Data protection is our concern and our legal obligation. In order to adequately protect the security of your data during transmission, we use appropriate encryption methods (e.g. SSL/TLS) and secure technical systems based on the current state of the art.
2. name and address of the controller
The responsible party within the meaning of the General Data Protection Regulation and other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is:
Weihenstephan-Triesdorf University of Applied Sciences
Am Hofgarten 4
T +49 8161 71-0
3. name and address of the data protection officer
The data protection officer of the controller is:
Dr. Heiko Haaz
Weihenstephan-Triesdorf University of Applied Sciences
Am Hofgarten 4
T +49 8161 71-5246
Any data subject may contact our data protection officer directly at any time with any questions or suggestions regarding data protection.
4. purposes and legal bases of the processing
In accordance with Art. 2 Para. 6 BayHSchG, Art. 4 Para. 1 S. 1 and 2 BayEGovG, as well as Art. 6 Para. 1 lit. a, c, e EU-DSGVO, we offer our services and administrative services as well as information for the public about our activities on our websites.
Our social media presences are part of our public relations work. Our aim is to inform and exchange information with you in a way that is appropriate to the target group (Art. 2 para. 6 BayHSchG). We enable you to make fast electronic contact and communicate directly via the media of your choice (§ 5 para. 1 no. 2 TMG).
We disclose and block or delete content and posts that violate the rights of third parties or that constitute a criminal offense or misdemeanor, or do not comply with legal or contractual obligations of conduct, by transmitting them to the competent authority or social media service.
5. data categories
Administration and editing
For administration and editing purposes, function identifiers and personal identifiers with access protection mechanisms are created and changes made with these identifiers are logged.
When you access this or other Internet pages, you transmit data to our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your Internet browser and our web server. Depending on the access protocol used, the log data record contains information with the following content:
- the IP address of the requesting computer
- Date and time of the request
- the access method/function requested by the requesting computer
- the input values transmitted by the requesting computer (file name, ...)
- Access status of the web server (file transferred, file not found, command not executed, etc.)
- Name of the requested file
- Type and version of the web client
- URL from which the file was requested/the desired function was initiated.
If you send us a request or an opinion by e-mail, post, telephone, fax or social media, the information provided will be processed for the purpose of dealing with the request and for possible follow-up questions and the exchange of opinions.
6. registration on our website
The data subject has the option to register on the website for certain additional services by providing personal data. Which personal data is transmitted to the controller in the process results from the respective input mask used for the registration. The personal data entered by the data subject is collected and stored exclusively for internal use by the controller and for its own purposes.
The registration of the data subject by voluntarily providing personal data serves the purpose of the controller to offer the data subject content or services which, due to the nature of the matter, can only be offered to registered users. Registered persons are free to modify the personal data provided during registration at any time or to have it completely deleted from the data stock of the controller.
The controller shall provide any data subject at any time, upon request, with information about what personal data is stored about the data subject. Furthermore, the data controller shall correct or delete personal data at the request or notice of the data subject, provided that this does not conflict with any statutory retention obligations. A data protection officer named in this data protection declaration is available to the data subject as a contact in this context.
7. transfer of personal data to a third country or international organizations
All of our social media providers are certified under the EU-US Privacy Shield for any person to see, so there is a legally adequate level of protection for personal data:
8. routine deletion and blocking of personal data
The controller processes and stores personal data of the data subject only for the period necessary to achieve the purpose of storage or where provided for by the European Directive and Regulation or other legislator in laws or regulations to which the controller is subject. If the storage purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Maker or another competent legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.
9. data subject rights
Under the General Data Protection Regulation, you have the following rights:
- If your personal data is processed, you have the right to obtain information about the data stored about you (Art. 15 DSGVO).
- If incorrect personal data is processed, you have a right to rectification (Art. 16 DSGVO).
- If the legal requirements are met, you may request the erasure or restriction of processing as well as object to processing (Art. 17, 18 and 21 DSGVO).
- If you have consented to the data processing or if a contract for data processing exists and the data processing is carried out with the help of automated procedures, you may have a right to data portability (Art. 20 DSGVO).
Should you make use of your above-mentioned rights, the public body will check whether the legal requirements for this are met.
Furthermore, there is a right of appeal to the Bavarian State Commissioner for Data Protection.
11. use of Vimeo plugins
We use the provider Vimeo, among others, for the integration of videos. Vimeo is operated by Vimeo, LLC, headquartered at 555 West 18th Street, New York, New York 10011. On some of our web pages, we use plugins of the provider Vimeo. When you call up the Internet pages of our website that are provided with such a plugin - for example, our media library - a connection is established to the Vimeo servers and the plugin is displayed. This transmits to the Vimeo server which of our Internet pages you have visited. If you are logged in as a member of Vimeo, Vimeo assigns this information to your personal user account. When using the plugin, such as clicking on the start button of a video, this information is also assigned to your user account. You can prevent this assignment by logging out of your Vimeo user account before using our website and deleting the corresponding cookies from Vimeo. For the purpose and scope of the data collection and the further processing and use of the data by Vimeo, as well as your rights in this regard and setting options for protecting your privacy, please refer to the data protection information of Vimeo: https://vimeo.com/privacy