Data protection

Data protection is our concern and our legal obligation.
We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.
In order to adequately protect the security of your data during transmission, we use state-of-the-art encryption methods (SSL) and secure technical systems.
You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.
If SSL encryption is activated, the data you transmit to us cannot be read by third parties.
Javascript is used as an active component for the web pages.
If you have deactivated this function in your browser, you will receive a corresponding message to activate the function.
This privacy policy applies to the websites:www.hs-coburg.dewww.coburg-university.de and as a supplement insofar as we process personal data under our own responsibility for:

• Facebook: https://www.facebook.com/hscoburg
• Instagram: https://www.instagram.com/hochschule_coburg/
• TikTok: https://www.tiktok.com/@hochschule.coburg
• LinkedIn: https://de.linkedin.com/school/hochschule-coburg/
• YouTube: https://www.youtube.com/user/HochschuleCoburg
• Twitter: https://www.twitter.com/hs_coburg

Coburg University of Applied Sciences Friedrich-Streib-Straße 2 96450 Coburg Represented by: Coburg University of Applied Sciences is a public corporation.
It is legally represented by its President Prof. Dr. Stefan Gast. Contact: Phone: +49 9561 317 0 Fax:+49 9561 317 275 E-Mail: poststelle@hs-coburg.de To the imprint

Data Protection Officer of the University Friedrich-Streib-Straße 2 96450 Coburg T. +49 9561-317443 F. +49 9561-317109 E-Mail: datenschutz@hs-coburg.de

In accordance with Art. 2 Para.
2 BayHIG, Art. 4 para.
1 S. 1 and 2 BayEGovG, we offer our services and administrative services as well as information for the public about our activities on our websites.
We enable you to contact us quickly electronically and communicate directly via the media of your choice.
Our social media presence is therefore also part of our public relations work.
Our aim is to inform and communicate with you in a target group-oriented manner, Art. 2 para.
2 BayHIG.
If you send us a request or opinion by email, post, telephone, fax or social media, the information provided will be processed for the purpose of handling the request and for possible follow-up questions and the exchange of opinions.
We always use the same communication channel for this, unless you request a change.
The data is stored solely for the purpose of processing or contacting the person concerned.
The data will not be passed on to third parties.
We disclose and block or delete content and posts, requests that violate the rights of third parties or that constitute a criminal offense or administrative offense, or that do not comply with legal or contractual obligations of conduct, by transmitting them to the responsible authority or social media service.

Some of the Internet pages use so-called cookies.
Cookies do not damage your computer and do not contain viruses.
Cookies are used to make our website more user-friendly, effective and secure.
Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies”.
They are automatically deleted at the end of your visit.
Other cookies remain stored on your end device until you delete them.
These cookies enable us to recognize your browser on your next visit.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when closing the browser.
If cookies are deactivated, the functionality of this website may be restricted.  

Edit cookies

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us.
These are

• Information about the browser type and version used
• The user’s operating system
• The user’s Internet service provider
• The IP address of the user
• Date and time of access
• Websites from which the user’s system accesses our website (referrer)
• Websites that are accessed by the user’s system via our website

This data cannot be assigned to specific persons.
This data is not merged with other data sources.
The processing of the data serves to deliver the contents of our website, to ensure the functionality of our information technology systems and to optimize our website.
Log file information is generally stored for a maximum of 7 days for security reasons (e.g. to investigate misuse or fraud) and then deleted.

If you send us inquiries via the contact form or register for an event at Coburg University of Applied Sciences, your details from the form, including the contact details you provide there, will be stored by us for the purpose of processing the inquiry or organizing the event.
We will not pass on this data without your consent.
It will be deleted no later than six months after completion of the enquiry/event.

On our website, iFrames (i.e. embedded content from other websites) are used for ticket reservations and ticket sales for events.
Ticket reservations and ticket sales are processed via the “Eventfrog” platform.
This is operated by an external service provider – Eventfrog AG, Neuhardstrasse 38, CH -4600 Olten.
For this purpose, we have integrated a corresponding iframe from Eventfrog into our website.
There you have the option of registering for the event or purchasing a ticket.
When purchasing tickets or registering, Eventfrog collects the requested data of the participants and then transmits it to us as the organizer.
The service provider collects, processes and stores the following data in particular E-mail address, title, first and last name, address, mobile phone number if applicable.
Mobile phone number, if applicable.
Date of birth, other event-related information, such as menu preferences or intolerances, accompanying person(s), school qualifications, “how did I hear about the event”?
payment method for chargeable offers (e.g. by credit card, direct transfer or Twint), IP address of the requesting computer, date and time of access.
This data is also stored by us for the purpose of processing the contract.
The collection and transmission of data is necessary for the performance of the contract (e.g. for controlling admission to the event) on the basis of Art. 6 para.
1 lit.
b and f GDPR.
If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para.
1 lit.
a GDPR.
Consent can be revoked at any time.
All your registration data will be encrypted and forwarded to Eventfrog.
Further information on the handling of user data can be found in Eventfrog’s privacy policy.

Our website uses the donation form of twingle GmbH, Prinzenallee 74, 13357 Berlin.
For this donation form, twingle GmbH provides the technical platform for the donation process.
The data you enter when making a donation (e.g. address, bank details, etc.) will only be stored by twingle on servers in Germany for the purpose of processing the donation.
We have concluded a contract with twingle for commissioned data processing and fully implement the strict requirements of the EU General Data Protection Regulation and the German data protection authorities when using the twingle donation form.
Your data is transmitted on the basis of Art. 6 para.
1 lit.
a GDPR (consent) and Art. 6 para.
1 lit.
b GDPR (processing for the performance of a contract).
If you have given your consent to data processing, you can withdraw your consent at any time.
A revocation does not affect the effectiveness of data processing operations in the past. Collection, processing and use of personal data for donations When you make a donation, we collect and use your personal data only to the extent necessary to fulfill and process your donation and, if applicable, to process your inquiries.
The provision of the data is necessary for the processing of the donation process.
Failure to provide it means that your donation cannot be received.
The processing is carried out on the basis of Art. 6 (1) lit.
b GDPR and is necessary for processing the donation.
Your data will not be passed on to third parties without your express consent.
The only exceptions to this are our service partners that we need to process the donation or service providers that we use as part of order processing.
In addition to the recipients named in the respective clauses of this privacy policy, these are, for example, recipients of the following categories Payment service providers, service providers for sending the donation receipt.
In all cases, we strictly observe the legal requirements.
The scope of data transmission is limited to a minimum.
You have the option of withdrawing your consent to data processing at any time.
A revocation does not affect the effectiveness of data processing operations that took place in the past.
Further information on the handling of user data can be found in Twingle’s privacy policy.

To subscribe to the newsletter offered on our website, you can register using our form.
We use the so-called double opt-in procedure.
A confirmation email will first be sent to the email address you have provided, asking you to confirm your registration.
The registration only becomes effective when you click on the activation link contained in the confirmation e-mail.
We use the data transmitted to us exclusively for sending the newsletter.
We work together with the service provider rapidmail to send our newsletter.
For this purpose, we only transmit your e-mail address to rapidmail GmbH.
Rapidmail GmbH is prohibited from using your data for purposes other than sending the newsletter.
Rapidmail GmbH is not permitted to pass on or sell your data.
rapidmail is a German, certified newsletter software provider that has been carefully selected in accordance with the requirements of the GDPR and the BDSG.
You can revoke your consent to the storage of your data and its use for sending the newsletter at any time, e.g. via the unsubscribe link in the newsletter.

This website uses functions of the web analysis service Google Analytics. The provider is Google Inc, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Contract data processing We have concluded a contract with Google for contract data processing and fully implement the strict requirements of the German data protection authorities when using Google Analytics.
Users’ personal data is deleted after 26 months. IP anonymization We have activated the IP anonymization function on this website.
This means that your IP address will be truncated by Google within member states of the European Union or in other signatory states to the Agreement on the European Economic Area before being transmitted to the USA.
Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. Cookies Google Analytics also uses “cookies”.
These are text files that are stored on your computer and enable your use of the website to be analyzed.
The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there.
Objection to data collection You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
Browser plugin You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plugin available at the following link: https://tools.google.com/dlpage/gaoptout?hl=deOpt-out You can also prevent Google Analytics from collecting your data by clicking on the following link.
An opt-out cookie will be set to prevent your data from being collected on future visits to this website:

If you delete your cookies, you will need to click this link again the next time you visit our site.
You can find more information on how Google Analytics handles user data in Google’s privacy policy: https://support.google.com/analytics/answer/6004245?hl=de

As part of our public relations work, we maintain an online presence on social networks and platforms. Our aim is to provide target group-oriented information and to communicate with interested parties and users. We would like to point out that user data may be processed outside the European Union. This may result in risks for users because, for example, it could make it more difficult to enforce users’ rights. With regard to US providers that are certified under the Privacy Shield, we would like to point out that they thereby undertake to comply with the data protection standards of the EU. Furthermore, user data is generally processed for market research and advertising purposes. For example, user profiles can be created from the usage behavior and the resulting interests of the users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user’s computer, in which the user’s usage behavior and interests are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them). The processing of users’ personal data is based on our legitimate interests in effective user information and communication with users in accordance with Art. 6 para. 1 lit. f. GDPR. GDPR. If the users are asked by the respective providers of the platforms for consent to the data processing described above, the legal basis for the processing is Art. 6 para. 1 lit. a., Art. 7 GDPR. A detailed description of the respective processing and the opt-out options is available directly from the respective providers. In the case of requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the user’s data and can take appropriate measures and provide information directly.

• Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), Facebook pages based on an agreement on joint processing of personal data Privacy Policy: https://www.facebook.com/about/privacy/ Opt-Out: https://www.facebook.com/settings?tab=ads and http://www.youronlinechoices.com Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.
• Google/YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) Privacy Policy: https://policies.google.com/privacy Opt-Out: https://adssettings.google.com/authenticated Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
• Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) Privacy Policy/ Opt-Out: http://instagram.com/about/legal/privacy/.
• LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland) Privacy Policy https://www.linkedin.com/legal/privacy-policy Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.
• Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) Privacy Policy: https://twitter.com/de/privacy Opt-Out: https://twitter.com/personalization Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.
• Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany) Privacy Policy/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung

Plugins of the social network Facebook, provider Facebook Inc, 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages. You can recognize the Facebook plugins by the Facebook logo on our site. You can find an overview of the Facebook plugins here: http://developers.facebook.com/docs/plugins/.
When you visit our website, a direct connection is established between your browser and the Facebook server via the plugin.
Facebook receives the information that you have visited our site with your IP address.
If you click on the “Share this page” function on one of our pages while you are logged into your Facebook account, you can link the content of our pages to your Facebook profile.
This allows Facebook to associate your visit to our pages with your user account.
If a user is not a member of Facebook, it is still possible for Facebook to find out their IP address and store it.
According to Facebook, only an anonymized IP address is stored in Germany.
We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Facebook.
The purpose and scope of the data collection and the further processing and use of the data by Facebook as well as the related rights and setting options to protect the privacy of users can be found in Facebook’s data protection information: https://www.facebook.com/about/privacy/ If you do not want Facebook to be able to associate your visit to our pages with your Facebook user account, please log out of your Facebook user account and delete your cookies.

Functions of the Twitter service are integrated on our pages. These functions are offered by Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transmitted to Twitter in the process. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Twitter. Further information on this can be found in Twitter’s privacy policy at http://twitter.com/privacy. You can change your data protection settings on Twitter in the account settings at
http://twitter.com/account/settings.

Our website uses plugins from the YouTube site operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. When you visit one of our pages equipped with a YouTube plugin, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. The data collected is used, for example, to show you personalized advertising. You can deactivate this personalized advertising: https://adssettings.google.com/authenticated You can also log out of your YouTube account to prevent your surfing behavior from being assigned to your personal profile.
You can find more information on the handling of user data in YouTube’s privacy policy athttps://www.google.de/intl/de/policies/privacyErweiterter Data protection mode We use embedded YouTube videos in extended data protection mode.
This means that YouTube does not store cookies for a user who views a website with an embedded YouTube video player but does not click on the video to start playback.

You can also contact the Student Advisory Service at Coburg University of Applied Sciences via WhatsApp. All posts can be seen by all members of the Student Advisory Service. The chat history and the associated telephone number will be deleted by us one month after the end of the counseling contact and will not be passed on to third parties. The data can be deleted immediately at any time on request. You can revoke your consent to us at any time for the future by sending us a WhatsApp message or notification, without affecting the legality of the processing carried out on the basis of the consent until revocation. Please note that if you choose to communicate via WhatsApp, WhatsApp’s terms of use and privacy policy in particular apply, over which we have no influence. WhatsApp is part of the Facebook group of companies. When using WhatsApp, you allow the company to process your data extensively, including comprehensive advertising consent. WhatsApp contact with us takes place via a company account. This discloses your relationship with us to WhatsApp and Facebook and your profile is used for targeted advertising, among other things. When you contact us via WhatsApp, your data will also be processed abroad: For services in Europe, this is done by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland and for services outside Europe by WhatsApp Inc,1601 Willow Road, Menlo Park, California 94025, United States of America. The following apply
Terms of Use and Privacy Policy of WhatsApp apply.

We integrate maps from the “Google Maps” service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
In particular, your IP address and location data may be are collected and processed.
These are however, will not be used without your consent (as a rule, you can specify this in the settings of your mobile device, for example).
The data may be processed in the USA.
Privacy policy: https://www.google.com/policies/privacy/, opt-out: https://adssettings.google.com/authenticated.

The controller processes and stores personal data of the data subject only for as long as is necessary to achieve the purpose of storage.
Storage may also take place if this has been provided for by the European or national legislator in EU regulations, laws or other provisions to which the controller is subject (e.g. Bavarian Archive Act).
As soon as the purpose of storage ceases to apply or a storage period prescribed by the aforementioned regulations expires, the personal data is routinely blocked or erased.

If your personal data is processed, you are a data subject within the meaning of the General Data Protection Regulation (GDPR) and you have the following rights:

• Right to information You have the right to request confirmation as to whether the data in question is being processed and can request information about this data as well as further information and copies of the data in accordance with Art. 15 GDPR.

• Right to rectification You may, in accordance with.
  Art. 16 GDPR, you may request the completion or correction of the data concerning you if the processed personal data concerning you is incorrect or incomplete.

• Right to erasure In accordance with Art. 17 GDPR, you can demand that the relevant data be erased immediately.
• Right to restriction of processing In accordance with Art. 18 GDPR, you can request that the processing of your data be restricted.
• Right to information If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.
  You have the right vis-à-vis the controller to be informed about these recipients.

• Right to data portability You may request to receive the data concerning you that you have provided to us in accordance with Art. 20 GDPR and request that it be transferred to other data controllers.

• Right to lodge a complaint acc.
  Art. 77 GDPR, you can lodge a complaint with the competent supervisory authority (Bavarian State Commissioner for Data Protection).

Right of withdrawal

You have the right to withdraw your declaration of consent under data protection law in accordance with Art.
Art. 7 para.
3 GDPR with effect for the future.
The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Right of objection

You can object to the future processing of data concerning you at any time in accordance with Art. 21 GDPR.
In particular, you may object to processing for direct marketing purposes.

We reserve the right to amend this privacy policy from time to time to ensure that it always complies with current legal requirements or to implement changes to our services in the privacy policy, e.g. when introducing new services.
The new privacy policy will then apply to your next visit.