Privacy Policy

This is the Privacy Policy of:

Technische Hochschule Nürnberg Georg Simon Ohm
Kesslerplatz 12
90489 Nuremberg
- hereinafter referred to as Nuremberg Tech -

Nuremberg Tech takes data protection seriously. All of its data collection is carried out in accordance with the statutory regulations. Further detailed information about these can be found at www.datenschutz.de.

Nuremberg Tech’s data protection officer, Michael Günther, can be reached at datenschutzatth-nuernbergPunktde

The following shall apply in principle:

In order to ensure the appropriate security of your data during transfer, we use encryption processes (e.g. SSL/TLS) and secured technical systems based on the state of the art.

Javascript is used as the active component for webpages. If you have disabled this function in your browser, you will see the relevant prompt to re-activate it. When a user accesses a Nuremberg Tech webpage and when they retrieve a file, this process may store data in a protocol file. The following data set is then stored in each case:

• Name of the retrieved file
• Date and time of retrieval
• Transferred data quantity
• Report of whether retrieval was successful
• Description of the type of web browser used
• Requesting domain

These raw statistical data are deleted once the process prompted by the user is complete.

It may be necessary for Nuremberg Tech’s servers to place cookies to enable the use of Nuremberg Tech’s webpages. Two types of cookies are used.

• Session cookies are required partly for navigation on the portals of Nuremberg Tech. Session cookies become invalid when the browser is closed or when there has been no activity on Nuremberg Tech’s webpages for a certain period of time. When using a personalised area of the Nuremberg Tech portal, the user is required to log in again.
• Cookies for the provision of various services have a defined validity period that depends on the special application in each case.

Time limits for data deletion: Specific retention requirements and periods apply by virtue of the statutory provisions. Once these periods have elapsed, the relevant data are routinely deleted. For the rest, personal data are deleted as soon as they are no longer required for the purpose for which they were collected or the legitimate basis for data handling ceases to apply (e.g. as a result of withdrawal of consent). When an employee leaves the University’s employment, all entries associated with this individual shall be deleted from the personal database within a reasonable time, while on the other hand, all other editorial entries on university webpages will not be deleted until the individual withdraws consent. In principle, individuals shall each be responsible for deleting their own personal entries and links to internet search engines of other data controllers.

Use analysis using Matomo: Nuremberg Tech uses the open-source software Matomo for performing statistical analyses relating to this website. Information obtained in this manner shall only be processed and analysed internally within Nuremberg Tech.

Recorded data shall not be forwarded to third parties. These serve the purpose of identifying and improving relevant website content. IP addresses relating to these analyses are anonymized immediately after processing and before they are stored.

Matomo, formerly known as Piwik, has been configured according to the recommendations of the Independent State Data Protection Centre of Schleswig-Holstein (ULD) and complies with the applicable data protection stipulations.

By using this website, you declare that you agree to the processing of data collected about you in the aforementioned manner only for the purpose stated above. You can disable website use analysis by Matomo by unticking the box shown below.

You can decide here whether to allow a unique web analysis cookie to be stored in your browser, which will enable the website operator to record and analyse various statistical data.

Should you wish to decline it, please click on the following link in order to store the Matomo deactivation cookie in your browser.

The collected data will be used to optimize navigation on and content of the webpages of Nuremberg Tech. Data will be analysed in their entirety, which means that analysis will not be expressly performed on individual data attributable to users. The collected data will not be forwarded to external parties.

The data created as part of user registration will be analysed in anonymized form for the purpose of analysis by Nuremberg Tech. Addresses will not be sold to third parties.

Users who register on the Nuremberg Tech portal will cease to be anonymous. Whenever they log onto our website, users are able to use Nuremberg Tech’s services according to the selected service and their user authorisation. When a registered user contacts Nuremberg Tech IT support, a ticket is created for the incident. This ticket is stored in order to create an advice history should a client send repeated queries, for the purpose of ensuring rapid handling for the client.

If email addresses are used that are provided by Nuremberg Tech, all incoming emails are scanned using various automated procedures:

• Greylisting: Nuremberg Tech uses greylisting as an anti-spam measure. This means that emails sent to university email addresses are initially rejected. The server from which the email was sent is requested to “try again later”. RFC-compliant servers do this and send the email again after a short time, upon which the email is accepted and delivered. The email sender will notice nothing apart from a delay in the delivery of the email. Servers that are not RFC-compliant (often spammers) are usually unable to perform this repeated delivery.
• Virus scanners: If an email is found to contain a virus, the email is deleted immediately for security reasons. The recipient receives an automated email notification of this. The virus scanner cannot be deactivated. Use of the virus scanner does not provide 100% security, but forms part of the user’s personal security policy.
• Spam filter: All incoming emails are scanned by the system for particular terms or word combinations. The result of the scan is entered in an additional header field in the email. Emails can then be automatically forwarded to a special email folder in the allocated inbox on the basis of the header field. Emails that have been forwarded to the special folder can be automatically deleted. Each user is able to configure this spam filter function themselves according to the functions provided. The user is able to disable the spam filter at any time. Emails that have been filtered or deleted can no longer be automatically forwarded to the inbox or restored.

Nuremberg Tech makes some hosting capacity available within the scope of its services. Use of these systems is subject to the General Terms and Conditions of Business of Nuremberg Tech.

Employees of Nuremberg Tech are required to observe confidentiality with regard to personal data. These data will only be forwarded to third parties if this is required for the purpose of compliance with official duties. These third parties are also required to comply with personal data protection provisions.

All data available under “*.th-nuernberg.de” that are located on our servers and are hosted (stored) there are protected against unauthorised access by security systems. The efficacy of protection is tested by employees of Nuremberg Tech and its system service providers.

After a user leaves a page (such as by clicking on our banner advertisements), the selected target site may place cookies. Nuremberg Tech has no legal responsibility for these cookies. For information regarding the use of such cookies and the information stored in them by our advertising partners, please check their privacy policies.

Nuremberg Tech draws attention to the fact that secured channels (VPNs) should always be used when accessing the personalised area of the portal. This is the only way to ensure that personal data transferred over the internet between users and Nuremberg Tech’s servers cannot be viewed by third parties.

All operated servers on which personal data are processed or recorded for Nuremberg Tech users are located within the Federal Republic of Germany.

The browser security settings make it possible to allow or prohibit the storing of cookies. Further information about the use of cookies can also be found online on the website of the German Federal Office for Information Security (www.bsi.de).
If Nuremberg Tech instructs partner companies to perform particular services, the data protection provisions shall be incorporated in the contracts and the partners shall be required to comply with data protection law.

Contacting Nuremberg Tech using contact forms in relation to events and/or programmes at Nuremberg Tech and to correct errors on webpages of Nuremberg Tech: our contact forms can be used to send us a query or notification. To enable us to respond to you, it is necessary for you to provide your name and email address. Further personal data may be provided to us voluntarily depending on the form. The data will not be used for any other purpose or forwarded to third parties.

Events, press relations and public relations

Nuremberg Tech also acts as a (co-) organiser of various events.
In the case of an invitation to or participation in an event, Nuremberg Tech will process personal data (name, address, etc.). This may take place via various communication channels, such as by completing a (web) form or by email or telephone.

The personal data provided to Nuremberg Tech for this purpose are indicated in the relevant (web) form or by the data requested during a call.

Data collected from accompanying persons

For the purpose of proper running of the event, data from persons accompanying invited participants are also collected and processed. These persons shall have the same rights as stated here for all other persons affected by data collection, including rights to information regarding the nature and quantity of data, making objections to processing, and deletion of data in particular. Attention is drawn in this regard to the explanations under Right to information and Rectifications below.

Further processing of collected data

Personal data will not be forwarded to third parties without authorisation, but shall be stored and processed for internal use within Nuremberg Tech and for the purpose of organising and running events (such as compiling guest lists, enabling entry checks, etc.) Nuremberg Tech may arrange for data to be forwarded to one or more contractual processors that use(s) personal data at the instruction of Nuremberg Tech and only for internal use that is attributable to Nuremberg Tech.

Depending on the nature of the event, Nuremberg Tech shall act as a co-organiser alongside an additional cooperation partner. In such cases, the data collected for the purpose of the event will be forwarded to our cooperation partners, who will also be permitted to use these data exclusively for ensuring the proper running of the event. Notification regarding exactly which cooperation partners are involved in an individual case shall be provided separately within the scope of organising the event.

Data shall be stored only for as long as necessary for the organisation and running of events, and in order to perform our duties relating to public relations.

As a recipient of correspondence/invitations, you may object to receiving any further correspondence/invitations at any time.

Video/audio recording and photography

Within the scope of performing Nuremberg Tech’s press and public relations duties, video/audio recordings and photographs may be taken and used, in/on which you may be identifiably featured. The produced audio/visual material may be used free of any fee and without restriction in terms of time, space or content. You are also entitled to object to this. Please use the contact details shown to file your objection.

Privacy notice in relation to social media

Clicking on the social media buttons on the Nuremberg Tech website will take the user to Nuremberg Tech’s pages on the social media sites. The user therefore leaves the Nuremberg Tech website. All users must independently protect their personal data when using social networking sites. Users must take note of the data protection provisions on these sites and manage their personal settings.

And additionally in so far as we process personal data under our own responsibility for:

• twitter.com/TH_Nuernberg
• www.youtube.com/user/THNuernberg
• www.facebook.com/thnuernberg
• www.instagram.com/th_nuernberg/
• www.xing.com/companies/technischehochschulenürnberg
• www.xing.com/communities/groups/th-nuernberg-1054832

At present, we assume that we are not subject to any joint responsibility under data protection law in so far as your data are processed by these providers for the purposes defined here.

Purposes and legal basis and regulations for processing in accordance with Article 6 GDPR

We provide our services, administrative services, and information for the public about our activities on our website in accordance with Article 2, paragraph 6 BayHSchG, and Article 4, paragraph 1, sentences 1 and 2 BayEGovG.

Our social media profiles form part of our public relations activities. Our aim is to provide information in a manner that is appropriate to the target groups and to interact with you, Article 2, paragraph 6 BayHSchG. We make it possible for you to contact us quickly via electronic means and to communicate directly using your choice of media, Section 5, paragraph 1, no. 2 TMG.

We shall disclose content and contributions or queries that violate third-party rights or constitute a criminal or administrative offence, or fail to fulfil the conduct required by law or by contract, by forwarding them to the competent authority or the social media provider, and block or delete them.

We use cookies, protocol files, statistics of social media providers, and the web analysis tool Matomo to produce business statistics, carry out organisational reviews, perform tests or maintenance of our web service, and guarantee network and information security in accordance with Article 6, para. 1 BayDSG [Bavarian Data Protection Act]; Section 13, para. 7 TMG [Telemedia Act]; Art. 11 para. 1 BayEGovG [Bavarian E-Government Act]. We anonymize or pseudonymize personal data unless this affects the purpose of processing.

Right to information and rectifications

In accordance with the General Data Protection Act, you are entitled to the following rights:

• If your personal data are being processed, you have the right to obtain information regarding the data stored about you (Article 15 GDPR).
• Should inaccurate personal data be being processed, you are entitled to have them rectified (Article 16 GDPR).
• Should the statutory conditions exist, you may request the erasure or restriction of processing of data, or file an objection to processing (Articles 17, 18 and 21 GDPR).
• If you have agreed to data processing or a data processing agreement exists and data processing is being carried out using an automated process, you are entitled to data portability if required (Article 20 GDPR)

Should you have any further questions regarding collection of personal data, you are welcome to contact the University’s Data Protection Officer in accordance with the EU GDPR.

Should you exercise any of the aforementioned rights, the public office will verify whether the statutory requirements for this have been fulfilled.

Individuals also have a right of complaint to the Bavarian Federal State Data Protection Officer.

We ensure compliance with the data protection provisions on all parts of our platform and in all parts of our University. If you have any questions, you are also welcome to contact us directly: datenschutzatth-nuernbergPunktde

Version date: 3 July 2018
University Data Protection Officer