1. Name and Contact Data of the Data Controller and the Commisioner for Data Protection
The Data Controller or person with overall responsibility for data protection as defined in the General Data Protection Regulation, in other data protection legislation that is valid in member-states of the European Union and in other provisions relating to the protection and privacy of personal data is:
Prof. Dr. Andreas Timm-Giel
President of the TUHH
Hamburg University of Technology
Am Schwarzenberg-Campus 1
The Commisioner for Data Protection for the person in charge of data processing is:
External Commisioner for Data Protection of the TUHH
University of Hamburg
2. Processing of Personal Data
a) Provision of the Website
Whenever you visit and use the HICL website the system automatically records data and information. This data and information is stored in server log files.
The data stored about every website access is as follows:
- IP address
- Date and time
- Page visited
- Data transferred
- Access status
- Browser version
- Page previously visited
The legal basis for storing data and for log files is Art. 6 para. 1 lit. f GDPR.
Temporary storage of the IP address by the system is necessary to enable provision of the website to the user’s computer. That requires the user’s IP address to be stored for the duration of the session.
Storage in log files is undertaken to ensure the functionality of the website, to optimize the content of the website and to guarantee the security of our IT systems.
Data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of data collection to provide the website this is the case once the session is over.
In the case of data storage in log files this is the case after seven days at the latest. Further storage is possible, but in that case the users’ IP addresses are deleted or altered so that identification of the calling client is no longer possible.
a) Online Forms
b) Payment Processing
4. Rights of the Person in Question
You have the right to information free of charge about your personal data that we store and to the correction, deletion or limitation of processing of the data we have collected.
You have the right for reasons arising from your specific situation to file at any time an objection to the processing of your personal data on the basis of Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the legality of processing undertaken prior to your revocation.
Regardless of any other administrative law or judicial redress procedure you have the right of appeal to a supervisory authority if you are of the opinion that processing of your personal data is in breach of the GDPR.