Information about data we collect and process when you use our website and the legal basis for doing so.
1. Protection of your personal data
When you use our website, the protection of your personal data is extremely important. We only process our users’ personal data to the extent necessary to provide services, content and a functional website.
This data protection policy regulates how, when and on what basis we collect and process personal data and in some instances pass it on to third parties, as well as your rights as a data subject.
2. Name and address of the data controller
Responsible for this website within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws as well as other data protection regulations:
Sprachenzentrum der Friedrich-Alexander-Universität Erlangen-NürnbergBismarckstr. 10
3. General information on data processing
We only process our users’ personal data to the extent necessary to provide services, content and a functional website. As a rule, personal data are only processed after the user gives their consent. An exception applies in those cases where it is impractical to obtain the user’s prior consent and the processing of such data is permitted by law.
Art. 6 (1) (a) of the EU General Data Protection Regulation (GDPR) forms the legal basis for us to obtain the consent of a data subject for their personal data to be processed.
The personal data of the data subject is deleted or blocked as soon as the reason for storing it ceases to exist.
4. Data collected
Each time our website is accessed, our system automatically collects data and information from the user’s computer system. In this context, the following data is collected:
- Address (URL) of the website from which the file was requested
- Name of the retrieved file
- Date and time of the request
- Data volume transmitted
- Access status (file transferred, file not found, etc.)
- Description of the type of web browser and/or operating system used
- Anonymised IP address of the requesting computer
The data stored is required exclusively for technical or statistical purposes; no comparison with other data or disclosure to third parties occurs, not even in part. The data is stored in our system’s log files. This is not the case for the user’s IP addresses or other data that make it possible to assign the data to a specific user: before data is stored, each dataset is anonymised by masking the IP address. This data is not stored together with other personal data.
The temporary storage of the IP address by the system is necessary in order to deliver the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session. The storage of such data in log files takes place in order to ensure the website’s functionality. This data also serves to help us optimise the website and ensure that our IT systems are secure. The collection of data for the purpose of providing the website and the storage of such data in log files is essential to the website’s operation. As a consequence, the user has no possibility to object.
Data is deleted as soon as it is no longer necessary for fulfilling the purpose for which it was collected. If data has been collected for the purpose of providing the website, this is deleted at the end of the respective session. If data is stored in log files, it is deleted at the latest after seven days. A longer storage period is possible. In this case, the users’ IP addresses are deleted or masked so that they can no longer be attributed to the client accessing the website.
Contact forms and contact by Email
Contact forms are available on our website that can be used to contact us electronically. If a user makes use of this possibility, the data they enter in the input form is transmitted to us and stored. The contact forms list and explain which data is required. The contact forms indicate if there are any deviations from or additions to the purpose and duration of storage from that stated here.
The personal data from the forms is processed solely for the purpose of contacting the user. If the user contacts us by e-mail, this also constitutes our legitimate interest in processing the data. All other personal data processed during the dispatch of an e-mail serves to prevent misuse of the contact form and to ensure that our system is secure.
Data is deleted as soon as it is no longer necessary for fulfilling the purpose for which it was collected. This is the case for the personal data from contact forms and the data sent by e-mail when the respective conversation with the user has ended. The conversation is considered to have ended when it can be seen from the circumstances that the subject matter in question has been dealt with.
You can reserve tickets online via our website. When you do so, the data from the input form is transmitted to us. In the course of the ticjet reservation process, we will request your consent for the processing of your personal data and draw your attention to this data protection policy.
No data is disclosed to third parties in connection with the data processing required for this purpose. Data is used exclusively for the purpose of processing your reservation.
The data is deleted as soon as it is no longer necessary for fulfilling the purpose for which it was collected.
Technical measures are taken to pseudonymise user data collected in this way. This means that the data can no longer be attributed to the user. The data is not stored together with other personal data of the user. When accessing our website, a banner informs users that cookies are used and makes reference to this data protection policy.
6. Data security
Our website can only be accessed via a secure connection (TLS encryption). Any personal data is transmitted securely and, where apropriate, stored in encrypted form.
7. Rights of the data subject
With regard to the processing of your personal data, you as a data subject are entitled to the following rights pursuant to Art. 15 et seq. GDPR:
- You can request information as to whether we process your personal data. If this is the case, you have the right to information about this personal data as well as further information in connection with the processing (Art. 15 GDPR). Please note that this right of access may be restricted or excluded in certain cases (cf. in particular Art. 10 BayDSG).
- In the event that personal data about you is (no longer) accurate or incomplete, you may request that this data be corrected and, if necessary, added to (Art. 16 GDPR).
- If the legal requirements are met, you can demand that your personal data be erased (Art. 17 GDPR) or that the processing of this data be restricted (Art. 18 DSGVO). However, the right to erasure pursuant to Art. 17 (1) and (2) GDPR does not apply, inter alia, if the processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority or in the exercise of official authority vested (Art. 17 para. 3 letter b GDPR).
- If you have given your consent to the processing, you have the right to withdrawal it at any time. The withdrawal will only take effect in the future; this means that the withdrawal does not affect the lawfulness of the processing operations carried out on the basis of the consent up to the withdrawal.
- For reasons arising from your particular situation, you may also object to the processing of your personal data by us at any time (Art. 21 GDPR). If the legal requirements are met, we will subsequently no longer process your personal data.
- Insofar as you have consented to the processing of your personal data or have agreed to the performance of the contract and the data processing is carried out automated , you may be entitled to data portability (Art. 20 GDPR).