Pursuant to the General Data Protection Regulation, national data protection laws of the various Member States, and other privacy regulations, the responsible entity (“Controller”) is:
Phone: +49 40 42838 0
Fax: +49 40 42838 9586
Universität Hamburg is a corporate body organized in accordance with German public law. Prof. Dr. Dieter Lenzen, President of Universität Hamburg, Mittelweg 177, 20148 Hamburg, Germany is authorized to represent the University.
Universität Hamburg Data Protection Officer Contact Details
Universität Hamburg Data Protection Officer
Phone: +49 40 42838 2957
A. Data processing
1. Accessing this website and creation of log files
Information are collected every time this website is accessed or used. These data and information are stored in log files on the server and can include:
- IP address
- browser type / browser version
- date and time the website was accessed
- user Internet service provider
- user operating system
- referring website
- websites accessed by the User’s system through our website
The temporary storage of data and log files is lawful pursuant to Article 6 (1) lit. f General Data Protection Regulation (Datenschutz-Grundverordnung – DSGVO)
The IP address is temporarily stored in the system as it is necessary to provide website access to the User’s computer. The IP address is retained while that website is being accessed.
These log files are stored to ensure website functionality, optimize the content of our website, and ensure the security of our IT system.
The data will be deleted when they are no longer needed for the purpose they were collected. For data collected to provide access to the website, this will be at the end of every session.
For log files, this will occur after seven days at the latest. Some data may be preserved for a longer period of time, in which case user IP addresses are deleted or removed, rendering it impossible to link the data to any individual.
The purpose of these technical cookies is to simplify website use.
Cookies are stored on the User’s computer and transferred to us. That is why you, as the User, have full control over cookie implementation. You can deactivate or restrict cookies by changing your browser settings Cookies already stored on your hard drive can be deleted at any time. This can also be done automatically. However, disabling cookies for our website may result in some functions not working correctly.
3. Contact form and email contact
There are contact forms on our webpage that can be used to communicate electronically. When registering, the data entered by you into the online data entry form will be transmitted. Your consent is required for the processing of this data, and you will be referred to our Privacy Statement and asked to grant your consent when you send the form.
Alternatively, contact may be initiated using an email address provided by you. In this case, the personal data provided in the email will be stored. This information will not be passed on to third parties.
This processing is lawful pursuant to Article 6 paragraph 1 lit. e GDPR in conjunction with Section 4 Hamburg data protection and privacy act (Hamburgisches Datenschutzgesetz, HmbDSG), where the processing of the personal data provided by you to process your inquiry is required to discharge our duties. Communication of additional information by you is voluntary, based on your consent pursuant to Article 6 paragraph 1 lit. a GDPR.
These data are only stored for the purposes of processing that communication. The data will be deleted when they are no longer needed for the purpose they were collected. Personal data derived from the online data entry form and any data transmitted via email will be deleted once the communication with the User has been concluded.
Users can login on our webpage by providing personal data. The following personal data will be transmitted in the process:
- Local user name
- Name of user
- Time of last login
You will be asked to grant your consent for the processing of this data as part of the login process.
These data are processed subsequent to user consent pursuant to Article 6 paragraph 1 lit. a GDPR.
User login is necessary to provide specific content and services on our website, including the creation and administration of Apple devices.
The data will be deleted when they are no longer needed for the purpose they were collected or the account has been inactive for one year.
5. Remote Management
The Apple devices we manage, are managed via the self-hosted software Apple Mobile Device Management. No personal data is transmitted during provisioning. By default, the following options are disabled or not set up: Apple iTunes, Apple AppStore, Apple iCloud, and diagnostic and usage data.
In case of legitimate interest (theft or loss of a device), the administrator can retrieve the location of the device or initiate a remote wipe. The following personal data is transmitted in the process:
- Time of collection
These data are processed subsequent to a legitimate interest Article 6 paragraph 1 lit. f GDPR.
The data will be deleted when they are no longer needed for the purpose they were collected.
6. iOS, iPadOS and Apps
The data on the devices will be deleted when they are no longer needed for the purpose they were collected or are returned to us.
B. Your Rights
You have the following rights:
- the right to information regarding personal data pertaining to you that is stored by us (Article 15 GDPR)
- the right to correction of any incorrect or incomplete personal information (Article 16 GDPR)
- the “right to be forgotten”: erasure of stored personal data insofar as the relevant data are not necessary for the exercise of the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or the purposes of establishing, exercising, or defending a legal claim (Article 17 GDPR)
- the right to limited processing of personal data (Article 18 GDPR)
- the right to object to the processing of your data conducted in our legitimate interest, public interest, or for profiling purposes unless we can demonstrate compelling grounds for processing said data that outweighs your interests, rights, and freedoms or where the processing of said data is required for the establishment, exercise, or defense of a legal claim (Article 21, GDPR);
- the right to withdraw your consent to the collection, processing, and use of your personal data at any time with future effect (Article 7 paragraph 3 GDPR) – this means that the data processing related to that consent will no longer be carried out;
- the right to lodge a complaint with a supervisory authority where you believe the processing of personal data related to you is in breach of the GDPR (Article 77 GDPR)
C. Revocation of Consent / Objecting to Processing of Personal Data
You can exercise your right to object, your right of rectification and your right to revoke consent to the processing of your personal data by contacting:
Universität Hamburg Data Protection Officer
Phone: +49 40 42838 2957