Privacy Policy

Information relating to the collection of personal data

Thank you for visiting our website www.dfh-ufa.org and for your interest in our university. We take the protection of your personal data very seriously. Personal data refers to information about personal or material circumstances relating to an identifiable or identified natural person (‘data subject’). Such information includes, for instance, the real name, address, telephone number and date of birth, together with all other information that can be related to an identifiable person, such as examination results, school history, etc.

Personal data is subject to special legal protection. In the following, we inform you about the collection and, if applicable, further processing (storage, etc.) of personal data in accordance with Art. 13 and Art. 14 of the EU General Data Protection Regulation (GDPR).

 

Controller

Controller within the meaning of Art 4. no. 7 GDPR is:
Franco-German University
Kohlweg 7 / Villa Europa
66123 Saarbrücken
Email: info(at)dfh-ufa.org
Phone: +49 681 93812 – 100
Fax: +49 681 93812 – 111

 

Contact details of the data protection coordinator and the data protection officer

In matters relating to data protection, please send us an email: datenschutz(at)dfh-ufa.org.

Data protection officer is Lawyer Gregor Theado, BTK Rechtsanwälte, Schützenstraße 3 – 5, 66123 Saarbrücken, Germany. Phone: +49 681 93882601 Internet:

 

Collection and further processing of personal data as well as type and purpose of processing

In the following sections, we shall explain how, to what extent and for which purposes we collect your personal data. You are under no statutory or contractual obligation to provide us with your personal data. As a matter of principle, we only collect personal data to the extent necessary to provide a functioning website, to deliver website content and to perform our services, in particular our duties as a university towards students, cooperation partners and partner universities. However, it may be necessary to process certain types of data in order to comply with statutory provisions (e.g. higher education laws, tax regulations, German Anti-Money Laundering Act).

In the following, we set out which personal information we collect in this way and how we use it.

 

1. Processing of your personal data when you visit our website

When you visit our website for information purposes, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we will collect the following data on the grounds of legitimate interests to the extent that it is technically absolutely necessary in order for us to display our website to you and to ensure stability and security (the legal basis is Art. 6 (1) sentence 1 point (f) GDPR):

IP address, date and time the website is accessed, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the user’s system accessed our website, browser, operating system and its interface, language and version of the browser software.

The data is stored in log files and is not merged with other data. The data is regularly deleted no later than three months after the website is accessed.

 

2. Contact form(s)

For enquiries of all kinds, we offer you the possibility to contact us using a form provided on the website. You can also contact us by email or phone. Should you contact us, the information you provide (e.g. in the entry mask) will be transmitted to us and stored.

If you are able to register on our website (via your personal login area, giving you access to additional functions), registration is required in order to access certain contents and services on our website or for the fulfilment of a contract or the performance of precontractual measures.

The processing of the personal data provided by you when contacting us or registering serves to establish contact quickly and thus to promptly process your enquiry and provide our services. The legal basis is Art 6 (1) point (f) GDPR and/or your consent in accordance with Art 6 (1) point (a) GDPR. If you contact us with the aim to conclude a legal transaction, the additional legal basis for the processing is Art. 6 (1) point (b) GDPR.

 

3. Information via newsletter

When you register to receive our email newsletter, we use your email address to send you our newsletter on a regular basis. To receive the newsletter, it is sufficient to provide an email address. The legal basis is your voluntary consent in accordance with Art. 6 (1) point (a) GDPR.

To send the newsletter, we use the services provider Newsletter2Go (Sendinblue), with which we have concluded an external processing agreement to ensure maximum protection of your personal data.

You can unsubscribe from our newsletter at any time, for example by clicking on the unsubscribe link that appears at the bottom of every newsletter. Alternatively, you can also send your unsubscribe request by email at any time to the email address given in our legal notice.

 

4. Cookies

When you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using, and which provide the party setting the cookie (in this case, us) with certain information. Cookies serve to maintain the full functionality of our website and improve its user friendliness.

We use cookies that are technically necessary for the operation of our website with the purpose to enhance your user experience. Some functionalities of our website, which require your browser to be uniquely identified when you next visit the website, are only available if you accept the setting of cookies (the legal basis is Art 6 (1) point (f) GDPR).

Specifically, we use the following cookies to ensure the website is displayed correctly:

  • net
  • com
  • PHPSESSID

Cookies are stored on the user’s computer and transmitted to our website from there. As user, you therefore have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Stored cookies can be deleted at any time, also automatically. However, if you deactivate cookies for our website, you may no longer be able to access all functions of the website to their full extent.

Session cookies are automatically deleted at the end of the session.

If we use other cookies, we will inform users in the appropriate section of this privacy statement.

 

5. Integration of YouTube videos

A web service of Google LLC, 1600 Amphitheatre, 94043 Mountain View, USA (hereinafter: YouTube) is downloaded to our website. We use this data to ensure the full functionality of our website and to provide you with information. In this context, your browser may transmit personal data to YouTube. The legal basis relating to data processing is Art. 6 (1) point (f) GDPR.

Further information on how the transferred data is handled can be found in the privacy statement of YouTube: You can prevent the collection and processing of your data by YouTube by disabling the execution of script code in your browser or by installing a script blocker in your browser (you can find these for instance at or ).

 

6. Google Search Console

We use Google Search Console to technically monitor our website for errors. Google Search Console is a free service that allows us to monitor and manage our presence in the Google search index. There we get access to data and information that Google has about our website. No user or tracking data is transmitted from our site to Google. We only receive data from Google about our web presence. The legal basis relating to data processing is Art. 6 (1) point (f) GDPR.

You can find more information on Google’s terms of use and privacy policy at 

 

7. Matomo

We use Matomo for statistical evaluation. Matomo is an open-source tool for web analysis. Matomo does not transmit data to servers that are outside of our control. By default, Matomo is deactivated when you visit our website. Only if you actively consent, will your usage behaviour be anonymously logged (the legal basis is Art 6 (1) point (a) GDPR).

Matomo uses cookies. The information about usage obtained by the cookie is transmitted to us and stored to enable us to evaluate usage behaviour. Your IP address is anonymised immediately, so that you remain anonymous as a user. The information generated by the cookie about your use of this website is not passed on to third parties.

This analysis allows us to optimise our Internet site and further adapt our services to reflect users’ needs.

 

8. Social media accounts

We operate social media accounts, including Facebook, Instagram, Twitter, YouTube and LinkedIn. To this end, we set links on our website (e.g. via the corresponding icons). Provided you do not click on the link, no data is transmitted to the social media platform. Clicking on a link will take you to the corresponding social media platform, which will then collect certain personal data.

If you are additionally logged into a social media platform when you visit our website, the respective platform may be able to assign your visit to our website to your profile. Social media platforms may use user data for commercial purposes. In principle, we have no influence on the collection and further processing of personal data by the social media platforms, in particular the scope, location and duration of storage.

For all questions regarding data protection in connection with social media platforms, you can contact us directly; for technical questions, please contact the respective platform operator.

Below, we would like to provide you with the following information concerning our social media accounts:

Instagram

As part of the Facebook corporate group, Instagram shares infrastructure, systems and technology with Facebook and other Facebook companies (). Facebook stores and uses data of the users of its services. For more information about Facebook’s data processing on Instagram, please see Instagram’s privacy policy at .

Insofar as the data you provide to us via Instagram is also or exclusively processed by Facebook, Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, is the data controller in addition to us.

You can contact Facebook’s data protection officer via the online contact form provided by Facebook at .

Facebook

For more information about Facebook’s data processing, please see Facebook’s privacy policy at

Insofar as the data you provide to us via Facebook is also or exclusively processed by Facebook (insights data), Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, is the data controller in addition to us. In this respect, data processing is carried out on the basis of an arrangement between jointly responsible parties pursuant to Art. 26 GDPR.

You can contact Facebook’s data protection officer via the online contact form provided by Facebook at .

Facebook provides us with so-called page insights for our Facebook page: . These are aggregated data that allow us to understand how people interact with our site. Page insights may be based on personal data collected in connection with a visit to or interaction of persons on or with our site and its content. Pursuant to Art. 6 (1) point (f) GDPR, this serves to safeguard our legitimate interests in an optimised presentation of our offer and effective communication with customers and interested parties, which predominate in the context of a balancing of interests.

You can object to the processing of your data for the aforementioned purposes at any time by changing your settings for advertisements in your Facebook user account at .

Google and YouTube

For more information about Google’s data processing, please see Google’s privacy policy at:

Insofar as the data you provide to us via Google is also or exclusively processed by Google, Google LLC Ltd, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google”) is the data controller in addition to us.

 

9. Erasure of data

Unless otherwise stated in this privacy statement, personal data will be deleted immediately once the purpose for which it was collected has ceased to apply and provided that no retention periods (e.g. 10-year retention period under tax law with regard to all data relevant to the taxation matter or 6-year retention period under commercial law) conflict with this. We may also be entitled to retain the data for other reasons beyond fulfilment of the original purpose, including limitation periods for claims or for the purpose of legal prosecution.

The personal data collected by us during all requests for information will be routinely deleted after your enquiry has been processed, unless legitimate interests require longer storage (e.g. planned further requests for information, etc.). If your enquiry leads to the conclusion of a contract, your data will be deleted immediately after the expiry of limitation periods and the statutory retention periods.

 

10. Other processing and transmission of data

Apart from the cases mentioned in the present privacy statement, we only process your personal data if:

  • you have given consent to the processing pursuant to Art. 6 (1) point (a) GDPR,
  • processing is necessary in accordance with Art. 6 (1) point (b) GDPR for the performance of a contract with you (e.g. transmission to service providers essential for executing the contract, in particular post office, authorities, tax consultants, etc.),
  • processing is necessary for compliance with a legal obligation pursuant to Art. 6 (1) point (c) (in particular obligations under public law, tax law and commercial law to store and transmit data), as well as
  • processing is necessary pursuant to Art. 6 (1) point (f) for the purposes of the legitimate interests pursued by us or by a third party, in particular the establishment, exercise or defence of legal claims (e.g. disclosure to courts, debt collectors, lawyers), except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.

Recipients of the data may also be service providers on whose services we rely for the operation of our organisation (e.g. technical service providers for the maintenance of the software and IT landscape, hosting providers) and for the fulfilment of our contractual obligations. These service providers process your data in our name as external data processors and are obliged to treat the data with the utmost confidentiality.

 

11. Your rights

In respect of the personal data concerning your person, you have a right to information, where necessary to rectification or erasure, where necessary to restriction of processing, a right to object (see below for more details) and to data portability.

You also have the right to lodge a complaint with a supervisory authority.

You have the right to revoke a declaration of consent under data protection law at any time with effect for the future.

 

Right to object pursuant to Art. 21 GDPR

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) point (f) GDPR, you have the right to object to the processing of your personal data with effect for the future pursuant to Art. 21 GDPR on grounds relating to your particular situation or if the objection relates to processing for direct marketing purposes. In the latter case, you have a general right to object, with which we will comply without you having to provide information about a special situation.

If you wish to execute your right to revoke consent or to object, it is sufficient to send us an email.

12. Communication by email

Email communication with us is, by default, unencrypted. If you send us an unencrypted email or make an enquiry and ask for a response by regular email, we will initially assume that you agree to unencrypted communication. If you would like encrypted communication, please let us know.

[COOKIE_NOTICE]