Privacy Policy

General Information on Data Processing

1. Scope of Processing Personal Data

We process personal data of our users only to the extent necessary to fulfill our tasks, particularly to provide a functional website and our content and services. Processing of personal data of our users is regularly carried out only after the user’s consent. An exception applies in cases where obtaining prior consent is not possible for practical reasons and the processing of the data is permitted by statutory provisions.

2. Legal Basis for Processing Personal Data

If we obtain the consent of the data subject for processing operations of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis. In the processing of personal data necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations necessary for the performance of pre-contractual measures. If processing of personal data is necessary for compliance with a legal obligation to which the university is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR serves as the legal basis. If processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us, Art. 6 para. 1 lit. e GDPR in conjunction with §§ 4-9 DSAG LSA serves as the legal basis for the processing.

3. Data Deletion and Storage Duration

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may also occur if provided for by the European or national legislator in EU regulations, laws, or other provisions to which the controller is subject. Blocking or deletion of data also occurs when a storage period prescribed by the aforementioned standards expires unless there is a necessity for further storage of the data for the conclusion or performance of a contract.

Responsible Party and Data Protection Officer

1. Name and Address of the Responsible Party

The responsible party within the meaning of the General Data Protection Regulation and other national data protection laws is:
Hochschule Anhalt
Represented by the President
Bernburger Straße 55
06366 Köthen
Germany
Email: info(at)hs-anhalt.de

2. Name and Address of the Data Protection Officer

Hochschule Anhalt
Data Protection Officer
Bernburger Straße 55
06366 Köthen
Germany
Email: dsb(at)hs-anhalt.de

The Data Protection Officer is the contact person for all data subjects regarding issues with handling personal data. Any data subject can contact our Data Protection Officer directly at any time with all questions and suggestions on data protection.

Provision of the Website and Log Files

1. Description and Scope of Data Processing

Every time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.

The following data is collected:

  1. Information about the browser type and version used
  2. The user’s operating system
  3. The user’s Internet service provider
  4. The user’s IP address
  5. Date and time of access
  6. Websites from which the user’s system accesses our website
  7. Websites accessed by the user’s system via our website
  8. The access status/HTTP status code
  9. The amount of data transferred
  10. Other similar data and information used to avert danger to our IT systems

These data are also stored in our system’s log files. Storage of these data together with other personal data of the user does not take place.

Furthermore, the IP address is processed to reduce the number of login attempts. These data are stored exclusively locally on the server. The function is realized via the LimitLoginAttempts plugin.

2. Legal Basis for Data Processing

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. e GDPR in conjunction with §§ 4-9 DSAG LSA.

3. Purpose of Data Processing

Temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

Storage in log files is done to ensure the functionality of the website. Additionally, the data helps us optimize the website and ensure the security of our IT systems. Evaluation of the data for marketing purposes does not take place in this context.

4. Storage Duration

The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of data collection for providing the website, this is the case when the respective session ends.

In the case of storage of data in log files, this is after no more than seven days. Further storage is possible. In this case, the IP addresses of the users are deleted or anonymized so that an assignment of the accessing client is no longer possible.

5. Right to Object and Remove

The collection of data for the provision of the website and the storage of data in log files is essential for the operation of the website. Consequently, there is no possibility for the user to object.

Use of Functional and Statistical Cookies

1. Description and Scope of Data Processing

Our website uses cookies. Cookies are text files that are stored in the internet browser or by the internet browser on the user’s computer system. When a user accesses a website, a cookie can be stored on the user’s operating system. This cookie contains a characteristic string that allows the browser to be uniquely identified when the website is accessed again.

We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change.

In the cookies, the following data may be stored and transmitted:

  1. Settings for cookies
  2. Data for statistical purposes

When accessing our website, users are informed about the use of cookies for statistical purposes and referred to this privacy policy. These cookies are only set after the user’s consent. This is realized via the Complianz plugin.

Statistical cookies are set by the Burst Statistics plugin. Burst Statistics is a privacy-friendly tool for analyzing visitor behavior. For this function, user data is collected anonymously and evaluated locally on the server.

2. Legal Basis for Data Processing

The processing of personal data is carried out, unless otherwise stated, within the scope of our public tasks (Art. 6 para. 1 lit. e GDPR in conjunction with §§ 4-9 DSAG LSA) to effectively inform and interact with users.

The legal basis for the processing of data is, in the presence of user consent, Art. 6 para. 1 lit. a GDPR.

3. Purpose of Data Processing

The purpose of using technically necessary cookies is to simplify the use of websites for users. Some functions of our website cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change.

The user data collected through technically necessary cookies are not used to create user profiles.

The use of statistical cookies is to improve the quality of our website and its contents. Through the statistical cookies, we learn how the website is used and can thus continuously optimize our offer.

Storage Duration, Right to Object and Remove

Cookies are stored on the user’s computer and transmitted to our site. Therefore, you as a user have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may not be possible to use all functions of the website to their full extent.

After entering the website, the user is asked whether statistical cookies may be stored. Only after the user’s consent are these cookies stored. This way, another cookie is set on your system that signals our system which settings have been made. The settings can be viewed and changed at any time via the navigation point “Cookie Settings”.

The data will be deleted as soon as they are no longer required for our recording purposes. For statistical cookies, this is the case after no more than 24 months.

Contact Form and Email Contact

1. Description and Scope of Data Processing

Our website contains a contact form that can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us.

This data may be collected, for example:

  1. First and last name
  2. Email address
  3. Message

Storage of the contact on the server does not occur.

For processing the data, reference is made to this privacy policy during the sending process.

Alternatively, contact can be made via the provided email address. In this case, the user’s personal data transmitted with the email will be stored.

The data will not be passed on to third parties in this context. The data will be used exclusively for processing the conversation.

2. Legal Basis for Data Processing

The legal basis for the processing of data is Art. 6 para. 1 lit. e GDPR in conjunction with §§ 4-9 DSAG LSA. If the email contact aims at the conclusion of a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR.

3. Purpose of Data Processing

The processing of personal data from the input mask serves us solely for processing the contact. In the case of contact by email, this also constitutes the necessary legitimate interest in processing the data.

4. Storage Duration

The data will be deleted as soon as they are no longer necessary to achieve the purpose of their collection. For personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user has ended. The conversation ends when it can be inferred from the circumstances that the relevant facts have been conclusively clarified.

5. Right to Object and Remove

The user can withdraw their consent to the storage of their personal data at any time by contacting us via email at betroffenenrechte(at)hs-anhalt.de. In this case, the conversation cannot be continued.

All personal data stored in the course of contacting will be deleted in this case.

Rights of the Data Subject

If personal data of you are processed, you are a data subject within the meaning of the GDPR and you have the following rights against the controller:

  • Right to Information according to Art. 15 GDPR: You have the right to request information on whether personal data concerning you is being processed.
  • Right to Rectification according to Art. 16 GDPR: You have the right to request the rectification or completion of inaccurate or incomplete personal data concerning you.
  • Right to Erasure according to Art. 17 GDPR: You have the right to demand the immediate deletion of personal data concerning you, among other things, if the data is no longer necessary for the purpose or the processing is unlawful.
  • Right to Object according to Art. 21 GDPR: You have the right to object at any time to the processing of personal data concerning you for reasons arising from your particular situation.
  • Right to Lodge a Complaint according to Art. 77 GDPR: You have the right to lodge a complaint with the State Commissioner for Data Protection of Saxony-Anhalt if you believe that the processing of personal data concerning you violates the GDPR.

To exercise your rights under Art. 15 – 21 GDPR, please contact betroffenenrechte(at)hs-anhalt.de or the postal address provided above.

Scroll to Top