Privacy Policy of Apple Mobile Device Management

Scope

This privacy policy is valid for the Apple Mobile Device Management which is offered behind the domain mac-server.min.uni-hamburg.de.

Contact Details

Pursuant to the General Data Protection Regulation, national data protection laws of the various Member States, and other privacy regulations, the responsible entity (“Controller”) is:

Universität Hamburg
Mittelweg 177
20148 Hamburg

Phone: +49 40 42838 0
Fax: +49 40 42838 9586

Universität Hamburg is a corporate body organized in accordance with German public law. Prof. Dr. Dieter Lenzen, President of Universität Hamburg, Mittelweg 177, 20148 Hamburg, Germany is authorized to represent the University.

Universität Hamburg Data Protection Officer Contact Details

Universität Hamburg Data Protection Officer
Mittelweg 177
20148 Hamburg

Phone: +49 40 42838 2957
E-mail: datenschutz@uni-hamburg.de

A. Data processing

1. Accessing this website and creation of log files

Information are collected every time this website is accessed or used. These data and information are stored in log files on the server and can include:

IP address
browser type / browser version
date and time the website was accessed
user Internet service provider
user operating system
referring website
websites accessed by the User’s system through our website

The temporary storage of data and log files is lawful pursuant to Article 6 (1) lit. f General Data Protection Regulation (Datenschutz-Grundverordnung – DSGVO)

The IP address is temporarily stored in the system as it is necessary to provide website access to the User’s computer. The IP address is retained while that website is being accessed.

These log files are stored to ensure website functionality, optimize the content of our website, and ensure the security of our IT system.

The data will be deleted when they are no longer needed for the purpose they were collected. For data collected to provide access to the website, this will be at the end of every session.

For log files, this will occur after seven days at the latest. Some data may be preserved for a longer period of time, in which case user IP addresses are deleted or removed, rendering it impossible to link the data to any individual.

2. Cookies

Our website uses cookies. Cookies are small data files, created and stored by the Internet browser on your computer’s hard drive. Accessing a website may result in a cookie being saved on your operating system. This cookie contains a specific string of characters that allows the browser to be clearly recognized every time the website is accessed.

We use cookies to make our website more user-friendly.

The processing of personal data based on the use of cookies is lawful pursuant to Article 6 paragraph 1 lit. f GDPR (General Data Protection Regulation).

The purpose of these technical cookies is to simplify website use.

Cookies are stored on the User’s computer and transferred to us. That is why you, as the User, have full control over cookie implementation. You can deactivate or restrict cookies by changing your browser settings Cookies already stored on your hard drive can be deleted at any time. This can also be done automatically. However, disabling cookies for our website may result in some functions not working correctly.

3. Contact form and email contact

There are contact forms on our webpage that can be used to communicate electronically. When registering, the data entered by you into the online data entry form will be transmitted. Your consent is required for the processing of this data, and you will be referred to our Privacy Statement and asked to grant your consent when you send the form.

Alternatively, contact may be initiated using an email address provided by you. In this case, the personal data provided in the email will be stored. This information will not be passed on to third parties.

This processing is lawful pursuant to Article 6 paragraph 1 lit. e GDPR in conjunction with Section 4 Hamburg data protection and privacy act (Hamburgisches Datenschutzgesetz, HmbDSG), where the processing of the personal data provided by you to process your inquiry is required to discharge our duties. Communication of additional information by you is voluntary, based on your consent pursuant to Article 6 paragraph 1 lit. a GDPR.

These data are only stored for the purposes of processing that communication. The data will be deleted when they are no longer needed for the purpose they were collected. Personal data derived from the online data entry form and any data transmitted via email will be deleted once the communication with the User has been concluded.

Users can login on our webpage by providing personal data. The following personal data will be transmitted in the process:

Local user name
Name of user
Time of last login

You will be asked to grant your consent for the processing of this data as part of the login process.

These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.

User login is necessary to provide specific content and services on our website, including the creation and administration of Apple devices.

The data will be deleted when they are no longer needed for the purpose they were collected or the account has been inactive for one year.

5. Remote Management

The Apple devices we manage, are managed via the self-hosted software Apple Mobile Device Management. No personal data is transmitted during provisioning. By default, the following options are disabled or not set up: Apple iTunes, Apple AppStore, Apple iCloud, and diagnostic and usage data.

In case of legitimate interest (theft or loss of a device), the administrator can retrieve the location of the device or initiate a remote wipe. The following personal data is transmitted in the process:

Location
Time of collection

These data are processed subsequent to a legitimate interest Article 6 paragraph 1 lit. f GDPR.

The data will be deleted when they are no longer needed for the purpose they were collected.

6. iOS, iPadOS and Apps

On our devices, users may provide personal data. The corresponding privacy policy of the manufacturer can be found at: www.apple.com/privacy.

The data on the devices will be deleted when they are no longer needed for the purpose they were collected or are returned to us.

B. Your Rights

You have the following rights:

the right to information regarding personal data pertaining to you that is stored by us (Article 15 GDPR)
the right to correction of any incorrect or incomplete personal information (Article 16 GDPR)
the “right to be forgotten”: erasure of stored personal data insofar as the relevant data are not necessary for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or the purposes of establishing, exercising, or defending a legal claim (Article 17 GDPR)
the right to limited processing of personal data (Article 18 GDPR)
the right to object to the processing of your data conducted in our legitimate interest, public interest, or for profiling purposes unless we can demonstrate compelling grounds for processing said data that outweighs your interests, rights, and freedoms or where the processing of said data is required for the establishment, exercise, or defense of a legal claim (Article 21, GDPR);
the right to withdraw your consent to the collection, processing, and use of your personal data at any time with future effect (Article 7 paragraph 3 GDPR) – this means that the data processing related to that consent will no longer be carried out;
the right to lodge a complaint with a supervisory authority where you believe the processing of personal data related to you is in breach of the GDPR (Article 77 GDPR)

You can exercise your right to object, your right of rectification and your right to revoke consent to the processing of your personal data by contacting: