Data Protection
I. Name and Address of the Responsible Office
The responsible office for the processing of your personal data is:
Bauhaus-Universität Weimar
Represented by the President
Geschwister-Scholl-Straße 8
99423 Weimar
Germany
Phone: +49 (0) 36 43/58 11 10
Website: www.uni-weimar.de
II. Contact Details of Data Protection Officers
Office of the Chancellor
Belvederer Allee 6
99423 Weimar
Germany
Phone: +49 (0) 3643/58 12 22
E-mail: datenschutz[at]uni-weimar.de
Website: www.uni-weimar.de/dsb
III. Website Availability and Creation of Log Files
1. Description and Scope of the Data Processing
We only the personal data of our users insofar as is necessary for the operation of a functional website.
Each time our website is accessed, our system automatically collects data from the visitor.
The following information is collected:
(1) Information on the browser type and version
(2) The user’s operating system
(3) The user’s internet service provider
(4) The user’s IP address
(5) The date and time of access
(6) The website through which the user’s system accessed our website
(7) The websites that the user’s system accesses through our website
This data is stored in our system’s log files. This data is not stored with the other personal data collected from users.
This data is temporarily stored in our system’s log files for a maximum of seven days. Following this storage period, the IP address is rendered anonymous ensuring that the direct assignment of the client is not possible. The anonymous data records are stored long-term for forensic purposes.
2. Lawfulness of Processing
Data and log file storage are based on Art. 6 Para. 1 lit. in accordance with Para. 3 of the European General Data Protection Regulation (EU-GDPR) in accordance with § 16 Para. 1 of the Thüringer Datenschutzgesetzes (ThürDSG). The Bauhaus-Universität Weimar is responsible for providing information to the public on studies and research and providing a means of electronic contact.
3. Purpose of Data Processing
The temporary storage of IP addresses is necessary for the delivery of the website to the user’s computer. The storage in log files is carried out to ensure website functionality. The stored data is also used to ensure the security of our information technology systems and for forensic purposes.
4. Storage Period
The data will be erased as soon as it is no longer required for the purpose for which is was collected. In cases of data collection for the provision of the website, this is when the respective session has ended.
The IP addresses in log files are rendered anonymous after seven days ensuring that the direct assignment of the client is not possible. The anonymous data records are stored long-term.
5. Right to Rejection and Removal
Data collection for the functionality of the website as well as data storage in log files is absolutely necessary for website operation. Therefore it is not possible for users to reject the collection of data.
IV. Use of Cookies
1. Description and Scope of the Data Processing
Our website uses cookies. Cookies are text files that are stored in the internet browser on the user’s computer system. When users visit a website, a cookie may be stored on the user’s operating system. A cookie contains a string of characters that uniquely identifies the browser when the user visits the website again.
We use cookies to make our website more user-friendly. Some elements of our website require that the user’s browser be identifiable even after changing websites.
The following data is stored and transmitted in the cookies:
(1) The language the user is currently using to display the webpage.
2. Lawfulness of Processing
Processing personal data through the use of cookies is legally based on Art. 6 Para. 1 lit. in accordance with Para. 3 of the European General Data Protection Regulation (EU-GDPR) in accordance with § 16 Para. 1 of the Thüringer Datenschutzgesetzes (ThürDSG).
3. Purpose of Data Processing
The necessary use of cookies is to ensure that the websites are user-friendly. In principle, it is possible to use our website without the use of cookies. However, some functions are not available without the use of cookies. For these functions, the browser must be identifiable, even after changing websites.
The applications that require the use of cookies can be found under IV.1..
The data collected through technically necessary cookies are not used to establish user profiles.
4. Storage Period, Right to Rejection and Removal
Cookies are stored on the user’s computer and transmitted to our website. Thus, the user has full control over the use of cookies. The transmission of cookies can be deactivated or restricted by changing the settings in your internet browser. Cookies that have been saved can be deleted at any time. This can be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all of the website functions to their full extent.
V. Registration and E-Mail Contact
1. Description and Scope of the Data Processing
There are registration forms on our website which require user to input data such as their name and e-mail address, which is transmitted to us.
We also store the time and date that the message was sent.
The data collected when forms are used is regularly sent to neb@uni-weimar.de. The collected data may also stored in a database in order to ensure that e-mail delivery failures do not result in a loss of information.
Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user’s data that is transmitted in the e-mail will be stored.
This data is not passed on to third parties. This data is used exclusive for the purpose of processing the conversation.
2. Lawfulness of Processing
The processing of data is legally based on Art. 6 Para. 1 lit. a of the European General Data Protection Regulation (EU-GDPR).
3. Purpose of Data Processing
The processing of personal data from the input mask or from e-mail serves the sole purpose of processinf the registration.
4. Storage Period
The data will be erased from the databank as soon as it is no longer required for the purpose for which is was collected. Personal data stored from the input mask will be erased when it is evident that the matter in question has been resolved. Irrespective of whether the matter in questions has been resolved, the data will be erased after 90 days.
5. Right to Rejection and Removal
Users may at any time revoke their consent to data processing by sending an e-mail to neb@uni-weimar.de requesting the deletion of their personal data provided in the input mask from the database or the deletion of their data transmitted by e-mail.
VI. Rights of the User
If your personal data is processed, you are defined as a data subject in accordance with the European General Data Protection Regulation (EU-GDPR), and you are entitled, through the responsible office and subject to the legal regulations restricting these rights, to the following:
1. Right of Access
In accordance with Art. 15 of the European General Data Protection Regulation (EU-GDPR), users may request information from the responsible office regarding whether and which of their personal data is being processed.
2. Right to Rectification
Users have the right to have their personal data amended and/or corrected in accordance with Art. 16 of the European General Data Protection Regulation (EU-GDPR) if it is incorrect or incomplete. The responsible office is required to carry out any rectifications without delay.
3. Right to Erasure and Restriction of Processing
Users have the right to the restriction (Art. 17 of the EU-GDPR) or deletion (Art. 18 of the EU-GDPR) of their personal data.
4. Right to Information
If a user has asserted their right to rectification, erasure or restriction of processing against the responsible office, the responsible office is obliged (in accordance with Art. 19 of the EU-GDPR) to inform each each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.
The responsible office shall inform the user about those recipients upon the user’s request.
5. Right to Data Portability
Users have the right to transfer their data in accordance with Art. 20 of the EU-GDPR if the data processing is based on their user’s consent or a contract.
6. Right to Object
The user has the right to object to the processing of their personal data at any time if the data processing is based on Art. 6 Para. 1 lit. e of the EU-GDPR.
7. Right to Revoke the Declaration of Consent Under Data Protection Law
Users have the right to revoke their consent under data protection law at any time. Revoking consent does not affect the legality of processing carried out based on consent prior to the revocation.
9. Automated Individual Decision-Making, Including Profiling
Profiling is not carried out.
10. Right to Complain to a Supervisory Authority
Without prejudice to any other administrative or non-judicial remedy, users have the right to an effective judicial remedy against a legally binding decision of a supervisory authority if they feel that the processing of their personal data is in breach of the EU-GDPR.
The supervisory authority to which the complaint was submitted must inform the user of the status and outcome of their complaint, including any possibility of a judicial remedy under Art. 78 of the EU-GDPR.