For the web offerings and web presences of the Friedrich-Alexander University Erlangen-Nuremberg (FAU), the person responsible within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws as well as other data protection regulations is FAU. It is legally represented by its president. You can find the contact information in the imprint of the central FAU website.
The respective FAU institutions are responsible for the content offered on the websites and websites of the Friedrich-Alexander University Erlangen-Nuremberg (FAU). If you have any questions in connection with a relevant offer, please contact the respective responsible contact person, as he or she is named in the imprint of the website.
Name and address of the data protection officer
FAU data protection officer
Klaus Hoogestraat
c/o ITM Gesellschaft für IT-Management mbH
Bürgerstrasse 81
01127 Dresden
Telephone: +49 9131 85-25860
Email: datenschutzanwalt@fau.de
General information on data processing
Scope of processing personal data
In principle, we only process personal data of our users to the extent that this is necessary to provide a functional website and our content and services. The processing of our users' personal data regularly only takes place with the user's consent. An exception applies in cases in which obtaining prior consent is not possible for actual reasons and the processing of the data is permitted by legal regulations.
Legal basis for processing personal data
If we obtain the consent of the data subject for processing personal data, Article 6 Paragraph 1 Letter a of the EU General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data that is necessary to fulfill a contract to which the data subject is a party, Art. 6 Para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.
If the processing of personal data is necessary to fulfill a legal obligation to which our university is subject, Art. 6 Para. 1 lit. c GDPR serves as the legal basis.
In the event that the vital interests of the data subject or another natural person require the processing of personal data, Article 6 (1) (d) GDPR serves as the legal basis.
If the processing is necessary to fulfill the statutory tasks of our university, Art. 6 Para. 1 lit. e GDPR in conjunction with Art. 4 and 5 BayDSG forms the legal basis for the processing. Many of our tasks arise from Art. 2 BayHSchG.
Data deletion and storage period
We only store your personal data for as long as is necessary to fulfill our legal tasks or the respective processing activity. We generally retain personal data for 10 years after it was created. A transfer to state archives remains unaffected. Storage can also take place if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. The data will also be blocked or deleted if a storage period prescribed by the standards mentioned expires, unless there is a need for further storage of the data to conclude or fulfill a contract.
Provision of the website and creation of log files
Description and scope of data processing
Every time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer.
The following data is collected:
the address (URL) of the website from which the file was requested
the name of the file accessed
the date and time of the request
the amount of data transferred
the access status (file transferred, file not found, etc.)
the description of the type of web browser or operating system used
the anonymized IP address of the requesting computer.
The stored data is required exclusively for technical or statistical purposes; A comparison with other data sets or even a transfer to third parties, even in extracts, does not take place. The data is stored in the log files of our system. This does not affect the user's IP addresses or other data that enables the data to be assigned to a user: Before storage, each data set is anonymized by changing the IP address. Storage of this data together
Communication with other personal data of the user does not take place.
Legal basis for data processing
The legal basis for the temporary storage of the data and log files is Sections 14, 15 TMG, Section 100 Paragraph 1 TKG and Art. 4 BayDSG following the tasks of Art. 11 BayEGovG and Art. 7 and 34 BayHO.
Purpose of data processing
The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. To do this, the user's IP address must remain stored for the duration of the session.
The data is stored in log files to ensure the functionality of the website. The data also serves us to optimize our website and to ensure the security of our information technology systems. The data will not be evaluated for marketing purposes in this context.
Duration of storage
The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected to provide the website, this is the case when the respective session has ended.
If the data is stored in log files, this is the case after seven days at the latest. Storage beyond this is possible. In this case, the users' IP addresses are deleted or altered so that it is no longer possible to assign the calling client.
Possibility of objection and removal
The collection of data to provide the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility for the user to object.
Use of cookies
Description and scope of data processing
Our website uses cookies. Cookies are text files that are stored in the Internet browser or by the Internet browser on the user's computer system. If a user accesses a website, a cookie can be stored on the user's operating system. This cookie contains a characteristic string that enables the browser to be clearly identified when the website is accessed again.
We use cookies to make our website more user-friendly. Some elements of our website require that the accessing browser can be identified even after a page change.
The following data is stored and transmitted in the cookies:
Log-in information (in the case of logged in editors and authors)
Preferred search engine selection (when using the search function)
The user data collected in this way is pseudonymized using technical precautions. It is therefore no longer possible to assign the data to the accessing user. The data is not stored together with other personal data of the users.
The cookies mentioned are necessary to operate the website and therefore cannot be switched off. They are only set in the situations specified above.
If individual pages of the website contain procedures that require additional cookies that are not operationally necessary, this will be pointed out separately. If such procedures are used, they will be listed in the following chapters of this data protection declaration.
Legal basis for data processing
The legal basis for the temporary storage of the data and log files is Sections 14, 15 TMG, Section 100 Paragraph 1 TKG and Art. 4 BayDSG following the tasks of Art. 11 BayEGovG and Art. 7 and 34 BayHO
Purpose of data processing
The analysis cookies are used for the purpose of improving the quality of our website and its content. Through the analysis cookies we find out how the website is used and can therefore continually optimize our offering.
Duration of storage, possibility of objection and removal
Cookies are stored on the user's computer and transmitted to our site by the user. Therefore, as a user, you also have full control over the use of cookies. You can deactivate or limit the transfer of cookies by changing the cookie settings in your web browser or by clicking on the Cookie Settings link below. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to fully use all functions of the website.
SSL encryption
This site uses SSL encryption for security reasons and to protect the transmission of confidential content, such as the requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that:
e The address line of the browser changes from http:// to https:// and the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Rights of the data subject
With regard to the processing of your personal data, you as a data subject are entitled to the following rights in accordance with Art. 15 ff. GDPR:
You can request information about whether we process your personal data. If this is the case, you have the right to information about this personal data as well as other information related to the processing (Article 15 GDPR). Please note that this right to information may be restricted or excluded in certain cases (see in particular Art. 10 BayDSG).
In the event that personal data about you is no longer accurate or incomplete, you can request that this data be corrected and, if necessary, completed (Art. 16 GDPR).
If the legal requirements are met, you can request the deletion of your personal data (Article 17 GDPR) or the restriction of the processing of this data (Article 18 GDPR). However, the right to deletion according to Article 17 Paragraphs 1 and 2 GDPR does not exist, among other things, if the processing of personal data is necessary to carry out a task. Which is in the public interest or takes place in the exercise of official authority (Art. 17 Para. 3 Letter b GDPR).
If you have given your consent to the processing, you have the right to revoke this at any time. The revocation only takes effect in the future; This means that the revocation does not affect the lawfulness of the processing carried out based on the consent before the revocation.
For reasons arising from your particular situation, you can also object to us processing your personal data at any time (Article 21 GDPR). If the legal requirements are met, we will no longer process your personal data.
If you have consented to the processing or if it is carried out to fulfill the contract and the data processing is carried out using automated procedures, you may have a right to data portability (Art. 20 GDPR).
You have the right to complain to a supervisory authority within the meaning of Article 51 GDPR about the processing of your personal data. The responsible supervisory authority for Bavarian public bodies is the Bavarian State Commissioner for Data Protection, Wagmüllerstraße 18, 80538 Munich.