Data Protection Declaration for the BSCW Service of the HLRS

This English translation of the BSCW data protection desclaration in German language notice is provided as information only.

Only the German language version of this data protection declaration for the BSCW Service of the High-Performance Computing Center Stuttgart, is valid and binding:

1. Name and contact information of those responsible for data management and of the data protection officer

This data protection notice is valid in accordance with Art. 13 of the GDPR (General Data Protection Regulation) for data processing by:

Responsible party:

1. Responsible for data protection

University of Stuttgart
Keplerstraße 7
70714 Stuttgart
Telephone: +49 711/685-0

2. Data Protection Officer

University of Stuttgart
Data Protection Officer
Breitscheidstraße 2
70174 Stuttgart
Telephone: +49 711/685-83687
E-mail: datenschutz(at)

2. Collection and storage of personal data, including how and for what purposes they will be used

a) During visits to the BSCW Service Website

When you visit the BSCW Service website, information will automatically be sent from the browser on your device to the server of the BSCW Service. This information is saved temporarily. The following pieces of information are captured and saved until they are automatically deleted.

  • IP-address of the computer used
  • Date and time of access
  • Name and URL of the files you accessed
  • Amount of data transferred
  • Notification if the access was successful
  • Identifying data of the browser and operating system used
  • Website that was visited immediately prior to accessing the Service
  • Name of your Internet service provider

We process the data in the following ways:

  • To provide a smooth and reliable connection to the website
  • To ensure comfortable usage of our website
  • To evaluate the security and stability of our system
  • For additional administrative purposes

The legal foundation for this data processing is Art. 6 Abs. 1 S. 1 lit. f of the GDPR. Our legitimate interest in the saving of data is justified by the purposes indicated above. Under no circumstances do we use the data we collect for the purpose of drawing conclusions about your identity.

In addition, we use cookies during visits to our website. For additional explanation of this, please see section 4 of this privacy policy.

b) During registration for the BSCW Service

During usage of a user account of the BSCW Service, the information named under section 2, part a is stored. In addition, during registration for the BSCW Service it is necessary to specify a username, password, and e-mail address.

The BSCW Service saves the completed actions of users in the form of events. Events may potentially contain personal data (e.g. username) and are made available to authorized users in a shared data space in order to make it possible to complete collaborative activities. In addition, events can be aggregated at users’ requests and sent as e-mail notifications to authorized users.

Registration with the BSCW Service is only possible if the user clicks on a link contained in an e-mail sent from the BSCW Service, and if the user authorizes usage of additional personal data that is necessary for the function of the BSCW Service.

The High-Performance Computing Center Stuttgart (HLRS) does not in any way control content in the BSCW Service. Nevertheless, we reserve the right to delete entries at our own discretion and to exclude users from further use, in particular if data entries are punishable by law or are incompatible with HLRS’s objectives.

Users may close their accounts at any time by sending an e-mail to the following contact address: bscw(at)

The legal basis for data processing is based on the consent of the user in accordance with Art. 6 para. 1 lit. a in conjunction with Art. 7 f. of the GDPR or on a legal basis according to Art. 6 para. 1 lit. b, c and f of the GDPR.

3. Disclosure of data

Your personal data will not be disclosed to third parties for purposes other than those listed below.

We disclose your personal data to third parties only when:

  • You have given your explicit permission in accordance with Art. 6 para. 1 sentence 1 lit. a of the GDPR.
  • The disclosure pursuant to Art. 6 para. 1 sentence 1 lit. f of the GDPR is necessary for the assertion, exercise, or defense of legal claims and there is no reason to assume that you have an overriding interest worthy of protection in not disclosing your data.
  • A legal compulsion exists for disclosure according to Art. 6 para. 1 sentence 1 lit. c of the GDPR.
  • It is legally permissible and is necessary for the processing of contractual relationships in accordance with Art. 6 para. 1 sentence 1 lit. b of the GDPR.

4. Cookies

The BSCW Service uses cookies. This involves small files that the browser of your device (laptop, tablet, smartphone, etc.) saves when visiting the BSCW website. Information is stored in the cookie that is specific to the device used.

The use of cookies makes it possible for you to take advantage of our offerings. We place so-called session cookies in order to recognize that you have already visited specific pages of the BSCW Service, as well as which entries or settings you have made, so that you don’t need to enter them multiple times. In addition, temporary cookies are placed in order to authenticate registered users of the BSCW Service. All cookies are automatically erased after signing out of the BSCW Service after a specified time or once you exit your browser.

Most browsers accept cookies automatically. You can, however, configure your browser so that no cookies are saved on your computer, or so that a notification appears before a new cookie is placed. It is not possible to use the BSCW Service, however, if you have completely disabled cookies.

5. Your rights

You have the right:

  • to request information about the personal data of yours that we process in accordance with Art. 15 of the GDPR. Specifically, you can request information about the purposes of data processing, which types of personal data we process, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details.
  • to demand the immediate correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 of the GDPR
  • to request erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims, in accordance with Art. 17 of the GDPR
  • to demand the restriction of the processing of your personal data in accordance with Art. 18 of the GDPR. This may take place if you dispute the accuracy of the data; if the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise, or defend legal claims; or you have lodged an objection to the processing in accordance with Art. 21 of the GDPR
  • to receive your personal data that you have provided to us in a structured, commonly used, and machine-readable format or to request that it be transmitted to another controller, in accordance with Art. 20 of the GDPR
  • to revoke your consent if you previously granted it to us, in accordance with Art. 7 para. 3 of the GDPR. Revoking consent will mean that we may no longer continue the data processing that was based on your initial consent.
    To do so, please contact us by email at recht(at)
  • to lodge a complaint with a supervisory authority if you believe that the processing of personal data related to you is against the law, In accordance with Art. 77 of the GDPR

The competent supervisory authority is the Landesbeauftragte für den Datenschutz und die Informationsfreiheit Baden-Württemberg.

Office address
Lautenschlagerstraße 20
70173 Stuttgart

Postal address
Post Office Box 10 29 32
70025 Stuttgart
Telephone: +49 711/615541-0
Fax: +49 711/615541-15

E-mail: poststelle(at)

6. Deleting of data

When users terminate their user accounts, data related to the user account will be deleted in accordance with Art. 17 and 18 of the GDPR. It is users’ responsibility to save their data during a successful termination of their account before the contract comes to an end. We are authorized to permanently delete all data that had been saved by the user for the duration of their contract.

If data are not erased because they are needed for other, legally permissible reasons, their processing will be restricted. This means that the data will be locked and not used for other purposes. This applies, for example, to data that must be saved for commercial or tax law purposes in accordance with Art. 6 para. 1 lit. c of the GDPR.

7. Right of objection

If your personal data is processed on the basis of legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f of the GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 of the GDPR, provided that there are reasons for this arising from your particular situation or because of an objection to direct advertising. In the latter case, you have a general right to object, which will be implemented by us without the need to specify a particular situation.

If you would like to make use of your right of withdrawal or right of objection, simply send an email to recht(at)

8. Data security

The BSCW service uses the TLS (Transport Layer Security) method in conjunction with the highest encryption level supported by your browser for the encrypted transmission of data. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit encryption instead. You can tell that an individual page of the BSCW service is transmitted in encrypted form if the key or lock symbol in the lower status bar of your browser is displayed as being closed.

Within the BSCW service, only authorized users have access to individual data rooms.

We use suitable technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously adapted to technological developments.

9. Currentness and amendment of this data security declaration

This data security declaration is effective as of November 2023.

It may become necessary to amend this privacy policy due to the further development of the BSCW software or due to changes in legal or official requirements. The current privacy policy can be viewed online and printed at any time by visiting our website at: