Privacy policy
The processing of data by Justus Liebig University is carried out in accordance with the provisions of data protection law, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (Basic Data Protection Regulation -DSGVO-) and the Hessian Freedom of Information and Data Protection Act (HDSIG).
Privacy Policy Part I
I. Name and address of the person responsible
The responsible person in terms of the basic data protection regulation and other national data protection laws of the member states and other data protection regulations is the:
Justus Liebig University of Giessen
Legally represented by its President
Prof. Dr. Joybrato Mukherjee
Ludwigstraße 23
35390 Gießen
Germany
Phone: 0641 99-0
Fax: 0641 99-12259
e-mail: praesident
admin.uni-giessen.de
website: http://www.uni-giessen.de
II. Name and address of the data protection officer
The data protection officer of the controller is:
Justus Liebig University of Giessen
The Data Protection Officer
Axel P. Globuschütz
Ludwigstraße 23
35390 Gießen
Deutschland
Phone: 0641 99-12230
Fax: 0641 99-12229
e-mail: datenschutzuni-giessen.de
website: http://www.uni-giessen.de/org/admin/dez/b/1/Datenschutz
III. General information on data processing
1. The scope of processing of personal data
As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our contents and services. The processing of personal data of our users is regularly only carried out with the consent of the user. An exception is made in cases where prior consent cannot be obtained for factual reasons and the processing of data is permitted by legal regulations.
2. Legal basis for the processing of personal data
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU Data Protection Regulation (DSGVO) serves as the legal basis.
When processing personal data which is necessary for the performance of a contract to which the data subject is a party, Article 6 (1) lit. b DSGVO serves as the legal basis. This also applies to processing operations necessary for the performance of pre-contractual measures.
Insofar as the processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis.
In the event that vital interests of the data subject or another natural person make it necessary to process personal data, Art. 6 Abs. 1 lit. d DSGVO serves as the legal basis.
If the processing is necessary to safeguard a legitimate interest of our company or of a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 Abs. 1 lit. f DSGVO serves as the legal basis for the processing.
3. Data deletion and storage period
The personal data of the person concerned will be deleted or blocked as soon as the purpose of the storage is no longer applicable. Furthermore, data may be stored if this has been provided for by the European or national legislator in Union regulations, laws or other regulations to which the person responsible is subject. Data is also blocked or deleted when a storage period prescribed by the aforementioned standards expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.
IV. Provision of the website and creation of log files
1. Description and scope of data processing
Whenever you visit our website, our system automatically collects data and information from the computer system of the calling computer.
The following data is collected:
- -IP address of the requesting computer
- Date and time of the request
- Access method/function desired by the requesting computer
- data transmitted by the requesting computer
- Access status of the web server (file transferred, file not found, command not executed, etc.)
- Name of the requested file
The data is also stored in the log files of our system. These data are not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Art. 6 Abs. 1 lit. f DSGVO.
3. Purpose of the data processing
The temporary storage of the IP address by the system is necessary to enable the website to be delivered to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.
The storage in log files is done to ensure the functionality of the website. In addition, the data is used to optimise the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes also include our legitimate interest in data processing in accordance with Art. 6 Abs. 1 lit. f DSGVO.
4. Duration of storage
The data will be deleted as soon as they are no longer necessary for the purpose of their collection. In the case of the collection of data for the provision of the website, this is the case when the respective session is ended.
In the case of data stored in log files, this is the case after two months at the latest.
5.Possibility of objection and removal
The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. There is therefore no possibility of objection on the part of the user.
V. Use of cookies
a) Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. If a user calls up a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string of characters that enables the browser to be uniquely identified when the website is called up again.
We use cookies to process user registration for protected areas of the website, to facilitate support in the event of errors and to make our website more user-friendly. Some elements of our website require the calling browser to be able to be identified even after a page change.
The following data is stored and transmitted in the cookies:
(1) Language settings
(2) Identification of the server that served the request
(3) Log-in information (persistent user authentication for login in protected areas)
We also use cookies on our website, which enable us to analyse the surfing behaviour of the users.
In this way the following data can be transmitted:
(1) Frequency of page views
The user data collected in this way is made anonymous by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data is not stored together with other personal data of the users.
b) Legal basis for data processing
The legal basis for the processing of personal data using cookies is Art. 6 Abs. 1 lit. f DSGVO.
The legal basis for the processing of personal data using cookies for analysis purposes is Art. 6 Abs. 1 lit. a DSGVO if the user has given his or her consent.
c) Purpose of data processing
The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these it is necessary that the browser is recognized even after a page change.
We require cookies for the following applications:
(1) Adoption of the selected language setting
(2) Identification of the server that served the request for the purpose of error analysis
(3) Persistent user authentication for access to protected areas
The user data collected through technically necessary cookies is not used to create user profiles.
The analysis cookies are used for the purpose of improving the quality of our website and its contents. Through the analysis cookies we learn how the website is used and can thus constantly optimise our offer.
These purposes also include our legitimate interest in processing personal data in accordance with Art. 6 Abs. 1 lit. f DSGVO.
d) Duration of storage, possibility of appeal and removal
Cookies are stored on the user's computer and transmitted by the user to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies already stored can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, it is possible that not all functions of the website can be used to their full extent.
VI. Contact form, e-mail contact and other forms
1. Description and scope of data processing
On our website there are contact forms in various areas, which can be used for electronic contact, registration for conferences, notification of disturbances, etc. If a user takes advantage of this possibility, the data entered in the input mask will be transmitted to us and stored. These data are among others:
First and last name
E-mail address
Subject
Message
Further context-dependent data
At the time the message is sent, the following data is also stored:
(1) Date and time of the sending of the message
(2) IP address of the calling computer
(3) URL of the registration form
(4) Data transmitted by the requesting computer (HTTP_USER_AGENT)
Alternatively, it is possible to contact us via the provided e-mail address. In this case the personal data of the user transmitted with the e-mail will be stored.
In this context, the data will not be passed on to third parties. The data will be used exclusively for processing the conversation.
2. Legal basis for the data processing
The legal basis for the processing of the data is Art. 6 Abs. 1 lit. a DSGVO if the user has given his consent.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f DSGVO. If the e-mail contact is aimed at the conclusion of a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b DSGVO.
3. Purpose of data processing
The processing of the personal data from the input mask serves us only for the processing of the establishment of contact and/or the purpose indicated in the form. In the case of contacting us by e-mail, this is also the necessary legitimate interest in the processing of the data.
The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.
4. Duration of storage
The data will be deleted as soon as they are no longer necessary for the purpose of their collection. For the personal data from the input mask of the contact form, other forms and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation ends when it can be concluded from the circumstances that the matter in question has been finally clarified.
5. Possibility of objection and removal
The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case the conversation cannot be continued.
All personal data stored in the course of the contact will be deleted in this case.
Privacy Policy Part II
VII. rights of the data subject
If personal data is processed by you, you are a data subject within the meaning of the DSGVO and you are entitled to the following rights in relation to the person responsible:
1. Right of information
You can request confirmation from the person responsible as to whether personal data concerning you is being processed by us.
If such processing has taken place, you can request information from the data controller on the following:
(1) the purposes for which the personal data are processed;
(3) the recipients or categories of recipients to whom the personal data concerning you have been or will be disclosed;
(4) the planned duration of storage of the personal data relating to you or, if it is not possible to give specific details, criteria for determining the duration of storage;
(5) the existence of a right of rectification or erasure of personal data concerning you, a right to have the processing limited by the controller or a right to have the processing limited by the controller;
(6) the existence of a right of access to the personal data concerning you;
(7) any available information as to the source of the data, where the personal data are not collected from the data subject;
(8) the existence of automated decision-making, including profiling, in accordance with Art. 22 para- 1 and 4 DSGVO and - at least in these cases - meaningful information on the logic involved and the scope and intended effects of such processing on the data subject.
You have the right to request information as to whether the personal data concerning you is transferred to a third country or to an international organisation. In this context, you may request to be informed of the appropriate safeguards pursuant to Art. 46 DSGVO in connection with the transfer.
This right of information may be limited to the extent that it is likely to make it impossible or seriously hinder the achievement of the research or statistical purposes and the limitation is necessary for the fulfilment of the research or statistical purposes.
2. Right of rectification
You have the right to obtain from the data controller the rectification and/or integration of any personal data processed concerning you if it is incorrect or incomplete. The data controller shall make the correction without delay.
Your right of rectification may be limited to the extent that it is likely to make it impossible or seriously hinder the achievement of the research or statistical purposes and the limitation is necessary for the achievement of the research or statistical purposes.
3. Right to limit processing
Under the following conditions, you may request that the processing of personal data concerning you be restricted:
(1) if you dispute the accuracy of the personal data concerning you for a period which enables the controller to verify the accuracy of the personal data;
(2) the processing is unlawful and you object to the deletion of the personal data and instead request the restriction of the use of the personal data;
(3) the controller no longer needs the personal data for the purposes of the processing, but you need them in order to assert, exercise or defend legal claims; or
(4) if you have lodged an objection to the processing pursuant Art. 21 para. 1 DSGVO and it is not yet clear whether the legitimate reasons of the controller outweigh your reasons.
If the processing of personal data relating to you has been restricted, such data - apart from being stored - may be processed only with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or on grounds of an important public interest of the Union or a Member State.
If the restriction on processing has been restricted in accordance with the above conditions, you will be informed by the controller before the restriction is lifted.
Your right to restrict processing may be limited in so far as it is likely to make it impossible or seriously prejudicial to the achievement of the research or statistical purposes and the restriction is necessary for the achievement of the research or statistical purposes.
4. Right of deletion
a) Duty to delete
You may request the controller to delete personal data concerning you without delay and the controller is obliged to delete such data without delay if one of the following reasons applies:
(1) the personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed
(2) you revoke your consent on which the processing was based pursuant to Art. 6 para. 1 lit. a or Art. 9 para. 2 lit. a DSGVO and there is no other legal basis for the processing.
(3) You submit an objection to the processing pursuant to Art. 21 para. 1 DSGVO and there are no overriding legitimate reasons for the processing, or you submit an objection to the processing pursuant to Art. 21 para. 2 DSGVO.
(4) The personal data concerning you have been processed unlawfully.
(5) The deletion of personal data concerning you is necessary to comply with a legal obligation under Union law or the law of the Member States to which the controller is subject.
(6) The personal data concerning you have been collected in relation to information society services offered, in accordance with Art. 8 para. 1 of the DSGVO.
b) Information to third parties
If the controller has made public the personal data concerning you and is obliged to delete them in accordance with. Art. 17 para. 1 DSGVO he shall take appropriate measures, including technical measures, taking into account the available technology and the implementation costs, to inform data controllers who process the personal data that you, as a data subject, have requested them to delete all links to these personal data or copies or replications of these personal data.
c) Exceptions
The right of cancellation does not exist insofar as the processing is necessary
(1 ) on the exercise of the right to freedom of expression and information;
(2) to comply with a legal obligation requiring processing under Union or national law to which the controller is subject or to perform a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3) for reasons of public interest in the field of public health pursuant to Art. 9 para. 2 lit. h and Art. 9 para. 3 DSGVO;
(4) for archival, scientific or historical research purposes in the public interest or for statistical purposes pursuant to Art. 89 para. 1 DSGVO, insofar as the right referred to in section a) is likely to render impossible or seriously prejudice the attainment of the objectives of such processing, or
(5) to assert, exercise or defend legal claims.
5. Right to information
If you have exercised the right to rectify, erase or limit the processing, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification, erasure or limitation of processing, unless this proves impossible or involves a disproportionate effort.
You have the right to be informed of these recipients by the controller.
6. Right to data transferability
You have the right to receive the personal data concerning you that you have provided to the data controller in a structured, common and machine-readable format. You also have the right to have this data communicated to another controller without interference from the controller to whom the personal data has been made available, provided that
(1) the processing is based on a consent pursuant to Art. 6 para. 1 lit. a DSGVO or Art. 9 para. 2 lit. a DSGVO or on a contract pursuant to Art. 6 para. 1 lit. b DSGVO and
(2) the processing is carried out by means of automated procedures.
In exercising this right, you also have the right to obtain that the personal data concerning you be transferred directly from one controller to another controller, in so far as this is technically feasible. The freedoms and rights of other persons must not be affected by this.
The right to data transferability shall not apply to processing of personal data which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
7. Right of objection
You have the right to object at any time, for reasons arising from your particular situation, to the processing of personal data concerning you which is carried out on the basis of Art. 6 para. 1 lit. e or f of the DSGVO; this also applies to profiling based on these provisions.
The controller no longer processes the personal data concerning you, unless he can demonstrate compelling reasons for processing which are worthy of protection and which outweigh your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.
You have the possibility to exercise your right of objection in relation to the use of Information Society services, without prejudice to Directive 2002/58/EC, by means of automated procedures involving technical specifications.
You also have the right to object, for reasons arising from your particular situation, to the processing of personal data concerning you for scientific or historical research purposes or for statistical purposes in accordance with. Art. 89, para. 1 of the DSGVO.
Your right of objection may be limited to the extent that it is likely to make the realisation of the research or statistical purposes impossible or seriously impair them and the limitation is necessary for the fulfilment of the research or statistical purposes.
8. Right to revoke the declaration of consent under data protection law
You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the legality of the processing that has taken place on the basis of your consent until revocation.
9. Right to complain to a supervisory authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the supervisory authority, in particular in the Member State in which you are resident, in your place of employment or in the place where the alleged infringement occurred, if you consider that the processing of personal data concerning you is in breach of the DSGVO.
Supervisory authority:
Hessian Commissioner for Data Protection and Freedom of Information
Prof. Dr. Michael Ronellenfitsch
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Phone: 0611 1408-0, Fax: 0611 1408-611
Internet: https://datenschutz.hessen.de
e-mail: poststelledatenschutz.hessen.de