A young man and a young woman lift a baby girl. All three are smiling.

Data protection

Status: 15.07.2022

This statement provides you with an overview of how your personal data is collected and processed when you use our website and what you can do yourself to better protect your data.

Controller for the processing, Art. 4 (7) EU General Data Protection Regulation (GDPR)

Central Institute for Mental Health (ZI)
State foundation under public law

Postal address: P.O. Box 12 21 20, 68072 Mannheim
House address: J 5, 68159 Mannheim (summonable address)

Phone: 0621 1703-0
Fax: 0621 1703-1205

E-Mail: info(at)zi-mannheim.de

represented by the Foundation's Management Board / the Foundation's Management Board members Prof. Dr Andreas Meyer-Lindenberg (Chairman of the Management Board / Director) and Andreas-W. Möller (Commercial Director), ibidem, Chairman of the Supervisory Board Dr Carsten Dose, ibidem

Chairman of the Supervisory Board: Dr Carsten Dose

see also our imprint

Data Protection Officer

If you have any questions, complaints or wish to assert your data protection rights, please use the following address:

Data Protection Officer | Central Institute of Mental Health
J 5, 68159 Mannheim
datenschutzbeauftragter(at)zi-mannheim.de

What is personal data?

Personal data is any information relating to an identified or identifiable natural person. The decisive factor is therefore whether a personal reference can be established through the data collected. This includes information such as your name, address, telephone number, email address and user behaviour. Information that is not directly associated with your real identity - such as favourite websites or the number of users of a site - is not personal data.

How do we collect and process your personal data when you visit our website?

When using the website for information purposes only, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security (legal basis is Art. 6 I 1 lit. f GDPR):

  • IP address
  • Date and time of the enquiry
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status / HTTP status code
  • Amount of data transferred in each case
  • Website from which the request originates
  • browser
  • Operating system and its interface
  • Language and version of the browser software

How do we use your personal data and how do we pass it on?

If the opportunity for the input of personal or business data (e-mail addresses, names, addresses) is given, the input of these data takes place voluntarily. E-mails are sent via a contact form. If you send us such a message, your personal data will only be collected to the extent necessary for a reply. The e-mail is transmitted unencrypted. We use the personal data provided by you exclusively for the purpose of technical administration of the websites and to fulfil your wishes and requirements, i.e. generally to process the contract concluded with you or to answer your enquiry. We only use this data for product-related surveys, marketing purposes and statistical purposes if you have given us your prior consent or if you have not objected to this - insofar as this is provided for by law. Your personal data will not be passed on, sold or otherwise transferred to third parties unless this is necessary for the purpose of contract fulfilment or you have expressly consented to this. Any consent given can be revoked at any time with effect for the future.

If we use contracted service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes. In doing so, we will also state the specified criteria for the storage period.

How long will your data be stored?

In principle, we store all information that you transmit to us until the respective, e.g. contractual, purpose has been fulfilled. E.g. in the case of enquiries until they have been dealt with, in the case of newsletters until you unsubscribe from the newsletter. If longer storage is provided for by law, the information will be stored within this framework.

When will your data be deleted?

We delete the data arising in this context after storage is no longer required, or restrict processing if there are statutory retention obligations. On the other hand, the stored personal data will be deleted if you revoke your consent to storage, if knowledge of the data is no longer required to fulfil the purpose for which it was stored or if storage is not permitted for other legal reasons. Data for billing and accounting purposes are not affected by a request for deletion.

You have the following rights vis-à-vis us with regard to your personal data:

  • Right to information,
  • Right to rectification or erasure,
  • Right to restriction of processing,
  • Right to object to processing,
  • Right to data portability.

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

Electronic mails (e-mails)

When transmitting personal data by e-mail, we would like to point out that the Internet itself does not provide any protection mechanisms and that it is therefore generally not possible to exclude the possibility of third parties gaining knowledge of this data. The data transmitted to us will be used exclusively for the purposes specified to us, will be treated confidentially and will be deleted immediately after your enquiry has been processed. No data will be passed on to third parties.

Data protection for applications and in the application process

We collect, process and store the personal data of applicants for the purpose of handling the application process. Processing may also be carried out electronically. This is particularly the case if an applicant sends us the relevant application documents electronically, for example by e-mail. If an employment contract is concluded with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions and transferred to the personnel file. If no employment contract is concluded with the applicant, the application documents will be automatically deleted six months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the controller.
Other legitimate interest in this sense is, for example, a burden of proof in proceedings under the General Equal Treatment Act (AGG). Applicants may receive an invitation to a so-called "talent pool" for future job advertisements at the Central Institute despite a rejection in a specific application procedure. If the applicant consents, the application data will be deleted after one year at the latest. Finally, the storage period is also assessed according to the statutory limitation periods, which can be up to thirty years, for example according to §§ 195 ff. of the German Civil Code (BGB), whereby the regular limitation period is three years.

What we do for the security of processing

Our institute takes all necessary technical and organisational security measures to protect your personal data from loss and misuse. For example, your data is stored in a secure operating environment that is not accessible to the public. In certain cases, your personal data is encrypted during transmission using secure socket layer technology (SSL). This means that communication between your computer and the servers of our institute takes place using a recognised encryption method if your browser supports SSL.

These are your data protection rights

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and possible recipients and the purpose of data processing (Art. 15 GDPR) and, if applicable, a right to rectification of incorrect data (Art. 16 GDPR), erasure of this data (Art. 17 GDPR), the right to restriction of processing in accordance with Art. 18 GDPR, the right to object (Art. 21 GDPR) and the right to data portability of data provided by you in accordance with Art. 20 GDPR. The restrictions under Sections 9 and 10 LDSG Baden-Württemberg apply to the right of access and the right to erasure.

Furthermore, in the event of violations of data protection law, you have the right to lodge a complaint with the competent supervisory authority (Art. 77 GDPR in conjunction with Section 25 LDSG Baden-Württemberg). The competent supervisory authority for data protection issues is the State Commissioner for Data Protection and Freedom of Information of the State of Baden-Württemberg, P.O. Box 10 29 32, 70025 Stuttgart, Tel.: 0711 615541-0, FAX: 0711 615541-15, Email: poststelle@lfdi.bwl.de.

How you can withdraw your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke any consent you have already given at any time. All you need to do is send an informal email to datenschutzbeauftragter@zi-mannheim.de. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

Use of cookies

When you visit our website, we use so-called cookies. These are small text files that are stored on your computer. Cookies help us to determine the frequency of use and the number of users of our website, as well as to make our services as convenient and efficient as possible for you. On the one hand, we use so-called session cookies, which are only stored temporarily for the duration of your use of one of our websites. On the other hand, we use permanent cookies to store information about visitors who repeatedly access one of our Internet pages. The purpose of using these cookies is to be able to offer you optimal user guidance, to recognise you and to be able to present you with a website that is as varied as possible and new content in the event of repeated use. The content of a permanent cookie is limited to an identification number. Name, IP address etc. are not stored. An individual profile of your usage behaviour is not created. It is also possible to use our website without cookies. You can deactivate the storage of cookies in your browser, restrict it to certain websites or set your browser so that it notifies you as soon as a cookie is sent. Please note, however, that if you deactivate cookies, you will have to reckon with a restricted display of the site and limited user guidance. Cookies that are required to carry out the electronic communication process or to provide certain functions that you have requested (e.g. shopping basket function) are stored on the basis of Art. 6 para. 1 lit. f GDPR. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimised provision of its services. Insofar as other cookies (e.g. cookies for analysing your surfing behaviour) are stored, these are treated separately in this privacy policy.

Cookie overview

  • Required Cookies
    • Cookie Manager
      Cookies:
      • cf_cookie: Contains your cookie consent preferences

Changes to the privacy policy

Changes may be made to this privacy policy, which will be announced on this page in good time.

Cookie Extension Logo