Thank you for your interest in the websites of the Technische Universität Berlin (TUB). Protecting the personal data of visitors to the TUB website is very important to us. Therefore, we would like to inform you here about data protection at our university.
Subject of data protection
Data protection deals with personal data. According to Article 4 No. 1 of the European Data Protection Regulation (DSGVO), this is any information relating to an identified or identifiable natural person, i.e. any information that can be used to identify you. This includes, for example, details such as name, private address, email address or telephone number, but also usage data such as your IP address.
It goes without saying that Technische Universität Berlin complies with the statutory provisions on data protection and other legal regulations and requirements.
We do everything we can to ensure that you can trust us with your personal data. For example, the transmission of personal and sensitive data is encrypted. In addition, our web pages are protected by technical measures against damage or unauthorised access.
General data protection notice
(1) When you access TUB web pages or download data from these pages, information about this is stored in a log file with the following content: Your IP address, the date and time of the page call, the page called up or the name of the file called up, the amount of data transferred, the “user agent string” of your web browser, the website from which you called up the current page or file, and the status message as to whether the access or download was successful. The non-anonymised log data is automatically deleted after two weeks and is not archived.
(2) This data is used exclusively for non-commercial purposes: it is only viewed manually if necessary and used for error analysis, optimisation or investigation of cases of abuse or performance bottlenecks.
(4) External pages or services are occasionally integrated within the TUB website. For example, the integrated search function leads to a Google page. Here, only the search terms previously entered in the search field are transmitted.
External website content is integrated at certain points using techniques such as “iframes”. The providers of these websites may collect, store and possibly also process and pass on information about you. However, this does not include any personal information or data unless you have voluntarily submitted it via a web form. Otherwise, only such information can be collected by the external service providers as can be collected during a normal visit to the site, e.g. the IP address, the approximate location, the browser used, the page from which you came, etc.
Scope of data collection and storage
In order to use our website, it is generally not necessary to provide us with your personal data. In order for the TU Berlin to fulfil its service mandate, we may require special personal data. This applies in particular to answering individual e-mail enquiries, ordering special services or applications.
If you commission us to provide a service, we generally only collect and store your personal data to the extent necessary to provide the service.
If you have registered for one of our newsletters with your e-mail address, we will use your e-mail address to keep you informed within the scope of the newsletter until you unsubscribe from the newsletter.
Collection and storage of usage data
In order to optimise our website, we collect and store data such as the page called up, the date and time of the page call, the page from which you called up our site, etc. We do not use this data for any other purpose.
Automated processing takes place for the purpose of weekly generation of access statistics, which are made available to TUB facilities for analysis upon request. For this purpose, the log data is anonymised by hiding the last two digits of the IPs and removing GET parameters from the URLs. In this way, the statistics are based on anonymous data, which means that it is not possible to draw conclusions about natural persons and link them to associated user data. The non-anonymised log data is automatically deleted after two weeks and not archived; permanent storage is excluded. The anonymised log files and access statistics, on the other hand, are archived for the long term.
On some of the TU Berlin’s web pages, advertising banners are displayed in cooperation with the company VariFast GmbH and using the ad server of Adition technologies AG (Adition). Cookies are used for this purpose. These are exclusively session cookies and temporary cookies that serve to statistically measure the number of readers (“visitors”) and to limit the numerically determined delivery of the advertising material. The IP address of the visitors is not transmitted to these two companies. Only technical, but no identifying data is collected. All data is only anonymised and evaluated purely statistically. Only the traffic data of the transmission is temporarily stored via the web server of Adition, the collection of which may take place without the express consent of the user(s). VariFast GmbH and Adition comply with all relevant data protection regulations. Clicking on the following link will stop the collection of anonymised data. In this case, Adition will replace the existing cookie with a new opt-out cookie. If this opt out cookie itself is deleted, Adition can no longer determine that an opt out has taken place. In this case, the Opt Out process must be repeated. Link for Opt Out: https://www.adition.com/datenschutz-opted-out/
On some websites, data is additionally collected and stored using the web analysis service software Matomo (formerly known as Piwik, see www.matomo.org) on the basis of TUB’s legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes in accordance with Art. 6 para. 1 lit. f DSGVO.
This is explicitly stated at the end of the right-hand column on the web pages concerned. We use our own Matomo instance on servers of the TU Berlin, which was set up according to the recommendations of the “Independent Centre for Data Protection” (ULD) Schleswig-Holstein. When you call up the pages, your access data is immediately anonymised. Accesses can be assigned to a person via a unique web analysis cookie, without this making the person identifiable. In addition to the pages and files accessed, data on the operating system used, browser, browser plug-ins (e.g. whether the Flash player is available), screen resolution, approximate location (e.g. “Berlin”, but no specific address) and length of stay are stored.
Place of storage and purpose-related use of data
We collect, process and store your personal data exclusively within TUB (usually in the TUB computer centre) only for the purpose for which you have provided it to us and thus observe the principle of purpose-bound data use. Your personal data will not be passed on to third parties without your express consent, unless this is necessary for the provision of the service or the execution of the contract. Your personal data will also only be passed on to state institutions and authorities requesting information within the framework of the legal obligation to provide information or if we are obliged to provide information by a court decision.
We also take internal university data protection very seriously. Our employees and the service providers we commission are obliged by us to maintain confidentiality and to comply with the provisions of data protection law.
Right to information
You can obtain information about the data we have stored about you free of charge at any time without having to give a reason. For this purpose, please contact us at the address given in the imprint. We will be happy to answer any further questions you may have about our data protection policy.
Please note that data protection regulations and data protection practices (e.g. Google) can change constantly, so it is necessary to keep up to date with changes in legal regulations and company practices.
This privacy statement applies only to content on TUB web servers that provide this privacy statement and does not cover the linked websites of downstream or external web servers.