Skip to content

Privacy Policy

This Privacy Policy describes the data we collect from you (the user), how we use that data, and our legal basis for doing so. It also describes your rights and choices regarding the data you provide to us.

Name and address of the person responsible

The person responsible in the sense of the General Data Protection Regulation (GDPR) is

Stephan Bialonski
Data Science Lab
FH Aachen – University of Applied Sciences
Heinrich-Mußmann-Straße 1
52428 Jülich
Germany

General information on data processing

Type and scope of the collection and processing of personal data

We process personal data only to the extent necessary and legally permitted to provide a functional website and our content and services. We do store some of the data collected through the use of our services for statistical measurements, but only in pseudonymized form.

If we obtain the consent of the user of our website for processing personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

Insofar as processing personal data is necessary to fulfill a legal obligation to which we are subject, Article 6 (1) (c) of the GDPR serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our site or a third party and the interests, fundamental rights and freedoms of the user of our website does not outweigh the first-mentioned interest, then Article 6 (1) (f) of the GDPR serves as the legal basis for the processing.

Data deletion and storage duration

The personal data of the user will be deleted as soon as the purpose for which it was stored no longer applies. The data may continue to be stored if this is provided for by the European or national legislator in European Union regulations, laws or other regulations to which we are subject. The data will also be blocked or deleted upon expiry of a storage period prescribed by the aforementioned standards, unless further storage of the data is necessary for the conclusion or fulfillment of a contract. Please refer to the following paragraphs for details.

Provision of the website and creation of log files

Description and scope of data processing

Each time our website is accessed, our system automatically collects information from the calling computer. The following data is collected:

  1. The IP address of the calling computer

  2. Information about the browser type and version used

  3. The operating system of the user

  4. Date and time of access

  5. Websites from which the user's system accesses our website

  6. Websites that are accessed by the user's system via our website

The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.

The legal basis for the temporary storage of data is Art. 6 (1) (f) of the GDPR.

Purpose of data processing

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place.

These purposes are our legitimate interest in data processing according to Art. 6 (1) (f) of the GDPR.

Duration of storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.

In the case of data stored in log files, this is no longer than seven days. Storage beyond this period is possible. In this case, the IP addresses of the users are deleted or masked so that it is no longer possible to identify the calling user.

Objection and removal of data storage

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

Web analysis by Matomo (formerly PIWIK)

Description and scope of data processing

We use the open source software tool Matomo (formerly PIWIK) on our website to analyze our users' browsing behavior. When individual pages of our website are accessed, the following data is stored:

  1. Masked IP address of the user's computer system

  2. Date and time of access, time in local time zone, and location (country, region, city)

  3. User agent, main language, and screen resolution of the browser

  4. Title of the page being viewed, URL of the page being viewed, URL of the page that was viewed prior to the current page (referrer), the subpages that are accessed from our website

  5. The length of time spent on the website, the frequency with which the website is accessed

  6. Link clicks to an outside domain

The software runs exclusively on the servers of FH Aachen - University of Applied Sciences. The personal data of the users is only stored there. The data is not shared with third parties. The software is configured not to save the complete IP address, but to mask 2 bytes of the IP address (e.g.: 192.168.xxx.xxx). This prevents the masked IP address from being traced back to the calling computer. Furthermore, we do not send or store tracking cookies on the users' computer.

The legal basis for the storage of data is Art. 6 (1) (f) of the GDPR.

Purpose of data processing

The processing of users' personal data allows us to analyze browsing patterns of our users. By evaluating the data obtained, we are able to compile information about the use of the various components of our website. This helps us to continuously improve our website and its user-friendliness. These purposes also constitute our legitimate interest in processing the data pursuant to Article 6 (1) (f) GDPR. By anonymizing the IP address, the interests of users in the protection of their personal data are sufficiently taken into account.

Duration of storage

The data is deleted as soon as it is no longer required for the aforementioned purpose. In our case, this is the case after 3 years.

Objection and removal of data storage

Below, we offer our users the ability to opt out of the analysis process on our website. This will set a cookie on their computer that signals our system not to store the user's data. If the user deletes the corresponding cookie from their own system in the meantime, they will have to set the opt-out cookie again. If the user's browser blocks the execution of scripts, Matomo will not collect any data from the user and therefore no opt-out option will be displayed.

Rights of the user

If your personal data are processed, you are a data subject within the meaning of the GDPR and you have the following rights against us:

  1. Right to information (Art. 15 GDPR).

    You can ask us at any time to access your personal data.

  2. Right to rectification (Art. 16 GDPR).

    You can ask us to rectify your data, insofar as the processed personal data concerning you are inaccurate or incomplete.

  3. Right to deletion (Art. 17 GDPR).

    You can ask us at any time to delete all the personal data we are processing about you.

  4. Right to restriction of processing (Art. 18 GDPR).

    You can ask us to restrict the processing of your personal data.

  5. Right to data portability (Art. 20 GDPR).

    You can ask us at any time for a copy of all the personal data we are processing about you.

  6. Right to object to processing (Art. 21 GDPR).

    You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out pursuant to Art. 6 (1) (f) GPDR.

  7. Right to revoke consent (Art. 7 (3) GDPR).

    If we have obtained your consent to process your personal data in accordance with Article 6 (1) (a) of the GDPR, you have the right to withdraw your consent at any time.

  8. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR).

    If you think that the way we process your personal data is infringing the law, you have the right to lodge a complaint with a supervisory authority.