The Austrian Institute of Economic Research (WIFO) handles your personal data very responsibly. The following data protection declaration is intended to give you an overview of what happens to your data and what protection we offer.
If no deviating statements can be found on other webpages of the domain wifo.ac.at or its subdomains, this statement also applies to these.
As a matter of principle, this data will not be passed on to third parties. Unless this is necessary for the fulfilment of
a contract or we are legally obliged to do so.
2. Information on the person responsible
The responsible party within the meaning of the European Data Protection Regulation ("GDPR”) and other national data protection laws of the member states as well as other data protection regulations is:
Austrian Institute for Economic Research
Arsenal, Objekt 20
(hereinafter referred to as "we", "us", "our" or "WIFO").
Data Protection Officer: Mag. Siegfried Gruber (O.P.P.)
3. Collection of personal data when visiting our website
When using our website, data is automatically stored in the server log files of the WIFO website, which our server receives from your browser during the visit (browser is for example Microsoft Edge, Firefox, Safari etc.). To ensure operation and for statistical purposes, data on each access (IP address, time, URL, referrer, browser type, amount of data transferred and transfer time) is stored in a log file.
We do not pass on this data, nor do we combine it with other data sources. We need this data to be able to analyse errors retrospectively or to pursue illegal use.
The legal basis for the processing of your personal data in the context of the provision of the website and the creation of
log files is Art. 6 para. 1 lit. f GDPR (legitimate interest).
4. Processing of data when purchasing publications
We collect and store only the information necessary for the transaction (purchase of printed and electronic publications). This information is stored in our database when you log in.
The legal basis for the aforementioned data processing is Art. 6 para. 1 lit. b GDPR.
The data we have received from you will not be passed on to third parties outside WIFO, its data processing centre WSR, our payment provider and the company that handles the mailing.
Once you have registered with your login name and password, you can view and edit your own data at any time via the menu item
"My Account" next to the search field on the WIFO website. If you want to delete your user account completely, you can request
this by sending an informal e-mail to email@example.com. If you have forgotten your password, please select the link "Forgot your password?" in the login area. We will send a link
to the form on the WIFO website for changing the password by e-mail to the e-mail address provided.
5. Data processed for e-services
For the e-information services sent out by WIFO (such as newsletters and invitations), your name, e-mail address and other data provided by you (e.g. areas of interest) are processed.
If you use the online registration function, the double opt-in procedure is used to ensure that you have actually called up this function yourself, i.e. we will send you an e-mail with a confirmation link and will only send you a newsletter if you have actively activated the confirmation link. When using the online form, the following data is stored to ensure proper functioning:
IP address of the requesting computer, date and time of access, name and URL of the accessed file, amount of data transferred, message as to whether the access was successful, identification data of the accessing browser as well as of the operating system, website from which the access was made. This data is deleted after 30 days. In addition, it is recorded for which service (e-service) you have registered, which information was transmitted by you in the process and whether the registration was confirmed. Within the scope of the double opt-in procedure, it may be necessary for technical reasons to store the information as to whether a confirmation was issued for longer than 30 days. In this case, however, the data will be deleted after one year at the latest.
For communication via newsletter, we use the services of "The Rocket Science Group LLC" (known as "Mailchimp"), among others. For this purpose, personal data (identity and contact data and data on the use of the newsletter) are transmitted to the USA and processed.
You can change your settings or unsubscribe at any time, for example via a link at the end of each newsletter or press release.
The legal basis for the aforementioned data processing is Art. 6 para. 1 a GDPR.
6. Picture recordings
During institute events, we often take photographs and film footage for our public relations work in online and print media, including social media channels, and in individual cases pass them on to third parties for reporting purposes. The recordings will be deleted as soon as they have fulfilled their purpose for our public relations work and documentation. If you do not wish to be photographed, please inform a member of staff on site.
This data processing serves the purpose of public relations as well as the presentation and documentation of WIFO's activities
and is based on WIFO's legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR.
7. Data processed in the course of events
In the course of organising events (lecture series, workshops, conventions, conferences, press events), data provided by participants are processed for the purpose of holding the event. This includes the following data in particular: name, e-mail, postal address, telephone number, employer or affiliation, title and abstract of the presentation/paper/lecture, co-author, date and location of the event, billing and bank details as well as information on food intolerances/allergies). In order to be able to make use of third-party services (e.g. hotel bookings), information that is necessary for the performance of the service will be passed on.
Insofar as it is necessary for the preparation of the programme and the promotion of the event (e.g. on our website), data (in particular names of speakers, discussants and co-authors, title of the presentation or the submitted paper, date and time) will be published.
The data collected will be deleted as soon as they have fulfilled the purpose of organising the event and documentation or fulfilment of the legal obligations to maintain records in accordance with § 132 BAO.
The legal basis for the aforementioned data processing is Art. 6 para. 1 b GDPR or Art. 6 para. 1 f GDPR.
8. Data subject rights
Irrespective of the purpose of the processing and the type of collection, the following rights exist if the legal requirements are met:
- The right to information.
- The right to rectification.
- The right to restriction.
- The right to erasure.
- The right to data portability.
- If the processing is based on your consent, the right to withdraw it.
- If you are of the opinion that the processing of personal data concerning you violates data protection regulations, you have the right to lodge a complaint with the data protection authority (https://www.dsb.gv.at).
To exercise these rights and if you have any questions about the processing of your personal data, please contact firstname.lastname@example.org.
Please note that in order to fulfil your request, it may be necessary for us to ask for proof of your identity in the form
of a qualified electronic signature or a copy of your identity card.
Version: 13 September 2021