I. General Preliminary Remarks
The central web server www.uni-bremen.de together with the individual sites belonging to the University of Bremen present the University internally and externally, disseminate information and support the tasks of the university. The web presence has an independent, uniform design. However, the university institutes and faculties (such as https://scar-iasc.de/) have a certain freedom when it comes to the individual design of their homepages and in this context also bear their own responsibility.
II. Responsibilities and Competences
No guarantee is given for the operation or for the correctness and topicality of the information contained in the web presence. The Center for Networks at the University of Bremen is responsible for the operation of the server. The respective editors are responsible for the organization in the individual faculties. The University Executive Board has general responsibility for content and decides in case of doubt about the admissibility of the data. The online editorial team of the National Committee SCAR/IASC maintains the https://scar-iasc.de/ homepage. Otherwise, the departments, units, Faculties and institutions of the University are responsible for the contents they present.
Name and address of the person legally responsible:
University of Bremen
The University President, Prof. Dr. Jutta Günther
Bibliothekstrasse 1-3
28359 Bremen, Germany
Tel.: +49 421 218-1
Webseite: https://www.uni-bremen.de/
Email: web [at] uni-bremen.de
Name and address of the data protection officer:
University of Bremen
Katja Losch-Kremer
Referat 06
Bibliothekstrasse 1-3
29359 Bremen, Germany
Tel.: +49 421 218-60211
Fax: +49 421 218-60210
Email: datenschutz [at] uni-bremen.de
III. General Information about Data Processing
(1) The University of Bremen and the National Committee SCAR/IASC take data privacy very seriously. We process the personal data collected when visiting our websites in full compliance with the applicable data privacy regulations. These include, in particular, the EU General Data Protection Regulation (GDPR), the Bremen Implementation Act on the EU General Data Protection Regulation (BremDSGVOAG), the Higher Education Act of the State of Bremen (Section 11 BremHG), and the Digitale Dienste Gesetz (DDG).
(2) In principle, we process personal data of our users only insofar as this is necessary to provide a functioning website and present content and services (see points 6 and 7). The processing of our users’ personal data takes place only after obtaining their consent. An exception applies in cases where prior consent is de facto not possible and the subsequent processing is permitted by law. Any use of your personal data takes place solely for the stated purposes and to the extent necessary to serve these purposes.
(3) Your data will neither be published by us nor without authorization passed on to third parties. We point out, however, that we are entitled in individual cases and on the order of the competent bodies to provide information on collected data for law enforcement purposes, to aid the police forces of the Länder in the prevention of risks and the Federal Intelligence Service in fulfilling the statutory duties of the constitutional protection authorities of the Federal Government and the Länder (legal basis Article 6 section 1 item (c) GDPR).
In the following, we wish to inform you about the nature, scope, and purpose of the collection and use of personal data.
1. Data collection and processing when accessing from the Internet
(1) When you visit our website, our web servers automatically save every access in a log file.
(2) This data is stored separately from other data that you enter when using our website. It is not possible for us to assign this data to a specific person. This data is not stored together with other personal data of the user. Data is stored in log files to ensure the functionality of the website. The data is also used to optimize the website and to ensure the security of our information technology systems. This data is used in anonymized form for the statistical evaluation of our website and then deleted. The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
The following data is recorded:
- The IP address of the requesting computer
- Date and time of access
- Access method / function desired by the requesting computer
- Name and URL of the retrieved file
- Transmitted amount of data
- Access status of the web server (file transfer, file not found, command not executed, etc.)
- The URL from which access is acquired
(3) The login for access to protected areas is partially logged in order to detect attempts at abuse and password attacks. Thereby, no data is stored with the help of which personal profiles could be created about the user’s behavior.
2. Use and transfer of personal data
(1) In general, it is not necessary for you to provide personal data in order to use our website. However, in order for us to actually provide some of our services (registration for an event or see point 9. Contact form), we may need your personal data (e.g. name, address, e-mail address).
(2) Any use of your personal data will only take place for the stated purposes and to the extent necessary to achieve these purposes. None of this data will be passed on to third parties without the user’s prior consent.
(3) The transmitted data is stored in a database that is only accessible to administrators. For data security, please refer to point 5.
(4) You can revoke your consent to the storage of data at any time. To do so, please send an e-mail to:
nkscar [at] uni-bremen.de
(5) We would like to point out that data transmission over the Internet (e.g. when communicating by e-mail) can have security gaps. Complete protection of data against access by third parties is not possible.
3. Cookies
(1) We use necessary cookies on our websites. Cookies are small text files that are stored by the browser on your computer. A distinction is made between session cookies, which are deleted as soon as you close your browser, and persistant cookies, which are stored beyond individual sessions. We do not use these necessary cookies for analysis, tracking, or advertising purposes. Some of these cookies only contain information on certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security, and running of the website. The legal basis for the use of these cookies is Article 6 section (1) item (f) GDPR. You can set your browser to inform you when cookies are placed. Additionally, you can delete them at any time via the corresponding browser setting and prevent the setting of new cookies. Please note that our websites may then not be displayed in full and some functions may no longer be technically available.
The following cookies are set:
| Cookie | Description |
|---|---|
| complianz_policy_id | This functional cookie is set to store the user consent for the privacy policy. |
| Cmplz_marketing | This functional cookie is set to save the user settings for marketing cookies. |
| Complianz_consent_status | This functional cookie is set to store user preferences for cookies. |
| Polylang language cookie (pll_language) | This functional cookie is used to determine the user’s language and to save the user’s language selection when they return to the scar-iasc.de website. |
| wordpress_test_cookie | Our WordPress content management system sets a test cookie (wordpress_test_cookie) for each visitor to check whether the browser accepts cookies. |
| wp-settings-{user_id} | Is used to obtain the wp-admin configuration of a logged-in user. |
| wp-settings-time-{user_id} | Determines the time at which wp-settings-{user} was set for a logged-in user. |
| wordpress_logged_in_{hash} | Saves the session of a logged-in user. |
| wordpress_sec_{hash} | Is set to protect against hackers and to store account data. |
(2) In your browser settings, you can specify whether cookies may be set or not.
4. Web analytics
Our website uses the statistics tool WP Statistics. The legal basis for the use of WP Statistics is Article 6 (1) item (a) GDPR. With the aid of these statistics we can improve our offer and make it more interesting for you as a user. WP Statistics does not collect and store any personal data. Your IP address is be immediately anonymized during this process so that you remain anonymous to us as a user. The anonymization of the IP address sufficiently takes into account the interest of users in the protection of their personal data. The information generated about your use of this website will not be disclosed to third parties. WP Statistics does not store any cookies on your computer.
5. Data security
(1) Our technical-organizational security measures, with which we protect all data from the access of unauthorized persons, are always kept up-to-date. As far as your data is collected and recorded by us, it is stored on specially protected servers. These are protected by technical and organizational measures against loss, destruction, access, modification or distribution by unauthorized persons. Access to your data is only possible for a limited number of authorized persons. All our employees are sworn to confidentiality. Personal information is always transmitted in encrypted form. The transmitted data is stored in a database that is only accessible to administrators.
(2) We point out, however, that data transmission via the Internet (for example, when communicating by email) may be vulnerable security wise. There is no complete protection from the data being accessed by third parties.
6. Links to websites of other providers
Our Internet pages contain links (references) to external websites of third parties. These websites are subject to the liability of the respective operator. Therefore, we cannot assume any liability for these external contents. At the time the links are included, there is no evidence of illegal contents on the respective pages. However, we have no influence on the current and future design and content of the linked sites. A permanent control of these third party sites would be unreasonable. If we become aware of a violation, we will remove the link immediately. When you leave this site, it is recommended that you carefully read the privacy policy of each website first.
7. YouTube
Our websites use an iFrame of the Google Inc. powered YouTube site. The operator of these pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our YouTube iFrame-equipped sites, you will be connected to the servers of YouTube. It tells the YouTube server which of our pages you’ve visited. If you’re logged into your YouTube account, you allow YouTube to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account. Legal basis is Article 6 section 1 item (f). For more information on how user data is handled, please refer to the YouTube Privacy Policy at https://policies.google.com/privacy
8. Contact form
You can contact us via our contact form. To use our contact form, you must first complete the mandatory fields.
We use this data on the basis of Article 6 (1) item (a) GDPR in order to respond to your inquiry.
Your data will only be stored to answer your request. We will delete your data as soon as it is no longer required and if there are no legal obligations to retain it. This is usually the case 90 days after processing your request.
You have the right to object to the storing of your data at any time in accordance with Article 6 (1) item (f) GDPR. To do so, please contact nkscar [at] uni-bremen.de
10. SSL encryption
This site uses SSL encryption for security reasons and to protect the transmission of sensitive content, such as the requests you send to us as the site operator. You can recognize an encrypted connection when the address line of the browser changes from “http: //” to “https: //” and the lock symbol appears in your browser line. When SSL encryption is enabled, it is virtually impossible for third parties to read the data you transmit to us.
IV. Rights of the Data Subject
Insofar as the University of Bremen processes the personal data you provide, you, as the person affected, are entitled in accordance with GDPR to the following rights:
1. Right of access by the data subject (Article 15 GDPR)
You have the right to obtain confirmation as to whether or not personal data concerning you is being processed; if that is the case, you have a right to access this personal data and the information listed in detail in Article 15 GDPR.
2. Right to rectification (Article 16 GDPR)
You have a right to rectification and / or completion vis-à-vis the controller if the personal data processed is incorrect or incomplete. The controller must make the correction without delay.
3. Right to restriction of processing (Article 18 GDPR)
You have the right to request the restriction of processing of your personal data if one of the conditions listed in article 18 GDPR is met, for example example, if you have lodged an objection to the processing, for a period of time that enables the controller to verify your personal information.
4. Right to erasure (“right to be forgotten”) (Article 17 GDPR)
You have the right to obtain that personal data concerning you be erased immediately if one of the grounds listed in Article 17 GDPR applies.
5. Notification obligation (Article 19 GDPR)
If you have declared your right of rectification, erasure or restriction of processing to the controller, he/she is obliged to notify all recipients to whom your personal data have been disclosed of this correction or deletion of the data or restriction of processing, unless this proves to be impossible or involves a disproportionate effort.
You shall have a right vis–vis the controller to be informed about these recipients.
6. Right to data portability (Article 20 GDPR)
In certain cases, which are listed in detail in Article 20 GDPR, you have the right to receive the personal data concerning you in a structured, commonly used, and machine-readable format and to request the transmission of this data to another controller.
7. Right to object (Article 21 GDPR)
If data is collected on the basis of Article 1 (1) item (f) GDPR (data processing for the purposes of legitimate interests) or on the basis of Article 6 (1) item (e) GDPR (data processing to protect the public interest or in the exercise of official authority), you have the right to object to the processing at any time on grounds relating to your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for processing that outweigh your interests, rights and freedoms, or the processing is for the purpose of establishing, exercising, and defending legal claims.
8. Right to withdrawal of consent (Article 7 (3) GDPR)
If the processing of data is based on your consent, you have the right to withdraw your consent to the use of your personal data at any time in accordance with Article 7 (3) GDPR. Please note that the withdrawal of consent only takes effect for the future. It shall not affect the lawfulness of processing based on consent before its withdrawal. For this purpose and for further questions on the subject of personal data, you can contact the above addresses as well as by email to the following address:
content [at] uni-bremen.de
9. Automated individual decision-making, including profiling (Article 22 GDPR)
You shall have the right not to be subject to any decision based solely on automated processing, including profiling, which will have legal effect or affect you in a similar manner. This does not apply if the decision
(1) is required for the conclusion or performance of a contract between you and the controller,
(2) is permitted by European Union or Member State legislation to which the controller is subject, and where such legislation contains appropriate measures to safeguard your rights and freedoms and legitimate interests, or
(3) with your express consent.
However, these decisions must not be based on special categories of personal data pursuant to Article 9 (1) GDPR, unless Article 9 (2) item (a( or (g) GDPR applies and reasonable measures have been taken to protect the rights and freedoms as well as your legitimate interests. With regard to the cases referred to in (1) and (3), the controller shall take appropriate measures to uphold your rights and freedoms and your legitimate interests, including at least the right to obtain the intervention of a person by the controller, to explain his/her own position and be heard.
10. Right to lodge a complaint with a supervisory authority (Article 77 GDPR)
In accordance with Article 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you consider that the processing of personal data relating to you infringes data protection regulations. The right to lodge a complaint can be exercised in particular with a supervisory authority in the Member State of your habitual residence, place of work, or place of the alleged infringement.
11. Assertion of your rights
Unless otherwise described above, please contact the body named in the legal notice to assert your rights as a data subject.
VI. Validity and Timeliness of the Privacy Policy(as of August 2024)
By using our website, you consent to the use of the data as described above. This privacy policy is immediately valid and supersedes all prior statements. This statement will be updated as necessary to bring it into line with the content of the website as well as more generally with legislative changes.
The English version of this text is for informational purposes only. Only the German version is legally binding.