Data Protection Declaration

1. General information

Hochschule der Medien places great importance on the protection of personal data. When you visit our websites, personal data is collected and processed according to current data protection regulations determined in the General Data Protection Regulation of the EU (EU-GDPR) and the Data Protection Act of the Land of Baden-Württemberg (LDSG). The aforementioned regulations apply to personal data. Personal data means individual details about personal or material affairs relating to an identified or identifiable natural person. In case of contact via letter mail, e-mail or an online contact form, personal data are, for example, the name, address or e-mail address of a person. This Data Protection Declaration provides you with detailed information on the type, scope and purpose of personal data processing within our website. This Declaration can be viewed at any time on our websites.

Security

The Hochschule der Medien uses technical and organizational security procedures to protect your personal data administered by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. Our security procedures are continuously improved in line with technological developments.

2. Online contact forms

Data transferred via an online contact form or via e-mail is protected by technical and organisational measures according to the provisions of the EU-GDPR. By using the online contact form or sending an e-mail, you agree that your personal data may be stored, processed and used for a specific purpose. We only use your data in order to answer your request and for technical administration purposes. You have the right of access to your personal data stored by us according to Article 15 EU-GDPR as well as the right to have these personal data rectified, erased or restricted from processing at any time according to Articles 16, 17 and 18 EU-GDPR. As determined by law, you can request information on your personal data stored by us free of charge, at any time and without having to state any reasons. Given consent to the collection and processing of data may be withdrawn at any time and without having to state any reasons.
In this case, please contact:
Ulrich Hofmann
Information Security Officer
E-mail: datenauskunft@hdm-stuttgart.de

3. Right of access and contact information

You have the right of access to your personal data stored by us as well as the right to have false personal data rectified, blocked or erased. If you would like to have data rectified or deleted or if you have questions on the use of data, do not hesitate to contact the operator (editorial office) named in the Impressum.

4. Use and transfer of personal data

Certain websites can only be used if personal data, such as name, address or e-mail address, are given. If this is the case, you are directly informed on how, to what extent and to which end data are processed. We only transfer personal data to federal bodies and authorities if we are required to do so by national legal provisions or if it is necessary for legal proceedings or criminal prosecution in case of an attack on our network infrastructure. We do not pass this data on to third parties for other purposes.

Otherwise the following terms apply


4.1 Data collection and processing when accessing the website from the Internet

Every request to our website and every retrieval of a file stored on the website is logged. This data is not publicly displayed on our web pages, but can be processed in various extensions. Logged are:

  • Name of the requested file
  • date and time of the request
  • amount of data transferred
  • Message about successful request
  • Browser version of the accessing host system
  • Operating system version of the accessing host system.
  • IP addresses of the requesting computers logged.

Further personal data is only collected if you provide this information voluntarily, for example in the context of a request via a web form. Beyond the aforementioned cases, personal data will not be processed unless you expressly consent to further processing.

4.1.1 Purpose, storage location and duration of storage

This data is processed for the purpose of enabling the use of our websites (connection establishment) as well as for the purposes of system security, technical administration of the network infrastructure and optimization of the online services. The collected data is only stored and processed on systems of the Hochschule der Medien. The data will not be passed on to third parties. The data is stored for 2 years.

4.1.2 Right to objection or removal

You have the right to revoke your consent for the future at any time.

4.2 Cookie usage

When accessing websites, so-called cookies are used. These are small text files in which information can be temporarily stored and which are automatically sent by the browser to the server that provides the website.

4.2.1 Purpose, storage location and duration of storage

The Hochschule der Medien uses so-called session cookies. These do not contain any personal data. The use of session cookies is technically not absolutely necessary, only the response time of the server may slightly worsen if you reject this cookie. An exception to this are session cookies, which are set by us after a one-time authentication process for protected areas. Their purpose is to recognize several related requests of the user and thus to maintain authentication during the visit. In these purposes also lies our legitimate interest in the processing of personal data according to Art. 6 para. 1 lit. f EU-GDPR. The recipient of the information contained in the session cookies is exclusively the authorized web server, i.e. the web server of the Hochschule der Medien setting the cookie. These cookies are automatically deleted from your computer when you close your browser.

Lightwidget

We use the Lightwidget tool on our website to integrate our Instagram feed. The tool sets one session cookie per website on the user's computer to store security-related settings. The cookie is stored in your browser for 30 days Recipients of the cookie are servers of Lightwidget, as well as servers of Cloudflare, their infrastructure provider.

NOTE: After May 10, 2021, this cookie will no longer be used and stored.

4.2.2 Consequences of non-consent, right to objection or removal

Since the cookies are cached in your browser, you have full control over the use of cookies. By changing the settings in your web browser, you can disable or restrict the transfer of cookies. You can prevent cookies from being stored by specifying this in your browser settings. Here you will find instructions on how to do this. Some functions of our website, such as a login, cannot be provided without the use of cookies.

4.2.3 Legal basis

The legal basis for the processing of personal data using cookies is Art. 6 (1) lit. f EU-GDPR.

4.3 Analytics

We use the open source software tool Matomo (formerly PIWIK) on our website for statistical purposes. If individual pages of our website are accessed, the following data is stored:

  • Two bytes of the IP address of the user's system. (The IP addresses are not stored in full, but 2 bytes of the IP address are masked (e.g.: 141.62.xxx.xxx). This way, it is no longer possible to match the shortened IP address to the requesting computer).
  • The requested website
  • The website from which the user navigated to the accessed website (referrer)
  • The subpages that are accessed from the requested website
  • The time spent on the website
  • The frequency with which the website is accessed
  • Information on the Internet browser used (name, version)
  • Information about the device used (operating system, screen resolution, type of device (smartphone, tablet, etc.))
  • Country of origin

Personal data is processed temporarily only insofar as the complete IP address is stored in volatile memory until it is processed.

4.3.1 Purpose, storage location and duration of storage

These data are not publicly displayed on our Internet pages, but are processed in various extensions. The collection serves statistical purposes and to optimize web services. The software runs exclusively on systems of the Hochschule der Medien, a storage of the users' data only takes place there. The data is not transferred to third parties. The data is stored for 2 years.

4.3.2 Consequences of non-consent, right to objection or removal

Our website respects the "Do Not Track" setting in your browser. If your browser does not offer a "Do Not Track" setting and you do not agree with the storage and analysis of your access data by Matomo, click the following bold text to place the Matomo deactivation cookie in your browser.

4.3.2 Legal basis

The legal basis for the temporary processing of users' personal data until the shortened IP address is stored is Art. 6 (1) lit. f EU-GDPR. Beyond the aforementioned cases, personal data will not be processed unless you expressly consent to further processing. You have the right to revoke your consent for the future at any time.

5. Subscriptions

The website operator offers a newsletter, which contains news items. If you subscribe to the newsletter, you will receive a confirmation via e-mail. Apart from your e-mail address, no further data are collected. Stored data are not transferred to third parties. You can cancel your subscription at any time.

6. Third party links

This Data Protection Declaration only applies to websites of the domain www.hdm-stuttgart.de. Our websites may include links to third party websites. Third party websites may collect and use data according to different principles than the ones stated above. Find information on the contents of a website in the respective legal notice.

7. YouTube Videos

We use the YouTube platform to make our own videos publicly available. YouTube is the service of YouTube (note: YouTube is a subsidiary of Google), a third party not affiliated with us.

We embed YouTube videos directly on some of our web pages. The embedding of YouTube videos takes place in what YouTube calls "extended data protection mode". YouTube provides this mode and assures that YouTube does not initially save any cookies on your device. However, when you call up the relevant pages, the data mentioned in 4.1. is transferred to YouTube. This also includes information about the page from which you view the YouTube video (referrer). This information can be assigned to you if you were logged in to YouTube or another Google service (e.g. Google+) before accessing the page or are permanently logged in.
As soon as you click on a YouTube video and thereby start playback, YouTube stores cookies on your device that do not contain any personally identifiable data unless you are currently logged in to a Google service. The setting of these cookies can be prevented by appropriate browser settings and extensions.
You can find out more about this in YouTube's privacy policy.

We point out this process again separately with every YouTube video.
You can deactivate this notice for a period of 24 hours and thus agree to the storage of cookies and transfer of data described above.
If you want to reactivate the notice or revoke your consent, click .
After 24 hours, the notice will automatically be displayed again.

8. Privacy notices of the social media platforms used

Facebook


Twitter


LinkedIn

  • Datenschutzerklärung (in german)
  • Nutzungskonzept (in german)
  • Datenschutzfolgenabschätzung (in german)
  • LinkedIn Privacy Policy: Click here
  • For which purposes are data collected?
    • User authentication
    • Address book and other services which can be synchronized with LinkedIn
    • LinkedIn collects data when you get in touch with the customer service.
    • Use of the websites and apps of LinkedIn
    • Targeted advertising (mainly on their own websites)
    • Analysis and research of user behaviour
    • Use of third party services and visit of third party websites
    • Targeted advertising enabled by default can be disabled. Many settings can be disabled in your user account.

YouTube

  • Datenschutzerklärung (in german)
  • Nutzungskonzept (in german)
  • Datenschutzfolgenabschätzung (in german)
  • Youtube Privacy Policy: Click here (Please note, YouTube is a subsidiary of Google.)
  • For which purposes are data collected?
    • User authentication
    • Targeted advertising (mainly on their own websites)
    • Analysis and research of user behaviour
    • Transfer to third parties: User accounts of all Google services are centrally based. Collected data are automatically linked with other Google services. Anonymized data are transferred to advertisers or other third parties, e.g. for the visualisation of trends and statistics.
    • You can change all settings centrally on your dashboard.

Instagram


XING

  • Privacy Policy: Click here
  • For which purposes are data collected?
    • User authentication
    • Analysis of user behaviour
    • Targeted advertising (mainly on their own websites)
    • You can change your privacy settings in your user account.

Use of social media plugins

Two-click social media buttons

We implemented a two-click solution for the buttons "Like" (Facebook), "tweet" (Twitter) and "+1" (Google) on our websites. In order to use these buttons on one of our websites, you first have to enable the respective grey button at the bottom of the page to establish a connection to the social network of your choice (first click). Only then can you use social media buttons and like or recommend post or articles (second click). What happens once you enable social media buttons depends on the social network you activated. Find an overview below:
Facebook
After activating the Facebook button, Facebook is notified that a user with a certain IP address (the IP address is the address of your device) is using our website. If you are simultaneously logged into Facebook, your visit of our website is linked to your Facebook account. Information on the purposes, scope, further processing and use of data collected by Facebook as well as on user rights can be found in the Facebook Data Policy at http://de-de.facebook.com/privacy/explanation.php. Please note that the default settings do not provide for appropriate data protection and that you are advised to individually change your privacy settings.
Twitter
After activating the Twitter button, the plugin establishes a direct connection between your browser and the Twitter server. The Twitter server then collects the data necessary to run the plugin on our website. Furthermore, data containing information on your visit of our website is transferred to Twitter. If you click on the tweet button and are simultaneously logged into your Twitter account, contents of our page will be linked on your Twitter profile. Twitter can then locate that you are currently using our website. If you click on the follow button, this will also be linked to your profile as well as to the profile of the person you want to follow. Find more information on the function of the follow button at https://help.twitter.com/en/using-twitter/following-faqs. Information on the purposes, scope, further processing and use of data collected by Twitter as well as on user rights can be found in the Twitter Privacy Policy at https://twitter.com/en/privacy. You can change your data protection settings in your account settings at http://twitter.com/account/settings.
Google +1
After activating the +1 button, according to the Google Buttons Policy, Google collects certain data about the website visit of the user for system maintenance and troubleshooting purposes. According to Google, data are not stored according to individual profiles, user names or URLs and are erased after two weeks. If you click on the +1 button and are simultaneously logged into Google+, Google collects information on the URL recommended by you, your IP address as well as other browser-related information via your Google profile in order to save +1 recommendations and make them publicly accessible. Google data protection information on the +1 button, detailed information on the collection, transfer and use of data through Google as well as on user rights and profile settings can be found at https://www.google.com/intl/de/+/policy/+1button.html.

9. Your contact for all data protection questions regarding this website:

If you have any questions on how your personal data is collected, processed or used or if you would like to have your data rectified, blocked or erased, do not hesitate to contact our data protection officer.


Data Protection Officer
Prof. Dr. Roland Schmitz
Hochschule der Medien
Nobelstr. 10
70569 Stuttgart
Germany
Phone: +49 711 8923 2124
E-mail: schmitz@hdm-stuttgart.de

Validity of the Data Protection Declaration

By using our websites you agree to the use of data as described in this Declaration. The present Data Protection Declaration is currently valid and came into effect on 03 May 2021. We may have to change this Declaration due to new features on our websites or the implementation of new technologies. We therefore reserve the right to change this Declaration for future use at any time.

Last updated on 03 May 2021