Privacy Policy

Privacy statement

Thank you for visiting our website www.dfh-ufa.org and for your interest in our organisation. We take the protection of your personal data very seriously. Personal data refers to information about personal or material circumstances relating to an identified or identifiable natural person (‘data subject’). Such information includes, for instance, the real name, address, telephone number and date of birth, together with all other information that can be related to an identifiable person.
As personal data is subject to special legal protection, we only collect such data to the extent necessary to provide a functioning website, to deliver website content and to offer services. In this privacy statement, we set out what personal information we collect during your visit to our website and how we use it.
Our data protection practices are consistent with the statutory regulations, in particular those of the German Federal Data Protection Act (BDSG), the German Telemedia Act (TMG) and the General Data Protection Regulation of the EU (GDPR). We will only collect, process and store your personal data to the extent necessary to ensure the functionality of our website, our content and our services and to process enquiries and, where appropriate, process orders/contracts, provided that there is in each case a legitimate interest to do so within the meaning of Art. 6 (1) sentence 1 point (f) GDPR or any other legal basis. Only if you have specifically given your consent beforehand will your data be used for further purposes as precisely defined in your consent, e.g. for sending you promotional information via newsletters.

  1. Controller within the meaning of Art 4. no. 7 GDPR

Controller within the meaning of the GDPR and other national data protection legislation of the Member States, together with other data protection provisions is:

Franco-German University
Kohlweg 7 / Villa Europa
66123 Saarbrücken, Germany
email: info@dfh-ufa.org
Phone: +49 681 93812 – 100
Fax: +49 681 93812 – 111

  1. Name and address of the data protection coordinator and the data protection officer

In matters relating to data protection, please send us an email: datenschutz@dfh-ufa.org.

Data protection officer is Rechtsanwalt Gregor THEADO, BTK Rechtsanwälte, Schützenstraße 3 – 5, 66123 Saarbrücken, Germany. Phone: +49 681 93882601

  1. Provision of the website and creation of log files

Each time our website is visited, our system automatically records data and information from the computer used to access the site. The following data is collected:

Scope of data processing

(1) Information about the browser type and the version used
(2) The operating system running on the accessing device
(3) The IP address of the accessing device
(4) The date and time the site is accessed
(5) Websites and resources (images, files, other page content) that have been accessed on our website
(6) Websites from which the user’s system accessed our website (referrer tracking)

This data is stored in the log files of our system. This data is not stored together with the personal data of a specific user, which means that an individual visitor to the site cannot be identified.

Legal basis relating to the processing of personal data

Art. 6 (1) point (f) GDPR (legitimate interest). Our legitimate interest lies in ensuring that the purpose outlined below is achieved.

Purpose of data processing

Personal data is processed and stored for the purpose of ensuring the compatibility of our website for the largest possible number of users, for combating misuse and for troubleshooting. For this purpose, it is necessary to log the technical data of the accessing device in order to be able to react as swiftly as possible to display errors, attacks on our IT systems and/or functional errors on our website. Furthermore, the data also helps us to optimise the website and generally ensure the security of our information processing systems.

Duration of data storage

The aforementioned technical data is deleted as soon as it is no longer required to guarantee the compatibility of the website for all visitors; however, no later than 3 months after our site was accessed.

Objection and removal option

In accordance with the general rules on the right to object and the right to erasure (‘right to be forgotten’) under data-protection law, you may object to the processing and request erasure of your personal data. You can read about your rights and how to exercise them below in the privacy statement.

  1. Specific functions of our website

Our website offers you various functions which, when used, cause your personal data to be collected, processed and stored by us. Below, we explain what happens to your data:

Subscribing to the newsletter when registering online:
Scope of processing of personal data

The data you enter when registering for our newsletter.

Legal basis relating to the processing of personal data

Art. 6 (1) point (a) GDPR (consent by a clear affirmative action or behaviour)

Purpose of data processing

We will only use the data you enter into the login screen of our newsletter for the purpose of sending you our newsletter, in which we provide you with information about our services and news. Following registration we will send you a confirmation email that contains a link that you must click on in order to complete your registration to receive our newsletter (double opt-in).

Duration of data storage

You can unsubscribe from our newsletter at any time by clicking on the unsubscribe link that appears in every newsletter. Following unsubscription we will delete your data without delay. We will also immediately delete your data in the event of an uncompleted registration. We reserve the right to delete data without giving reasons and without informing you in advance or subsequent to deletion.

Objection and removal option

In accordance with the general rules on the right to object and the right to erasure (‘right to be forgotten’) under data-protection law, you may object to the processing and request erasure of your personal data. You can read about your rights and how to exercise them below in this privacy statement.

Login area

Scope of processing of personal data

The registration and login data that you enter on our website.

Legal basis relating to the processing of personal data

Art. 6 (1) point (a) GDPR (consent by a clear affirmative action or behaviour)

Purpose of data processing

On our website, you have the possibility to use a separate login area. If you have forgotten your password or user name for this area, we can send you your login data again after you have provided us with your contact details (email address). The usage data disclosed while using the login area will only be collected, stored and processed by us for the purpose of combating misuse and for troubleshooting and/or to maintain functionality. It will not be used for other purposes, or disclosed to third parties.

Duration of data storage

The data collected within the scope of the function “forgotten user name and/or password” will only be used to resend forgotten login data.

Objection and removal option

In accordance with the general rules on the right to object and the right to erasure (‘right to be forgotten’) under data-protection law, you may object to the processing and request erasure of your personal data. You can read about your rights and how to exercise them below in this privacy statement.

Contact form(s)

Scope of processing of personal data

The data you enter into our contact forms.

Legal basis relating to the processing of personal data

Art. 6 (1) point (a) GDPR (consent by a clear affirmative action or behaviour)

Purpose of data processing

Data collected via our contact form(s) is only used to process the specific contact request submitted using the contract form.

Duration of data storage

Once your enquiry has been processed, the collected data will immediately be deleted, provided that there is no statutory retention period.

Objection and removal option

In accordance with the general rules on the right to object and the right to erasure (‘right to be forgotten’) under data-protection law, you may object to the processing and request erasure of your personal data. You can read about your rights and how to exercise them below in this privacy statement.

 

  1. Integration of external web services and processing of data outside the EU

On our website we use active JavaScript content from external providers, otherwise known as web services. When you access our website, these external providers may receive personal information about your visit to our website. This means that data may be processed outside the EU. You can prevent this by installing a JavaScript Blocker such as the ‘NoScript’ browser plugin (www.noscript.net) or by deactivating JavaScript in your browser. However, this may lead to limitations in the functionality of the websites that you visit.
We use the following external web services:

Calameo.com

A web service provided by the company CALAMEO SAS, Rue de Ponthieu 25, 75008 Paris, France (hereinafter: Calameo.com) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Calameo.com. The legal basis relating to data processing is Art. 6 (1) point (f) GDPR. The legitimate interest consists in the error-free functionality of the website. The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the privacy statement of Calameo.com: https://de.calameo.com/terms. You can prevent the collection and processing of your data by Calameo.com by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).

Doubleclick

A web service provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View (hereinafter: Doubleclick) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Doubleclick. The legal basis relating to data processing is Art. 6 (1) point (f) GDPR. The legitimate interest consists in the error-free functionality of the website. Doubleclick has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the privacy statement of Doubleclick: https://www.google.com/intl/de/policies/privacy/. You can prevent the collection and processing of your data by Doubleclick by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).

Google

A web service provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View (hereinafter: Google) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Google. The legal basis relating to data processing is Art. 6 (1) point (f) GDPR. The legitimate interest consists in the error-free functionality of the website. Google has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the privacy statement of Google: https://www.google.com/intl/de/policies/privacy/. You can prevent the collection and processing of your data by Google by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).

Google Video

A web service provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View (hereinafter: Google Video) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Google Video. The legal basis relating to data processing is Art. 6 (1) point (f) GDPR. The legitimate interest consists in the error-free functionality of the website. Google Video has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the privacy statement of Google Video: https://www.google.com/intl/de/policies/privacy/. You can prevent the collection and processing of your data by Google Video by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).

YouTube

A web service provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View (hereinafter: Youtube) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Youtube. The legal basis relating to data processing is Art. 6 (1) point (f) GDPR. The legitimate interest consists in the error-free functionality of the website. Youtube has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the privacy statement of Youtube: https://www.google.com/intl/de/policies/privacy/. You can prevent the collection and processing of your data by Youtube by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).

Ytimg

A web service provided by the company Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View (hereinafter: Ytimg) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to Ytimg. The legal basis relating to data processing is Art. 6 (1) point (f) GDPR. The legitimate interest consists in the error-free functionality of the website. Ytimg has self-certified itself in line with the EU-US Privacy Shield agreement (see https://www.privacyshield.gov/list). The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the privacy statement of Ytimg: https://www.google.com/intl/de/policies/privacy/. You can prevent the collection and processing of your data by Ytimg by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).

website-check.de

A web service provided by the company Website-Check GmbH, Beethovenstraße 24 in 66111 Saarbrücken, DE (hereinafter: website-check.de) is downloaded to our website. We use this data to ensure the full functionality of our website. In this context, your browser may transfer personal data to website-check.de. The legal basis relating to data processing is Art. 6 (1) point (f) GDPR. The legitimate interest consists in the error-free functionality of the website. The data is deleted as soon as the purpose for which it was collected has been fulfilled. Further information on how the transferred data is handled can be found in the privacy statement of website-check.de: https://website-check.de/datenschutzerklaerung/. You can prevent the collection and processing of your data by website-check.de by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com).

Social media plug-in – “Twitter”
Scope of processing of personal data

On our website we use plug-ins from the social media network “Twitter”, which are operated by Twitter Inc., 1355 Market Street, Suite 900, 94103 San Francisco, CA, USA (“Twitter”). If you visit a page on the website that uses such plug-ins, your browser will automatically establish a direct connection to the Twitter servers. The content of the plugin is transmitted by Twitter directly to your browser and integrated into the page. By way of this integration, Twitter receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Twitter profile or are currently not logged into Twitter. This information (including your IP address) is transmitted from your browser directly to a Twitter server in the USA and stored there. If you are logged into Twitter, Twitter can directly assign the visit to our website to your Twitter profile. If you interact with the plug-ins, for example, by clicking on the “Like” button or posting a Tweet, this information is also transmitted directly to a Twitter server and stored there. The information will also be posted on your Twitter account and displayed to your contacts there.

Legal basis relating to the processing of personal data

Art. 6 (1) point (a) GDPR (if you are registered with Twitter) and Art. 6 (1) point (f) GDPR (if you are not registered with Twitter). Insofar as processing is carried out based on Art. 6, (1) sentence 1 point (f) GDPR, the site operator’s legitimate interest lies in enabling user interaction with the site operator’s contents on Twitter.

Purpose of data processing

The primary purpose of data collection is to offer you an opportunity for social interaction via Twitter and to make our website interactive. The scope of the data collection, as well as further processing and use of the data by Twitter and your respective rights and settings options for your privacy protection can be found in the Twitter privacy policy: (https://twitter.com/de/privacy ).

Duration of data storage

Twitter will store the data as long as it is necessary to fulfil its web service. The data will be routinely deleted after expiry of the retention period, unless there is a legal obligation to retain the data or any other legal reason for further storage.

Objection and removal option

If you do not want the social plug-in to be executed by Twitter, you can block its execution by installing a script blocker such as “NoScript”. If you do not want Twitter to associate the data collected via our internet site directly to your Twitter profile, you must log out of Twitter before visiting our website. You can also completely prevent Twitter from loading plug-ins with add-ons for your browser. For Mozilla Firefox you will find the appropriate plug-ins under the following search:
https://addons.mozilla.org/de/firefox/
For Opera you will find the appropriate plug-ins under the following search:
https://addons.opera.com/de/
For Chrome you will find the appropriate plug-ins under the following search:
https://chrome.google.com/webstore/category/extensions?hl=de
In accordance with the general rules on the right to object and the right to erasure (‘right to be forgotten’) under data-protection law, you may object to the processing and request erasure of your personal data. You can read about your rights and how to exercise them below in this privacy statement.

Social media plug-in – “Pinterest”
Scope of processing of personal data

On our website we use plug-ins from the social media network “Pinterest”, which are operated by Pinterest Inc., 808 Brannan St., 94103 San Francisco, CA, USA („Pinterest“). If you visit a page on the website that uses such plug-ins, your browser will automatically establish a direct connection to the Pinterest servers. The content of the plugin is transmitted by Pinterest directly to your browser and integrated into the page. By way of this integration, Pinterest receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Pinterest profile or are currently not logged into Pinterest. This information (including your IP address) is transmitted from your browser directly to a Pinterest server in the USA and stored there. If you are logged into Pinterest, Pinterest can directly assign the visit to our website to your Pinterest profile. If you interact with the plug-ins, for example, by clicking on the “Like” button or posting a message, this information is also transmitted directly to a Pinterest server and stored there. The information will also be posted on your Pinterest account and displayed to your contacts there.

Legal basis relating to the processing of personal data

Art. 6 (1) point (a) GDPR (if you are registered with Pinterest) and Art. 6 (1) point (f) GDPR (if you are not registered with Pinterest). Insofar as processing is carried out based on Art. 6, (1) sentence 1 point (f) GDPR, the site operator’s legitimate interest lies in enabling user interaction with the site operator’s contents on Pinterest.

Purpose of data processing

The primary purpose of data collection is to offer you an opportunity for social interaction via Pinterest and to make our website interactive. The scope of the data collection, as well as further processing and use of the data by Pinterest and your respective rights and settings options for your privacy protection can be found in the Pinterest privacy policy: (https://policy.pinterest.com/de/privacy-policy).

Duration of data storage

Pinterest will store the data as long as it is necessary to fulfil its web service. The data will be routinely deleted after expiry of the retention period, unless there is a legal obligation to retain the data or any other legal reason for further storage.

Objection and removal option

If you do not want the social plug-in to be executed by Pinterest, you can block its execution by installing a script blocker such as “NoScript”. If you do not want Pinterest to associate the data collected via our internet site directly to your Pinterest profile, you must log out of Pinterest before visiting our website. You can also completely prevent Pinterest from loading plug-ins with add-ons for your browser. For Mozilla Firefox you will find the appropriate plug-ins under the following search:
https://addons.mozilla.org/de/firefox/
For Opera you will find the appropriate plug-ins under the following search:
https://addons.opera.com/de/
For Chrome you will find the appropriate plug-ins under the following search:
https://chrome.google.com/webstore/category/extensions?hl=de
In accordance with the general rules on the right to object and the right to erasure (‘right to be forgotten’) under data-protection law, you may object to the processing and request erasure of your personal data. You can read about your rights and how to exercise them below in this privacy statement.

Social media plug-in – “Google+”
Scope of processing of personal data

On our website we use plug-ins from the social media network “Google+”, which are operated by Google LLC, 1600 Amphitheatre Parkway, 94043 Mountain View, CA, USA („Google+“). If you visit a page on the website that uses such plug-ins, your browser will automatically establish a direct connection to the Google+ servers. The content of the plugin is transmitted by Google+ directly to your browser and integrated into the page. By way of this integration, Google+ receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Google+ profile or are currently not logged into Google+. This information (including your IP address) is transmitted from your browser directly to a Google+ server in the USA and stored there. If you are logged into Google+, Google+ can directly assign the visit to our website to your Twitter profile. If you interact with the plug-ins, for example, by clicking on the “Like” button or posting a message, this information is also transmitted directly to a Google+ server and stored there. The information will also be posted on your Google+ account and displayed to your contacts there.

Legal basis relating to the processing of personal data

Art. 6 (1) point (a) GDPR (if you are registered with Google+) and Art. 6 (1) point (f) GDPR (if you are not registered with Google+). Insofar as processing is carried out based on Art. 6, (1) sentence 1 point (f) GDPR, the site operator’s legitimate interest lies in enabling user interaction with the site operator’s contents on Google+.

Purpose of data processing

The primary purpose of data collection is to offer you an opportunity for social interaction via Google+ and to make our website interactive. The scope of the data collection, as well as further processing and use of the data by Google+ and your respective rights and settings options for your privacy protection can be found in the Google+ privacy policy: (google.com/privacy).

Duration of data storage

Twitter will store the data as long as it is necessary to fulfil its web service. The data will be routinely deleted after expiry of the retention period, unless there is a legal obligation to retain the data or any other legal reason for further storage.

Objection and removal option

If you do not want the social plug-in to be executed by Google+, you can block its execution by installing a script blocker such as “NoScript”. If you do not want Google+ to associate the data collected via our internet site directly to your Google+ profile, you must log out of Google+ before visiting our website. You can also completely prevent Google+ from loading plug-ins with add-ons for your browser. For Mozilla Firefox you will find the appropriate plug-ins under the following search:
https://addons.mozilla.org/de/firefox/
For Opera you will find the appropriate plug-ins under the following search:
https://addons.opera.com/de/
For Chrome you will find the appropriate plug-ins under the following search:
https://chrome.google.com/webstore/category/extensions?hl=de
In accordance with the general rules on the right to object and the right to erasure (‘right to be forgotten’) under data-protection law, you may object to the processing and request erasure of your personal data. You can read about your rights and how to exercise them below in this privacy statement.

Social media plug-in – “Facebook”
Scope of processing of personal data

On our website we use plug-ins from the social media network “Facebook”, which are operated by Facebook, Inc., 1601 Willow Road, 94024 Menlo Park, USA (“Facebook”). If you visit a page on the website that uses such plug-ins, your browser will automatically establish a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and integrated into the page. By way of this integration, Facebook receives the information that your browser has accessed the corresponding page of our website, even if you do not have a Facebook profile or are currently not logged into Facebook. This information (including your IP address) is transmitted from your browser directly to a Facebook server in the USA and stored there. If you are logged into Facebook, Facebook can directly assign the visit to our website to your Facebook profile. If you interact with the plug-ins, for example, by clicking on the “Like” button or posting a message, this information is also transmitted directly to a Facebook server and stored there. The information will also be posted on your Facebook account and displayed to your contacts there.

Legal basis relating to the processing of personal data

Art. 6 (1) point (a) GDPR (if you are registered with Facebook) and Art. 6 (1) point (f) GDPR (if you are not registered with Facebook). Insofar as processing is carried out based on Art. 6, (1) sentence 1 point (f) GDPR, the site operator’s legitimate interest lies in enabling user interaction with the site operator’s contents on Facebook.

Purpose of data processing

The primary purpose of data collection is to offer you an opportunity for social interaction via Facebook and to make our website interactive. The scope of the data collection, as well as further processing and use of the data by Facebook and your respective rights and settings options for your privacy protection can be found in the Facebook privacy policy: (https://www.facebook.com/privacy/explanation).

Duration of data storage

Facebook will store the data as long as it is necessary to fulfil its web service. The data will be routinely deleted after expiry of the retention period, unless there is a legal obligation to retain the data or any other legal reason for further storage.

Objection and removal option

If you do not want the social plug-in to be executed by Facebook, you can block its execution by installing a script blocker such as “NoScript”. If you do not want Facebook to associate the data collected via our internet site directly to your Facebook profile, you must log out of Facebook before visiting our website. You can also completely prevent Facebook from loading plug-ins with add-ons for your browser. For Mozilla Firefox you will find the appropriate plug-ins under the following search:
https://addons.mozilla.org/de/firefox/
For Opera you will find the appropriate plug-ins under the following search:
https://addons.opera.com/de/
For Chrome you will find the appropriate plug-ins under the following search:
https://chrome.google.com/webstore/category/extensions?hl=de
In accordance with the general rules on the right to object and the right to erasure (‘right to be forgotten’) under data-protection law, you may object to the processing and request erasure of your personal data. You can read about your rights and how to exercise them below in this privacy statement.

  1. Information on the use of cookies

Scope of processing of personal data

We use cookies on various pages of our website in order to facilitate the use of certain functions. Cookies are small text files that your browser can store on your computer. These text files contain a distinctive character string that allows your browser to be uniquely identified when you next visit our website. The process of storing a cookie file on a computer is also known as ‘setting a cookie’.

Legal basis relating to the processing of personal data

Art. 6 (1) point (f) GDPR. (legitimate interest). Our legitimate interest lies in maintaining the full functionality of our website, improving its usability and enabling a more customised approach. We are only able to identify individual website visitors by means of cookie technology if the website visitor has previously provided us with corresponding personal data on the basis of specific consent.

Purpose of data processing

Our website sets the cookies in order to maintain the full functionality of our website and improve its user friendliness. Cookie technology also allows us to recognise individual site visitors by their pseudonyms, e.g. an individual, personalised user-defined ID, which makes it possible for us to offer more individualised services.

“Matomo Analytics” (formerly “PIWIK”) is used for statistical evaluation of cookies and other log data that is classified as sensitive under data protection law (ePrivacy Holding GmbH, Große Bleichen 21, 20354 Hamburg, Germany).

Duration of data storage

Our cookies are stored in your browser until they are deleted or, in the case of a session cookie, until the session is over.

Objection and removal option

You can configure your browser yourself to generally prevent the setting of cookies. You can then decide whether to accept cookies on a case-by-case basis or to allow cookies to be accepted as the default setting. Cookies can be used for different purposes, e.g. to identify whether your PC has previously connected to our website in the past (permanent cookies) or to store recently viewed website content (session cookies). We use cookies to enhance your user experience. To ensure you get the best possible experience when visiting our website, we recommend that you accept cookies. In accordance with the general rules on the right to object and the right to erasure (‘right to be forgotten’) under data-protection law, you may object to the processing and request erasure of your personal data. You can read about your rights and how to exercise them below in this privacy statement.

  1. Statistical evaluation of visits to this website – web tracker

We collect, process and store the following data when our website, or individual web files, is/are accessed: IP address, the website from which the file was accessed, the name of the file, the data and time of access, the volume of data transferred and message about the success of the website access (so-called web log). We exclusively use this access data in a non-personalised form, for the continuous improvement of our website and for statistical purposes.
We also use the following web tracker to evaluate the visits to this website:

Google-Analytics
Scope of processing of personal data

On our website, we use the web tracking service of Google LLC, 1600 Amphitheatre Park in 94043 Mountain View, USA (hereinafter: Google Analytics). Google Analytics uses cookies for web tracking purposes. These are stored on your computer and enable analysis of the use of our website and your browsing behaviour (tracking). We carry out this analysis on the basis of the Google Analytics tracking service in order to continually optimise and improve the availability of our website. When using our website, data such as your IP address and your user activities are transmitted to servers of Google LLC and processed and stored outside the European Union, e.g. in the USA.

The EU Commission has found that an adequate level of data protection can exist in the USA if the data processing company is certified under the US-EU Privacy Shield Agreement and is thus committed to complying with EU data protection requirements. By activating IP anonymisation within the Google Analytics tracking code of this website, your IP address will be anonymised by Google Analytics before transmission. This website uses a Google Analytics tracking code that has been extended by the operator gat._anonymizeIp(); in order to only allow anonymous collection of IP addresses (IP masking).

Legal basis relating to the processing of personal data

Art. 6 (1) point (a) GDPR (consent), either as part of the registration with Google (opening of a Google account and acceptance of the data protection notice implemented there) or, if you have not registered with Google, by explicit consent when accessing our website.

Purpose of data processing

Google will use this information on our behalf to track your visit to this website, compile reports on website activity and provide us with further services relating to website activity and internet use. The IP address transmitted by your browser as part of Google Analytics will not be merged with any other data held by Google LLC.

Duration of data storage

Google will store the data relevant for the provision of web tracking for as long as it is necessary to fulfil the purchased web service. Data is collected and stored anonymously. If there is any personal reference, the collected data will immediately be deleted, provided that it is not subject to a statutory retention period. The data will be routinely deleted after expiry of the retention period.

Objection and removal option

You can prevent your personal data from being collected and transferred to Google (in particular your IP address), as well as the processing of this data by Google by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at www.noscript.net or www.ghostery.com), or by enabling the “Do Not Track” setting of your browser. You can also prevent Google from collecting the data generated by the Google cookie and relating to your use of the website (including your IP address) and processing of this data by Google by clicking on the following link (Google Analytics deaktivieren) or by downloading and installing the  browser plug-in available under the following link (http://tools.google.com/dlpage/gaoptout?hl=de ). You can find the security and privacy policy of Google at http://www.google.com/intl/de/analytics/learn/privacy.html

  1. Data security and data protection, communication by email

Your personal data is protected by technological and organisational measures during its collection, storage and processing in such a way that it cannot be accessed by third parties. In the case of unencrypted communication by email, we cannot guarantee complete data security during transmission to our IT systems. We therefore recommend encrypted or postal communication for information requiring high confidentiality.

  1. Automatic email archiving

Scope of processing of personal data

We expressly inform you that our mail system has an automatic archiving function. All incoming and outgoing emails will be archived digitally and in a tamper-proof way.

Legal basis relating to the processing of personal data

Art. 6 (1) point (f) GDPR (legitimate interest). Our legitimate interest lies in compliance with tax and commercial law requirements (e.g. Sections 146, 147 of the German Fiscal Code (AO)).

Purpose of data processing

The purpose of archiving is to comply with tax and commercial law requirements (e.g. Sections 146, 147 of the German Fiscal Code (AO)).

Duration of data storage

Our email communication is stored until the expiry of tax law and commercial law retention obligations. The storage period can be up to 10 years.

Objection and removal option

Should you have any questions regarding our email archiving system, please contact our data protection officer. We would also like to point out that we only consider application documents in PDF format. Zipped files (WinZip, WinRAR, 7Zip, etc.) are filtered out by our security systems and hence not delivered. We do not consider applications in Word or other file formats and erase them unread. Please note that unencrypted application documents sent by email may be opened by third parties before they are received by our IT systems. We assume that you agree that we will also reply to unencrypted application emails without using encryption. If you do not agree to this, please let us know in your application email.

  1. Revocation of consents – access to information on and rectification of data – erasure and restriction of processing

In accordance with the Federal Data Protection Act, you have the right to free information concerning your stored data and a right to rectification, to obtain restriction of processing or erasure of this data. We will erase your data upon first request, unless this is prevented by statutory regulations. You can revoke consents that you have granted to us to use your personal data at any time. You can, at any time, send requests for access to, erasure or rectification of your data – and we would also be pleased to receive your suggestions – to the following address:

Franco-German University
Kohlweg 7 / Villa Europa
66123 Saarbrücken, Germany
email: info@dfh-ufa.org
Phone: +49 681 93812 – 100
Fax: +49 681 93812 – 111

  1. Right to data portability

You have the right to receive any personal data related to you that you have provided to us in a structured, commonly used and machine-readable format. You can also request that we transmit this data to a third party immediately upon your first instruction, provided that the processing is based on consent in accordance with Art. 6 (1) point (a) GDPR or Art. 9 (2) point (a) GDPR or on a contract in accordance with Art. 6 (1) point (b) GDPR, and the processing is carried out by automated means.
In exercising this right, you also have the right to have your personal data transmitted directly from one data controller to another insofar as this is technically feasible. This must not compromise the freedoms and rights of other persons.
The right to data portability does not apply to the processing of personal data necessary for performing a task carried out in the public interest or in the exercising of official authority vested in the controller.

  1. Right to lodge a complaint with a supervisory authority pursuant to Art. 77 (1) GDPR

If you have reason to suspect that your data is being unlawfully processed on our website you can, of course, seek judicial clarification at any time. Furthermore, without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of your habitual residence, your place of work and/or the place of the alleged infringement; i.e. you can choose the supervisory authority you wish to refer the matter to from the aforementioned places. The supervisory authority at which you lodged the complaint will then inform you about the status and outcome of your submission, including the possibility of a judicial remedy pursuant to Article 78 GDPR.

Created by:
© IT-Recht-Kanzlei DURY – www.dury.de
© Website-Check GmbH – www.website-check.de