Privacy Policy

1. Introduction

Welcome to MatInf RDMS. We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our web application and services. Our practices are designed to comply with the General Data Protection Regulation (GDPR), German Federal Data Protection Act (BDSG), and other applicable international privacy laws.

2. Data Controller

The data controller responsible for processing your personal data is:
Materials Discovery and Interfaces
Ruhr University Bochum
Universitätsstraße 150
44801, Bochum
Germany
Email: mdi-lehrstuhl@ruhr-uni-bochum.de
Phone: +49 (0)234-32-28905

3. Types of Data We Collect

We may collect the following types of personal data:

• Personal Identification Information: Name, email address, phone number, etc.
• Account Information: Username, password, and other login credentials, except when you log in via an external provider such as Google OAuth. In such cases, we do not collect or store your password; instead, we receive basic profile information from the provider as authorized by you.
• Payment Information: Credit card details and billing address (processed securely by a third-party payment processor).
• Usage Data: Information about how you use our web application, including IP addresses, browser types, and usage patterns.
• Technical Data: Device information, operating system, and browser version.

4. How We Use Your Data

We use your personal data for the following purposes:

• To Provide and Improve Our Services: Manage your account, process transactions, and enhance our web application.
• To Communicate with You: Send updates, notifications, and promotional materials (if applicable).
• To Ensure Security: Monitor for fraud and abuse, and safeguard our systems.
• To Comply with Legal Obligations: Fulfill legal and regulatory requirements.

5. Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Consent: Where you have given consent for us to process your data.
• Contract: To fulfill our contractual obligations with you.
• Legal Obligation: To comply with legal requirements.
• Legitimate Interests: To pursue legitimate business interests, provided your rights are not overridden.

6. Data Sharing and Disclosure

We do not sell or rent your personal data to third parties. We may share your data in the following situations:

• With Service Providers: Third-party vendors who assist us in operating our web application, processing payments, and delivering services (e.g., hosting providers, payment processors). These parties are contractually obligated to protect your data.
• For Legal Compliance: If required by law or to protect our legal rights.
• Business Transfers: In connection with any merger, acquisition, or sale of assets.

7. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). We ensure that such transfers are subject to appropriate safeguards in accordance with GDPR requirements.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws. When data is no longer needed, we securely delete or anonymize it.

9. Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Request corrections to any inaccurate or incomplete data.
• Erasure: Request the deletion of your data under certain conditions.
• Restriction: Request the restriction of processing in certain circumstances.
• Portability: Request the transfer of your data to another organization.
• Objection: Request the transfer of your data to another organization.

To exercise these rights, please contact us using the information provided in section 2.

10. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or alteration. However, no method of transmission over the Internet or electronic storage is completely secure, so we cannot guarantee absolute security.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting the updated policy on our web application and, where appropriate, by email.

12. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us using the information provided in section 2.