Data Protection Statement
We appreciate your interest in our online presence. The protection of your personal data is very important to us. It is possible to use our website without providing any personal data. When you make use of special services on our websites, however, it may be necessary for us to process your personal data. If this does prove necessary and there is no statuatory basis for this processing, we generally obtain your consent.
The processing of personal data, for example, of a person’s name, street address, email address or telephone number, is always performed in accordance with the EU General Data Protection Regulation (EU-GDPR) and in compliance with the Berlin Data Protection Act (BlnDSG). The following data protection statement is intended to inform you about the type, scope and purpose of the personal data we collect. Moreover this data protection statement also explains your rights.
The Data Protection Statement of Humboldt-Universität zu Berlin is based on the terms used by European legislators in issuing the General Data Protection Regulation. These terms are explained in a glossary at the end of this document.
1. Name and address of the data controller
The controller in the sense of the General Data Protection Regulation is:
Humboldt-Universität zu Berlin
Prof. Dr. Peter Frensch
Unter den Linden 6
Phone: +49 (30) 2093-2100
2. Name and address of the data protection officer
The Data Protection Officer of Humboldt-Universität zu Berlin is:
Phone: +49 (30) 2093-2591
3. Data processing and processing purposes
For each visit to the website by a data subject or an automated system, the website collects a series of general data and information. These general data and information are stored on the log files of the server. The following are collected: (1) the type and version of the browser used, (2) the operating system used by the accessing system, (3) the website from which an accessing system reaches our website (HTTPS referer), (4) the subsites that are accessed on our website via an accessing system, (5) the date and time of access to our website, (6) the Internet Protocol address (IP-address) with the final digits removed to make it anonymous and (7) other similar data and information that facilitate an emergency response in case of attacks on our information technology systems.
In using these general data and information, Humboldt-Universität zu Berlin makes no inferences about the data subject. This information is necessary in order (1) to correctly provide the contents of our website, (2) to optimize the contents of our website, (3) to ensure the continuous functionality of our IT system and the technology of our website and (4) to provide law enforcement authorities with the information necessary for criminal prosecution in the case of a cyber attack. These anonymously recorded data and information are evaluated by Humboldt-Universität zu Berlin statistically as well as with the goal of increasing data protection and data security at our institution in order to ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from all personal data provided by a data subject.
If a data subject contacts the data controller via email or contact form, the personal data of that data subject are automatically stored. These personal data, provided voluntarily by a data subject, are stored for the purpose of processing or of contacting the data subject. These personal data are not shared with a third party.
4. Erasing and blocking personal data
The personal data collected by us will be processed and saved only for as long as is necessary to achieve the storage purposes or as laws and regulations require. The log data mentioned in (3) will be erased after one week.
5. Rights of the data subject (withdrawal, access, rectification, erasure)
Every subject whose personal data is processed has, according to the law, the right to demand free of charge from the data controller access or confirmation regarding the personal data stored about them. Moreover, there is a right to the rectification of inaccurate personal data without undue delay and a right to erasure; there is also a right to restriction of processing and a right to object to processing.
Consent to the processing of personal data can be withdrawn at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
There is a right to keep the personal data provided by the data subject in a structured, commonly used and machine-readable format, and to transmit it to another controller.
Furthermore without prejudice to any other administrative or judicial remedy, complaints can be submitted to a Member State supervisory authority if there are any doubts about the lawfulness of the processing of personal data.