Contact details of the responsible body
Responsible within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the EU member states as well as other data protection regulations for the online offer “Blog” is:
Universität Hamburg
Mittelweg 177 – 20148 Hamburg – Germany
Tel.: +49 40 42838-0 – Fax: +49 40 42838-9586
Contact details of the data protection officer of Universität Hamburg
Mittelweg 177 – 20148 Hamburg
E-mail: datenschutz(at)uni-hamburg.de
Objective and basic information on data processing
This privacy policy explains the nature, scope and purpose of the processing of personal data within our online offering and the websites, functions and content associated with it. The privacy policy applies regardless of the domains, systems, platforms and devices (e.g. desktop or mobile) on which the online offer is executed.
We process personal data of our users only in compliance with the relevant data protection provisions in accordance with the principles of data economy and data avoidance. It follows that the processing of personal data of our users regularly takes place only after the consent of the user. An exception applies in those cases in which the processing of the data is permitted by legal regulations.
We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of data protection laws are complied with and thus to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons.
If content, tools or other means of third-party providers (e.g. YouTube videos) are used within the scope of our online offer and their named registered office is abroad, it is to be assumed that a data transfer to the registered office states of the third-party providers takes place.
Definitions
For the purposes of this Privacy Policy, the term:
“User” means all customers and visitors to our Website, which term shall be understood to be gender-neutral;
- “Website or Online Offer” means, on an overarching basis, the content and functions contained on our Website and connected to the Website;
- “Third-party providers” other providers that are different from us, whose content, tools or other means we use as part of our online offering and whose named registered office may be abroad. For example, video platforms such as YouTube are to be mentioned here.
Data processing
1. Provision of the blog and creation of logfiles
With every call and every use of this blog, data and information are collected. This data and information is stored in log files of the server.
Captured:
- IP address
- Information about the browser type and version used
- Date and time of access
- Internet service provider of the user
- Operating system of the user
- Websites from which the user’s system accesses our website
- Web pages that are called up by the user’s system via our website
The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f DSGVO.
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
Log files are stored to ensure the functionality of the website, to optimize the content of the website and to ensure the security of our information technology systems.
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
In the case of storage of data in log files, this is the case after 28 days at the latest. If the data is stored beyond this period, the IP addresses of the users are deleted or alienated so that it is no longer possible to assign the calling client.
The personal data will also be processed for the following purposes if there is a legal basis for doing so:
- the provision, execution, maintenance, optimization and safeguarding of our services, services and user services;
- ensuring effective customer service and technical support.
2. Use of cookies
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer. When a user accesses a website, a cookie may be stored on the user’s operating system. This cookie contains a characteristic string of characters that allows the browser to be uniquely identified when the website is accessed again. Most of the cookies we use are so-called “session cookies”. They are automatically deleted after the end of your visit. Other cookies remain stored on your terminal device until you delete them. These cookies allow us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser. When deactivating cookies, the functionality of this website may be limited.
The legal basis for the processing of personal data using cookies is Art. 6 (1) lit. f DSGVO.
The purpose of using technically necessary cookies is to simplify the use of websites for users.
3. SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator, this site uses SSL or TLS encryption.
You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
4. Contact form and e-mail contact
As part of our blog, contact forms are provided that can be used for simplified electronic communication. In the process, the data entered in the input mask is transmitted. For the processing of the data, the consent of the user is obtained during the submission process and reference is made to this privacy policy.
Alternatively, it is possible to contact us via the e-mail addresses provided. In this case, the personal data of the user transmitted with the e-mail will be stored in the inbox. The data will not be passed on to third parties.
The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO if the user has given his consent.
The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) lit. f DSGVO.
The data will be used exclusively for processing the request. The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective request of the user has ended.
Web analytics
This blog of the University of Hamburg uses Matomo, an open source software for the analysis and statistical evaluation of visitor access. Matomo uses “cookies”, which are text files placed on the users’ computers, to help the website analyze how users use the site. The information generated by the cookie about the use of this website is stored on a server of the University of Hamburg in Germany. The IP address is anonymized before it is stored.
The information is used to evaluate the use of the website and to enable us to design our blog in line with requirements.
The legal basis for the processing of the data is Art. 6 para. 1 lit. f DSGVO.
It is also possible to prevent the installation of cookies by setting the browser software accordingly; however, we would like to point out that in this case it may not be possible to use all functions of this website to their full extent.
Disclosure of data to third parties
1. Online tools
Google Web Fonts
This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. A connection to Google servers does not take place.
H5P
We use the plugin “H5P” to deliver teaching/learning content. Provider is the company Joubel, Flow Coworking, Storgata 5, 9008 Tromsø, Norway.
H5P processes and stores anonymized reporting data from your interactions with H5P elements via an xAPI interface. This data is used to receive feedback on the design of the offered interaction options. The feedback received is used by H5P to improve the usability of H5P’s offering.
For details, refer to the appropriate documentation from H5P, available at the following link: https://h5p.org/tracking-the-usage-of-h5p.
The use of H5P is in the interest of an appealing presentation of our online offers and the provision of interactive teaching/learning content under the aspects of open education, open access and open source. This constitutes a legitimate interest within the meaning of Art. 6 Para. 1 lit. f DSGVO.
When you use H5P interactive content that includes a video hosted on YouTube, YouTube sets cookies on your computer. YouTube uses these cookies to help YouTube and its partners analyze traffic coming in and out of their websites. For more information, see Google’s privacy policy (https://policies.google.com/privacy).
For the purpose of providing interactive H5P content based on YouTube videos, the use of YouTube constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO, as we would otherwise not be able to provide this interactive content.
When you use H5P interactive content that includes a Twitter feed, Twitter sets a cookie on your computer. Twitter uses these cookies to help Twitter and its partners make advertising more relevant to you. Please see Twitter’s privacy policy for more information (https://twitter.com/de/privacy).
For the purpose of providing interactive H5P content based on Twitter feeds, the use of Twitter constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO, as we would otherwise not be able to provide this interactive content.
When you use H5P interactive content that includes speech recognition, Google Cloud processes your voice for conversion to text. For more information, see Google’s privacy policy (https://policies.google.com/privacy).
For the purpose of providing interactive H5P content based on a voice recognition function, the use of Google Cloud constitutes a legitimate interest within the meaning of Art. 6 (1) lit. f DSGVO, as we would otherwise not be able to provide this interactive content.
Your rights
You have the following rights:
- the right to information regarding personal data pertaining to you that is stored by us (Article 15 GDPR)
- the right to correction of any incorrect or incomplete personal information (Article 16 GDPR)
- the “right to be forgotten”: erasure of stored personal data insofar as the relevant data are not necessary for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or the purposes of establishing, exercising, or defending a legal claim (Article 17 GDPR)
- the right to limited processing of personal data (Article 18 GDPR)
- the right to object to the processing of your data conducted in our legitimate interest, public interest, or for profiling purposes unless we can demonstrate compelling grounds for processing said data that outweighs your interests, rights, and freedoms or where the processing of said data is required for the establishment, exercise, or defense of a legal claim (Article 21, GDPR);
- the right to withdraw your consent to the collection, processing, and use of your personal data at any time with future effect (Article 7 paragraph 3 GDPR)—this means that the data processing related to that consent will no longer be carried out;
- the right to lodge a complaint with a supervisory authority where you believe the processing of personal data related to you is in breach of the GDPR (Article 77 GDPR)
PROTECTION TOOL SHARIFF
So-called “social plug-ins” are used on our websites. Currently these are especially
buttons of the services Facebook and Twitter. Via these plugins, data, including personal data, can be sent to the respective service providers (also outside Germany or Europe) and used by them if necessary. Facing Finance e.V. does not itself collect any personal data using the social plugins (described in more detail below) or about their use. In order to prevent data being transferred to service providers without the user’s knowledge, Facing Finance e.V. uses the so-called Shariff solution. This solution ensures that no personal data is initially passed on to the providers of the individual social plug-ins when you visit our websites. Only when you click on one of the buttons of the social plugins can data be transferred to the service provider and saved there.
More information about the Shariff solution can be found
at http://www.heise.de/ct/artikel/Shariff-Social-Media-Buttons-mit-Datenschutz-2467514.html (in German)
FACEBOOK BUTTONS
This site uses social plugins (buttons) of the social network facebook.com, which is operated by Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA
(“Facebook”). The plugins can be identified by one of the Facebook logos (e.g. white or blue “f” or a “thumbs up” sign) or are marked with the addition “Facebook Social Plugin” or “share on Facebook”.
When a user clicks such a button on a website of Facing Finance (this website), his
browser establishes a direct connection to Facebook’s servers. The content of the
plugin is then transmitted directly from Facebook to your browser and integrated
into the website. Facing Finance e.V. therefore has no influence on the amount of
data Facebook collects with the help of this plugin and therefore directs users to the following knowledge:
By clicking on the button, Facebook receives information that a user has called up
the corresponding page of the offer. If the user is logged in to Facebook, Facebook
can assign the visit to his Facebook account. When users interact with the plugins,
for example by pressing the Like button or making a comment, the corresponding
information is transmitted directly from your browser to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to obtain and store their IP address. According to Facebook, only an anonymized IP address is stored in Germany.
The purpose and scope of the data collection and the further processing and use of
the data by Facebook, as well as the relevant rights and setting options for the
protection of users’ privacy, can be found in Facebook’s data protection
information: https://www.facebook.com/about/privacy/.
If a user is a Facebook member and does not want Facebook to use this offer to
collect data about him or her and link it to his or her membership data stored on
Facebook, he or she must log out of Facebook before visiting the website.
TWITTER BUTTONS
This offer uses the buttons of the social network Twitter, which is offered by Twitter Inc, 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. They are
recognizable by terms such as “Twitter” or “sequence”, combined with a stylized
white or blue bird. With the help of the buttons it is possible to share a contribution or page of this website on Twitter or to follow Facing Finance e.V. or our campaign account on Twitter.
When a user clicks such a button on this website, his browser establishes a direct
connection to the Twitter servers. The content of the Twitter button is then
transmitted directly from Twitter to the user’s browser. Facing Finance e.V. therefore has no influence on the amount of data Twitter collects with the help of this plugin and informs users according to their level of knowledge. After this only the IP address of the user the URL of the respective web page is transmitted with the purchase of the Buttons, but not for other purposes, than the representation of the Buttons, used.
Withdrawal of consent / objection to processing
Please send your withdrawal to:
Prof. Dr. Vera E. Troeger – jop-media@uni-hamburg.de
Rights as a data subject
You may exercise your rights as a data subject, such as obtaining information on data being stored, by contacting datenschutz@uni-hamburg.de