1. Responsible institution for data protection purposes:
2. Data protection representative
University of Freiburg
Data protection representative
In general terms, we take the private sphere of our visitors very seriously and collect only data that are necessary for optimizing the functionality and usability of the web pages.
4. Collection of personal data
Unless otherwise specified on the particular web pages, personal data are collected as follows:
4.1. Availability of web pages and creation of log files
4.1.1. Description and categories of data
When you visit this or other web pages, you send data to our web server via your web browser. The following data are retained temporarily in a log file during an ongoing connection only in the case of an error:
- IP address of the requesting computer
- Date and time of the access
- Name, URL, and amount of transferred data from the requested file
- Access status (requested file transferred, not found, etc.)
- Browser type and operating system (if sent by the requesting web browser)
- Web page from which access was obtained (if sent by the requesting web browser)
The data in this log file are processed as follows:
- In individual cases, i.e., reported defects, errors, and security incidents, a manual analysis is conducted.
The system needs to temporarily store the user’s IP address to enable the website to be sent to the user’s computer. The user’s IP address must be retained for the duration of the session.
The data are stored in a log file as a means of ensuring the proper functioning of the website. In addition, we use the data to optimize the website and guarantee the security of our information technology systems. The IP addresses included in the log entries are not combined with other retained data unless there are actual indications that there has been a disruption of proper operation.
These purposes also constitute our legitimate interest in processing data in accordance with § 6 para. 1 lit. f GDPR (General Data Protection Regulation).
4.1.3. Legal basis
The legal basis for the temporary retention of the data and the log files is § 6 para. 1 lit. f GDPR.
In the case that investigative measures are initiated due to attacks on our information technology system, the data and log files named above under 4.1. may be passed on to state investigative bodies (e.g., police, public prosecutor).
The same applies if these bodies or courts direct inquiries at the university and the university is obligated to comply with them.
4.1.5. Duration of data retention
The data are deleted as soon as they are no longer needed to achieve the purpose for which they were collected. In the case of data collected to make the website available, this is the case at the end of the relevant session.
The data retained in log files are deleted after seven days.
4.1.6. Consequences of nondisclosure, possibility of objection or removal
The collection of data for the purpose of making the website available and the storage of the data in log files is absolutely necessary for the operation of the website. Users who do not want their data to be processed as described may contact the university in other ways (by telephone, in writing, in person) to obtain information or perform functions available on the website.
4.2.1. Description and categories of data
The following data are stored in cookies and sent to the user’s computer system by this website:
|sfb948-blog.uni-freiburg.de||_wp_session||bdbe4e60fd127ecb9697988af77f106d%7C%7C1536239682%7C%7C1536239322||Browser session||Until the end of the browser session|
|sfb948-blog.uni-freiburg.de||wordpress_test_cookie||WP+Cookie+check||WordPress sets this cookie when you navigate to the login page. The cookie is used to check whether your web browser is set to allow, or reject cookies.||Until the end of the browser session|
Further information is available in the WordPress Codex:
The purpose of each cookie is listed in the table under 4.2.1.
The user data collected by the cookies are not used to create user profiles.
These purposes also constitute our legitimate interest in processing personal data in accordance with § 6 para. 1 lit. f GDPR
4.2.3. Legal basis
The legal basis for the processing of personal data using cookies is § 6 para. 1 lit. f GDPR.
The recipient of the information contained in the cookies is exclusively the authorized web server, i.e., the university web server that sent the cookie.
4.2.5. Duration of data retention
The cookies are retained for the periods listed in the table under 4.2.1.
Since the cookies are stored on your computer, you also have the possibility of deleting them earlier. For more information, please read the following section.
4.2.6. Consequences of nondisclosure, possibility of objection or removal
5. Your rights
You have the right to receive information on the personal data retained when you visit the website and/or have retained data that is incorrect corrected.
You also have the right to demand that your data be deleted or that the processing thereof be restricted as well as to object to the processing of your data.
To exercise these rights, please contact email@example.com.
You have the right to file a complaint with the regulating authority if you believe that the processing of your personal data is in violation of the law.
The responsible regulating authority is Baden-Württemberg’s state commissioner for data protection and freedom of information (Landesbeauftragte für den Datenschutz und die Informationsfreiheit).