Privacy Policy

THIS TRANSLATION IS FOR INFORMATION ONLY – ONLY THE GERMAN VERSION SHALL BE LEGALLY VALID AND ENFORCEABLE!

As an app provider, Universität Hamburg takes data protection very seriously. All personal data are held in the strictest confidence according to legal requirements, as described in this privacy statement.

A. Contact details for the Controller

Pursuant to the General Data Protection Regulation (GDPR), national data protection laws of the various member states, and other privacy regulations, the responsible entity (“Controller”) is:

Universität Hamburg
Mittelweg 177
20148 Hamburg

Tel: +49 40 42838-0
Website: www.uni-hamburg.de

B. Universität Hamburg Data Protection Officer contact details:

Der Datenschutzbeauftragte der Universität Hamburg
Mittelweg 177
20148 Hamburg

Tel.: +49 40 42838-2957
datenschutz@uni-hamburg.de

C. Data processing

(1) Contact form and email contact

1. Description, scope, and purpose of data processing

When you use our electronic contact form, we use the following data to contact you:

  • email
  • last name
  • any text you enter into the comment field
Your consent is required for the processing of this data, and you will be asked to grant your consent when you send the form.

At the time the message is submitted, the following data are also saved to prevent abuse of this contact form and safeguard our IT system:

  • IP address of the device being used
  • date and time the form was sent

2. Period of storage

The personal data processed for the purposes of processing the contact form will be deleted when it becomes apparent that the relevant issue has been resolved in full.

Any additional data collected during the process of sending (IP address of the device being used, as well as the date and time the form was sent) will be deleted after 21 days at the latest.

(2) Accessing the app and creation of log files

1. Description and scope of the data processing

Data and information are collected every time this app is accessed or used. These data and information are stored in log files on the server and can include:

  • IP address
  • browser type / browser version
  • date and time the website was accessed
  • user’s Internet provider
  • user’s operating system
  • referring websites
  • websites accessed by the user’s system through our website

2. Purpose of data processing

The IP address is temporarily stored in the system as it is necessary to provide access to the web app for the user’s device. The IP address of the device being used is retained while that website is being accessed. 

Data collected to provide access to the app will be deleted at the end of every session. 

3. Period of storage

Data collected to provide access to the app will be deleted at the end of every session.

Data stored as logfiles will be deleted after 21 days at the latest. If preserved for a longer time, user IP addresses are deleted or anonymized, rendering it impossible to link the data to any individual.  

(3) Cookies

1. Description and scope of the data processing

Our app uses cookies. Cookies are small data files, created and stored by the Internet browser on the end device. Accessing a website may result in a cookie being saved on the operating system of the end device. This cookie contains a specific string of characters that allows the browser to be clearly recognized every time the website is accessed.

We use session cookies for the functionality of our app only. Session cookies are stored on your end device for the duration of a session, and automatically deleted after you have left the website.

2. Purpose of data processing

The purpose of these technical cookies is to simplify website use. 

3. Period of storage

Cookies are stored on the user’s computer and transferred to us. That is why you, as the user, have full control over cookie implementation. You can deactivate or restrict cookies by changing your browser settings. You can erase stored cookies at any time. This process may also be automated. However, disabling cookies for our website may result in some functions not working correctly.

(4) Newsletter

1. Description and scope of the data processing

You can register for our free newsletter on our website. Registering for the newsletter will result in the data you enter, and the email address you provide, being sent to us.

Your consent is required for the processing of this data, and you will be asked to grant your consent when you register.

In addition, we collect the following data on registration:

  • IP address of the computer being used
  • date and time of registration

2. Purpose of data processing

Your email address is required to send the newsletter to you.

The collection of any other personal data as part of the registration process occurs only to prevent abuse of our services or of the email address used. 

3. Period of storage

Additional personal data collected during the process of registering for the newsletter (IP address of the device being used, as well as the date and time the form was sent) will be deleted after 21 days at the latest.

(5) Registration and use of a personal profile

1. Description and scope of the data processing

Our website allows users to register by submitting certain personal data. The data are entered into a form, transferred to us, and saved. We process the following data:

  • last name
  • first name
  • email
  • uni username (B-Kennung) where available

Some events have a maximum number of attendees. The data required to register for such an event will be requested during the booking, and each user can voluntarily save this data in their personal profile so that they do not have to enter it again.

Other data are also processed as part of the registration process. These data are reviewed for statistical purposes only.

You, as the user, will be asked to grant consent for the processing of these data as part of the registration process.

At the time of registration, the following data are also saved:

  • IP address of the device being used
  • date and time of registration

2. Purpose of data processing

The user must register an account to access certain content and services on our app:

  • book events
  • create favorites list of events
  • communicate with event hosts
  • save personal details for events with a maximum number of attendees
  • save statistical data

The collection of any other personal data as part of the registration process occurs only to prevent abuse of our services or of the email address used.

3. Period of storage

The data collected during the registration process will be deleted once the registration to our website is canceled or modified, or becomes inactive. Registration is deemed inactive if there has been no activity for a period of 1 year. Users will receive an email notification, and then have 4 weeks to log in to reactivate their profile. After this time, the profile and all its data will be deleted automatically.

D. Legal basis

These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 letter a GDPR. 

E. Data recipient

User data required for participation will be sent to the organizer when you register for an event. The data will not be shared with any other parties.

F. Links to websites

The UHH Join App is a progressive web app embedded in Universität Hamburg’s UHH mobile app, and is available as a native iOS app and as a web app. In some places, UHH mobile links to Universität Hamburg websites, as well as to other external websites that will be opened in an in-app browser. Separate privacy policies apply to the Universität Hamburg website and the UHH mobile app:

The providers of external websites are solely responsible for their content. 

G. Rights of the data subject

If your personal data are processed, you are a data subject pursuant to the GDPR, and as such, have the following rights:

  • a right to information regarding your personal data, to correction or deletion, or to restrict processing, or object to the processing, and a right to data portability and
  • a right to withdraw your consent at any time where the processing is based on Article 6 paragraph 1 letter a GDPR Article 9 paragraph 2 letter a GDPR. Withdrawal of consent does not affect the legality of any prior processing.

These rights can be exercised by contacting the following officers responsible:

Giselind Werner
Universität Hamburg
Abteilung 2
Mittelweg 177
20148 Hamburg
Tel.: +49 40 42838-2571
online-redaktion@uni-hamburg.de

Alexandra Hach
Universität Hamburg
Universitätskolleg
Schlüterstr. 51
20146 Hamburg
Tel.: +49 40 42838-9585
alexandra.hach@uni-hamburg.de

Newsletter subscriptions may be canceled using the link provided in the newsletter; doing so will also withdraw your consent to the storage of the data provided to use on registration.

You also have the right to lodge a complaint to: 

Hamburgische Beauftragte für Datenschutz und Informationsfreiheit

Ludwig-Erhard-Str 22, 7. OG
20459 Hamburg

Tel.: +49 40 42854-4040
Fax: +49 40 42854-4000
mailbox@datenschutz.hamburg.de