We are delighted that you make use of the TOAR data portal, which are hosted by the Jülich Supercomputing Centre (JSC) at Forschungszentrum Jülich, Germany. We are committed to handling your personal data with care and we promise to take all reasonable measures to prevent misuse of your personal data. According to the General Data Protection Regulation (GDPR) of the European Union we are obliged to inform you about our use of any personal information which you provide to us and about your rights to inspect this information or request corrections, replacement, or deletion of this information. This data protection statement aims at providing you with all the information that is necessary so that you understand what we do with your data and that you can act according to the provisions set out by the GDPR.

1. Responsibilities:

The responsible web service provider of JOIN is:
Dr. Martin Schultz
Jülich Supercomputing Centre
Forschungszentrum Jülich GmbH
Wilhelm-Johnen-Straße
52428 Jülich
Germany
email: m.schultz_at_fz-juelich.de

The data protection officer at Forschungszentrum Jülich is:
Frank Rinkens
Forschungszentrum Jülich GmbH
Wilhelm-Johnen-Straße
52428 Jülich
Germany
email: DSB_at_fz-juelich.de

2. Acquisition and use of personal data

JOIN will acquire and store personalized data from its users in the following circumstances:

1. The web server(s) will record and log IP addresses, access times, and some rudimentary information about the operations performed for any access to the JOIN web pages or associated REST services. This information may be evaluated to infer anonymous usage statistics and optimize the service performance (including the possibility to block access in case of misuse). No attempt will be made to correlate this type of usage data with other personal data except if you specifically ask us to do so in order to better resolve any problems with accessing our services or retrieving data from them.
2. When you register as user of the interactive JOIN web interface or to obtain an API key for improved performance of the REST services, we request some work-related personal information from you such as your name, affiliation, country, and email address. We may occasionally evaluate this information to obtain usage statistics, which might be published in anonymous form (for example as number of users per country or world region). We may also use your email address to inform you about important changes to our services (generally less than 4 emails per year). User accounts and the personal information associated with them will be automatically deleted after 12 months of inactivity. You may of course request correction or deletion of your personal data at any time. We will act upon such requests as soon as possible (normally within a week of notification). Please note that deleting your account information may mean that some of our services will be inaccessible to you. For example, if you ask us to delete your web interface user account, you will also lose your API key so that access to REST services or certain types of data will be restricted.
3. JOIN provides a feedback form with which you can alert us of any errors in the service or data. This feedback may contain your email address so that we can reply to you in case we solved the problem or if we have further questions. Any communication about such issues will be deleted after the issue has been solved and after we extracted the relevant information to improve our FAQs or other parts of the JOIN documentation. Normally, this will happen within 6 months after you provide your feedback, but you can request to remove such communication threads earlier.
4. If you are a data provider, we will store work-related information about you in a database so that we can contact you in case of data problems, inform you about the use of your data, ask for updates, etc. To promote open data sharing with attribution, we wish to make your contact information available to all JOIN users, and we will thus ask you for your consent. You may revoke this consent at any time or you may ask us to modify or remove your contact information from our database. We will act upon such requests as soon as possible (normally within a week of notification). Every two years you will be reminded via email about the personal data we have stored. Unless you request this, your personal data will only be deleted from our systems in case our services terminate or if we receive credible information that you are no longer responsible for the provision of specific data records.
5. Cookies: some of our web services use cookies to save information about your personal browsing preferences such as a default world region, filter settings, etc. You can manage your cookies with your internet browser. We cannot guarantee that it will be possible to use JOIN without consenting to the storage of cookies. We will make no attempt to evaluate cookie data, but it may happen that our services modify the information contained in cookies without notice, for example if new features are added or if features are modified or removed.

3. Sharing of personal data

Your personal data will only be shared with others if you explicitly consent to this transfer. For example, if you are a data provider and you consent to having your contact information displayed in the JOIN web interface to allow users to attribute the data to you and acknowledge you in their publications etc., or if you are a user who wishes to get in contact with a data provider or someone else in order to solve data or service issues.

We may evaluate your personal data to derive usage statistics etc., but such statistics will only be published in anonymous form.

4. User rights

As outlined in the GDPR you have the right to request information about the personal data we have stored about you and the use we make of this data at any time. You also have the right to request corrections, enhancements, or deletion of your personal data. We will respect any such request unless it would be in conflict with other regulations (which is rather unlikely as far as we can tell). Of course you can also revoke any consent for using your data in any of the ways outlined above or for sharing your data at any time, and we will act upon such requests without undue delay.

If you are under the impression that we don’t handle your personal data with due diligence or if you wish to complain about any matters concerning your data privacy in connection to our services, you may contact the service provider, the data protection officer, or the Landesbeauftragte für Datenschutz und Informationsfreiheit (email: poststelle{at}ldi.nrw{dot}de).

5. Validity of this data protection document

The terms and conditions set out in this data protection statement remain in effect until this declaration is modified. Any modifications which may affect your rights, i.e. any modifications beyond simple error corrections or clarifications, will be communicated to all registered users by email.