OPTIMA platform v4.9.0
  • Include latest HADES-wide release in Jupyter Notebook and NVFlare. This includes the latest version of Strategus with the option to run TreatmentPatterns analysis.
  • Incorporated latest releases of ATLAS and WebAPI.
  • Added YDEAL feedback tool.
View full release notes

Impressum

Project Contact

Dr. Michael Bussmannm.
bussmann@hzdr.de
+49 3581 37523 11

Institutional Contact

optima@hzdr.de

CASUS – Center for Advanced Systems Understanding
Helmholtz-Zentrum Dresden-Rossendorf e.V. (HZDR)
Untermarkt 20 D-02826 Görlitz
https://www.casus.science

Logo Casus

Privacy Policy

Effective date: 2 June 2025

OPTIMA and its Beneficiaries take the protection of personal data seriously

Helmholtz-Zentrum Dresden-Rossendorf e.V., having its registered office at Bautzner Landstrasse 400, 01328 Dresden, Germany (hereinafter referred to as “HZDR” or “we”. “us”, “our”) operates the OPTIMA Platform, which is accesible through the following website: web.casus.science (the "Site").

This Privacy Policy defines how we act while collecting, processing, using, and/or disclosing information and personal data relating to identified or identifiable natural persons (any of them is referred to as “you” or “data subject”) collected from time to time from data subjects or third parties thorough the Site.

By using the Site, you, as the data subject, agree to the collection, processing, use, and possible disclosure of information in accordance with this Privacy Policy.

For the purpose of this Policy, HZDR is the data controller as defined in the General Data Protection Regulation (“GDPR”). The technical and operational infrastructure of the Site is provided by HZDR. Any personal data (see 1. Collection of Your Personal Data), including log files, is processed and stored at HZDR facilities (see 4. Storage of Your Personal Data).

Contact Information

Data Controller Data Protection Officer
HZDR – Helmholtz-Zentrum Dresden-Rossendorf
Bautzner Landstraße 400
01328 Dresden, Germany 		Dresdner Institut für Datenschutz
dsb@hzdr.de

Index of contents
  1. Collection of Your Personal Data
  2. Use of Cookies
  3. Sharing of Personal Data
  4. Storage of Personal Data
  5. Securing of Personal Data
  6. Your Rights under GDPR
  7. Changes to this Policy


1. Collection of Your Personal Data

To operate our Site suitable for your needs, the collection of your personal data is required.

The following personal data may be collected:

Data Categories Purpose
Usage Data, e.g. device, OS and browser information, duration of visit, entry and exit pages Optimization of user experience on the site
Name, e-mail-address Set up of the account to access the Site
Protocol and Log files Ensure the functionality of the Site and the security of our information technology systems
Contact Information Communication purposes

Accessing the Site

When you access our Site, the Site requests to create an account. To create an account, you should send your first name, last name and e-mail address to optima-support@hzdr.de. By requesting an account, the personal data is processed and stored based on legitimate interest according to Article 6(1)(f) GDPR.

Protocol and Log Files

When users access our Site, data such as the computer’s IP address, internet browser used, date, and time are automatically logged for technical reasons and saved for a period of seven days in our system log files. Saving in log files occurs to ensure the functionality of the Site and the security of our information technology systems. This data is therefore only evaluated when technical problems or attacks on our webserver arise. The legal basis for data storage is legitimate interest (Article 6(1)(f) of the GDPR). Combining this information with other user data does not occur. We also do not use any analysis tools.

Contact information

Due to legal regulations and for the contact purposes, our Site contains information that allows to communicate directly with us via e-mail. If you contact us, the personal data you provide will be automatically stored in our e-mail system. Such personal data, transmitted on a voluntary basis, are processed and stored on the basis of a legitimate interest (Article 6(1)(f) of the GDPR) in order to process and store your request.

2. Use of Cookies

This Site stores cookies in your browser that collect information about screen width and pixel density. This information is used to deliver optimized image sizes for your device. Cookies are small text files that are stored on your device. Depending on your browser settings, the cookies can be deleted when you close your browser. User profiles are not generated. The processing is carried out on the basis of legitimate interest (Article 6(1)(f) of the GDPR).

Cookies do not retrieve data stored on your device, nor do they harm your device or your data. Cookies do not contain viruses, Trojans or other malicious applications.

As a user, you can influence the use of cookies. Your browser has the option to restrict or completely prevent the storage of cookies. If you refuse the storage of cookies, the visit of this Site with mobile devices is associated with a limited ease of use.

You maintain full control at all times over the use of cookies. Most browsers are set to automatically accept cookies. You can, however, deactivate the saving of cookies or set your browser so that you are informed when cookies are transmitted. Cookies that have already been saved can be deleted at any time — also automated. As a result — due to technical reasons — it may, however, no longer be possible to utilize all functions on our Site to their fullest extent.

3. Sharing of Personal Data

There is no disclosure of the personal data to third parties, unless it is required to process your concern individually. In this case, the Data Controller might need to share your personal data with its affiliates, subcontractors, OPTIMA Consortium Members and professional advisors (e.g. auditors), as well as supervisory bodies or public authorities according to EU or national laws. No data will be transferred outside the EU.

Links to Third-Party Apps

We link to external websites (ATLAS, Jupyter, Shiny Apps, Feedback Module) as well as to social media providers (Twitter, YouTube). The connection is set up in such a way that no data is transmitted to the provider of external offers when visiting our internet pages.

When clicking on a link or button, you will, however, be sent directly to that external offer. These websites collect and process your data — particularly log data (including IP address, browser type, operating system, previously accessed website, accessed pages, cookie information) — according to their own user guidelines and/or privacy policies, which you can view on the respective websites.

We recommend that you read these statements before using the websites. Please be aware that data protection regulations in regard to those services may be updated or changed regularly due to extended functionalities or similar reasons. We have no influence on the type and scope of data processing by the provider based on your click. Information regarding your respective rights and settings for protecting your privacy can be found in the respective privacy policies.

4. Storage of Personal Data

The Site is securely hosted on an internal HZDR server located in Dresden, Germany. Your Personal Data is stored in HZDR servers in Dresden, Germany.

All personal data is deleted or blocked as soon as the purpose of the storage no longer applies. Furthermore, storage may also take place to the extent it is permitted by European or national legislation.

5. Securing of Personal Data

We use SSL encryption so that the data you enter on our Site is transferred to us in encrypted form.

Users should, however, be aware that Internet data transfer (e.g., through email communication) can encounter security issues. Complete protection from access by third parties is impossible.

6. Your Rights / Contact Information for Our Data Protection Representative

The right to be informed
(Article 13 GDPR)		 This Privacy Policy is designed to inform you how we will be using your personal data.
The right of access
(Article 15 GDPR)		 You have the right to access the personal data we have on file for you. If you wish to request access to your data, please email the Data Controller(s) listed above and we will respond to your request within one month.
The right to rectification
(Article 16 GDPR)		 If you think the data we store about you is incorrect, please inform us so that we can make the necessary corrections. You can do this by emailing the Data Controller(s) identified above.
The right to erasure
(Article 17 GDPR)		 You have the right to request that we delete your data and we will do so. You can do this by emailing the Data Controllers identified above.
The right to restrict processing
(Article 18 GDPR)		 You have the right to request the restriction of processing from any Data Controller under certain circumstances. These circumstances include when you dispute the accuracy of your data, when the processing is unlawful but you prefer restriction over deletion, when the data is no longer needed by the controller but you need it for legal reasons, or when you have objected to processing and are awaiting verification of whether the controller’s legitimate grounds override yours.
The right to data portability
(Article 20 GDPR)		 You have the right to receive the personal data concerning you which you have provided to the Data Controller(s) in a structured, commonly used and machine-readable format, and have the right to transmit those data to another controller without hinderance from the controller to which the personal data have been provided pursuant to Article 20 of the GDPR.
The right not to be subject to a decision based solely on automated processing
(Article 22 GDPR)		 There will be no automated decision-making and profiling of your data.
The right to withdraw consent at any time
(Article 7 GDPR)		 You have the right to withdraw your consent at any time. However, withdrawing your consent will not affect the lawfulness of any processing that was based on your consent before it was withdrawn.
The right to lodge a complaint with a supervisory authority If you are a data subject in the EU, please find the supervisory authority of your country here.
The right to object (Article 21 GDPR) You have the right to object when the processing of your data is based on legitimate interest or when your data is processed for public interest.

For all data protection matters and, in particular, to exercise your rights outlined above you can contact our data protection representative:

Dresdner Institut für Datenschutz
Email: dsb@hzdr.de
Additional contact data can be found at: www.dids.de

Your concerns will be treated with confidentiality.

Furthermore, if you do not consent to our data processing, you can contact the supervisory authority (Saxon data protection representative, www.saechsdsb.de) at any time.

7. Changes to this Policy

We may update this Policy from time to time to comply with applicable laws and to reflect changes in our data processing practices. Please review this Policy periodically for any updates. Changes to this Policy will take effect when they are posted on this page.

We will inform you in advance if we make any significant changes to this policy and provide you with an opportunity to review the updated policy before deciding whether you would like to continue using our services.

The privacy policy was last updated on 2 June 2025.