Privacy Policy

Contact details of the responsible body

Responsible within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the EU member states as well as other data protection regulations for the online offer “Blog” is:

University of Hamburg
Mittelweg 177
20148 Hamburg
Germany  

Tel.: +49 40 42838-0
Fax: +49 40 42838-9586

Contact details of the data protection officer of the university of hamburg

Mittelweg 177
20148 Hamburg
E-Mail: datenschutz@uni-hamburg.de

Objective and basic information on data processing

This privacy policy explains the nature, scope and purpose of the processing of personal data within our online offering and the websites, functions and content associated with it. The privacy policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) on which the online offer is executed.

We process personal data of our users only in compliance with the relevant data protection provisions in accordance with the principles of data economy and data avoidance. It follows that the processing of personal data of our users regularly takes place only after the consent of the user. An exception applies in those cases in which the processing of the data is permitted by legal regulations.

We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and thus to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.

If content, tools or other means of third-party providers (e.g. YouTube videos) are used within the scope of our online offer and their named registered office is abroad, it is to be assumed that a data transfer to the registered office states of the third-party providers takes place.

Definitions

For the purposes of this Privacy Policy, the term:

“User” means all customers and visitors to our Website, which term shall be understood to be gender-neutral; “Website or Online Offer” means, on an overarching basis, the content and functions contained on our Website and connected to the Website;”Third-party providers” other providers that are different from us, whose content, tools or other means we use as part of our online offering and whose named registered office may be abroad. For example, video platforms such as YouTube are to be mentioned here.

Data processing

1. Provision of the blog and creation of logfiles

With every call and every use of this blog, data and information are collected. This data and information is stored in log files of the server.

 

Captured:

  • IP address
  • browser type / browser version
  • date and time the website was accessed
  • user Internet service provider
  • user operating system
  • referring website
  • websites accessed by the User’s system through our website

The legal basis for the temporary storage of the data and the log files is Art. 6 Para. 1 e GDPR, i.V.m. § 4 HmDSG i.V.m. § 3 und 4 HmbHG..

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

Log files are stored to ensure the functionality of the website, to optimize the content of the website and to ensure the security of our information technology systems.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

In the case of storage of data in log files, this is the case after 28 days at the latest. If the data is stored beyond this period, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the calling client.

The personal data will also be processed for the following purposes if there is a legal basis for doing so:

  • the provision, execution, maintenance, optimization and safeguarding of our services, services and user services;
  • ensuring effective customer service and technical support.

2. Registration

Users can register on the Universität Hamburg webpages by providing personal data. All information requested in the online data entry form will be transmitted as part of the registration process.

You will be asked to grant your consent for the processing of this data as part of the registration process.

These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.

User registration is necessary to provide specific content and services on our website, including the creation and administration of user accounts, participation in surveys, the administration of applications for admission and placement tests, the organization of examinations, registering for courses, events, examinations, and the administrative tasks associated with them.

The data will be deleted when they are no longer needed for the purpose they were collected.

3. Cookies

Our website uses cookies. Cookies are small data files, created and stored by the Internet browser on your computer’s hard drive. Accessing a website may result in a cookie being saved on your operating system. This cookie contains a specific string of characters that allows the browser to be clearly recognized every time the website is accessed.

We use cookies to make our website more user-friendly.

The processing of personal data based on the use of cookies is lawful pursuant to Article 6 paragraph 1 lit. a GDPR (General Data Protection Regulation).

The purpose of these technical cookies is to simplify website use.

Cookies are stored on the User’s computer and transferred to us. That is why you, as the User, have full control over cookie implementation. You can deactivate or restrict cookies by changing your browser settings. Cookies already stored on your hard drive can be deleted at any time. This can also be done automatically. However, disabling cookies for our website may result in some functions not working correctly.

4. SSL or TLS encryption

For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption.

 You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

5. Contact forms, other mail forms and e-mail contact

As part of our blog, contact forms are provided that can be used for simplified electronic communication. In the process, the data entered in the input mask is transmitted. For the processing of the data, the consent of the user is obtained during the submission process and reference is made to this privacy policy.

Alternatively, it is possible to contact us via the e-mail addresses provided. In this case, the personal data of the user transmitted with the e-mail will be stored in the inbox. The data will not be passed on to third parties.

The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given his consent.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) lit. a GDPR.

The data will be used exclusively for processing the request. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective request of the user has ended.

Disclosure of data to third parties

1. Social Media

Twitter

We use the Twitter social network share buttons provided by the micro-blogging service Twitter, operated by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”).

The share button is an automated embedding of layout buttons with links and identical click events to the individual services. No service content is integrated, nor are any data transferred before the User clicks.

Once the button has been clicked, the operator of the social media platform receives the information that the individual page has been accessed, for which personal data are transmitted to the platform operator.

Use of Twitter allows information regarding your use of this website (including your IP address) to be transmitted to, and stored in, a Twitter server in the USA.

The purpose and scope of Twitter’s data collection, the further on-site processing and use of your data as well as your rights and potential settings to protect your private information are explained in the Twitter privacy policy https://twitter.com/en/privacy.

Xing

We use the Xing social network share buttons provided by Xing AG, Dammtorstraße 29-32, 20254 Hamburg, Germany.

The share button is an automated embedding of layout buttons with links and identical click events to the individual services. No service content is integrated, nor are any data transferred before the User clicks.

Once the button has been clicked, the operator of the social media platform receives the information that the individual page has been accessed, for which personal data are transmitted to the platform operator.

The purpose and scope of Xing’s data collection, the further processing and use of your data as well as your rights and potential settings to protect your personal information are explained in the Xing privacy policy: https://privacy.xing.com/en/your-privacy.

LinkedIn

We use the LinkedIn social network buttons provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

The share button is an automated embedding of layout buttons with links and identical click events to the individual services. No service content is integrated, nor are any data transferred before the User clicks.

Once the button has been clicked, the operator of the social media platform receives the information that the individual page has been accessed, for which personal data are transmitted to the platform operator.

The purpose and scope of Xing’s data collection, the further processing and use of your data as well as your rights and potential settings to protect your personal information are explained in the LinkedIn privacy policy: https://linkedin.com/com/legal/privacy-policy.

Your rights

You have the following rights:

  • the right to information regarding personal data pertaining to you that is stored by us (Article 15 GDPR);
  • the right to correction of any incorrect or incomplete personal information (Article 16 GDPR);
  • the “right to be forgotten”: erasure of stored personal data insofar as the relevant data are not necessary for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or the purposes of establishing, exercising, or defending a legal claim (Article 17 GDPR);
  • the right to limited processing of personal data (Article 18 GDPR);
  • Right to data portability (Art. 20 GDPR);
  • the right to object to the processing of your data conducted in our legitimate interest, public interest, or for profiling purposes unless we can demonstrate compelling grounds for processing said data that outweighs your interests, rights, and freedoms or where the processing of said data is required for the establishment, exercise, or defense of a legal claim (Article 21, GDPR);
  • the right to withdraw your consent to the collection, processing, and use of your personal data at any time with future effect (Article 7 paragraph 3 GDPR)—this means that the data processing related to that consent will no longer be carried out;
  • the right to lodge a complaint with a supervisory authority where you believe the processing of personal data related to you is in breach of the GDPR (Article 77 GDPR).

Withdrawal of consent / objection to processing

Please send your withdrawal to:

Michel Clement
Moorweidenstraße 18
20148 Hamburg
Tel.: +49 40 42838 8721
E-Mail: michel.clement@uni-hamburg.de

Rights as a data subject

You may exercise your rights as a data subject, such as obtaining information on data being stored, by contacting datenschutz@uni-hamburg.de