Privacy Policy

To ensure that you feel safe and comfortable when browsing our website(s), we would like to inform you about how we handle your personal data. This Privacy Policy describes how we collect, use, process, and disclose your information, including personal information, in conjunction with your access to and use of our website.

Data Controller and Contact Person

When this policy mentions “we,” “us,” or “our,” it refers to FAU Erlangen, which is responsible for your information under this Privacy Policy (the “Data Controller”).

For questions concerning the content of any of our websites, please contact:

Prof. Michael Kohlhase

Martensstraße 3

91058 Erlangen

Tel/Fax: (49) 9131-85-64052/55

michael.kohlhase[at]fau.de

Storing of IP Addresses

Protecting your privacy is very important to us. We use information that we receive and store during your visit to our website exclusively for internal purposes and to improve the design of the website, including sub-pages. If necessary for the purpose of defending against attacks that impair the functionality of our website (hacker attacks, malware, denial of service attacks, spam), we may access your computer’s IP address for this purpose alone, which may be stored by our telecommunications provider as a security measure for a period of seven days. After this period has elapsed, we will either delete or anonymize the IP address. The legal basis for this processing is Art. 6(1)(f) of the GDPR.

Usage Information

When you visit our website, we temporarily store usage information on our web server for statistical purposes in the form of a log in order to improve the quality of our website. This data record consists of:

We use this information to enable access to our website, to control and administer our systems, and to improve the design of our website. The data stored is stored in anonymized form. This means it is not possible to create personal user profiles based on this information. Data about individuals or their individual behavior is not collected.

Your Rights as a Website User

When it comes to processing your personal data, the GDPR grants you certain rights as a website user:

  1. Right of Access (Art. 15 of the GDPR):

You have the right to request confirmation as to whether personal data concerning you is being processed; where this is the case, you have a right of access to this personal data and to the information specified in Article 15 of the GDPR.

  1. Right to Rectification and Right to Erasure (Art. 16 and 17 of the GDPR):

You have the right to immediately request the rectification of incorrect personal data concerning you and, if necessary, the completion of incomplete personal data.

You also have the right to request that personal data concerning you be erased immediately if one of the reasons listed in Art. 17 of the GDPR applies in detail, e.g. if the data is no longer required for the purposes for which it was collected.

  1. Right to Restriction of Processing (Art. 18 of the GDPR):

You have the right to request a restriction of processing for the duration of a review if any of the conditions specified in Art. 18 of the GDPR have been met, e.g. if you have lodged an objection to the processing.

  1. Right to Data Portability (Art. 20 of the GDPR):

In certain cases (which are outlined in detail in Article 20 of the GDPR), you have the right to obtain from us your personal data in a structured, standard, machine-readable format or to request the transfer of such data to a third party.  

  1. Right to Object (Art. 21 of the GDPR):

If data is collected on the basis of Art. 6(1)(f) of the GDPR (data processing on the grounds of legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. If you make such an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights, and freedoms or for the establishment, exercise, or defense of legal claims.

  1. Right to Lodge a Complaint with a Supervisory Authority:

In accordance with Art. 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority if you believe that the processing of your personal data violates data protection regulations. This right to lodge a complaint may particularly be exercised before a supervisory authority in the EU member state where you reside, work, or where you suspect that your rights have been infringed.

Cookies

We use cookies on our website. Cookies are small text files that can be stored and accessed on your device. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored after each individual session. Cookies may contain data that make it possible to recognize the device used to access our site across multiple visits. In some cases, however, cookies only contain information related to certain settings that are not personally identifiable.

We use both session cookies and permanent cookies on our website. This processing is carried out on the basis of Art. 6(1)(F) of the GDPR and in the interest of optimizing or enabling the use of and adapting the appearance of our website.

You can configure your browser so that it informs you when cookies are being saved, thereby making the use of cookies more transparent. You can also delete cookies at any time via the corresponding browser setting and prevent new cookies from being saved. Please note that if you disable the use of cookies, our website may not display properly and some of its features may no longer be supported.

User Registration

Some of our websites allow you to create user accounts to make full use of all the features on our websites. When you create such an account, you are asked to provide us with the following information about yourself:

We will use this information to verify your identity, provide you access to our services, and demonstrate your ownership of your content to other users.

We allow users on certain sites to provide content, such as:

We will make this content available to selected other users of our service; we will not share it with third parties unless you explicitly authorize us to do so.

Data Transfers to Third Parties

In general, we avoid data transfer to third parties where possible.

We only transfer data to third parties as described in the following sections. We will never transfer any other of your personal data to third parties without your explicit consent.

CDN

Some of our websites use services called Content Delivery Networks (or “CDN” for short). Instead of hosting shared libraries on our own server, we instead use a third party Content Delivery Network to host it.

If you access a website with a CDN enabled, your web browser might transfer certain information, such as IP address, to their third party provider, subject to the respective privacy policy.

Google reCaptcha

On some services, we use Google reCaptcha. This is a service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. On these websites, your web browser might transfer certain information, such as IP address, to Google. This usage is subject to the Google Privacy Policy as available at:

https://www.google.com/policies/privacy/

You can opt out of any information collected by Google by going to:

https://adssettings.google.com/authenticated

Google Fonts

On some services, we use Google Fonts. This is a font service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. On these websites, your web browser might transfer certain information, such as IP address, to Google. This usage is subject to the Google Privacy Policy as available at:

https://www.google.com/ policies /privacy/

You can opt out of any information collected by Google by going to:

https://adssettings.google.com/authenticated

GitHub

When logging into some of our websites, we allow you to authenticate with GitHub. By doing so you authorize us to retrieve certain personal information, as required for user account creation (see above), from GitHub.

Usage of GitHub is subject to the GitHub Privacy Statement and GitHub Terms of Service available at:

https://help.github.com/articles/github-terms-of-service/

https://help.github.com/articles/github-privacy-statement/

Gravatar

On certain parts of our website(s) we allow the users to customize their profile picture using the Gravatar Service provided by Automattic Inc., 60 29th Street #343, San Francisco, CA 94110, USA.

To provide us with this service, we submit the email addresses of each user to Gravatar. Usage of Gravatar is subject to the Gravatar Terms Of Service available at:

https://en.gravatar.com/site/terms-of-service

Future Changes To These Policies

In the future, we may need to change these policies. These may be, but are not limited to, the following:

Should changes to these terms occur, and these impact your existing rights as a data subject, we will notify you of these changes in advance.

Continuing to use any of our services or websites past the time of the new terms and conditions taking effect, constitutes agreement to the new terms and conditions.

If you decide to not accept the new terms, you should contact us to close your account and delete all personal information as far as possible.

Severability Clause

If a provision of this policy is or becomes illegal, invalid or unenforceable in any jurisdiction, that shall not affect:

Data Protection Officer

Our data protection officer will be happy to provide you with information or suggestions on the topic of data protection:

Norbert Gärtner, RD

Phone: +49 9131 85-25860

E-Mail: norbert.gaertner@fau.de

Schloßplatz 4

91054 Erlangen

Germany