The EU data privacy regulations (GDPR in English, DSGVO in German) provide us with an opportunity to inform you on why and how we process your personal data with our facility management software, PPMS from Stratocore S.A.S..
We request your consent that we do so after login.
Stratocore is a French company located in Paris and thus in the European Union (EU). PPMS is directed at persons older than 16. PPMS does not include features to make automated decisions related to persons.
The data are collected by the Core Facility Bioimaging, Biomedical Center (BMC), Großhaderner Straße 9, 82152 Planegg-Martinsried. Head: Steffen Dietzel, phone 089/2180-71518, e-mail email@example.com.
The data security officials of the LMU (“behördliche Datenschutzbeauftragte”) can be reached at Dezernat I (Recht); Geschwister-Scholl-Platz 1, 80539 München. Phone: +49 89 2180-2414. E Mail: firstname.lastname@example.org.
With the exception of trusted, contractually-bound partners like Stratocore supporting our PPMS operation, or under legally-required disclosure, we do not share your personal data with anyone outside our institution, with the exception of your institution, should you be an external user. Your data is exclusively stored in the EU, on well-protected servers from high-profile cloud providers, and all data transfers are encrypted. Stratocore continually checks PPMS for intrusion risks. Should we ever become aware of any breach of the privacy of your data, we will notify you and provide you with an estimate on the extent and severity of the event.
We store your account data, including email address, phone number, affiliated institution address, system data (including project details provided on the Project Form). We also store data on usage of our facility instrumentation (e.g. when you booked and used which microscope), and your facility-related publication list.
We share your account data with the other Core Facilities at the BMC so that you can use the same account for all Core Facilities.
We will retain your data in PPMS while your account is valid, or as long as the law, tax regulations or the billing process require us to do so. When you inform us or when we notice that you do not use the facility anymore, we usually inactivate your account but keep the data. Thus we can later reactivate your account should you restart using the facility.
We use these data to communicate with you, to identify you as a registered facility user, manage your usage of our facility resources, bill your affiliated institution for this usage, and create aggregate statistical reports for future facility funding, positioning, development, and improvement of quality and efficiency of our service.
We also provide data concerning your usage of our facility resources to your group leader, group manager and group administrative contact.
Your data are collected according to the “Datenschutzgrundverordnung” (DSGVO), Article 6(1)a, b and/or f. We process these data with your consent, and/or because it is required to fulfil a contract with your affiliate institution and/or because it is necessary for the purposes of our legitimate interests.
You have the right to request deletion of your data (DSGVO Art. 17). If you do, we will delete them after the billing period in which you were an active user is over and the invoicing is processed. Without account you cannot use the facility any more. Please contact us by email for such requests.
You may request to obtain a copy of your data in machine-readable format (DSGVO Art. 15) or request that we rectify inaccurate data (DSGVO Art. 16). You have the right to request a restriction of processing of your data under the conditions defined by DSGVO Art. 18.
You have the right to complain with the “Bayerischer Landesbeauftragter für den Datenschutz”, https://www.datenschutz-bayern.de/
We will inform you about changes of our practice and will seek your consent.
By agreeing to this statement you give us permission to contact you and to collect and store your information as described above. You can withdraw your consent at any time by emailing us. If you withdraw you consent, this does not affect the lawfulness of processing your data based on your consent before its withdrawal (DSGVO Art. 7).
Please indicate your consent with this privacy statement after login.