself at any time by selecting the appropriate menu item in your internet browser or by deleting the cookies from the relevant directory on your hard drive.

The legal basis for the temporary saving of data and log files is Article 6 (1) lit. f GDPR. Storage occurs in log files in order to ensure the website's functionality. The data also help us optimize the websites, eliminate malfunctions and ensure our IT system security. Our justified interest in data processing pursuant to Article 6 (1) lit. f GDPR also lies in such purposes.

The data are deleted as soon as they are no longer required to achieve the purpose for which they were gathered. If data are gathered for the provision of the website, this is the case if the respective visit is ended. In the instance that data are stored in log files, this is the case after seven days at the latest. Storage above and beyond this period is possible. In this case, the users' IP addresses are deleted or removed so they can no longer be allocated to the visiting client.

The recording of data for the provision of the website and the storage of data in log files is essential to operate the website. As a consequence, users do not have an option to revoke such data recording.


    4. Data collection in relation to a call for application for the HIDA Trainee Network or other exchange programs:

This statement is intended to inform the users of this website about the nature, extent and purpose of the collection and use of personal data by HIDA. The website operator takes your privacy very seriously and treats your personal data confidentially and in accordance with the statutory provisions. On our websites, we offer applicants the option to register on our application platform (double-opt-in registration), entailing the entry of personal data in a data entry form. We generally gather your email address, family name and first name. Registered applicants do have the opportunity to electronically submit an application to HIDA. To ensure that the registration is done by a human being, we use Google reCAPTCHA. The data mentioned under 3 will be transmitted. You can find further information at Google also processes your personal data in the USA and uses Standard Contract Clauses. 

If you apply via our application platform, you will be asked for certain personal data (name, address, e-mail, telephone number, etc.). For an application, it is also necessary to include your professional career. Processing of the personal data provided by you with your application is necessary for the purpose of carrying out the application procedure in the course of the HIDA Trainee Network program or other exchange programs. Please note that your data will not be stored anonymously.

The legal basis for the processing of data is the user's consent pursuant to Article 6 (1) lit. a GDPR. If registration serves to fulfil a contract whose contractual party is the user or to implement pre-contractual measures, the additional legal basis for the processing of data is Article 6 (1) lit. b GDPR. Registering the user is necessary to provide certain contents and services on our website or to fulfil a contract with the user or to implement pre-contractual measures. The data are deleted as soon as they are no longer required to achieve the purpose for which they were gathered. This is the case for data gathered during the registration process if registration is cancelled or modified on our websites. For the registration process to fulfil a contract or to implement pre-contractual measures, this is the case if the data are no longer required to fulfil the contract. After the contract ends, it may be necessary to continue to store the contractual partner's personal data in order to fulfil contractual or statutory obligations.

As a user, you can cancel the registration at any time. You can have the data saved in connection with yourself modified at any time. If the data are required to fulfil a contract or to implement pre-contractual measures, early deletion of the data is possible only to the extent that no contractual or statutory obligations prevent such deletion.


   5. Data collection in relation to a report:

Successful candidates are asked to provide a report after the exchange took place using the HIDA application portal. Therefore, we ask for photos from you and your research stay to be published on our website and on our social media (LinkedIn, Twitter). Twitter and LinkedIn also process your personal data in the USA and uses Standard Contract Clauses. The publication of this report including photos is voluntary.



    6. Data deletion and storage duration:

We store your data as long as it is necessary for the application process. Your application data will be deleted at the latest 6 months after the application cycle, unless storage is required for legal reasons. Storage can also occur if provided for European or national legislators in EU regulations, acts or other legislation to which the Helmholtz Association is subject. A blocking or deletion of data then occurs only if a storage period prescribed by one of the aforementioned norms expires, unless a necessity exists in relation to the further storage of the data for the arrangement of a contract or the fulfilment of a contract.

If you are are successful and accept our offer to participate in one of our programs, we will store your data for the duration of the exchange and up to twelve months beyond.


    7. Data transmission:

The management and storage of your personal information occurs in the case of selected services including

    A.) The Website 

    B.) The application platform

    C.) As part of contract data processing through OpenCampus, Munich

Your personal data will only be conveyed to state institutions and authorities in legally essential cases or for criminal prosecution based on attacks on our network infrastructure. The data are not transmitted to third parties for other purposes.


    8. Right to information:

You have the right at any time to information about your stored personal data, including the origin and recipients of the data and the purpose for which the data is being stored. This information can be obtained from the data protection officer at the Helmholtz Association. Please send any questions or comments about data protection to this address:

As an individual whose personal data are gathered as part of the aforementioned services, you have, in principle, the following rights, to the extent that no legal exceptions are applicable in individual cases:

Information (Article 15 GDPR)

Correction (Article 16 GDPR)

Deletion (Article 17 (1) GDPR)

Restriction of processing (Article 18 GDPR)

Data transmission (Article 20 GDPR)

Revocation of processing (Article 21 GDPR)

Revocation of consent (Article 7 (3) GDPR)

 Right to complain to the regulator (Article 77 GDPR). For the Helmholtz Association, this is the Berliner Beauftragte für Datenschutz und Informationsfreiheit, Friedrichstraße 219, 10696 Berlin


    9. Liability for our own content:

As the content provider within the meaning of section 7(1) of the Telemedia Services Act, the Helmholtz Association is responsible in accordance with general legal provisions for its own content which it makes available for use. The Helmholtz Association endeavours at all times to offer up-to-date, correct and complete content and information on its website. However, errors or mistakes cannot be completely ruled out. The Helmholtz Association accepts no liability for the information and content published on its website being current, accurate and complete, unless the errors or mistakes demonstrably resulted from willful or negligent acts. This also applies to any material or non-material third party loss or damage caused by the use of this website and also to information made available for download. The Helmholtz Association reserves the right to modify, supplement, or delete any or all of the information offered on its internet site, or to temporarily or permanently cease publication thereof without prior and separate notification.


   10. Disclaimer in relation to links to external websites:

This website includes links to external sites and/or servers that are not within the control or responsibility of the Helmholtz Association. The relevant provider shall be responsible for the content of any linked external pages. The Helmholtz Association assumes no liability and provides no warranty in relation to this information and does not approve or support the content of the linked sites. In establishing the initial link, the Helmholtz Association reviewed the relevant external content in order to determine whether such link might give rise to civil or criminal liability. However, a constant review of the content of linked external pages is unreasonable without concrete reason to believe that a violation of the law may be involved. If the Helmholtz Association determines, or if it is pointed out by others, that an external site to which it is connected via a link may give rise to civil or criminal liability, then the Helmholtz Association will immediately eliminate any link to this site. The Helmholtz Association expressly dissociates itself from such content. This disclaimer also applies to the Add2any service. The external provider enables you to share the content on our website, or to bookmark it or subscribe to it via various other portals in a simple way by your independently linking the content on our site to the Add2any service. This information also applies to any subdomains of where responsibility for content lies with the respective author who has been given the right to use the Helmholtz Association subdomain. Protection of minors Children and persons under the age of 18 should not send any personal data to us without the approval of their parent(s) or guardian(s). We do not request personal data from children, we do not collect such data and we do not pass on such data to third parties. OpenCampus® Authentication System This system uses the OpenCampus® engine for distributed authentication. To enable authentication for this website your user credentials and e-mail are stored on the central OpenCampus® authentication server.


   11. Contact details of the individuals responsible

The entity responsible in the meaning of the General Data Protection Regulation and other national data protection acts as well as other data protection legislation is the


Helmholtz-Gemeinschaft Deutscher Forschungszentren e.V. 

Anna-Louisa-Karsch-Straße 2

10178 Berlin

Telephone: +49 30 206329-0



The Data Protection Officer at the Helmholtz Association is


Björn Petersen, LL.M.

Anna-Louisa-Karsch-Straße 2

10178 Berlin

Telephone: +49 30 206329141