XDSwiki:Privacy policy

From XDSwiki
Jump to navigation Jump to search

Name and address of the data protection officer

The university’s data protection officer is:

Heinz-Joachim Sommer
Datenschutz-Sommer
Sommertalweg 1
88709 Meersburg
GERMANY
Email: datenschutzbeauftragter@uni-konstanz.de
Website: Data protection officer


Name and address of the responsible institution

The responsible institution as per the General Data Protection Regulation (GDPR), other national data protection laws of the member states as well as additional data protection regulations is the:

University of Konstanz
represented by its rector, Professor Dr. Dr. h.c. Ulrich Rüdiger
Universitaetsstrasse 10
78464 Konstanz
GERMANY
Phone: +49 7531 88-0

Responsible for content:
Julia Wandt, Director of Communications and Marketing, Press Officer
Phone: +49 7531 88-0
Email: onlineredaktion@uni-konstanz.de
Website: https://www.uni-konstanz.de/en/

Providing access to the website and creation of log files

Every time a user accesses a University of Konstanz web page, file or other resource, the following data related to this process is stored in a log file:

  • date and time of the request
  • address and file size (in bytes) of the resource requested and/or accessed
  • IP address of visitor
  • server response (HTTP status code, e.g. “file sent”, “file not found”, etc.)
  • connection information from the browser and operating system used, if available
  • referrer website visited prior to the university web page as well as the search terms entered, if available

The last byte of the IP address is removed to anonymise the log files. As a result, it is no longer possible to associate the collected data with a particular person.

The logged information is used to identify, isolate and fix disruptions or errors in the systems needed to operate the University of Konstanz web pages. These may also include disruptions or errors that lead to the restricted availability of information and communication services or allow unauthorised access to the systems.

The anonymised information is also used for statistical purposes in order to continually improve the quality of the web services provided.

Using cookies

When a page is visited, the browser will save a so-called “session cookie” to the end device in use. The cookie will be deleted as soon as the browser is closed. The “session cookies” do not contain personal information. It is not intended nor possible to use the session ID to identify a user. The temporary logging of these cookies can be disabled by changing the appropriate settings of the internet browser. This does not affect the access or use of the page, but disabling cookies may increase the server’s response time slightly.

This does not apply to session cookies saved in connection with a one-time authentication process required to access protected areas of the website. The purpose here is to recognise multiple related requests from the same user, which preserves the user's authentification status while using the website. Blocking these cookies can impair access to and utilisation of the website.


Forms

Description and scope of the processing of data

Using particular services such as registering for events or filling out contact forms may require collecting, processing, and using personal information. The same applies to personal data transmitted to the email address provided on the respective website (as an alternative to the online form). Information about the legal basis, the purpose of processing and use of the data as well as deletion deadlines is provided on the form pages.

Information about the data entered by the users themselves, the user's browser as well as the date, time and duration of the entry is saved (spam protection).


Web analysis using awstats

We use the open source software tool awstats to analyse our users’ browsing behaviour. The software saves a cookie to the user’s computer (for information on cookies, please see above). When individual wiki web pages are accessed, the following information is stored:

  1. the first three bytes of the IP address of the user’s system
  2. the web page accessed
  3. the referrer website that the user accessed before visiting the university website
  4. the sub-pages accessed
  5. the duration of the user’s visit to the web page
  6. how often the user accesses the web page
  7. browser
  8. browser recognition
  9. resolution
  10. the user’s device type (smartphone, tablet, etc.)

The software runs exclusively on our servers. User data is only saved to our servers. It is not passed on to third parties.

The software has been configured to mask the last byte of the IP address (e.g.: 192.168.134.xxx). That way, it is impossible to associate the IP address with the device used to access the website.

You can deactivate or restrict cookies by changing the settings of your internet browser. Saved cookies can be deleted at any time, even automatically, if you wish. If you disable cookies for our website, you may experience difficulties when accessing some if its functions.

Rights of the parties involved

In accordance with § 15 GDPR, you have the right to request information from the University of Konstanz about any data it saves that is related to your person and/or to have incorrect data corrected as per § 16 GDPR.

You also have the right to demand that your data be deleted (§ 17 GDPR) or that the processing and use thereof be restricted (§ 18 GDPR), as well as to object to the processing and use of your data (§ 21 GDPR).

If you raise an objection while in a contractual relationship with the university, it may no longer be possible to fulfil the contract.

You can withdraw your consent regarding the processing and use of your data at any time. The fact that all data processed between the point in time that consent was given and it being withdrawn was processed lawfully remains untouched.

To better understand and exercise your rights, please contact our data protection officer by emailing datenschutzbeauftragter@uni-konstanz.de.

You also have the right to file a complaint with the regulating authority if you believe that the processing and use of your personal data is in violation of the law (§ 77 GDPR). The responsible contact person at the regulating authority is the Landesbeauftragter für den Datenschutz und die Informationsfreiheit Baden-Württemberg (state commissioner for data protection and the freedom of information in Baden-Württemberg) (https://www.baden-wuerttemberg.datenschutz.de).