Select your language

1. Contact details of the controller and the data protection officer

This privacy information applies to the data processing on our institute's website by the controller:
Thüringer Landessternwarte
Sternwarte 5
07778 Tautenburg

Phone: +49 36427 863  0
Fax: +49 36427 863 29
represented by Prof. Markus Roth.
The data protection officer of Thüringer Landessternwarte can be reached at the above address, attn. Data Protection Officer.

2. Processing of personal data and purposes of processing

a) when visiting the website

When you visit our website, the web servers of our website temporarily store each access of your device in a log file. The following data is collected and stored until automated deletion:

  • IP address of the requesting computer
  • Date and time of access
  • Name and URL of the accessed data
  • Transferred data volume, message about the success of the retrieval
  • Used browser and operating system
  • Name of the internet service provider
  • Website from which the access originated (referrer URL)

This data processing serves the following purposes:

  1. Facilitating the use of the website (establishing a connection)
  2. Administration of the network infrastructure
  3. Appropriate technical and organizational measures for IT system and information security, considering the state of the art
  4. Ensuring user-friendliness of use
  5. Optimizing the internet offering

Legal bases for the above processing are:

  • for the processing of website visits under items 1-2 Art. 6 para. 1 sentence 1 lit. b (necessity for the performance of the website usage contract relationship),
  • for processing under items 3 Art. 6 para. 1 sentence 1 lit. c GDPR (legal obligation to implement technical and organizational measures to secure data processing according to Art. 32 GDPR) and Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interests for data processing for network and information security) as well as for
  • processing under items 4-5 Art. 6 para. 1 sentence 1 lit. f GDPR (legitimate interests). The legitimate interests of our data processing are to make our offer user-friendly and optimize it.

The aforementioned data is automatically deleted by the web server after a defined time, which is [30] days. If data is processed for purposes under items 2-4 for a longer period, anonymization or deletion occurs when the storage is no longer necessary for the respective purpose.
In addition, we use technically necessary cookies and analysis services when visiting our website. Further explanations can be found under items 3 and 4 of this privacy information.

b) when registering for tours/events

We regularly offer tours and events of various kinds through our website, for which you may need to register in individual cases.
As part of the registration for a tour/event, some mandatory information may need to be provided. These include:

  • First and last name
  • Address
  • Email address

In addition, voluntary additional information can often be provided.
The processing of this information is carried out to identify you as a participant in the event, to reserve the participant's place, and to provide you with information before, during, and after the event, optimizing your participation and enabling us to plan and ensure smooth event execution. The information allows us to plan and carry out the event in a way that is tailored to the interests and target groups.
The personal data collected by us for the tour/event is generally stored until the end of the year of the tour/event and then deleted.
Storage beyond the specified period only occurs if:

  • we are obliged to do so due to legal storage and documentation obligations according to Article 6 para. 1 sentence 1 lit. c GDPR (especially § 147 AO). In this case, data is stored only to the extent necessary for the storage obligation.
  • You have consented to storage beyond this period according to Art. 6 para. 1 sentence 1 lit. a GDPR.
  • we use your email address under the conditions of § 7 para. 3 UWG to inform you about future events by email. In this case, we store your email address and your first and last name until you object to processing for this purpose.
c) when visiting our institute

In the context of attending an appointment at our institute, visitors must register at the reception. In this context, we collect the following mandatory information:

  • First and last name
  • If applicable, company name
  • If applicable, car license plate
  • Institute supervisor

The processing of mandatory information is carried out to identify visitors, it serves not only as access control but also in the event of a necessary evacuation of the building for the safety of the guest.
Data processing is necessary for the purposes of visitor management under Art. 6 para. 1 sentence 1 lit. a. or b GDPR. The personal data collected in this context by us is manually recorded and stored until the end of the respective year and then destroyed.

d) Image and video recordings at events

To document events visually, photos and videos may be taken. It is not excluded that you may be identified directly or indirectly in the recordings, making them personal data.
The recordings can be used for reporting directly related to the event and for internal reporting by Thüringer Landessternwarte. In addition, recordings may be published for post-event reporting on our media platforms or website. This processing is particularly necessary to document our event.
Data processing is based on Art. 6 para. 1 sentence 1 lit. f GDPR. The mentioned purposes are legitimate interests within the meaning of the aforementioned provision.
If you do not want to be recorded, please inform the person taking the recording.

e) When using contact forms

We offer you the opportunity to contact us via a form provided on the website. The following information is required:

  • First and last name
  • Email address

We need your data to determine the origin of the request and to be able to answer and process it. Data processing is carried out based on your request and, within the scope of responding to a contact request, is supported by our legitimate interests according to Art. 6 para. 1 sentence 1 lit. f GDPR.
The personal data collected by us for using the contact form is automatically deleted after completing your request.

3. Technically necessary cookies

We use exclusively technically necessary cookies on our site. Cookies are small files that your browser automatically creates and that are stored on your device (laptop, tablet, smartphone, etc.) when you visit our site. Cookies do not cause any damage to your device, they do not contain viruses, trojans or other malware.
The cookie stores information that is related to the specific device used. However, this does not mean that we immediately gain knowledge of your identity.
The processing of personal data within the scope of technically necessary cookies is based on our legitimate interest in providing the web services you expressly requested (Art. 6 para. 1 sentence 1 lit. f GDPR possibly in conjunction with Art. 95 GDPR, Art. 5 para. 3 Directive 2002/58/EC). For example, we use session cookies to enable session control or to save form entries during the session.
Session cookies are deleted at the latest when you close your web browser.

4. Data subject rights

You have the right:

  • according to Art. 7 para. 3 GDPR to revoke your consent given to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future;
  • according to Art. 15 GDPR to request information about your processed personal data from us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to complain, the origin of your data, if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
  • according to Art. 16 GDPR, to request the correction of incorrect or completion of your stored personal data with us without undue delay;
  • according to Art. 17 GDPR to request the deletion of your stored personal data with us, provided that the processing is not necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • according to Art. 18 GDPR, to request the restriction of processing of your personal data, insofar as the accuracy of the data is contested by you, the processing is unlawful, but you oppose its erasure and we no longer need the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to processing according to Art. 21 GDPR;
  • according to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request the transfer to another controller and
  • according to Art. 77 GDPR to lodge a complaint with a supervisory authority, e.g. with the Thüringer Landesbeauftragte für den Datenschutz und die Informationsfreiheit (TLfDI), currently Dr. Lutz Hasse, Häßlerstraße 8, 99096 Erfurt.

Information about your right to object according to Art. 21 GDPR:
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is based on Article 6(1)(e) GDPR (data processing in the public interest) and Article 6(1)(f) GDPR (data processing based on legitimate interests). If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or the processing serves the establishment, exercise, or defense of legal claims.
If you wish to exercise your right to object, an email to the data protection officer of Thüringer Landessternwarte is sufficient.

5. Data security

All personally transmitted data is encrypted using the generally accepted and secure TLS (Transport Layer Security) standard. TLS is a secure and proven standard, also used in online banking, for example. You can recognize a secure TLS connection, among other things, by the appended "s" in http (i.e., https://..) in the address bar of your browser or by the lock symbol in the lower area of your browser. Furthermore, we use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.

6. Timeliness and Modification of this Privacy Policy

This privacy policy is currently valid and as of October 2023.
Due to the ongoing development of our website and related offerings or changes in legal or regulatory requirements, it may be necessary to modify this privacy policy. The current privacy policy can be accessed and printed from our website at any time.