PRIVACY POLICY

Version 3.0 from July 01, 2023

This privacy policy describes the processing of personal data when using the central website of the Digital University NRW, connected to Paderborn University. Where personal data is collected in addition to accessing websites and navigating and searching the websites, information on the processing of this data is provided directly on the relevant forms or web services.

With this data protection declaration, the Digital University NRW, affiliated with Paderborn University, fulfills its duty to provide information in accordance with Article 13 of the EU General Data Protection Regulation (EU GDPR). With regard to the terms used in the following, e.g. "personal data", "processing", "controller", etc., reference is made to the definitions in Article 4 of the EU GDPR.

CONTENT

Information on the processed personal data
Legal basis
Data transfers
Contact details
Your rights as affected person
Validity of this privacy policy

INFORMATION ON THE PROCESSED PERSONAL DATA

Storage of browser data

When you access a website, your browser always transmits data from your accessing device to the web server, e.g. the IP address to which the website is to be returned.

The following data is stored in secure log files by the Digital University NRW, connected to the University of Paderborn, for the purpose of identifying and tracking unauthorized access attempts and access to the website:

Website/address accessed
Date and time of access
IP address of the user
HTTP status code
Amount of data retrieved
Browser type and version / operating system used by the user

The data is not compared with other databases or passed on to third parties. The data is stored for a maximum period of 7 days and then deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified.

Forms and web-based services

The website of the Digital University NRW, linked to Paderborn University, contains forms and services in which data can be entered. For example, information can be requested via web forms or newsletters can be subscribed to by entering e-mail addresses.

The use of these additional options and the associated input of personal data is exclusively on a voluntary basis. Which data is collected and processed in detail is indicated on the corresponding forms or web services.

The data is processed for the purpose stated there. If data is passed on to third parties, this only takes place on the basis of legal permission or is explicitly legitimized by informed consent.

Cookies

Cookies are files that can be stored by the provider of a website in the directory of the browser program on the user's computer. These files contain text information and can be read again by the provider when the page is called up again. The provider can use these cookies, for example, to always deliver pages in the language selected by the user.

Cookies can be given an expiry time. For example, cookies that are only used in one session or whose expiry time has expired are automatically deleted when the browser is closed. You can deactivate the storage of cookies in the browser settings, but the functions controlled by the cookies can then no longer be used. You can view the cookies stored in your browser and delete individual cookies at any time.

The website of the Digital University NRW, linked to Paderborn University, uses cookies for the following purposes:

Recognition of a user during a session in order to be able to assign language selection and other personal settings, e.g. with the session cookie "fe_typo_user".
In addition, individual web applications linked via the websites (search in the University Library catalog, forums, blogs, etc.) may set further cookies. These are described in the data protection declarations associated with the respective services.

Searching with Google Search Engine

The search on the website of the Digital University NRW, linked to Paderborn University, is carried out using the Google Custom Search Engine service.

The search is not an offer within the area of responsibility of the Digital University NRW, connected to Paderborn University. No data is transmitted to Google when websites of the Digital University NRW, affiliated with Paderborn University, are accessed.

Only when searching, i.e. after confirming a search query (in the input field labeled "Search (Google)"), is the input sent to the US company Google Inc. by clicking on the magnifying glass symbol or by pressing the return key. The search terms, your IP address and browser information are transmitted. A cookie is set when you access the Google page.

Further information can be found in Google's privacy policy.

Social Plugins

The University's website does not use any direct integration of social plugins (e.g. Like buttons) of social networks, e.g. Facebook or Twitter. This means that no data is transmitted to external social networks when you visit the website.

Only when you click on icons/symbols/links of social networks on the university's websites and access the linked pages do you leave the websites that are the responsibility of Paderborn University, and external websites are accessed in accordance with the conditions of the respective provider/social network.

LEGAL BASIS

The Digital University NRW, connected to Paderborn University, collects and processes the above-mentioned data required for technical operation, log files to ensure the technical security of the systems and the data in the context of web analysis to safeguard the legitimate interests of the university in accordance with Art. 6 para. 1 lit. f. EU-GDPR. EU GDPR. The data is required for the delivery of websites, for the secure operation of the web servers and to improve the website and is only used for the purposes stated in each case.

The collection of further data in forms and web-based services is based on the consent of the data subjects in accordance with Art. 6 para. 1 lit. a. EU GDPR or is necessary for the fulfillment of tasks of the university pursuant to Art. 6 para. 1 lit. e. EU GDPR in conjunction with the Higher Education Act of the State of North Rhine-Westphalia (HG NRW) and, if applicable, other legal bases. Information on which legal bases apply in each case is provided directly on the corresponding forms or web services.

DATA TRANSFER

As a matter of principle, we do not transfer personal data that is processed in the context of using the Digital University NRW website, which is connected to Paderborn University, to third parties. In individual cases, this may take place on the basis of legal permission, for example transmission to law enforcement authorities for the investigation of criminal offenses within the framework of the provisions of the Code of Criminal Procedure (StPO) or for the purpose of asserting claims for damages in the event of copyright infringements. If technical service providers are given access to personal data, this is done on the basis of a contract in accordance with Art. 28 GDPR.

In principle, no personal data is transferred to countries outside the European Economic Area and associated countries (no "third country transfer"). If this should be necessary, we will inform you separately.

CONTACT DETAILS

The Digital University NRW, affiliated with the University of Paderborn, is responsible for the website. Paderborn University is a public corporation with legal capacity supported by the state of NRW. It is represented by the President.

Contact details of the person responsible

Paderborn University

Warburger Str. 100

33098 Paderborn

Phone: +49 5251 60-2560

E-mail: praesidentin@upb.de

Contact details of the data protection officer

You can contact the data protection officer of Paderborn University by post at the address of the controller given above or as follows:

Postal address:

Data Protection Officer of Paderborn University

33098 Paderborn

House address:

Warburger Str. 100

33098 Paderborn

Phone: +49 5251 60-4444

E-mail: datenschutz@uni-paderborn.de

YOUR RIGHTS AS AN AFFECTED PERSON

As a data subject, you can assert the rights granted to you by the EU GDPR at any time, insofar as these apply to the processing:

the right to information as to whether and which of your data is being processed (Art. 15 GDPR);
the right to request the rectification or completion of data concerning you (Art. 16 GDPR)
the right to erasure of the data concerning you in accordance with Art. 17 GDPR
the right to request the restriction of the processing of data in accordance with Art. 18 GDPR
the right to object to the future processing of data concerning you in accordance with Art. 21 GDPR.

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, the user has no option to object. Although IP addresses are considered personal data, they are not assigned to any individual by the university, so they cannot be assigned to users who request information and therefore cannot be used to obtain information.

In addition to the aforementioned rights, you have the right to lodge a complaint with the data protection supervisory authority (Art. 77 GDPR), for example with the university's responsible

State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia

Kavalleriestr. 2-4

40213 Düsseldorf

Telephone: 0211/38424-0

E-mail: poststelle(at)ldi.nrw

VALIDITY OF THIS PRIVACY STATEMENT

We reserve the right to amend this privacy policy in order to adapt it to changes in relevant laws or regulations or to better meet your needs. Therefore, please note the current version number of the privacy policy.