The controller according to the EU General Data Protection Regulation (hereinafter: GDPR) and other national data protection acts of the Member States, as well as other data protection regulations, is:

Lehrstuhl für Finanzwissenschaft mit dem Schwerpunkt Internationale Finanzpolitik

Freie Universität Berlin

Boltzmannstraße 20

14195 Berlin

Germany

Phone: +49-30-838-51244

E-mail: ls-schoeb@fu-berlin.de

Website: https://www.wiwiss.fu-berlin.de/fachbereich/vwl/schoeb/index.html

This privacy policy applies to the online presence of BeWell which is available at www.wiwiss.fu-berlin.de/forschung/research-on-wellbeing/index.html and the various subdomains (hereinafter referred to as "our website").

The (external) Data Protection Officer of Freie Universität Berlin can be contacted at:

Name:   Dr. Karsten Kinast, LL.M

E-Mail:  datenschutz@fu-berlin.de

Personal data are all information relating to an identified or identifiable natural person. This includes information such as your name, age, address, telephone number, date of birth, e-mail address, IP address or user behavior. Information that cannot (or only with a disproportionate effort) be referred to your person, e.g. by anonymizing the information, is not personal data. The processing of personal data (e.g. the collection, retrieval, use, storage or transmission) always requires a legal basis or your consent.

Processed personal data will be deleted as soon as the purpose of the processing has been fulfilled and no legally prescribed retention obligations are to be observed.

In case we process your personal data for the provision of certain offers, please find below information about the specific processes, the scope and purpose of data processing, the legal basis for processing and the respective storage period.

Scope and Purpose of the Processing

When you access and use our website, we only collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file.

The following personal data is recorded to the extent necessary for the provi­sion of a functional website and our contents and services:

• IP address of the requesting computer

• Date and time of access

• Name and URL of the retrieved file

• The website from which access is made (referrer URL)

• The used browser and, if applicable, the operating system of your computer as well as the name of your access provider

Legal Basis

Art. 6 para. 1 lit. f GDPR serves as the legal basis for the data processing. The processing of the mentioned data is necessary for the provision of our services and thus serves the protection of a legitimate interest of our network.

Data Deletion and Storage Time

The data subject’s personal data are deleted or blocked as soon as the purpose of the storage is fulfilled. The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection for the user. Further storage may take place in individual cases if this is required by law.

Scope and Purpose of the Processing

You have the possibility to register as a member of BeWell on our website by entering your personal data.

The processed data is used to register you as a member of BeWell. The registration enables you to use certain services like your personal profile and publication submission on our website. After the transmission of your personal data, you will receive an e-mail containing a confirmation link. The registration process is complete if, and only if you confirm your registration by following the confirmation link.

We collect and process the following personal data for the registration:

• Name
• E-mail address
• Work Address
• Name of employer/institution
• Position at employer/institution
• Personal website

Legal Basis

The processing of the personal data (cf. § 4 2. a.) is based on article 6 (1) lit. a GDPR on the declaration of consent that you have voluntarily given as follows:

Declaration of consent

I agree that when registering for membership in BeWell the indicated personal data will be saved for the duration of my membership. This will allow me to publish research related contents, which will be publicly available. I have read and accepted the current privacy policy and terms and conditions. I can withdraw this consent at any time with effect for the future by contacting the network administration of BeWell at bewell@wiwiss.fu-berlin.de.

Storage Time

As soon as the registration on our website is cancelled or modified, the data processed during the registration process will be deleted. Further storage can be carried out in individual cases if this is required by law.

Cancellation

You have the possibility to cancel the membership and to change your personal data any time by proceeding as follows: Please send an e-mail from your provided (upon registration) e-mail adress to bewell@wiwiss.fu-berlin.de stating that you want to cancel your network membership. You will receive a confirmation e-mail afterwards.

However, if the processed data are necessary for the fulfilment of a contract or for the implementation of pre-contractual measures, premature deletion of the data is only possible insofar as this does not conflict with contractual or statutory obligations.

Scope and Purpose of Processing

On our website, you can subscribe to a free newsletter. In order to be able to send you the newsletter regularly, we need the following information from you:

• Full name
• E-mail addres

Your data will not be passed on to third parties in the context of the newsletters.

We use the so-called double opt-in procedure for the newsletter, i.e. we will only send you the newsletter if you have previously confirmed your registration via a link that is sent to you for this purpose. We would like to make sure that only you, as the owner of the specified e-mail address, can subscribe to the newsletter. Your confirmation must be given promptly after receiving the confirmation e-mail, otherwise, your newsletter registration will be automatically deleted from our database.

Legal Basis

The processing of your e-mail address for the newsletter is based on article 6 (1) lit. a GDPR on the declaration of consent, which you have voluntarily given as follows:

Declaration of consent:

By entering my personal data and clicking the "subscribe" button I declare my consent to the use of my e-mail address for regularly receiving newsletters of BeWell. I can unsubscribe from the newsletter service at any time by clicking on the link at the end of the newsletter.
I can withdraw my consent to the processing of personal data collected during the registration process at any time by contacting the network administration of BeWell at bewell@wiwiss.fu-berlin.de

Storage Time

Your e-mail address will be stored for as long as you have subscribed to the newsletter. After you unsubscribe from the newsletter, your e-mail address will be deleted. Further storage may take place in individual cases if this is required by law.

Scope and Purpose of Processing

On our website, you can upload your publication or indicate a link to your publication. This involves the processing of the following data:

• Full title of your publication
• Full names of all (co-)authors
• Name of the publisher
• Type of publication
• Year and month of publication

• Link to your publication
• Abstract

This data will be publicly available to the user of our website.

Legal Basis

The processing of the indicated data is based on article 6 (1) lit. a GDPR on the declaration of consent that you have voluntarily given as follows:

Declaration of Consent

I agree that when listing my publication on this website  the indicated personal data will be saved for the duration of my membership. After termination of my membership, the listing may not be deleted if other members of BeWell co-authored the publication. The personal data related to the publication will be publicly available. I have read and accepted the current privacy policy and terms and conditions. I can withdraw this consent at any time with effect for the future by contacting the network administration of BeWell at bewell@wiwiss.fu-berlin.de.

Storage Time

Your personal data will be stored for as long as you are member of BeWell. After your cancellation of the membership, your publications will be deleted from our database. Further storage may take place in individual cases if your publications are co-authored by other members of BeWell.

Scope and Purpose of Processing

You have the opportunity to contact BeWell via the contact form provided on our website. In the course of sending your inquiry, the following personal data will be processed:

• Full name
• E-mail address
• Personal data in your message or attachments

The purpose of this data processing is to be able to reply to you. Your personal data will not be forwarded to third parties.

Legal Basis

The data processing described above for the purpose of establishing contact is carried out in accordance with Art. 6 para. 1 lit. e GDPR in conjunction with § 4 Berliner Hochschulgesetz (Berlin University Act).

Storage Time

As soon as the request you have made has been dealt with and the relevant facts have been finally clarified, your personal data processed by the contact form will be deleted. Further storage may take place in individual cases if this is required by law.

We do not share your personal information with third parties. A data transfer to third parties will be only possible, if

• you have given your express consent pursuant to Art. 6 (1) sentence 1 lit. a GDPR,
• it is legally permissible and necessary for the fulfilment of a contractual relationship with you pursuant to Art. 6 (1) sentence 1 lit. b GDPR,
• there is a legal obligation to pass on the data in accordance with Art. 6 (1) sentence 1 lit. c GDPR,
• the disclosure pursuant to Art. 6 (1) sentence 1 lit. f GDPR is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.

Like other organizations, we use so-called cookies. Cookies are small files that are stored in special filed directories on your computer (unless you block them). Information about your visit to our website can be stored in cookies.

Our cookies do not contain personal data (such as IP addresses or login data), but rather only anonymous session IDs. Some of the cookies we use will remain on your computer so that our web server can recognize your computer the next time you visit. Most browsers (Internet Explorer, Firefox, Opera, etc.) are set by default to accept cookies. You can set your browser to reject cookies or request a confirmation from you.  However, if you disable or reject cookies, it is possible that you will not be able to use certain features of the website.

The legal basis for the processing of personal data using cookies is Article 6 (1) of the General Data Protection Regulation (GDPR).

Java and Javascript applications are used on the web pages of the above-named domain. You can set your browser – if necessary, by using free add-ons – to reject the execution of such applications or to request confirmation from you. If you reject these applications, it may be possible that you cannot use certain features of the website.

We do not use tools for tracking and analysis on our website.

The Google Custom Search Engine (Google CSE) is integrated in the website of Freie Universität Berlin. In the header of each web page, there is a search box labeled “Search with Google™”. The integrated search service provides a full-text search for content of the official website of Freie Universität Berlin.

Users will readily notice the search box at the top of the website of Freie Universität that is labeled “Search with Google™.” If a user enters a keyword in the input field of the search box, an additional link will appear just below (“Information about Using Google Search™”), which refers to this privacy policy.

Activating the Search

Users can activate the search function by entering a search term in the search box and pressing "Enter" or the search icon (magnifying glass icon). Due to the plugin provided by Google, the search results page automatically reloads with the appropriate search results. During this process data are transferred to the search engine.

Users can choose between a search within the currently displayed domain or the entire website of Freie Universität Berlin.

Viewing the Results Page

The plugin that is developed and made available by Google (Google Custom Search Engine Google CSE) is integrated as-is by the operator of the official website of Freie Universität as a software module in the search results page. The plugin allows for automated communication (data exchange) between the retrieved search results page and the Google service, if the search results page is called up. The use of the Google-powered search function comprises a dynamic transfer of data by the service provider to the Google search results page.

Data Protection

Data are only transferred to the provider of the search engine (Google) after a user has accessed the search results page, after having activated the search box and thereby starting a full-text search. When using the search function within the search page results, data are simultaneously transmitted to Google.

No data are transmitted to the search engine (Google), when official websites of Freie Universität Berlin that incorporate the Google Search Engine are visited. An exception occurs when users directly reference a search results page.

Agree to Data Transfer by Using Google Custom Search Engine

By using the full-text search and the resulting request to view the search results page, you are agreeing to the transmission of data to Google. This includes, for example, the search terms you enter and the IP address of the computer you are using.

Please note that Google has different data protection standards than those applying to the website of Freie Universität Berlin. We explicitly point out that the operator of the website of Freie Universität Berlin has no influence over the processing of data, in particular, the storage, deletion, and exploitation of personal data that may be transmitted to the provider of the search engine. Both the nature and scope of data that may be transmitted are entirely up to the provider of the external service, in this case Google.

In case you are logged in to Google at the same time you are using the Google Search Engine on the website of Freie Universität, the Google service is able to directly associate the information it collected in connection with your search with your user profile on Google. To avoid further collection of profile information about you, we recommend that you log out of Google before using the Google Search Engine on our website.

For more information about Google’s privacy policy and how Google deals with user data, please visit: http://www.google.com/intl/policies/privacy.

Some of the web pages of the above-named domain use social media plugins, in particular the following:

• "Facebook-I-Like" or "Facebook-Gefällt-mir": operated by: Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, United States
• "Google+1”: operated by: Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States
•  "Twitter”: operated by: Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, United States

Social plugins are software modules that are developed and made available by the social media services. They can be installed on web pages as is, to enable an automated communication (data exchange) between the web page and the social media services in accordance with their respective policies. As part of this communication, data are transferred dynamically from a social media service to one of our web pages, for example. On the other hand, at the same time, data from the user viewing our web pages are transferred to the social media service (e.g., that of the user's computer IP address). You will notice the use of social plugins on certain web pages. We would like to give you some information about them:

2-Step Solution to Ensure Privacy

Without additional measures, the social plugins (see above) use technical means that ensure that when viewing, or even loading, the page connected by the plugin, data (including personal data) are exchanged between the original website and the social media service (here, Facebook, Google, or Twitter). In these cases, the user has no option to decline this exchange of data.

To protect users of our web pages from this type of exchange of data, which is not subject to influence, and the transmission of data to the respective social media service, we have incorporated an appropriate technical precaution. This two-step solution gives users the opportunity, even after loading the page connected by the plugin, to agree to the use of each social media service (and thus to exchange data with this social media service). The basic setting of the 2-step solution does not transmit data to the social media services. This option may be decided case by case or permanently. A decision can be subsequently revised again. If you do not want a social media service to collect information about you through our web site, do not activate that social media by clicking the social plugin.

To permanently agree to data exchange between the website of the above-named domain and the relevant social media service, which requires a cookie on our part (see above), you should click on the button that is labeled as follows:

In the dialog box that opens, you can enable the exchange of data between the web pages of the above-mentioned domain and the relevant social media service, and you can also revise this again later.

By clicking on one of the specially marked buttons (see "Using the social plug-ins"), you agree to the above-mentioned one-time data exchange between the respective web page domain and the relevant social media service.

Using the Social Plugins

You will recognize the use of the Facebook plugin on a web page or subdomain of the above-named site, when you see the following button:

You will recognize the use of the Google plugin on a web page or subdomain of the above-named site, when you see the following button:

You will recognize the use of the Twitter plugin on a web page or subdomain of the above-named site, when you see the following button:

By clicking on one of these buttons you agree to the use of this plugin and therefore the transfer of personal data to the respective social media service. We have no control over the nature and scope of these transmitted data as well as their further processing. According to our current state of knowledge, the relevant social media service is informed of your IP address and that of the web page using the plugin. If you are simultaneously logged in to a social media service platform, that social media service is able to directly assign the information to your user profile.

In order to avoid such a collection of profile information about you, you should log out of each social media service platform. Data such as the IP address of the computer you are using will be transmitted in any regard.

For more information from Facebook about how to deal with the appropriate plugin and the corresponding social media service, refer to: http://developers.facebook.com/plugins. For more information on Facebook about its data use policy, please visit: http://www.facebook.com/about/privacy .

For more information from Google about how to deal with the appropriate plugin and the corresponding social media service, refer to: http://support.google.com/plus/bin/answer.py?hl=de&answer=1319578&rd=1. For more information on Google about its privacy policy, please visit: http://www.google.com/intl/policies/privacy.

For more information from Twitter about how to deal with the appropriate plugin and the corresponding social media service, refer to: https://twitter.com/logo. For more information on Twitter about its data use policy, please visit: https://twitter.com/privacy.

Our website contains hyperlinks to websites of other providers. When you activate these hyperlinks, you will be directed directly to the other providers' website. You will recognize this when the URL is changed. Please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.

If your personal data are processed, you are a data subject within the meaning of the General Data Protection Regulation (GDPR) and the following rights apply to you:

• Pursuant to Art. 15 GDPR you can request information about your personal data processed by us. In particular, you may obtain information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the right to lodge a complaint with a supervisory authority, the origin of your data, if not collected from us, about transfer to third countries or international organisations, and the existence of automated decision-making, including profiling and, where applicable, meaningful information about the logic involved.

• Pursuant to Art. 16 GDPR you can immediately demand the correction of incorrect data or the completion of your personal data stored with us.

• Pursuant to Art. 17 GDPR, you may request the deletion of your personal data stored by us, provided that the processing is not necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

• Pursuant to Art. 18 GDPR, you can request the restriction of the processing of your personal data if you contest the accuracy of the data, if the processing is unlawful, if we no longer need the data and if you refuse their deletion because you need to establish, exercise or defend legal claims. You are also entitled to the right under Art. 18 GDPR if you have objected to the processing in accordance with Art. 21 GDPR.

• Pursuant to Art. 20 GDPR, you may request that the personal data you have provided us with be received in a structured, current and machine-readable format or you may request that it be transmitted to another person responsible.

• Pursuant to Art. 7 para. 3 GDPR you can withdraw your consent at any time. As a consequence, we are no longer allowed to continue the data processing based on this consent for the future.

• Pursuant to Art. 77 GDPR, you have the right to complain to a supervisory authority. You can contact the supervisory authority of your habitual residence, place of work or our company headquarters

You can exercise these rights by contacting datenschutz@fu-berlin.de.

In case the processing of your personal data is based on legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR insofar as there are reasons which arise from your particular situation or if the objection refers to direct marketing. In the case of direct marketing, you have a general right of objection which will be considered without mentioning any particular situation.

We are committed to protecting your privacy and treating your personal information confidentially. In order to avoid any manipulation, loss or misuse of your data stored by us, we take extensive technical and organizational security measures that are regularly reviewed and adapted to technological progress. This includes, among other things, the use of recognized encryption methods (SSL or TLS).

However, we would like to point out that due to the structure of the internet, it is possible that the rules of data protection and the above mentioned security measures may not be observed by other persons or institutions for which we are not responsible.

In particular, unencrypted data - e.g. if this is done by e-mail - can be read by third parties. We have no technical influence on this. It is the responsibility of the user to protect the data provided by him against misuse by encryption or in any other way.