Page accesses and 'sessions'

Each access to any subpage gives rise to a page access record which contains the data described in the sections below. Additionally, a session identifier is part of the data processed for each page access, associating it to a 'session' in the following sense: A session is defined to be the totality of site accesses sharing client ip address, port number and user agent during the earliest, and then longest, time interval without a gap between site accesses longer than 30 minutes. The association of accesses to sessions is necessary to retain information about related accesses after client ip address, port number and user agent data are deleted. This association of page accesses to sessions does then no longer carry any personal information, see below.

Anonymous data stored indefinitely

No personal data can be inferred from the following data, which is stored indefinitely:

• Accessed subpages (like '/' or '/orthotonal')
• Timestamps for reception of request (access), beginning and end of response (to detect errors, overloads, and abuse)
• Technical information: The request method (like GET or POST), http version, whether the site access is secured by tls, the url query (like '?grid=-8&grid=8&grid=-10&grid=10&grid=-2&grid=2') and the response status
• The referring page, if it is part of this website (to analyse how this website is used)
• A pseudonymous identifier (alias) that groups multiple page requests made by the same visitor during one session
• Time of first access and last access for a session

Sensitive data stored for seven days

For security reasons, we store this sensitive data for a period of seven days:

• Data representing the client associated to a 'session', consisting of
  • Client IP address
  • Client Port number
  • User Agent HTTP Header
• Page referrer (content of the 'referer' HTTP header), even when the referring page is not part of this website (compare above)