Thank you very much for your interest in our University. Data privacy is of particularly high priority for all our employees and those responsible for the processing of personal data at Zittau/Görlitz University of Applied Sciences ('HSZG', 'the University'). The use of our websites is generally possible without the disclosure of any personal data. A processing of your personal data may, however, be necessary if you want to use particular services of our University through our website. We generally obtain the consent of the data subject where such processing is necessary without a legislative basis.
The processing of personal data such as names, addresses, email addresses or phone numbers is always in line with the General Data Protection Regulation ('GDPR') and all federal and Saxon data protection regulations that apply to us. This page explains what personal information we gather and to what extent and how that information is used and processed. It likewise informs you about your rights under data protection legislation.
As the controller, HSZG has implemented a number of technical and organizational measures to safeguard all personal data processed through its websites as completely as possible. Absolute protection, however, can not be guaranteed since all internet-based data transfer can reveal security holes. You are thus at all times at liberty to submit your personal data by alternative means, for example by telephone.
The privacy policy of HSZG is based on the terminology used in the General Data Protection Regulation (GDPR) adopted by the EU Parliament. Our privacy policy should be easy to read and understand by the general public, our visitors, students and partners. We would thus like to explain the terminology used herein beforehand.
Terms we use in this privacy statement:
(a) Personal data (or personal information) means any information relating to an identified or identifiable natural person ('data subject'). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
(b) Data subject means any identified or identifiable natural person whose personal data is being processed by the controller.
(c) Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
(d) Restriction of processing means the marking of stored personal data with the aim of limiting their processing in the future.
(e) Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
(f) Pseudonymization means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.
(g) Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by EU or EU member state law, the controller or the specific criteria for its nomination may be provided by for EU or EU member state law.
(h) Processor means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
(i) Recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with EU or EU member state law are not regarded as recipients.
(j) Third party means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
(k) Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which they, by a statement or by a clear affirmative action, signify agreement to the processing of personal data relating to them.
Controller within the meaning of the GDPR, further privacy laws in place in the individual member states of the European Union and other provisions with regard to data protection:
Hochschule Zittau/Görlitz, University of Applied Sciences, Theodor-Körner-Allee 16, 02763 Zittau,
Germany
Tel.: +49 (0) 3583 6120
Email: info@hszg.de
Website: www.hszg.de
Prof. Dr. rer. pol. Uwe Wendt, Zittau/Görlitz University of Applied Sciences
Theodor-Körner-Allee 16, 02763 Zittau
Germany
Tel.: +49 (0) 3583 612-3360
Email: datenschutzbeauftragter(at)hszg.de
Every data subject can contact our DPO at any time with all questions or suggestions regarding privacy.
The University's websites uses cookies. Cookies are text files stored on a computer system by a internet browser.
Numerous websites and servers use cookies. Many cookies contain a unique cookie ID. The ID is a character string that enables websites and servers to recognize the data subject's internet browser which stores the cookie. The browser can then be identified again through its unique cookie ID.
The use of cookies enables us to provide the visitors of our website with more user-friendly services which would not be possible without cookies.
Cookies help us optimize the information and offers on our website for our visitors. They also enable us to recognize the visitors of our website. The purpose of this recognition is to make the use of our website easier. For example, as a user of a website that stores cookies you do not have to re-enter your login data, since the website can identify you through the cookie and use the information that you have previously entered. Another example is a shopping basket cookie set by an online shop. The shop uses the cookie to remember the items a customer has added to the basket.
Every data subject can permanently opt out from the setting of cookies by our website at any time by changing the respective settings in their internet browser. Cookies that have already been set can likewise be deleted at any time through the internet browser or other programs. All common internet browsers include an option to delete cookies. You may not be able to use all the functions of our website if you opt out from the setting of cookies.
Our website collects a number of general data and information during every visit of a data subject or an automated system. These general data and information are stored in our server's log files. Data and information that we may collect: (a) type and version of the browser you use, (b) the operating system on your device, (c) the website that referred you to our website, (d) the sub-sites which you access on our website, (e) date and time of your connection to our website, (f) your IP address, (g) your internet service provider, (h) other similar data and information used to protect the security of IT services infrastructure.
These general data and information are collected and used in a manner that does not allow us to personally identify you. We rather need that information to (a) make sure that all content on our website is shown correctly, (b) optimize the contents on our website and its propagation, (c) guarantee the permanent operability of our IT services and internet infrastructure, (d) provide law enforcement agencies with all necessary information in the event of a cyberattack. These anonymous collected data and information are thus analysed statistically and also for increasing the privacy and the integrity of data at our University to ultimately guarantee an optimal level of protection for the personal data we process. The anonymous data stored in our log files are always separated from any personal data provided by you.
You can optionally register on our website, the process of which includes the provision of personal information. The information you (the data subject) provide to us (the controller) are represented by the respective entry form. All data will be collected and stored for the controller's internal and own purposes only. The controller may arrange for the transfer of personal information to one or several processors (eg parcel services), who will then likewise use your personal information for the sole purpose of internal use on behalf of the controller.
During your registration process on our website we also store the IP address allocated to you by your internet service provider and the date and time of your registration. We need to do so to prevent the abuse of our services and to provide these data to law enforcement agencies if necessary. The storage of these data is therefore necessary to safeguard our own security. These data will not be disclosed to third parties unless this is required by law or for the purpose of criminal prosecution.
Your registration, which entails the provision of personal data by you, allows you to use certain contents and services that we can, due to their character, only offer to registered users. Registered users are at all times at liberty to request the rectification (change) or erasure of their personal information stored by us.
We will provide every data subject at any time on request with information about the categories of personal data we store about them. We will also rectify or erase these on your request or demand unless this is contradicted by legal hold.
The Data Protection Officer named above and all employees of the controller are available as contacts for data subjects in this context.
Our website offers the opportunity to subscribe to our newsletter. The respective subscription form represents the information you (the data subject) provide to us (the controller).
The University uses a newsletter to inform its visitors, staff, students and partners on a regular basis about new services and current events. Our University newsletter can only be received if the data subject has (a) provided a valid email address and (b) subscribed to our newsletter. For legal reasons, we will send a confirmation email to the address you provide at the point of subscription which includes an activation link (closed-loop opt-in procedure). This will confirm that it was you, the owner of the email address, who authorized the subscription to our newsletter.
We also store the IP address allocated to the device the data subject used including the respective timestamp. This is necessary to trace a possible misuse of a data subject's email address at later point in time and serves the legal protection of the controller.
The personal information we collect during subscription will be used exclusively for the purpose of mailing our newsletter. If necessary, subscribers may also receive informational emails when changes to our newsletter service or its technical background occur. The personal data you provided during newsletter subscription will not be disclosed to third parties. You can unsubscribe from our newsletter at any time. You can withdraw your consent given to the storage of your personal data in our newsletter database at any time. Every newsletter includes a corresponding link that allows you to cancel your subscription and have your personal information deleted from our database. You can also directly unsubscribe on our website or otherwise inform us that you wish to unsubscribe from our newsletter.
Our newsletters contain web beacons. Web beacons are small tracking pixels or images embedded in HTML emails allowing us to create a log file and its subsequent analysis. This helps us to perform a statistical evaluation of our online marketing in terms of success or failure. The embedded beacon allows us to gather information about if and when a data subject has opened our newsletter and which links in the email they clicked on.
We store and analyse the personal data collected through those beacons in order to optimize our newsletters and tailor them in the future to the individual interests of each recipient. These personal data will not be disclosed to third parties. All data subjects are at any time entitled to withdraw their consent in this respect, which has been given separately through closed-loop opt-in email authentication. This will cause the erasure of your data from our newsletter database. Cancelling subscription to our newsletter will be automatically regarded as withdrawal of consent.
Our website contains a Legal Notice ('Impressum') for quick contact and direct communication with us, including a generic email address. Every personal information a data subject has voluntarily submitted to the controller by email or through a contact form will be stored automatically for the purpose of processing their request or contacting them in return. These personal data will not be disclosed to third parties.
Visitors can follow comments made on posts on the HSZG blog. In particular, comment posters can subscribe to comments made on a blog post after their own comment.
Users who choose to follow comments will automatically receive a confirmation email by the controller to verify the owner of the provided email address (closed-loop opt-in). The following of comments can be disabled at any time.
The controller processes and stores the personal data of the data subject only for the time necessary to fulfil the purpose they are collected for or when a provision has been made for the processing and storing of such data in European directives and regulations or other laws and regulations by legislative authorities that are applicable to the controller.
The corresponding personal data will be routinely blocked or erased pursuant to statutory provisions when the purpose for the storage is no longer applicable or when a storage period prescribed by European directives and regulations or other laws and regulations has expired.
(a) Right of confirmation
Every data subject has the right granted by the European legislator to obtain from the controller the confirmation as to whether or not personal data concerning them are being processed. You may, at any time, contact our Data Protection Officer or any other employee if you want to avail yourself of this right of confirmation.
(b) Right of access by the data subject
Every data subject has, at any time, the right granted by the European legislator to obtain from the controller free information about their personal data stored and a copy of this information. Furthermore, the European directives and regulations grant the data subject the following information:
Furthermore, the data subject has a right to obtain information as to whether personal data are transferred to a third country or to an international organization. Where this is the case, the data subject has the right to be informed of the appropriate safeguards relating to the transfer.
You may, at any time, contact our Data Protection Officer or any other employee if you want to avail yourself of this right of confirmation.
(c) Right to rectification
Every data subject has the right granted by the European legislator to obtain from the controller without undue delay the rectification of inaccurate personal data concerning them. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
You may, at any time, contact our Data Protection Officer or any other employee if you want to avail yourself of this right of confirmation.
(d) Right to erasure (Right to be forgotten)
Every data subject has the right granted by the European legislator to obtain from the controller the erasure of personal data concerning them without undue delay, and the controller has the obligation to erase personal data without undue delay where one of the following grounds applies, as long as the processing is not necessary:
The personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.
The data subject withdraws their consent to which the processing is based according to point (a) of Article 6(1) GDPR, or point (a) of Article 9(2) GDPR, and where there is no other legal ground for the processing. The data subject objects to the processing pursuant to Article 21(1) GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) GDPR.
The personal data have been unlawfully processed.
The personal data have to be erased for compliance with a legal obligation in EU or EU member state law to which the controller is subject.
The personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.
If one of the aforementioned reasons applies, and you wish to request the erasure of personal data stored by us, you may, at any time, contact our Data Protection officer or any of our employees. Our Data Protection Officer or another employee will promptly ensure that the erasure request is complied with immediately.
Where we have made personal data public and are obliged pursuant to Article 17(1) GDPR to erase the personal data, we will, taking account of available technology and the cost of their implementation, take reasonable steps, including technical measures, to inform other controllers processing the personal data that you have requested erasure by these controllers of any links to, or copy or replication of those personal data, as far as processing is no longer required. Our Data Protection Officer or another employee will in the individual case take the necessary steps.
(e) Right of restriction of processing
Every data subject has the right granted by the European legislator to obtain from the controller restriction of processing where one of the following applies:
The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use.
The controller no longer needs the personal data for the purposes of the processing, but the data subject requires them for the establishment, exercise or defence of legal claims.
The data subject has objected to processing pursuant to Article 21(1) GDPR, pending the verification whether the legitimate grounds of the controller override those of the data subject.
If one of the aforementioned conditions applies, and you wish to request the restriction of processing of personal data stored by us, you may, at any time, contact our Data Protection officer or any of our employees. Our Data Protection Officer or another employee will promptly ensure that the restriction request is complied with immediately.
(f) Right to data portability
Every data subject has the right granted by the European legislator to receive the personal data concerning them and which they provided to a controller, in a structured, commonly used and machine-readable format. Furthermore, they have the right to transmit those data to another controller to which the personal data have been provided, as long as the processing is based on consent pursuant to point (a) of Article 6(1) GDPR or point (a) of Article 9(2) GDPR, or on a contract pursuant to point (b) of Article 6(1) GDPR, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Furthermore, in exercising their right to data portability pursuant to Article 20(1) GDPR, the data subject has the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
In order to assert the right to data portability, you may at any time contact our Data Protection Officer or any of our employees.
(g) Right to object
Every data subject has the right granted by the European legislator to object, on grounds relating to their particular situation, at any time, to the processing of personal data concerning them, which is based on point (e) or (f) of Article 6(1) GDPR. This also applies to profiling based on these provisions.
We will no longer process your personal data in the event of your objection, unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or for the establishment, exercise or defence of legal claims.
Where we process personal data for direct marketing purposes you have the right to object at any time to the processing of personal data concerning you for such marketing. This also applies to profiling to the extent that it is related to such direct marketing. If you object to processing for direct marketing purposes, we will no longer process your personal for such purposes.
In addition, you have the right, on grounds relating to your particular situation, to object to the processing of your personal data where they are processed for scientific or historical research purposes or statistical purposes pursuant to Article 89(1) GDPR, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
In order to assert the right to object, you may at any time contact our Data Protection Officer or any of our employees. In addition, you are at liberty in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, to use your right to object by automated means using technical specifications.
(h) Automated individual decision-making, including profiling
Every data subject has the right granted by the European legislator not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them, or similarly significantly affects them, as long as the decision (a) is not is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (b) is not authorised by EU or EU member state law to which the controller is subject and which also lays down suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, or (c) is not based on the data subject's explicit consent.
If the decision (a) is necessary for entering into, or the performance of, a contract between the data subject and a data controller, or (b) it is based on the data subject's explicit consent, HSZG shall implement suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express their point of view and contest the decision.
You may, at any time, contact our Data Protection Officer or any other employee if you wish to exercise your rights concerning automated individual decision-making.
(i) Right to withdraw data processing consent
Every data subject has the right granted by the European legislator to withdraw their consent to processing of their personal data at any time.
If you wish to exercise your right to withdraw your consent, you may at any time contact our Data Protection Officer or any other employee.
The controller collects and processes the personal data of applicants for the purpose of the application procedure. The processing may also be carried out electronically. This is the case, in particular, if an applicant submits corresponding application documents by email or by means of a web form on the website to the controller. If the controller concludes an employment contract with an applicant, the submitted data will be stored for the purpose of processing the employment relationship in compliance with legal requirements. If no employment contract is concluded with the applicant by the controller, the application documents will be automatically erased two months after notification of the refusal decision, provided that no other legitimate interests of the controller are opposed to the erasure. Other legitimate interest in this relation is eg a burden of proof in a procedure under the German General Equal Treatment Act (AGG).
The controller has integrated components of Facebook on this website. Facebook is a social networking service.
A social networking service is an internet-based social meeting place, an online community that usually enables its users to communicate with each other and interact in virtual space. A social network can serve as a platform for the exchange of opinions and experiences or enables the internet community to provide personal or company-related information. Among other things, Facebook enables its users to create private profiles, upload photos and network through friendship requests.
Facebook is operated by Facebook Inc, 1 Hacker Way, Menlo Park, CA 94025, USA. The controller responsible for the processing of personal data of data subjects living outside the USA or Canada is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland.
Each time you access one of the individual pages of this website, on which a Facebook component ('Facebook plug-in') has been integrated, the internet browser on your device is automatically being prompted by the respective Facebook plug-in to download an image file of the corresponding Facebook component from Facebook. An overview of all Facebook plug-ins can be found at developers.facebook.com/docs/plugins As part of this technical process, Facebook is informed about which specific page of our website is visited by the data subject.
If the data subject is logged in on Facebook at the same time, Facebook recognizes with every visit which specific pages of our website the data subject visits for the entire duration of the respective stay on our website. Facebook connects the information collected by the Facebook plug-in with the data subject's Facebook user account. When the data subject clicks one of the Facebook buttons integrated on our website, eg the "Like" button, or the data subject makes a comment, Facebook attributes these transmitted data and information to the data subject's Facebook user account and stores them.
Facebook receives information through the Facebook plug-in that the data subject has visited our website whenever they are logged in on Facebook when accessing our website; this happens regardless of whether the data subject clicks on the Facebook plug-in or not. If you do not want this information to be transmitted to Facebook, you can prevent this by logging out of your Facebook account before you visit our website.
The data policy published by Facebook, which can be accessed at www.facebook.com/about/privacy/ provides information about the collection, processing, and use of personal data by Facebook. It likewise explains what options Facebook offers to protect the privacy of data subjects. Additionally, there are various applications that help suppress data transmission to Facebook, eg the 'Facebook blocker' by Webgraph, which is available at webgraph.com/resources/facebookblocker/. You can use such applications to suppress data transmission to Facebook.
The controller has integrated components of Instagram on this website. The Instagram service is an audiovisual platform allowing its users to share photographs and videos, including their further distribution on other social networking sites.
Instagram is operated by Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.
Each time you access one of the individual pages of this website, on which an Instagram component ('Instagram follow button') has been integrated, the internet browser on your device is automatically being prompted by the respective Instagram plug-in to download an image file of the corresponding component from Instagram. As part of this technical process, Instagram is being informed about which specific page of our website is visited by the data subject.
If the data subject is logged in on Instagram at the same time, Instagram recognizes with every visit which specific pages of our website the data subject visits for the entire duration of the respective stay on our website. Instagram connects the information collected by the Instagram follow button with the data subject's Instagram user account. When the data subject clicks one of the Instagram follow buttons integrated on our website, Instagram attributes these transmitted data and information to the data subject's Instagram user account and stores them.
Instagram receives information through the Instagram follow button that the data subject has visited our website whenever they are logged in on Instagram when accessing our website; this happens regardless of whether the data subject clicks on the Instagram follow button or not. If you do not want this information to be transmitted to Instagram, you can prevent this by logging out of your Instagram account before you visit our website.
Further information and Instagram's current privacy policy can be found at help.instagram.com/155833707900388 and help.instagram.com/196883487377501.
The controller has integrated Jetpack on this website. Jetpack is a plug-in for WordPress offering additional features for owners of websites that are based on WordPress, one of which providing the operator with an overview of the website's visitors. The number of visitors can be increased by showing related postings or sharing content on the website. Furthermore, Jetpack has integrated certain security features that increase the protection against brute-force attacks. Jetpack also optimizes and accelerates the loading of images on the website.
The Jetpack plug-in for WordPress is operated by Automattic Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA. The Jetpack operators use the tracking technology from Quantcast Inc., 201 Third Street, San Francisco, CA 94103, USA.
Jetpack places a cookie on the data subject's device.
Each time you access one of the individual pages of this website, on which a Jetpack component has been integrated, the internet browser on your device is automatically being prompted by the respective Jetpack component to transmit data to Automattic for online analysis. During this technical process, Automattic obtains information about data which are subsequently used to create an overview of website visitors. These data are processed to create a website user behaviour analysis and evaluated for the purpose of website optimization. We do not use any data collected through the Jetpack plug-in to identify a data subject without their prior explicit consent. These data are also disclosed to Quantcast, Inc., who uses them for the same purposes as those of Automattic.
You can permanently opt out from the setting of cookies by our website at any time by changing the respective settings in your internet browser. This browser setting would likewise prevent Automattic/Quantcast to place a cookie on your device. Cookies that have already been set by Automattic can otherwise be deleted at any time through the internet browser or other programs.
You can also object to and prevent the collection, processing and use of personal data generated by the Jetpack cookie with regard to your use of our website. If you wish to do so, click the opt-out button at www.quantcast.com/opt- out/. This will set an opt-out cookie on your device. If you delete the cookies stored on your device at a later point, you will need to click the aforementioned link again to set a new opt-out cookie.
However, setting the opt-out cookie may result in our website no longer being fully available to you.
The current Automattic privacy policy can be found at automattic.com/privacy/. The current Quantcast privacy policy can be found at www.quantcast.com/privac
The controller has integrated components of LinkedIn Cooperation on this website. LinkedIn is a social networking site enabling its users to connect with existing and establish new business contacts. LinkedIn has 400 million users in more than 200 countries. It is currently the largest business network platform and one of the most frequently visited websites in the world.
LinkedIn is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA. The controller responsible for the processing of personal data of data subjects living outside the USA is LinkedIn Ireland, Privacy Policy Issues, Wilton Plaza, Wilton Place, Dublin 2, Ireland.
Each time our website is accessed, on which a LinkedIn component ('LinkedIn plug-in') has been integrated, the internet browser used by the data subject is being prompted to download an image file of the corresponding component from LinkedIn. Further information on LinkedIn plug-ins can be obtained at developer.linkedin.com/plugins. As part of this technical process, LinkedIn is being informed about which specific page of our website is visited by the data subject.
If the data subject is logged in on LinkedIn at the same time, LinkedIn recognizes with every visit which specific pages of our website the data subject visits for the entire duration of the respective stay on our website. LinkedIn connects the information collected by the LinkedIn component with the data subjec's LinkedIn user account. When the data subject clicks one of the LinkedIn buttons integrated on our website, LinkedIn attributes these transmitted data and information to the data subject's LinkedIn user account and stores them.
LinkedIn receives information through the LinkedIn component that the data subject has visited our website whenever they are logged in on LinkedIn when accessing our website; this happens regardless of whether the data subject clicks on the LinkedIn button button or not. If you do not want this information to be transmitted to LinkedIn, you can prevent this by logging out of your LinkedIn account before you visit our website.
You can opt out from receiving LinkedIn emails, texts and targeted ads or adjust ads settings at www.linkedin.com/psettings/guest-controls. LinkedIn also uses the services of various partners such as Quantcast, Google Analytics, BlueKai, DoubleClick, Nielsen, Comscore, Eloqua, and Lotame, which may be setting their own cookies. You can opt out from such cookies at www.linkedin.com/legal/cookie-policy. The current LinkedIn privacy policy can be found at www.linkedin.com/legal/privacy-policy. The current LinkedIn cookie policy can be found at www.linkedin.com/legal/cookie-policy.
The controller has integrated Matomo on this website. Matomo, formerly Piwik, is an open-source web analytics application. Web analytics is the collection, analysis and reporting of web data concerning the behaviour of website visitors. A web analytics application collects, among other things, data as to from which website a data subject has been referred to, which individual pages they access, or how often and for how long a page on the website has been viewed. Web analytics are chiefly used for optimizing web usage and to assess and improve the effectiveness of a website and its marketing.
The application is being run on the controller's server. Any sensitive personal information are being stored exclusively on this server.
We use Matomo to analyse the visitor flow on our website. Among other things, we use the collected data and information to compile activity reports regarding the use of our website.
Matomo places a cookie on the data subject's device. This cookie facilitates the analysis of how visitors use our website.
Each time you access one of the individual pages of this website, the internet browser on your device is automatically being prompted by the Matomo component to transmit data to our server for online analysis. During this procedure, we obtain personal data such as your IP address, which enables us to trace the origin of our website visitors and their clicks.
The cookie is used to store personal data such as time, location and frequency of visits to our website by you. These personal data, including your IP address are being transferred to our server and subsequently stored by us. We do not disclose these data to third parties.
You can permanently opt out from the setting of cookies by our website at any time by changing the respective settings in yourinternet browser. This browser setting would likewise prevent Matomo from setting a cookie on your device. Cookies that have already been set by Matomo can otherwise be deleted at any time through the internet browser or other programs.
You can also object to and prevent the collection, processing and use of personal data generated by Matomo with regard to your use of our website. If you wish to do so, you can set an opt-out cookie at matomo.org/docs/privacy/. However, if you at later point reformat your hard drive, or delete or reinstall your operating system, you will need to renew your opt-out cookie at matomo.org/docs/privacy/.
Setting the opt-out cookie, however, may result in our website no longer being fully available to you.
Further information and Motomo's current privacy policy can be found at matomo.org/docs/privacy
The controller has integrated components from Twitter on this website. Twitter is a multilingual public microblogging service on which users post and interact with messages known as "tweets". Those tweets, which are restricted to 280 characters, can be read by unregistered users, and they are shared with a registered user's followers. Followers are other registered users who follow the tweets of others. Furthermore, Twitter facilitates the addressing of a broader audience with hashtags, links or retweets.
Twitter is operated by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.
Each time you access one of the individual pages of this website, on which a Twitter component ('Tweet button') has been integrated, the internet browser on your device is automatically being prompted by the Twitter component to download an image file of the Tweet button from Twitter. More informtion on Tweet buttons can be found at about.twitter.com/de/resources/buttons. As part of this technical process, Twitter is informed about which specific page of our website is visited by the data subject. We use Tweet buttons to allow our users to share the contents of our website with the internet community and to increase the number of our visitors.
If the data subject is logged in on Twitter at the same time, Twitter recognizes with every visit which specific pages of our website the data subject visits for the entire duration of the respective stay on our website. Twitter connects the information collected by the Tweet button with the data subject's Twitter user account. When the data subject clicks one of the Tweet buttons integrated on our website, Twitter attributes these transmitted data and information to the data subject's Twitter user account and stores them.
Twitter receives information through the Tweet button that the data subject has visited our website whenever they are logged in on Twitter when accessing our website; this happens regardless of whether the data subject clicks on the Tweet button or not. If you do not want this information to be transmitted to Twitter, you can prevent this by logging out of your Twitter account before you visit our website.
The current Twitter privacy policy can be found twitter.com/privacy.
The controller has integrated components from Xing on this website. Xing is a social networking site enabling its users to connect with existing and establish new business contacts. Registered users can create personal profiles. Companys can create company profiles or share job vacancies on Xing.
Xing is operated by XING AG, Dammtorstr. 30, 20354 Hamburg, Germany.
Each time you access one of the individual pages of this website, on which a Xing component ('Xing plug-in') has been integrated, the internet browser on your device is automatically being prompted by the Xing plug-in to download an image file of the corresponding Xing plug-in from Xing. Further information on Xing plug-ins can be obtained at dev.xing.com/plugins. As part of this technical process, Xing is being informed about which specific page of our website is visited by the data subject.
If the data subject is logged in on Xing at the same time, Xing recognizes with every visit which specific pages of our website the data subject visits for the entire duration of the respective stay on our website. Xing connects the information collected by the Xing plug-in with the data subject's Xing user account. When the data subject clicks one of the Xing buttons integrated on our website, eg the “share” button, Xing attributes these transmitted data and information to the data subject's Xing user account and stores them.
Xing receives information through the Xing plug-in that the data subject has visited our website whenever they are logged in on Xing when accessing our website; this happens regardless of whether the data subject clicks on the Xing button or not. If you do not want this information to be transmitted to Xing, you can prevent this by logging out of your Xing account before you visit our website.
The data policy published by Xing, which can be found at www.xing.com/privacy provides information about the collection, processing, and use of personal data by Xing. Furthermore, Xing has released a privacy statement for the Xing share button at www.xing.com/app/share.
The controller has integrated components from YouTube on this website. YouTube is a free video-sharing website allowing users to upload, view, rate, share, and comment on videos. YouTube allows the publishing of all kinds of videos, including complete movies or TV shows, music clips, movie trailers, or other content created by users.
YouTube is operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
Each time you access one of the individual pages of this website, on which a YouTube component ('YouTube video') has been embedded, the internet browser on your device is automatically being prompted by YouTube to download a graphical representation of the YouTube video from YouTube. For more information about YouTube see www.youtube.com/yt/about/. As part of this technical process, YouTube and Google are being informed about which specific page of our website you visit.
If you are logged in on YouTube when you visit a page on our website containing a YouTube video, YouTube recognizes which specific page you are visiting. This information is collected by YouTube and Google, which connect it to the data subject's YouTube user account.
YouTube and Google receive information through the YouTube video that the data subject has visited our website whenever they are logged in on YouTube when accessing our website; this happens regardless of whether the data subject watches the embedded video or not. If you do not want this information to be transmitted to YouTube and Google, you can prevent this by logging out of your YouTube account before you visit our website.
The data policy published at policies.google.com/privacy provides information about the collection, processing and use of personal data by YouTube and Google.
Article 6(I)(c) GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1)(b) GDPR. The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. Is our University subject to a legal obligation by which processing of personal data is required, such as for the fulfilment of tax obligations, the processing is based on Art. 6(1)(c) GDPR. In rare cases, the processing is necessary in order to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our University and their name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1)(d) GDPR. Finally, processing operations could be based on Article 6(1)(f) GDPR. This legal basis is used for processing operations which are not covered by any of the above-mentioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our University or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).
Where the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest is to carry out our business in favour of the well-being of all our employees and shareholders.
The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data is routinely deleted, as long as it is no longer necessary for the fulfilment of the contract or the initiation of a contract.
We clarify that the provision of personal data is partly required by law (eg tax regulations) or can also result from contractual provisions (eg information on the contractual partner). Sometimes it may be necessary to conclude a contract that the data subject provides us with personal data, which must subsequently be processed by us. The data subject is, for example, obliged to provide us with personal data when our University signs a contract with them. The non-provision of the personal data would have the consequence that the contract with the data subject could not be concluded. Before personal data is provided by the data subject, the data subject must contact our Data Protection Officer. Our Data Protection Officer clarifies to the data subject whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and the consequences of non-provision of the personal data.
As a responsible University we do not use automatic decision-making or profiling.