Privacy Policy

Privacy notice

Data protection information / data protection declaration

Status February 2025

The HPC in Europe Portal’s server is operated by HLRS, Nobelstr. 19, 70569 Stuttgart. The processed personal data are subject to the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR), the Federal Data Protection (BDSG), and the State of Baden-Württemberg Data Protection Act (LDSG BW).

  1. Party responsible for data protection 

    Universität Stuttgart
    Keplerstraße 7
    70174 Stuttgart
    Deutschland
    Phone: +49 711 685-0 

  2.  Data Protection Officer

    Universität Stuttgart
    Datenschutzbeauftragter
    Geschwister-Scholl-Str. 24b
    70174 Stuttgart
    Tel: +49 711 685-83687

  3.  Introductory notice 

    This information concerning data protection / this data protection declaration relates to the web servers of the High-Performance Computing Center Stuttgart (in particular www.hpc-portal.eu).

  4. Unless otherwise stated on the respective websites, personal data is gathered as follows: 

    4.1 Provision of the website and creation of logfiles

    4.1.1 Description and categories of data

    User related data:

    User data including Email address, User ID, User Password, First Name, Last name, belonging Organisation detail, access time and other information related User account is kept in Database (Drupal-database) and remain in the database until User account status is active. Once User account will be deactivated all the information related to User’s account will also be deleted from the database. 

    Content data

    Any content (set of field(s) ) data belonging to a registered user is also kept in database and User can delete its own content by itself, or can ask Portal-Admin to delete on behalf of the user. Once the User’s account will be de-activated, all the belonging content data will also be deleted from the database immediately. 

    4.1.2 Purpose

    The temporary storage of the IP address by the system is necessary in order to deliver the website to the computer of the user. For this purpose, the IP address of the user must remain saved for the duration of the session.

    Saving in a log file takes place in order to ensure the functional capability of the website. In addition, the data enables us to optimize the website and to ensure the security of our IT systems. IP addresses contained in the log entries are not combined with other data inventories, unless there are concrete indicators of a disruption to the correct operation.

    The recording of active network components also enables us to ensure the security of the IT systems.

    These purposes also represent our legitimate interest in the data processing in accordance with Article 6 Paragraph 1 Letter f) GDPR.

    4.1.3 Legal basis

    The legal basis for the temporary storage of the data and log files is Article 6 Paragraph 1 Letter f) GDPR.

    4.1.4 Recipients

    Should criminal investigations be initiated due to attacks against our IT systems, the data named under 4.1.1 and log files can be passed on to state investigative bodies (for example the police, criminal prosecution authorities).

    The same applies if relevant authorities and/or courts make inquiries of the University and we are obliged to respond to these.

    4.1.5 Storage duration

    The data will be deleted once it is no longer necessary for the purpose for which it was gathered. In case of the recording of data for provision of the website, this is the case when the respective session has come to an end.

    The storage of the data in log files is completely deleted after fourteen days.

    4.1.6 Consequences of non-provision, right of objection and correction

    The recording of data for provision of the website and the storage of data in log files is absolutely necessary in order to operate the website. Users who do not wish for their data to be processed as described can contact the University via alternative channels (by telephone, in written form, in person) in order to receive corresponding information or carry out actions.

    4.2 Usage of cookies

    General information about cookies

    We use cookies on our website. Cookies are small files that are automatically created by your browser and stored on your devices like computer, laptop, tablet, smartphone, etc. Information generated from the specific device used is stored in cookies. This does not mean, however, that we will gain immediate knowledge of your identity.

    The use of cookies helps us make it more convenient for you to use our website. For example, we use session cookies to detect whether you have already visited individual pages on our website and are erased automatically when you leave our website.

    We also use temporary cookies to optimise user-friendliness and these cookies are stored on your device for a specific period of time. So when you return to our website to use our services, cookies allow us to automatically recognise that you have visited our website previously and remember the inputs and settings you have made so that you do not have to enter them again.

    We also use cookies to statistically record the use of our website and analyse it for the purpose of optimising our services. These cookies allow us to automatically recognise that you have already visited our website when you visit our website again. These cookies are automatically erased after a defined period of time.

    4.2.1 Description and categories of data

    In general, no cookies are generated during visits to the HLRS websites. An exception is necessary when using the “Change Contrast” function, which requires a session cookie.

    4.2.2 Purpose

    xxxxx

    Usage of cookies for these purposes is permitted under the scope of legitimate interest in the processing of personal data according to Art. 6 para. 1 let. f of the DSGVO.

    4.2.3 Legal basis

    The legal basis for the processing of personal data when using session cookies is Art. 6 para. 1 let. f of the DSGVO.

    4.2.4 Recipients 

    The recipient of the information contained in the session cookie is exclusively the authorized web server, i.e. the HLRS web server that sets the session cookie.

    4.2.5 Storage duration 

    Session cookies are automatically deleted from your computer when you close your browser.

    4.2.6 Consequences of non-disclosure, possibility of objection or elimination

    The session cookie is saved on the user’s computer and is then transferred from it to our web server. This means that you as a user - independent from the requirement of saving the cookie detailed above - have complete control over the usage of cookies. By changing the settings in your internet browser, you can deactivate or restrict the passing of session cookies. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If the session cookie for our website is deactivated, the contrast setting that you have selected will not be retained when visiting other web pages.

    4.3 Usage of Matomo

    4.3.1 Description and categories of data

    Our website uses the open source software tool Matomo (formerly PIWIK).

    When individual pages on our website are visited, the following data are temporarily saved: 

    -Two bytes of the IP address of the user’s system that calls the pages. (According to the settings of the software, the complete IP addresses are not    saved, but instead 2 bytes of the IP address are masked (e.g., 168.xxx.xxx). In this way, it is not possible to associate a shortened IP address with the  specific computer that visited the page.) 

    -The web page that you visited 

    -The web page from which the visitor was referred 

    -The subsequent pages that were visited from the page you visited

    -The length of time spent on the web page

    -The number of visits to the web page

    -The software used for these purposes runs exclusively on the servers of our website. The saving of data occurs only there. Any data collected are not  forwarded to other third parties.

    Personal data are only processed temporarily insofar as the complete IP address is processed until it is stored in temporary memory

    4.3.2 Purpose

    The processing of users‘ personal data enables us to analyze the behavior of our users when navigating our website. Evaluating the data we collect enables us to gain an understanding of the usage of components of our website. This helps us to continually improve our website’s usability and assess how well it addresses the interests of our visitors. These purposes are permitted as a legitimate interest in the processing of data as specified in Art. 6 para. 1 let. f of the DSGVO. The users’ interest in protecting their personal data is addressed through the anonymization of their IP addresses.

    4.3.3 Legal basis

    The legal basis for the temporary processing of the users' personal data until the shortened IP address is stored is Art. 6 (1) let. f of the DSGVO.

  5. Your rights 

    You have the right to receive information from the University of Stuttgart concerning the data saved in relation to your person and/or to have incorrectly saved data corrected.

    In addition, you have the right to deletion or to have the processing restricted or to object to the processing.

    For this purpose, please contact us via email: recht(at)hlrs.de.

    You have the right to complain to the supervisory authority, should you be of the opinion that the processing of the personal data relating to you breaches legal regulations.

    The competent supervisory authority is the Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg.

    Office address
    Lautenschlagerstraße 20
    70173 Stuttgart

    Postal address
    Post Office Box 10 29 32
    70025 Stuttgart
    Telephone: +49 711/615541-0
    Fax: +49 711/615541-15

    E-mail: poststelle(at)lfdi.bwl.de

  6. Additional information relating to social media elements 

    On our website, components of various third-party providers are used in order to provide additional content. For example, these include YouTube videos, as well as share and like buttons of social media platforms.

    If we were to directly integrate the social medial elements made available by the third-party providers into the website, then when loading the website in which they are integrated, the URL of the website which has just been loaded, the IP address and any other information (for example browser type) would be transferred to the third-party provider and cookies may be set by the third-party provider also. This would also happen if you are not registered with the third-party provider or are a member of it.

    If you were also logged into the third-party provider when accessing the website, it would be able to assign additional information to your user account (for example which video you are accessing, which commentary you submit and what information you share etc.).

    Therefore, it is the case that social media elements of third-party providers are not directly integrated into our websites. Rather, solutions are used which only establish a connection to the server of the third-party provider once the social element has been intentionally clicked on and only then is the associated data processing carried out.

    Please bear in mind that the data processing which is carried out as a result is outside of the area of control of the university and the data protection provisions of the third-party providers must be observed.

    You can find some of the data protection provisions here:

    http://www.google.com/intl/de/policies/privacy/

    https://www.linkedin.com/legal/privacy-policy

    https://bsky.social/about/support/privacy-policy

    Should you not agree to data processing by the third-party provider as described above, please do not click on the social media element.

  7. Obligation to provide data 

    Within the scope of a business relationship, project, etc. (e.g. contract to provide computing time, or other contracts, grant agreements, consortium agreements, collaboration agreements, privacy agreements, statements of intent, etc.) you must provide any personal data that are necessary for the establishment and execution of a business relationship and the fulfillment of any associated contractual requirements, or that we are required to collect according to law.

    Without these data, we must typically reject the signing of a contract and the execution of any associated activities, or will not be able to execute the requirements of an existing contact, including the possibility that it must be ended.

  8. Validity and timeliness

    This Privacy Notive is immediately valid and supersedes all prior statements. Further developments may make it necessary to revise this Privacy Notice. We reserve the right to change the Privacy Notice at any time with future effect, and recommend that you stay up-to-date with the current Privacy Notice. The Privacy Notice is linked in the footer of the website www.hpc-portal.eu.