Subject of data privacy
Data privacy addresses issues concerning personal data. According to Article 4 no. 1 of the General Data Protection Regulation (GDPR), these are data referring to an identified or identifiable individual, in other words all data which could be used to identify you. This applies to data such as your name, private address, email address, and telephone number but also to usage data such as your IP address.
As a matter of course Technische Universität Berlin observes the legal requirements of data privacy and other applicable regulations.
We are committed to ensuring that you can trust us concerning your personal data. For this reason transfers of personal or sensitive data are encrypted. In addition, our websites are protected by technical measures against damage or unauthorized access.
General data privacy
- When you visit the TU Berlin website or download data from its web pages, the following information is saved in a log file: your IP address, the date and time you accessed the site, the web page you visited or name of the downloaded file, the amount of transferred data, the “user agent-string” of your web browser, the website from which you were referred to the current web page or file and a status notification of successful or unsuccessful access. Non-depersonalized data will be deleted after two weeks and will not be stored.
- This data will only be used for non-commercial purposes: It will only be reviewed manually if necessary for error analysis, optimization or investigation of misuse or performance issues.
- Additionally, we employ cookies for data collection and storage. Cookies are small data packets consisting of text and are stored by your web browser when you visit a website. They cause no harm to your device – cookies neither contain viruses nor do they enable us to spy on or monitor you. We employ two types of cookies: session cookies and permanent cookies. Session cookies are deleted when you close your web browser. Permanent cookies have a maximum life time – in our case up to one day.
It is possible to use the website without cookies. However, they are necessary for features or pages requiring a login. You can configure your web browser to delete stored cookies.
- In order to best protect your transmitted data, we use SSL encryption for all data transmission. Such encrypted connections can be identified by the prefix “https://” in the URL located in your browser’s address line. Unencrypted pages are identified by “http://”. The SSL encryption ensures that all data you transmit to this website – for instance when submitting inquiries or logging in – cannot be read by third-parties.
Scope of data collection and storage
For information about how we handle personal traffic data, please refer to the “General data policy” section (see above, regarding login data and cookies) and the section on “Usage data” (below, further information about cookies and using Mamoto).
In most cases, the active communication of your personal data is not necessary to use our website.
In some cases, personal data is required in order for TU Berlin to fulfill requested services. This applies especially for replying to email inquiries, the provision of special services or applications.
If you request us to provide a service, we will only collect and store your personal data to the extent necessary to provide the service.
In some exceptions, for example for event registrations, you will be asked whether your data can be stored beyond the event date in order to inform you of similar events. No disadvantages result if you decline this request.
You can revoke your consent at any time without giving reasons and demand the deletion of your data. To have your data deleted, please send an email to our data privacy team.
TU Berlin offers you the option to subscribe to mailing lists to receive targeted information. If you subscribe to one of our mailing lists, we will only use your email address to inform you of important updates and news until you unsubscribe.
Collection and storage of usage data
For the optimization of our website we collect and store data, such as web page visited, date and time of access, the website which you are coming from and so on.
This data is retained for error handling and to detect attempts at misuse. It is automatically deleted after two weeks and not stored. Permanent storage is excluded.
Data you provide in a contact form, including your contact information, will only be saved for the purpose of processing or replying to your inquiry. This data is not shared without your prior consent.
Data entered in the contact form is only processed after you have given your consent (Article 6 paragraph 1 lit. a GDPR). You have the right to revoke your consent to the processing of your personal data at any time. To revoke your consent, please send us an email. The legality of the data processing carried out up to your revocation remains unaffected.
The data transmitted by the contact form will be deleted as soon as it is no longer needed to achieve the purpose of its collection, you request its deletion, or you revoke your consent to its storage. Mandatory statutory provisions – in particular storage periods – remain unaffected.
If you have selected the “Do not track” option in your browser, Matomo will neither save nor process any information about your visit.
However, if you have not selected the “Do not track” option and do not consent to the storage and analysis of your data collected by Matomo, you can opt out. Below is a special iFrame, which is linked to our Matomo system and offers you the option to opt out from tracking. By checking the box to deactivate Matomo, an opt out cookie is placed in your browser thus disabling further data collection.
Please note that if you delete all of your cookies you must opt out again.
Social media content
We incorporate social media content in our web pages which is pulled from the servers of the respective third-party provider (Facebook, Instagram, Twitter – see third-party social media providers further below). This content may include graphics, videos, or social media buttons as well as posts relating to TU Berlin.
We request your consent to show you individual content from any of the providers named above before any data is transferred. Your consent forms the legal basis for processing your data. The technical foundation for processing your declaration of consent is a cookie stored upon consent which you can delete at any time.
The display of embedded content from third-party providers requires that these providers process your IP address, as they cannot send their content to your web browser without it. The processing of your IP address is therefore absolutely necessary for the presentation of these contents or functions.
We strive to only use content whose provider only uses the IP address to deliver content.
In addition: Third-party providers may use pixel tags (invisible graphics, also referred to as web beacons) for statistical or marketing purposes. Pixel tags enable information such as visitor traffic to our web pages to be analyzed. The pseudoynmous information may also be stored in the form of cookies on the user’s device and contain other technical information about the browser and operating system, linked websites, time of visit, and other information about the use of our website as well as linked to such information from other sources.
Social media links
On our web pages we link to TU Berlin accounts or profiles on social media networks of the third-party providers listed below. We also offer the option to share our website content on the social media networks of the third-party providers listed below. The social media account is embedded via a share button for the respective network, preventing a connection from automatically being established to the respective server of the social network when visiting any of our web pages with such linked social media content, for instance in order to display a post on the respective network itself. Only by clicking on such a button will you be taken to the respective social network,
which will then collect information about you. Initially this includes data such as your IP address, the date, time, and page visited. We do not know if or how this data is processed in the USA.
If you are signed in to your user account with the respective social network, the network provider is able to attribute the collected information about your visit to your personal account. If you interact via the respective network’s “share” button, this information may be saved to your user account and published. If you would like to prevent the collected information from being directly associated with your user account, you must first sign out before clicking the button. You also have the option of configuring your user account accordingly.
Third-party social media providers
795 Folsom St., Suite 600
San Francisco, CA 94107
EU-US Privacy Shield certification: https://www.privacyshield.gov/…0000TORzAAO&status=Active
Google Ireland Limited
Gordon House, Barrow Street
a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA
EU-US Privacy Shield certification: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
To share video content, our website uses plugins for YouTube videos from the video sharing platform operated by YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
When you visit one of our pages with an embedded YouTube plugin, a connection to YouTube’s servers is established. The server receives information about which of our web pages you have visited and your IP address, even if you are not signed in or do not have a YouTube account.
If you are signed into your YouTube account, YouTube will be able to store this information in your user account. You can prevent this by first signing out of your YouTube account.
We use YouTube make our website more attractive to users and avoid the double storage of data. This is lawful under Article 6 paragraph 1 lit. f GDPR.
Specific details about how user data are handled are available on YouTube’s privacy page: https://www.google.de/intl/de/policies/privacy
Storage location and data usage for a specific purpose
We collect, process and store your personal data exclusively internally (as a rule at the TU Berlin computing center) for the purpose you communicated to us and only for the purpose for which you have provided it to us. Without your explicit consent, your personal data will not be given to third parties as long as it is not necessary for the supply of a service or execution of an agreement. The forwarding of data to requesting governmental institutions and authorities is only undertaken based on the legal obligation to provide information or if we are legally obligated to do so by a judicial decision.
We also take the University’s internal data protection very seriously. Our employees and contracted service providers are bound to confidentiality and compliance with data protection law.
Right to information
You have the right to retrieve information about your stored personal data at any time free of charge without giving reasons. Please contact the address provided in the site credits of the website. We will be pleased to assist you if you have any further questions about our data privacy information.
Right of complaint
Should you have reason to believe that we are not adhering to this data privacy statement, you can contact the data protection officer at Technische Universität Berlin at any time:
Data Protection Officer of Technische Universität Berlin
Straße des 17. Juni 135
Room H 1038
Phone: +49 30 314 21784
Fax: +49 30 314 28033
You also have the right to contact the local controlling authority:
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstr. 219 / visitor entrance via Puttkamerstr. 16 -18
10969 Berlin Phone: +49 30 13889-0
Fax: +49 30 2155050
Please note that data privacy regulations and handling of data privacy are subject to change requiring you to regularly inform yourself about changes of data privacy laws and company policies.
This data privacy statement only applies for content of TUB webservers which provide this data privacy statement and does not cover linked websites of external webservers.