Privacy policy.
Last updated: 1 June 2026
1. Scope of this policy
This privacy policy explains how personal data is processed when you visit the LitFlow website at litflow.org.
The LitFlow application (the closed alpha at litflow.uni-muenster.de) is a separate service with its own data processing and its own consent process. When you create an account or use the application, the information presented to you there applies in addition to this policy.
2. Controller
The controller responsible for data processing on this website within the meaning of Art. 4 (7) GDPR is:
Universität Münster
represented by the Rector, Prof. Dr. Johannes Wessels
Schlossplatz 2, 48149 Münster, Germany
Phone: +49 251 83-0
Email: verwaltung@uni-muenster.de
Operational contact for this website: LitFlow research project, Department of Information Systems, Leonardo-Campus 3, 48149 Münster, Germany — hans.naescher@uni-muenster.de
3. Data Protection Officer
You can reach the Data Protection Officer of the controller at:
Stabsstelle Datenschutz
Schlossplatz 2, 48149 Münster, Germany
Phone: +49 251 83-22446
Email: datenschutz@uni-muenster.de
4. Hosting
This website is hosted on the infrastructure of the Universität Münster. Because the host is part of the controller's own legal entity, no separate data processing agreement under Art. 28 GDPR is required. No data is transferred to a third country for the purpose of hosting.
The legal basis for the processing required to operate the website is Art. 6 (1)(e) GDPR in conjunction with § 3 (1) DSG NRW and § 3 (1) HG NRW (performance of a task carried out in the public interest by a university).
5. Server log files
When you access this website, the web server automatically collects and stores the following information in server log files for the technically error-free operation, security, and integrity of the website:
- browser type and version
- operating system used
- referrer URL
- date and time of the request
- the requested URL and HTTP status code
- a shortened IP address (the last octet of IPv4 addresses and the last 80 bits of IPv6 addresses are removed before the entry is written)
The shortened IP address does not allow us to identify individual users. This data is not merged with other data sources. The legal basis is Art. 6 (1)(e) GDPR in conjunction with § 3 (1) DSG NRW and § 3 (1) HG NRW. Log entries are retained for a maximum of 7 days and then deleted automatically.
6. Cookies
This website does not set cookies and does not use any tracking or analytics technologies.
7. Web fonts
This website uses self-hosted fonts. No connection to third-party font servers is established and no data is transferred to third parties for this purpose.
8. Contact form
This website provides a contact form. When you submit it, we process the data you enter — your name, your email address, an optional subject, and your message — in order to receive and respond to your enquiry. For security and abuse prevention we additionally store the user-agent string transmitted by your browser and the date and time of submission.
Your submission is stored in a database on the infrastructure of the Universität Münster and is additionally sent to us by email so that we can reply. The legal basis is Art. 6 (1)(e) GDPR in conjunction with § 3 (1) DSG NRW and § 3 (1) HG NRW. Where your request relates to a potential or existing agreement, the legal basis is additionally Art. 6 (1)(b) GDPR. Providing your name, email address, and message is required to process your enquiry; the subject is optional. We delete this data once it is no longer required for the purposes of the correspondence, subject to any statutory retention obligations.
9. Contacting us by email
If you contact us by email (e.g. at hans.naescher@uni-muenster.de), the data you provide (your email address and the content of your message) is processed in order to handle your request. The legal basis is Art. 6 (1)(e) GDPR in conjunction with § 3 (1) DSG NRW and § 3 (1) HG NRW. Where your request relates to a potential or existing agreement, the legal basis is additionally Art. 6 (1)(b) GDPR. We delete this data once it is no longer required for the purposes of the correspondence, subject to any statutory retention obligations.
10. External links and services
This website links to external services, including GitHub, Discord, Mastodon, and the LitFlow application. When you follow such a link, the respective provider receives data (such as your IP address) and processes it under its own privacy policy. We have no control over this processing; please consult the privacy policies of those providers.
No third-party content (such as videos, social media widgets, maps, or status embeds) is embedded directly into this website.
11. Analytics and tracking
We do not use web analytics, tracking, or profiling on this website.
12. Your rights
Under the GDPR you have the right to:
- access to your personal data (Art. 15)
- rectification (Art. 16)
- erasure (Art. 17)
- restriction of processing (Art. 18)
- data portability (Art. 20)
- object, on grounds relating to your particular situation, to processing based on Art. 6 (1)(e) (Art. 21)
- withdraw consent at any time, with effect for the future, where processing is based on consent (Art. 7 (3))
To exercise these rights, contact us at hans.naescher@uni-muenster.de or the Data Protection Officer at datenschutz@uni-muenster.de.
13. Right to lodge a complaint
You have the right to lodge a complaint with a data protection supervisory authority. The authority competent for the Universität Münster is:
Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen (LDI NRW)
Kavalleriestraße 2–4, 40213 Düsseldorf, Germany
Phone: +49 211 38424-0
Email: poststelle@ldi.nrw.de
14. Changes to this policy
We may update this policy to reflect changes to our website or to legal requirements. The current version is always available on this page.
← Back home