Data protection information according to Article 13 GDPR
I. Identity and contact details of the controller
The controller within the meaning of the General Data Protection Regulation (GDPR) is:
University of Mannheim
L1,1
68131 Mannheim
Phone: 0621/-181–1001
E-mail: rektor@uni-mannheim.de
II. Contact details of the data protection officer
Data protection officer of the University of Mannheim
L1,1
68131 Mannheim
E-Mail: datenschutzbeauftragte@uni-mannheim.de
Phone: 0621/181–1126
III. General information on data processing
1. Personal data
As defined in the General Data Protection Regulation (GDPR), personal data refers to any information relating to an identified or identifiable natural person. This is data such as the first and last name, address, e-mail address, phone number and, as a rule, the IP address.
2. Extent of personal data processing
Principally, we process personal data only as far as it is necessary in order to provide a functional website and our content and services. We only process personal data of our users after they have given their consent. An exception is made if it is not possible to get consent due to factual reasons and the processing is permitted by law.
We do not deliberately collect personal data of minors. We advise parents and legal guardians to watch their children’s activities online.
3. Legal basis for the processing of personal data
Provided that we have got the users’ consent to process their personal data, Article 6 paragraph 1(a) GDPR is the legal basis for the processing.
When processing personal data is necessary for the performance of a contract to which the data subject is party, Article 6 paragraph 1(b) GDPR is the legal basis for the processing. This also applies to processing operations that are necessary in order to take steps prior to entering into a contract.
Provided that the processing of personal data is necessary for compliance with a legal obligation to which the University of Mannheim is subject, Article 6 paragraph 1(c) GDPR is the legal basis for the processing.
If the processing of personal data is necessary to protect the vital interests of the data subject, Article 6 paragraph 1(d) GDPR is the legal basis for the processing.
If the processing is necessary for the purpose of a legitimate interest pursued by the University of Mannheim or by a third party and this interest is not overridden by the interests, fundamental rights and freedoms of the data subject, Article 6 paragraph 1(f) GDPR is the legal basis for the processing.
Our fundamental goal is to implement data-protection principles, such as data minimization, and to limit the processing of personal data while you are visiting our websites to the necessary minimum.
4. Deletion of data and storage period
The personal data of the data subject will be deleted or locked once the purpose for which they have been stored ceases to apply. Personal data may be stored for a longer period if provided for by European or national legislators in EU regulations, laws or other rules to which the controller is subject. The data will also be locked or deleted once a storage period specified in the above-mentioned rules has expired, unless further retention of the data is necessary to enter into or fulfill a contract.
IV. Provision of the website and creation of log files
1. Description and extent of data processing
Every time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data are collected:
The log files contain IP addresses or other data that can be assigned to a user. This could be the case, for example, if the link to the website from which the user accesses the website or the link to the website to which the user switches contains personal data. The data are also stored in our system’s log files. These data are not stored together with other personal data of the user.
2. Legal basis for data processing
The legal basis for the temporary storage of data and log files is Article 6 paragraph 1(f) GDPR.
3. Purpose of data processing
The temporary storage of the IP address by the system is necessary to facilitate the delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.
The data are stored in log files to ensure the functionality of the website. In addition, the data help us optimize our website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.
These purposes also constitute our legitimate interest in data processing according to Article 6 paragraph 1(f) GDPR.
4. Storage period
The data will be deleted once the the purpose for which they have been collected ceases to apply. For the data collected in order to provide the website, this is the case when the respective session has ended.
If the data are stored in log files, this is the case after seven days at the latest. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated so that the accessing client can no longer be identified.
5. Right to object and deletion of data
The collection of data for the provision of the website and the storage of data in log files is absolutely essential for the operation of the website. Consequently, the user has no possibility to object.
V. Use of cookies
1. Description and extent of data processing
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user’s computer system. If a user accesses a website, a cookie can be stored in the user’s operating system. This cookie contains a characteristic string that enables a clear identification of the browser when the website is accessed again.
We use cookies to improve your experience on our website. Some elements on our website require that the accessing browser can be identified after the user changed to another website.
The following data are stored and transmitted:
2. Legal basis for data processing
The legal basis for the processing of personal data using cookies is Article 6 paragraph 1(f) GDPR.
3. Purpose of data processing
Cookies stored do not store any information about the user. The use of analysis cookies serves the purpose of improving the quality of our website and its content. Analysis cookies allow us to find out how the website is used in order to continuously optimize our services.
4. Storage period, right to object and deletion of data
Cookies are stored on the user’s computer and transmitted to our website. Consequently, the user, has full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. You can also delete cookies which have been stored at any time. This can also be done automatically. If you deactivate cookies for our website, you may no longer be able to use the site’s full range of features.