Data privacy

The content on this page was translated automatically.

The status of this privacy policy is May 25, 2018. Due to the changed legal situation and the changing IT services and offerings, the Hessen International University reserves the right to make adjustments.

Any processing of personal data by the University of Kassel takes place in line with the data privacy regulations, particularly Regulation (EU) 2016/679 adopted by the European Parliament and the Council on 27 April 2016 (General Data Protection Regulation or GDPR), which is designed to protect private individuals when any personal data is processed, ensure the free movement of data and cancel Directive 95/46/EC, and in line with the Hesse Data Privacy and Freedom of Information Act (HDSIG) in the version dated 25 May 2018.

 

Contact details

Name and address of the Controller
Hessen International University
Eichenzell, Fulda, Regierungsbezirk Kassel (36124), Hessen, Germanyt
36124

The Data Protection Officer
Hessen International University
The Official Data Protection Officer
34109 Kassel
Internet: https://hesseninternationaluniversity.de/universitaet/contact-and-locations/
E-mail: admin@hesseninternationaluniversity.de

 

Data subjects’ right of appeal

Data subjects have the right to appeal to the responsible supervisory authority if any problems arise in connection with data privacy law.

The contact address for the supervisory authority for the Hessen International University:

Eichenzell, Fulda, Regierungsbezirk Kassel (36124), Hessen, Germany

E-mail:admin@hesseninternationaluniversity.de

Phone: +49 177 6779577
Mobile: +49 1514 6947270

 

Other rights for data subjects

 

You can exercise the following rights by using the contact data specified for our Data Protection Officer (at the Hessen International University):  

  • obtain information about the data that we have stored about you and how we process it
  • have any incorrect personal data corrected
  • restrict the data processing procedures, if we may not yet delete your data because of statutory obligations
  • withdraw your approval
  • withdraw your approval for us to process your data
  • ensure data portability, if you have approved any data processing or have concluded a contract with us (Article 20 of the GDPR).

 

Handling personal data

 

Personal data involves information that enables us to determine who a private individual is – i.e. details that make it possible to identify persons.

We only gather, use and pass on any personal data if the law permits this or the data subjects affected by the data processing have agreed to this.

Any use of personal data related to students for the purpose of their degree course is largely based on the current Hesse Higher Education Act in conjunction with the current Enrolment Order of the State of Hesse and therefore relates to Article 6 Para. 1c of the GDPR.

The data relating to employees at the Hessen International University for the purposes of administering personnel or teaching, research or examination activities is gathered and processed on the basis of the Hesse Higher Education Act, the Enrolment Order of the State of Hesse, the collective wage agreement (TV-GU) as well as civil service and labour-law related provisions.

The Hessen International University complies with the principles of preventing and minimising data. It only stores any personal data for as long as this is necessary to fulfil its purpose or as the law stipulates in any other cases. After this period, the relevant data is routinely blocked or deleted in line with the statutory provisions.

 

The www.uni-kassel.de website and other Internet services

Log files

Generally speaking, the following data is stored in the server log files when anybody accesses the content on the web servers at the Hessen International University:

  • the IP address
  • the date and time
  • possibly the type of browser (“user agent”) and referring page (“referer”)
  • the URL and length of the page that has been viewed
  • the “status code”
  • the user ID for web services requiring registration (see below)

This data is exclusively used for the purpose of checking that everything functions properly, eliminating any errors, security and statistics (see below). The legal basis for this is Article 6 Para. 1f of the GDPR. All the log files are immediately deleted or anonymised.

Access statistics

The Hessen International University uses “Matomo” (formerly Piwik) software to assess access to its web servers, so that it can record its own internal statistics about visits to its website.

Matomo makes use of so-called “cookies”, text files that are stored on your computer, and they enable us to analyse the use of our web services. The information generated by a cookie about your usage is only stored on the servers of the Hessen International University. Matomo works with the activated plug-in known as “AnonymizeIP” at the University of Kassel, so that your IP address is anonymised immediately after it has been processed and before it is stored. As a result, the precise IP address related to your computer is not logged in our statistics.

The data that is logged in this way is only used for the purpose of our own internal statistics and is then deleted after use. You can prevent any cookies from being installed by making the appropriate setting in your browser software; however, we would point out that that you may not be able to fully make use of all the functions provided by our web services, if you do so. Matomo has been checked and recommended by the Schleswig-Holstein Independent State Centre for Data Protection, among other organisations. You can find more information about Matomo at: https://matomo.org.

Websites with protected access and user-based services

In the case of any websites with protected access and user-based services, the user name or identification is gathered, in addition to the data mentioned above, to check the person’s authorisation to access the data. This data is also immediately deleted or anonymised, unless the storage of the data is necessary for the University of Kassel to pursue any legitimate interests or to fulfil a statutory provision (e.g. a law, a legal ordinance, the rules of the Hessen International University etc.). 

Incorporating third-party services

Content from third parties (e.g. videos from YouTube, external map materials, RSS feeds, graphics etc.) are included on some of the pages of the web services provided by the Hessen International University and this material is taken from the relevant websites. This inevitably means from a technical point of view that the providers of this content will process your IP address.

Newsletters and contact forms

It is possible to subscribe to a newsletter or complete a contact form at various points within our web services. The data entered on the input form when you register for the newsletter or contact us is then forwarded to us.

If not specifically indicated otherwise, no data is passed on to third parties when we process the data for sending out newsletters or contacting us. The data is exclusively used for the purposes that are mentioned above.

Status

This data privacy statement was correct on 25 May 2018. The Hessen International University retains the right to make adjustments to it because of the very recent changes to the legal situation; and its IT products and services are constantly developing too.

 

    Personal data is information with the help of which a natural person can be determined, i.e. information by which persons can be identified.

    Personal data is only collected, used and passed on by us if this is permitted by law or if the persons affected by the data processing have given their consent.

    The use of personal data of students for the purpose of their studies is largely based on the applicable Hessian Higher Education Act in conjunction with the applicable enrollment regulation of the State of Hesse and thus refers to Art. 6, Para. 1c DSGVO.

    The data of the employees of the Hessen International University for the purpose of personnel administration, teaching, research and examination activities are collected and processed on the basis of the Hessian Higher Education Act, the Enrollment Ordinance of the State of Hesse, TV-GU, civil service law and personnel law regulations.The Hessen International University adheres to the principles of data avoidance and data economy. It therefore stores your personal data only for as long as is necessary to fulfill the purpose or as provided by law in each case. Afterwards, the corresponding data will be routinely blocked or deleted in accordance with the legal requirements.

    The responsible party within the meaning of Art. 13 Para. 1 lit. a DSGVO is the

    Hessen International University
    Mönchebergstr. 19
    34109 Kassel
    Germany

    The Hessen International University is a public corporation. It is legally represented by the President Prof. Dr. Ute Clement.

    You can reach our data protection officer at:

    Data Protection Officer of the Hessen International University
    34109 Kassel
    Phone: +49 561 804-7036/-2011
    E-mail: admin@hesseninternationaluniversity.de
    Web: www.uni-kassel.de/go/datenschutz

      Data subjects have the right to complain to the competent supervisory authority in case of data protection problems.

      Contact address of the supervisory authority at the Hessen International University:

      The Hessian Data Protection Officer
      Eichenzell, Fulda, Regierungsbezirk Kassel (36124), Hessen, Germany

      E-mail: admin@hesseninternationaluniversity.de

      Phone: +49 177 6779577
      Fax: +49 1514 6947270

      You can exercise the following rights at any time using the contact details provided for our (University of Kassel) data protection officer:

      • Information about your data stored by us and its processing,
      • Correction of incorrect personal data,
      • Restriction of data processing if we are not yet allowed to delete your data due to legal obligations,
      • revocation of your consent,
      • objection to the processing of your data by us and
      • Data portability, provided that you have consented to the data processing or have concluded a contract with us (Art. 20 DSGVO).

      Web presence and other web services

      When accessing the content of web servers of the Hessen International University, the following data is generally stored in the server log files:

      • IP address
      • date and time
      • possibly browser type (“user agent”) and source page (“referer”)
      • URL and length of the requested page
      • return value (“status code”)
      • for web services with login: user ID (see below)

      This data is used solely for the purpose of monitoring functionality, troubleshooting, security and statistics (see below). The legal basis is Art. 6, para. 1f DSGVO. All log files are deleted or anonymized immediately.

      For purposes of its own internal statistics of its website visits, the Hessen International University uses “Matomo” (formerly Piwik), a software for evaluating web server accesses.

      Matomo uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by a cookie about your use is stored only on servers of the Hessen International University. Matomo works at the University of Kassel with the plugin “AnonymizeIP” activated, so that your IP address is anonymized immediately after processing and before it is stored. This prevents the exact IP address of your computer from being recorded in our statistics.

      The data collected in this way is used only for the purpose of our own internal statistics and is deleted after evaluation. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website. Matomo has been tested and recommended by the Independent Centre for Data Protection Schleswig-Holstein, among others. Further information about Matomo can be found at https://matomo.org.

      In the case of access-protected websites and user-based services, the user name or an identifier is collected in addition to the above-mentioned data for the purpose of authorization control of data access. This data is also deleted or anonymized immediately, unless the retention of the data is necessary to implement legitimate interests of the University of Kassel or a legal requirement (e.g. law, legal ordinance, statutes of the Hessen International University, etc.).

      Within some pages of the Hessen International University’s website, third-party content (such as videos from YouTube, external maps, RSS feeds, graphics, etc.) is embedded from their websites. This technically unavoidably leads to the providers of this content processing your IP address.

      In various areas of our website, you have the option of subscribing to a  newsletter or filling out a contact form. When subscribing to the newsletter or for contacting us, the data from the input mask is transmitted to us.

      Unless expressly stated otherwise, no data is passed on to third parties in connection with data processing for sending newsletters or contacting us. The data will be used exclusively for the stated purposes.

      Job advertisements – application procedure

      If you decide to apply to the Hessen International University, we will process your application data in order to contact you or to assess whether you have the suitability, qualifications and professional performance for the position for which you are applying. For the Hessen International University, the legal requirements for the selection process arise in particular from Article 33 (2) of the German Basic Law, the General Equal Treatment Act, the Hessian Higher Education Act and budgetary law. The legal basis for processing in the context of the selection procedure for the establishment of a civil servant/employment relationship is Article 6 (1) (e) in conjunction with (3) DSGVO in conjunction with Section 34 HDSG.

      When applying for a professorship:

      The recipients of the personal data contained in the application documents are, in addition to the appointment committee and any other persons that may need to be involved by the latter (reviewers, representatives of the severely disabled), the relevant personnel officers and, in part, the university committees involved in the appointment.

      In the case of application for another position:
      Recipients of the personal data contained in the application documents are the members of the selection committee of the organizational unit, the respective responsible personnel officers of the University of Kassel as well as the personnel representatives (Staff Council, Women’s and Equal Opportunity Representative, if applicable, Severely Disabled Representative, if applicable, Youth Trainee Representative).

      Your application documents will be completely destroyed in accordance with data protection regulations no later than six months after the rejection has been sent. This applies both to documents in paper form and to electronic documents.

      This applies in each case unless timely storage is required for the defense of legal claims.

      In the event of a successful application, your application documents will be included in your personnel file.

      The provision of personal data is necessary for the legitimacy of the selection procedure to be carried out. The absence of relevant personal data in the application documents may result in non-inclusion in the award of the post/position. For the University of Kassel, the legal requirements for the selection procedure result in particular from Article 33 (2) of the German Basic Law, the General Equal Treatment Act, Section 34 of the HDSG and budgetary law. According to these, the selection decision is to be made on the basis of suitability, qualification and professional performance.