We take data protection seriously

The protection of your privacy when processing personal data is an important concern for us. When you visit our website, our web servers store the IP of your Internet service provider, the website from which you visit us, the web pages you visit on our site and the date and duration of your visit as standard. This information is essential for the technical transmission of the web pages and secure server operation. There is no personalized evaluation of this data.

The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always carried out in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection regulations applicable to the Ostbayerische Technische Hochschule Regensburg. By means of this data protection declaration, our instituion would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this privacy policy.

As the controller, the Ostbayerische Technische Hochschule Regensburg has implemented numerous technical and organizational measures to ensure the most complete protection of personal data processed through this website. Nevertheless, Internet-based data transmissions can generally have security gaps, so that absolute protection cannot be guaranteed. For this reason, every data subject is free to transmit personal data to us by alternative means, for example by telephone.

Definitions

„PERSONAL DATA“

This is any information relating to an identified or identifiable natural person (hereinafter "data subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

„PROCESSING“

This includes any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

Further definitions under Art. 4 GDPR.

 

The controller responsible for data collection on this website is:

Ostbayerische Technische Hochschule Regensburg
Prüfeninger Str. 58
93049 Regensburg
Phone +49 (0) 941 943 02  
E-mail: praesident(at)oth-regensburg.de

The Ostbayerische Technische Hochschule Regensburg is a public institution in accordance with Art. 11 Para. 1 Sentence 1 of the Bayerisches Hochschulgesetz.
The Ostbayerische Technische Hochschule Regensburg is legally represented by the chairman of the university management, President Prof. Dr. Ralph Schneider.

Further information/supervisory authority can be found in the imprint.

The data protection officer of the controller is:

The Data Protection Officer of OTH Regensburg
Ostbayerische Technische Hochschule Regensburg
Prüfeningerstr. 58
93049 Regensburg
Phone: 0941 / 943-1069
E-mail: datenschutz(at)oth-regensburg.de

Any data subject can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.

When you visit our website, the following information is stored in the server log files by default:

  • the page from which the file was requested - referrer URL
  • the name of the file
  • the date and time of the request
  • a description of the type of web browser / browser version used
  • the installed operating system, the language of the operating system and the set resolution
  • the host name of the accessing computer
  • the amount of data transferred in each case
  • the access status / HTTP status code (i.e. whether the file was transferred or possibly not found, etc.)
  • the IP address used and its localization.

 

The stored data is evaluated exclusively for internal statistical purposes and does not allow us to draw any conclusions about your person.

 

We process the aforementioned data for the following purposes:

  • Ensuring a proper and smooth connection to the website,
  • Ensuring the use of the website,
  • Evaluation of system security and stability

 

Art. 6 para. 1 sentence 1 lit. f GDPR constitutes the legal basis for data collection. The legitimate interest follows from the purpose of data collection described above. You can visit our website without providing any personal data. Under no circumstances do we use the data collected for the purpose of drawing conclusions about your person.

 

Cookies

The Internet pages of the Ostbayerische Technische Hochschule Regensburg uses cookies.

Cookies are small text files that your browser automatically creates and stores on your end device (laptop, tablet, smartphone, etc.) when you visit our website.

Cookies do not cause any damage to your end device and do not contain any viruses, Trojans or other malware. Information is stored in the cookie that results in each case in connection with the specific end device used. However, this does not mean that we obtain direct knowledge of your identity.

By using session cookies, the controller can provide users of this website with a user-friendly service that would not be possible without the use of cookies. Without consent, we only use technically necessary cookies on the legal basis of legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR.

 

We only use personal cookies to improve our website or for marketing/advertising purposes with your consent. On your first visit, you can voluntarily consent to tracking or analysis via the cookie banner that appears. Your data may be passed on to partners or third-party providers. These cookies are only stored if you explicitly consent to this; the legal basis is then your consent in accordance with Art. 6 para. 1 lit. a GDPR.

You can change your settings for the use of cookies here at any time:

Change cookie settings
 

Contact form

If you send us inquiries via the contact form, your details from the inquiry form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on this data without your consent.

The data entered in the contact form is therefore processed exclusively on the basis of your consent (Art. 6 para. 1 lit. a GDPR). You can revoke this consent at any time. All you need to do is send an informal email to datenschutz@oth-regensburg.de. The legality of the data processing operations carried out up to the time of revocation remains unaffected by the revocation.

We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Mandatory statutory provisions - in particular retention periods - remain unaffected.

Communication by e-mail

We also communicate by email with the consent of the respective data subject (Art. 6 para. 1 lit. a GDPR).

E-mails may constitute business letters so that these e-mails, including the e-mail address, are stored by us until the expiry of tax and/or commercial law deadlines and/or retention periods under other legal provisions.

At the end of the calendar year, once the retention period has expired, we check whether there is any further need for processing. If this is not the case, the data will be deleted.

Application portal

If you send us application documents, we will only use them to decide on your application and will not pass your data on to third parties.

Since an application usually contains sensitive personal data, we would like to point out that you yourself are responsible for any encryption of the data if you send us applications directly by e-mail.

Encryption is technically implemented and guaranteed directly for applications via our career portal.

Application data is stored and managed separately from other data records and used exclusively for the purpose of selecting applicants. If an employment relationship is established, the necessary data from the application process is transferred to the personnel file.  

If no employment relationship is established, the application documents will be automatically deleted no later than six months after notification of the rejection decision, provided that deletion does not conflict with any other legitimate interests of the controller or the applicant has expressly consented to longer storage and retention of their application (applicant pool).

The legal basis for data processing is Art. 6 para. 1 lit. a and b GDPR (consent and contract initiation). The retention period after rejection results from Art. 6 para. 1 lit. f GDPR (presentation of legally compliant action, e.g. according to AGG).

Plugins and tools

Matomo

We use the open source software Matomo to analyze and statistically evaluate the use of the website. Cookies are used for this purpose. The information generated by the cookie about the use of the website is transmitted to our server and summarized in pseudonymous user profiles. The information is used to evaluate the use of the website and to enable a needs-based design of our website. The information is not passed on to third parties. Under no circumstances is the IP address associated with other data relating to the user. The IP addresses are anonymized so that they cannot be assigned (IP masking).

Embedding YouTube videos

This website embeds videos from YouTube. The operator of the pages is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

We use YouTube in extended data protection mode. According to YouTube, this mode ensures that YouTube does not store any information about visitors to this website before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. For example, YouTube establishes a connection to the Google DoubleClick network regardless of whether you watch a video.

As soon as you start a YouTube video on this website, a connection is established to the servers of YouTube is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.

Furthermore, YouTube may store various cookies on your end device after starting a video or use comparable recognition technologies (e.g. device fingerprinting). In this way, YouTube can obtain information about visitors to this website. This information is used, among other things, to record video statistics, improve user-friendliness and prevent fraud attempts.

If necessary, further data processing operations may be after the start of a YouTube video, over which we have no influence. Since a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

You can find more information about data protection at YouTube in their privacy policy at: https://policies.google.com/privacy?hl=de.

Google Maps

This site uses the map service Google Maps. The provider is Google Ireland Limited ("Google"), Gordon House, Barrow Street, Dublin 4, Ireland.

To use the functions of Google Maps, it is necessary to store your IP address. This

Information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. If Google Maps is activated, Google may use Google Web Fonts for the purpose of uniform display of fonts. When you call up Google Maps, your browser loads the required web fonts into your browser cache in order to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online presence.

offers and to make it easy to find the locations we have indicated on the website. Since a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR and 25 para. 1 TDDDG, insofar as the consent includes the storage of cookies or access to information in the user's terminal device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here:

https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

You can find more information on the handling of user data in Google's privacy policy: https://policies.google.com/privacy?hl=de.

Online presence on Facebook, Instagram, LinkedIn, TikTok

Facebook, Instagram, LinkedIn and TikTok are not integrated into the website and no data is collected by us. If you click on the link, you will be redirected to the respective website and the data protection provisions published there will apply. Of course, you can also access our online presences directly.

If you have given your consent to the respective social media operator in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR, your data will be automatically collected and stored for market research and advertising purposes when you visit our online presences on the social media mentioned above, from which user profiles are created using pseudonyms. These can be used, for example, to place advertisements within and outside the platforms that presumably correspond to your interests. Cookies are generally used for this purpose. For detailed information on the processing and use of data by the respective social media operator as well as a contact option and your rights and settings options for protecting your privacy, please refer to the providers' data protection notices linked below. If you still need help in this regard, you can contact us.

Facebook: https://www.facebook.com/policy.php.

Instagram: https://instagram.com/about/legal/privacy/.

LinkedIn: https://www.linkedin.com/legal/privacy-policy.

TikTok: https://www.tiktok.com/legal/page/eea/privacy-policy/de

What do we use your data for?

We use your data to provide our products and services (contract performance), as well as to evaluate visitor numbers and access figures and to optimize and protect our website. With your consent, we use the data you enter to respond to your contact request/message.

Forwarding of data

Your personal data will not be transferred to third parties for purposes other than those listed below.
We only pass on your personal data to third parties if:

  • you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR,
  • the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. b GDPR is necessary for the performance of a contract to which you are a party or for the implementation of pre-contractual measures which are carried out at your request.
  • in the event that a legal obligation exists for the disclosure pursuant to Art. 6 para. 1 sentence 1 lit. c GDPR or the processing is necessary to fulfill a legal obligation to which the controller is subject.
  • in the event that processing is necessary to protect the vital interests of the data subject or another natural person pursuant to Art. 6 para. 1 sentence 1 lit. d GDPR;
  • in the event that processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller in accordance with Art. 6 para. 1 sentence 1 lit. e GDPR;
  • in the event that processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party pursuant to Article 6(1)(f) GDPR, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

Protected areas on the website

Students and staff have the opportunity to register for protected areas on the OTH website.

The following personal data is collected: User name, password.

You undertake to treat your personal access data confidentially and not to make it accessible to unauthorized third parties. We cannot accept any liability for misused passwords unless we are responsible for the misuse

Rights of data subjects

You have the right:

  • in accordance with Art. 7 para. 3 GDPR, to withdraw your consent once given to us at any time. As a result, we may no longer continue the data processing based on this consent in the future;
  • in accordance with Art. 15 GDPR, to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right to lodge a complaint, the origin of your data if it was not collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
  • in accordance with Art. 16 GDPR, to immediately request the correction of incorrect or incomplete personal data stored by us;
  • in accordance with Art. 17 GDPR, to demand the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • in accordance with Art. 18 GDPR, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR;
  • in accordance with Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transmitted to another controller
  • to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our registered office.

You can find an overview of the respective state data protection officers under the following link. You can also find our supervisory authority in our Imprint

Right of objection

If your personal data is processed on the basis of Art. 6 para. 1 lit. e GDPR or on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR. The controller will then no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

If your data is processed for the purpose of direct marketing, you have a general right to object, which we will implement without you having to specify a particular situation. (Art. 21 para. 2 GDPR)

If you wish to exercise your right of revocation or objection, you can do so informally. For example, an e-mail to us is sufficient.

Duration for which the personal data is stored

The controller shall process and store personal data of the data subject only for the period necessary to achieve the purpose of storage and/or if this is required/prescribed by relevant legal regulations.

After expiry of the retention obligation, a check is carried out towards the end of the calendar year to determine whether there is any further need for processing. If this is not the case, the data will be deleted.

Data security

The SSL procedure (Secure Socket Layer) is used on our website. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the key or lock symbol. Suitable technical and organizational measures are also used to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments

Amendment to this privacy policy

It may become necessary to amend this privacy policy as a result of the further development of our website and services or due to changes in legal or official requirements. You can call up and print out the current data protection declaration at any time on the website under data protection.