Data protection information

Please note: only the German version of this information is legally binding.

I. Name and address of controller

The controller as defined by the General Data Protection Regulation (GDPR) and other Member State national data protection laws, as well as in other data protection legislation, is:

Furtwangen University
Robert-Gerwig-Platz 1
78120 Furtwangen
Tel: 07723 920-0
Email: info(at)hs-furtwangen.de
represented by the President of Furtwangen University, Dr. Alexandra Bormann.
Website: www.hs-furtwangen.de

II. Name and address of data protection officer

The data protection officer appointed by the above-mentioned controller is:

Prof. Dr. Dirk Koschützki
Furtwangen University
Robert-Gerwig-Platz 1
78120 Furtwangen
Email: datenschutz(at)hs-furtwangen.de

 

III. Name and address of the IT Security Officer

The IT Security Officer of the Controller is:

Prof. Dr. Stefan Noll
Hochschule Furtwangen
Robert-Gerwig-Platz 1
78120 Furtwangen
Email: isb(at)hs-furtwangen.de

IV. Provision of the website and creation of log files

1. Description and scope of data processing

Every time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:

Information about the browser type and version used

  1. The user's operating system
  2. The IP address of the user
  3. Date and time of access
  4. Websites accessed by the user's system via our website
  5. The data is also stored in the log files of our system. This data is not stored together with other personal data of the user.

2 Legal basis for data processing

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. e GDPR in conjunction with § 4 LDSG, § 2 LHG, § 3 EGovGBW.

3 Purpose of the data processing

The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

The data is stored in log files to ensure the functionality of the website. We also use the data to optimise the website and to ensure the security of our information technology systems. The data is not analysed for marketing purposes in this context. We process the data in order to be able to provide you with information on this website to fulfil our tasks in the public interest (public relations work at Furtwangen University).

4 Duration of storage

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or anonymised so that it is no longer possible to identify the accessing client. Data logged when accessing the website will only be passed on to third parties if we are legally obliged to do so or if disclosure is necessary for legal or criminal prosecution in the event of attacks on Furtwangen University's Internet infrastructure. Data will not be passed on in other cases.

5 Possibility of objection and removal

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.
 

V. Use of cookies

1. Description and scope of data processing

Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. When a user accesses a website, a cookie may be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.

The following data is stored and transmitted in the cookies:

  1. Search settings
  2. Setting for the integration of YouTube videos in extended data protection mode

We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change.

We also use cookies on our website that enable us to analyse the surfing behaviour of users.

The following data can be transmitted in this way:

  1. Search terms entered
  2. Frequency of page views
  3. Utilisation of website functions

The user data collected in this way is pseudonymised by technical precautions. It is therefore no longer possible to assign the data to the accessing user. The data is not stored together with other personal user data. When accessing our website, users are informed by an info banner about the use of cookies for analysis purposes and referred to this privacy policy. In this context, there is also a reference to how the storage of cookies can be prevented in the browser settings.

2 Legal basis for data processing

The storage of information in the terminal equipment of our users or the access to information already stored in the terminal equipment of our end users is carried out in order to provide our users with an expressly requested telemedia service on the basis of the authorisation standard § 25 para. 1, para. 2 no. 2 TDDDG.

3. Purpose of data processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary for the browser to be recognised even after a page change.

  1. Remembering search settings
  2. Remembering the setting for the integration of YouTube videos in extended data protection mode

The user data collected by technically necessary cookies is not used to create user profiles.

The purpose of using analytics cookies is to improve the quality of our website and its content. Through the analysis cookies, we learn how the website is used and can thus constantly optimise our offer.

4 Duration of storage, objection and removal options

Cookies are stored on the user's computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

VI. Newsletter

1. Description and scope of data processing

You can subscribe to a free newsletter on our website. When registering for the newsletter, the data from the respective input mask is transmitted to us.

The following data is also collected during registration

  1. IP address of the accessing computer
  2. Date and time of registration

Your consent is obtained for the processing of the data as part of the registration process and reference is made to this privacy policy.

No data will be passed on to third parties in connection with the data processing for sending newsletters. The data is used exclusively for sending the newsletter.

2 Legal basis for data processing

The legal basis for the processing of data after registration for the newsletter by the user is Art. 6 para. 1 lit. a GDPR if the user has given his consent.

3 Purpose of the data processing

The purpose of collecting the user's email address is to deliver the newsletter.

The collection of other personal data as part of the registration process serves to prevent misuse of the services or the e-mail address used.

4 Duration of storage

The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. The user's e-mail address is therefore stored for as long as the subscription to the newsletter is active.

The other personal data collected during the registration process will generally be deleted after a period of seven days.

5 Possibility of objection and cancellation

The subscription to the newsletter can be cancelled by the user concerned at any time. For this purpose, there is a corresponding link in every newsletter.

This also makes it possible to revoke consent to the storage of personal data collected during the registration process.

VII. Contact form and email contact

1. Description and scope of data processing

There is a contact form on our website that can be used to contact us electronically. If a user makes use of this option, the data entered in the input mask will be transmitted to us and stored.

The following data is also stored when the message is sent:

  1. The IP address of the user
  2. Date and time of registration

Your consent is obtained for the processing of the data as part of the sending process and reference is made to this privacy policy.

Alternatively, you can contact us via the email address provided. In this case, the user's personal data transmitted with the e-mail will be stored.

The data will not be passed on to third parties in this context. The data is used exclusively for processing the conversation.

2 Legal basis for data processing

The legal basis for the processing of the data is Art. 6 para. 1 lit. a GDPR if the user has given consent.

The legal basis for the processing of data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR, provided that the processing of the data is necessary to ensure network and information security. If the email contact is aimed at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

3 Purpose of the data processing

The processing of the personal data from the input mask serves us solely to process the contact. If you contact us by email, this also constitutes the necessary legitimate interest in processing the data.
The other personal data processed during the sending process serves to prevent misuse of the contact form and to ensure the security of our information technology systems.

4 Duration of storage

The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. For the personal data from the input screen of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.

The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5 Possibility of objection and cancellation

The user has the option to revoke their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of contacting us will be deleted in this case.

VIII. Web analysis by Matomo (formerly PIWIK)

1. Scope of the processing of personal data

We use the ‘Matomo’ service, which is offered by InnoCraft Ltd (150 Willis St, 6011 Wellington, New Zealand, NZBN 6106769), to analyse the surfing behaviour of our users. The service (Matomo) uses ‘cookies’ - text files that are stored on your end device (for cookies, see above).
The information collected by the cookies is generally sent to a Matomo server in Germany and stored there, so that technically no transfer to a third country takes place. If data is transferred to InnoCraft's registered office outside the EEA, this is secured by an EU adequacy decision for New Zealand.

If individual pages of our website are accessed, the following data are stored:

  1. Two bytes of the IP address of the user's accessing system
  2. The website accessed
  3. The website from which the user accessed the website (referrer)
  4. The subpages that are accessed from the accessed website
  5. The time spent on the website
  6. The frequency with which the website is accessed

The software is set so that the IP addresses are not saved in full, but 2 bytes of the IP address are masked (e.g.: 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer.

2 Legal basis for the processing of personal data

The legal basis for the processing of users' personal data is Art. 6 para. 1 lit. a GDPR.

3 Purpose of the data processing

The processing of users' personal data enables us to analyse the surfing behaviour of our users. By analysing the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. These purposes also constitute our legitimate interest in processing the data in accordance with Art. 6 para. 1 lit. a GDPR. By anonymising the IP address, the interest of users in the protection of their personal data is sufficiently taken into account.

4. Duration of storage

The data is deleted as soon as it is no longer required for our recording purposes.

In our case, this is the case after 180 days.

5. Possibility of objection and removal

Cookies are stored on the user's computer and transmitted by it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all the functions of the website to their full extent.

IX. YouTube

This website integrates a “YouTube plugin” into its information offering.

YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. YouTube is represented by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The embedded videos from YouTube are used within the scope of the permitted use by YouTube, which all users must accept. If you see any copyright infringements, please report this directly to YouTube.

We use embedded YouTube videos in extended data protection mode. This means that YouTube does not store cookies for a user who views a website with an embedded YouTube video player but does not click on the video to start playback. If the YouTube video player is clicked, YouTube may store cookies on the user's computer, but no personal cookie information is stored for playbacks of embedded videos. (Source: YouTube “Enabling enhanced privacy mode for embedded videos”). For more information, please refer to YouTube's general privacy policy. We do not collect any personal data in the context of embedding YouTube videos.

Further information on data processing and notes on data protection by YouTube (Google) can be found at www.google.de/intl/de/policies/privacy/.

X. Social Media

In addition to this website, we also maintain presences with various social media providers in order to communicate with you in your familiar environment and to keep you informed. No data is transferred to the social media providers when you load the website. Only when you click on the button will you be taken to the social media provider. You can find out which specific data is processed by the social media providers in the data protection notices of the respective providers.

XI. Rights of the data subject

You have various rights as a data subject, in particular the right of access (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR) or the right to restriction of processing (Art. 18 GDPR). You can find more information on the right to information and the right to erasure here:

In the event that we process your data for the performance of a public task assigned to us pursuant to Art. 6 para. 1 lit. e GDPR or on the basis of a legitimate interest pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object to the processing (Art. 21 GDPR).

In the case of processing based on consent, this consent can be withdrawn at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. With regard to data that you have provided to us yourself, you may have a right to data portability (Art. 20 GDPR).

The assertion of your data subject rights is possible free of charge.  If you believe that the processing of your personal data violates the GDPR, complaints can be submitted to us at datenschutz(at)hs-furtwangen.de under the subject “Data protection”. If you make use of your rights as a data subject, you will receive a response from us within one month at the latest.

You also have the right to lodge a complaint with a data protection supervisory authority in accordance with Art. 77 GDPR if you believe that the processing of your personal data violates the GDPR. Complaints can be submitted to the State Commissioner for Data Protection and Freedom of Information of Baden-Württemberg - also online - at http://www.baden-wuerttemberg.datenschutz.de.