PRIVACY POLICY

We are glad to see that you are interested in Reutlingen University. Protecting your personal information is a matter of great concern for us. Below you will find all the relevant details.

This privacy policy (Version: GDPR 1.0 of 28.05.2018) was prepared by:
Deutsche Datenschutzkanzlei Datenschutz-Office (German Law Office for Data Protection) Munich – www.deutsche-datenschutzkanzlei.de

Data Protection
We, Reutlingen University, are responsible for this website. As a provider of a teleservice we are required to inform you at the beginning of your visit to our website in a precise, transparent, intelligible and easily accessible form of the type, extent and purpose of the collection and use of personal information in clear and simple language. The content of this information must be available to you at any time. We are obliged to inform you of what personal information is collected or used. Personal information is defined as any information that relates to an identified or identifiable individual.

We attach greatest importance to the security of your information and to compliance with data protection provisions. The collection, processing and use of personal information are subject to the provisions of current European and national laws.

With the following privacy policy we would like to show you how we handle your personal data and how you can contact us:

Reutlingen University
Alteburgstraße 150
72762 Reutlingen
Germany
Authorised representative: Professor Dr Hendrik Brumme, President
Telephone: +49 7121 271-0
email: info@reutlingen-university.de

Our Data Protection Officer
Our Data Protection Officer is available for questions as follows:
Maximilian Musch, Deutsche Datenschutzkanzlei (German Law Office for Data Protection)
email: maximilian.musch@reutlingen-university.de
Web: www.deutsche-datenschutzkanzlei.de

A. General
For greater comprehensibility, no distinction is made between male and female in our privacy policy. Terms used automatically imply equal treatment of both genders.

The meaning of terms used such as “personal information“ or their “processing“ can be seen in Article 4 of the EU General Data Protection Regulation (GDPR).

The users‘ personal data that are processed as part of this website include inventory data (e.g. name and addresses), contract data (e.g. services received, payment information), usage data (e.g. pages visited in our website), and content data (e.g. entries in contact form).

The term “users“ includes all categories of data subjects. These are, for example, our students, business partners, interested parties and other visitors to our website.

B. Specific

Privacy Policy
We guarantee that we collect, process, store and use your incoming data solely in connection with handling your enquiries as well as for internal purposes and to render services you have requested or to provide contents.

Fundamentals of data processing
We process personal data of the users only in accordance with the relevant data protection regulations. The users’ data are processed only if this is allowed by provisions in the law:

  • to provide our contractual services (e.g. processing of orders) and online services
  • if there is a legal provision requiring processing
  • if you have given your consent

We are glad to show you where the above mentioned legal grounds are regulated in the GDPR:

Consent  
Processing for the performance of a contract Art. 6 Para. 1 lit. b. GDRP
Processing for compliance with our legal obligations Art. 6 Para. 1 lit. c. GDRP
Processing for the performance of a task carried out in the public interest Art. 6 Para. 1 lit. e GDRP
Processing for the purposes of legitimate interests Art. 6 Para. 1 lit. f GDPR

Data transfer to third parties
No data transfer to third parties takes place.

Data transfer to a third country or to an international organisation
Third countries are countries in which the GDPR is not directly applicable law. This includes all countries outside the EU and the European Economic Area.

No data transfer to a third country or an international organisation takes place without your consent or without a legal basis.

Storage period of your personal data
We comply with the principles of data minimisation and data avoidance. This means that we store the personal data you have provided us with until the above purposes for which they were provided to us have been fulfilled or as stipulated by the various storage periods provided for by the legislator. If the respective purpose ceases to apply and/or after expiry of the relevant periods, your data will be routinely and in accordance with the legal regulations blocked or deleted.

For this we have developed an internal method to safeguard this procedure.

Contacting us
If you contact us via email, telephone, telefax, contact form, social media etc., you are agreeing to electronic communication. Contacting us involves personal data being collected. The data collected when using the contact form can be seen in the respective contact form. Your data are transferred using SSL encryption. The information you give us is stored solely for purposes of processing your enquiry and possible follow-up questions.

We would like to point out that emails on the transmission path may be read or changed by unauthorised persons without this being noticed. We would also like to inform you that we use software for filtering unwanted emails (spam filter). The spam filter may reject emails if due to certain characteristics they have been wrongly identified as spam.

What are your rights?
a) Right to information
You have the right to obtain free information about your stored data. On request and according to applicable law we will inform you in writing of what personal data we have stored about you. This also includes the origin and the recipients of your data as well as the purpose of the data processing.

b) Right to rectification
You have the right to rectify incorrect data we have stored about you. In this case you can demand a restriction of the processing, e.g. when contesting the correctness of your personal data.

c) Right to block
Moreover, you may have your data blocked. For control purposes these data must be held in a lock file so that any blocking of your data can be noted at any time.

d) Right to deletion
You may also demand the deletion of your personal data insofar as there is no legal obligation to retain such data. If such an obligation exists, we will block your data on request. If the relevant legal requirements are met, we will delete your personal data even if you do not make a request to do so.

e) Right to data portability
You are entitled to demand the provision of personal data transferred to us in a format that allows the transfer to another place.

f) Right to complain to a supervisory authority
You have the opportunity to contact one of the data protection authorities with a complaint.

The State Officer for Data Protection and Freedom of Information Baden-Württemberg
Postal address: Postfach 10 29 32, D-70025 Stuttgart
Street address: Königstraße 10a, D-70173 Stuttgart
Telephone +49 711 615541–0
Telefax: +49 711 615541–15
email: poststelle@dont-want-spam.lfdi.bwl.de
Web: www.baden-wuerttemberg.datenschutz.de

You can open the complaint form via the following link:
www.baden-wuerttemberg.datenschutz.de/online-beschwerde

g) Right to object
You have the option at any time to revoke the use of your data for internal purposes with future effect. To do so it is sufficient to send an email to daten-schutz@reutlingen-university.de. Such a revocation, however, does not affect the legality of the processing operations we carried out up to that point. The data processing with respect to all other legal bases, such as contract initiation (see above) remains unaffected.

Protection of your personal data
We adopt best available contractual, organisational and technical security measures to ensure that the provisions of the data protection laws are complied with and thus to protect the data we process against random or deliberate manipulation, loss, destruction or against the access by unauthorised parties.

The security measures include more particularly the encrypted transfer of data between your browser and our server. For this a 256-bit-SSL (AES 256) encryption technique is used.

The security measures in use are continuously improved in line with technological developments. Despite these precautions we cannot guarantee the security of your data transfer to our website because of the insecure nature of the internet. As a result, any data transfer from you to our website is at your own risk.

Protection of minors
Persons who have not yet reached the age of 16 may only provide us with personal information when the explicit consent of their parents or legal guardians has been given. These data are processed in line with this privacy policy.

Server log files
The provider of the pages collects and stores information automatically in so called server log files which you browser transfers to us automatically. They are:

  • browser type and browser version
  • operating system used
  • referrer URL
  • host name of accessing computer
  • time of server request
  • IP address


These data will not be merged with other data sources.
The basis for the data processing is Art. 6 Para. 1 lit. f. GDPR, which allows the data processing for the protection of our legitimate interests.

Cookies
We use cookies. Cookies are text files that are stored locally in the buffer or cache of your internet browser. The cookies allow the recognition of internet browsers. The files are used to help the browser to navigate through the website and to use all the functions fully.

Our website uses browser cookies.

Control of cookies by the user
You can set all the browsers so that browser cookies are only accepted on request. You can also adjust your settings only to accept cookies whose pages you are now visiting. All browsers provide functions that allow the selective deletion of cookies. The acceptance of cookies can also be generally shut down, though this may result in restrictions to ease of use of this website.

Lifetime of cookies used
Cookies are maintained by the web server of our website. This website uses:

Persistent cookie (permanent browser recognition)
Lifetime: no deletion

Session Cookie
Lifetime: directly after ending the visit to the website (end of session)

Deactivate or remove cookies (opt out)
Every web browser provides ways of restricting and deleting cookies. You will find further information about this on the following websites:

Web Analysis Service Matomo (formerly Piwik)
We use the web analysis service software Matomo (https://matomo.org/), a service provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand to collect and to store data for marketing and optimisation purposes. Usage profiles are created from these data under a pseudonym, using cookies. The data collected using Matomo technology (including your anonymised IP address) are transferred to our server and stored for usage analysis purposes. This serves to optimise our website.

The information generated by the cookie in the pseudonymous user profile is not used to identify you personally and is not merged with personal information about the bearer of the pseudonym. If you do not agree to the storing and evaluation of these data from the visit to our website and would like to object to this for the future, you can stop the use of cookies and participation in tracking.

To do so you can adjust your browser setting so that you are informed about the placing of cookies und decide in each case whether to accept them or to accept cookies only in certain cases or to generally not accept cookies. If you decide not to accept cookies, not all the functions of our website will continue to be available.

If you do not agree to the storing and evaluation of these data from your visit, you can subsequently object to their storage and use at any time by mouse click. In this case a so called opt-out cookie is saved on your browser, resulting in Matomo not collecting any session data. Please note that complete deletion of your cookies will result in your opt-out cookie also being deleted and that you may have to reactivate it.

Use of Facebook plug-ins (Shariff solution)
We use plug-ins of the social network facebook.com. The operator is Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook").

This plug-in can transfer data, including personal data, to the US service provider. To enhance the security of your data when visiting our website, the plug-in is integrated into the page using a so called 2Click or Shariff solution (Copyright (c) 2016: Ines Pauer, Philipp Busse, Sebastian Hilbig, Erich Kramer, Deniz Sesli; Licensed under the MIT license). This integration guarantees that when opening a page on our website containing such plug-ins a connection to Facebook’s servers will not yet be established. Your browser will establish a direct connection to Facebook’s servers only when you activate the Facebook plug-in, thus giving your consent for the data transfer.

The content of the Facebook plug-in is transferred directly to your browser and integrated into the page. The plug-in then transfers data (including your IP address) to Facebook. We have no influence on the extent of the data Facebook collects with the help of the plug-ins. As far as we are aware, Facebook obtains information about which page of our websites you have currently and previously opened.

By integrating the plug-ins, Facebook then obtains the information that your browser has opened the relevant page of our website even if you do not have a profile at Facebook or are not currently logged in. This information (including your IP address) is transferred by your browser directly to a Facebook server in the USA and stored there. When you interact with the Facebook plug-in, the information thus provided is also transferred directly to a Facebook server and stored there. Moreover, the information is published in Facebook and displayed to your contacts there.

You will find more detailed information on the collection and use of data by Facebook as well as on rights and opportunities for protecting your privacy in Facebook’s privacy policy.

Use of Twitter plug-ins (Shariff solution)
We use social plug-ins of the social network Twitter. Twitter is operated by: Twitter, Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. The plug-ins are recognisable by one of the Twitter logos (outline of bird/relief). There are different Twitter logos. They can be viewed under the link twitter.com/about/resources/logos on Twitter’s website.

When you open our website, a direct connection to Twitter’s servers is established. The content of the plug-in is transferred directly to your browser and integrated into the website. To enhance the security of your data when visiting our website, the plug-in is integrated into the page using a so called 2Click or Shariff solution (Copyright (c) 2016: Ines Pauer, Philipp Busse, Sebastian Hilbig, Erich Kramer, Deniz Sesli; Licensed under the MIT license). This integration guarantees that when opening a page on our website containing such plug-ins, a connection to Twitter’s servers will not yet be established. Your browser will establish a direct connection to the servers only when you activate the Twitter plug-in, thus giving your consent for the data transfer.

The content of the Twitter plug-in is transferred directly to your browser and integrated into the page. The plug-in then transfers data (including your IP address) to Twitter. We have no influence on the extent of the data Twitter collects with the help of the plug-ins. As far as we are aware, Twitter obtains information about which page of our website you have currently and previously opened.

By integrating the plug-in Twitter then also obtains the information that your browser has opened the relevant page of our website even if you do not have a profile at Twitter or are not currently logged in. This information (including your IP address) is transferred by your browser directly to a Twitter server in the USA and stored there. When you interact with the Twitter plug-in, the information provided will also be transferred directly to Twitter and stored there. Moreover, the information will be published by Twitter and displayed there to your contacts.

For the purpose and extent of the data collection and the further processing and use of the data by Twitter as well as your corresponding rights and settings options for the protection of your privacy, see Twitter‘s privacy notices under the link twitter.com/privacy.

Use of Instagram
Functions of the Instagram service are integrated into our pages. These functions are provided by Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA. When you are logged into your Instagram account, you can link the contents of our pages with your Instagram profile by clicking onto the Instagram button. This will enable Instagram to allocate the visit to our pages to your user account. We point out that as providers of the pages we have not received any information about the content of the transferred data and their use by Instagram. You will find more information the privacy policy of Instagram: instagram.com/about/legal/privacy/.

Use of LinkedIn
Our website uses functions of the LinkedIn network. Provider is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time one of our pages is opened containing LinkedIn’s functions, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our web pages with your IP address. If you click onto LinkedIn‘s recommend button and are logged into your LinkedIn account, it is possible for LinkedIn to allocate your visit to our web page to you and your user account. Please note that as provider of the pages we have not received any information about the content of the transferred data as well as their use by LinkedIn. You will find more information in the privacy policy of LinkedIn under: www.linkedin.com/legal/privacy-policy.

XING
Our website uses functions of the Xing network. Provider is the XING AG, Dammtor-straße 29-32, 20354 Hamburg, Germany. Every time one of our pages is opened containing Xing’s functions, a connection to Xing servers is established. As far as we know, storage of your personal data does not take place. More particularly, no IP addresses are stored or user behaviour evaluated. You will find further information about data protection and the Xing share button in Xing’s privacy policy under: www.xing.com/app/share.

Use of Google AJAX Search API via Java Script Code
We use Google AJAX Search API via Java Script Code, enabling you to search for other websites in our website using Google search. By using the search field, personal data can be shared and processed. To prevent implementation of the Java Script Code used, you should install a Java Script blocker (e.g. www.noscript.net).

Use of Google Custom Search
This website uses Google Custom Search, provided by Google Inc. (Google), as a central search function. This search service enables a full-text search for contents on this website. Access to this search function is via the search fields integrated into these web pages. When you enter one or several search words into the search field and send your query, these and further data such as your IP address will be transferred to Google, as a rule to Google servers in the USA. If you do not want this, please do not use the search field. By using the search function, you acknowledge that for your use of the search field and the related data processing by Google, Google’s privacy policy (available under www.google.de/privacy.html) solely applies.
The same applies for the use of other services provided by Google, such as Google Maps.

Use of Google Maps
We use Google Maps to show maps and to create route maps. Google Maps is operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. By using this website you consent to the capture, processing and use of the automatically collected data as well as the data you enter (including the IP address) by Google, one of its agents or third-party providers. You will find the terms of use for Google Maps under the following link:
www.google.de/intl/de/policies/terms/regional.html

You will find more detailed information on transparency and options as well as the privacy policy of google.de under www.google.de/intl/de/policies/privacy/

Use of YouTube
Functions of the YouTube service are integrated into our website to display and play videos. These functions are provided by YouTube, LLC 901 Cherry Ave. San Bruno, CA 94066 USA. You will find further information in YouTube’s privacy guidelines.

Here the enhanced data production mode is used which according to the provider only activates the storage of user information once the videos start.

When the embedded YouTube videos start, YouTube uses cookies to capture information about user behaviour. According to information provided by YouTube, these cookies are used among other things to collect video statistics, to enhance user-friendliness and to prevent improper behaviour. Regardless of whether the embedded video is being played, with each visit to our website a connection to the Google network DoubleClick is established which can trigger further data processing operations without our influence.

You will find further details about the use of cookies in YouTube’s privacy policy under: www.youtube.com/t/privacy_at_youtube

Use of Vimeo plug-ins
We use plug-ins from Vimeo.com. The operator is Vimeo LCC, 555 West 18th Street, New York, New York 10011, USA (Vimeo)

If you activate such a plug-in, a connection to the Vimeo servers is established and the plug-in will be shown on the webpage by a message to your browser. This communicates which webpages you have visited to the Vimeo server. If you are logged in as a member of Vimeo, Vimeo will allocate this information to the respective personal user account of these platforms. When using these plug-ins, such as click/start buttons for a video or sending a comment, this information will be allocated to the Vimeo user account. You can only prevent this by logging out before using the plug-in.

You will find information on collection and use of data by the above mentioned platform and plug-ins in the privacy notice: vimeo.com/privacy

Embedding of TIMMS videos
We embed video files in our teaching and video platform, hosted by the TIMMS server of the University of Tübingen.

Newsletter
If you subscribe to our email newsletters, personal data will be collected. These data are used by us for our own marketing purposes in the form of the respective email newsletter insofar as you have explicitly agreed to this, as follows:
"Yes, I would like to subscribe to the Newsletter! I accept the privacy statement”.

As an external subscriber you may cancel the newsletter at any time using the link provided by sending us an email: presse@reutlingen-university.de. After unsubscribing, your email address will be immediately deleted from our newsletter and stored in a lock file to secure the cancellation.

Amendments to our privacy policy
We reserve the right to adapt our privacy policy occasionally so that it always meets the up-to-date legal requirements or to include changes in our services in the privacy policy. This could, for example, concern the launch of new services. For your next visit the new privacy policy will then apply. .

Trademark protection
Every company logo or trademark mentioned here is the property of the respective company. The mentioning of brands and names is for information purposes only.

C. Specific provisions for Russia

For users who are resident in the Russian Federation, the following applies:

The above mentioned services of our website are not intended for use by citizens of the Russian Federation who are resident in Russia.

If you are a Russian citizen resident in Russia, you are hereby explicitly informed that any personal data you provide us with via this website are entirely at your own risk and your own responsibility. You further agree that you cannot make us responsible for possible non-compliance with the laws of the Russian Federation.