ATTENTION: This is a translation of the original. Only the document in its German form is legally binding.
ruhrvalley is a co-operation between Dortmund University of Applied Sciences and Arts, Bochum University of Applied Sciences and the Westphalian University of Applied Sciences, which focuses on the areas of mobility, energy and digitalisation.
The responsible party, according to the EU’s General Data Protection Regulation (GDPR) and national data protection laws of member states, as well as other data protection provisions, is:
Dortmund University of Applied Sciences and Arts, represented by the Rector
Sonnenstraße 96, 44139 Dortmund
Tel.: + 49 231 9112-0
Ministry of Culture and Science of North-Rhine Westphalia (MKW NRW)
The data protection officer of Dortmund University of Applied Sciences and Arts can provide further information on the topic of data protection. They can be contacted at:
Dr. Thilo Groll und Katrin Zeigerer
We collect and use the personal data of our users only insofar as it is necessary to provide a fully functioning website as well as our content and services, and if a legal framework allows it.
Legal framework for processing personal data
Insofar as consent from the data subject is required in order to process their personal data, article 6(2) point a of GDPR is the legal framework.
Insofar as the processing of personal data is necessary to fulfil a legal requirement, which Dortmund University of Applies Sciences and Arts is subject to, article 6(1) point c GDPR is the legal framework.
Insofar as the vital interests of the data subject or another natural person require the processing of personal data, article 6(1) point d GDPR is the legal framework.
Insofar as the processing is necessary to fulfil a task in the public’s interest or in the exercise of official authority, article 6(1) point e GDPR is the legal framework.
Insofar as the processing is necessary to safeguard a justifiable interest, and the interests and basic rights and freedoms of the data subject do not outweigh it, article 6(1) point f GDPR is the legal framework. This does not apply when the processing occurs in the exercise of public authority.
Duration of the storage of personal data
We store the personal data of the data subject only as long as reason to store it exists. If the processing depends on the authorisation of the data subject, the data will be stored until such a time as the data subject withdraws their authorisation unless there is a different legal framework for the processing.
Every time our website is accessed, our system automatically collects data and information from the computer system accessing it.
The following data is gathered:
1. Information about the type of browser and the version being used
2. The user’s operation system
3. The user’s internet service provider
4. The user’s IP address
5. Time and date of access
6. Websites from which the user’s system accesses our internet site (if the user’s client supports this function)
7. Websites, which the user’s system accesses through ours
8. How long the user stays on our website
9. Downloads through our website
The data is also stored in our system’s logfiles. This data is not stored together with other personal data of the user.
The software runs exclusively on the servers of our website. The user’s personal data is stored only there. The data is not made available to third parties.
Legal framework for data processing
The legal framework for temporary data and logfile storage is article 6(1) point f GDPR
Purpose of data processing
The temporary storage of the IP address in the system is necessary to provide the website to the user’s computer. For this purpose, the user’s IP address must be stored for the duration of the session.
Storage of the logfiles is necessary to guarantee the functionality of the website. Additionally, the data is used to optimise the website and to guarantee the security of our informatic systems. The data is not analysed for marketing purposes.
Our justifiable interest in data processing lies within these processing purposes, according to article 6(1) point f GDPR.
Duration of the storage of personal data
When a session is finished, the data stored in the logfiles is deleted after no more than seven days. Storage for longer periods is possible; in this case the users’ IP addresses are deleted or scrambled in such a way as to make it impossible to match them to a client.
Your personal data is not shared with third parties for other than the purposes specified below:
We share your personal data with third parties if:
· You have explicitly given your consent, as defined in article 6(1) point a GDPR,
· The submission of the data is necessary to enforce, exercise or defend legal interests and there is no reason to expect that you have a prevailing protectable interest in not having your data shared, as defined in article 6(1) subparagraph 1 point f GDPR
· In case there is a legal obligation to share the data, as defined in article 6(1) subparagraph 1 point f GDPR
· Sharing the data is legally permissible and necessary for processing a contractual relationship with you, as defined in article 6(1) subparagraph 1 point f GDPR.
Besides web analysis from Google Analytics (see section 6) we use other cookies on our website. These are small files, which your browser automatically creates when you visit our website and stores on your device (laptop, tablet, smartphone, etc.). Cookies do not damage your device and do not contain viruses, Trojans or other malware.
The cookie contains information generated in relation to the specific device being used. This, however, does not mean that we can use them to retrieve your identity.
Purpose of data processing
We use so-called session cookies to see that you have already visited individual pages in our website. If you visit our website again to use our services, the system recognises automatically that you have been here before and which parameters and settings you have used, so you do not have to input them again. Session cookies are technically necessary, but they are not used for analysis or marketing purposes.
Legal framework for data processing
The data processed using cookies for the purposes stated above is necessary to protect our legitimate interests and those of third parties as defined in article 6(1) subparagraph 1 point f GDPR.
Duration of the storage of personal data
Most browsers accept cookies automatically. You can, however, configure your browser settings so that no cookies are saved in your device, or that you are notified before a new cookie is created. If you choose to completely disable cookies, some of the services available on our website may not work properly.
a. This website uses Google Analytics, a web analysis service from Google Inc. (“Google”). Google Analytics uses so-called cookies, text files, which are stored on your device and allow the analysis of your use of the website. The information generated by the cookie about your use of the website is generally transmitted to a server in the USA and stored there.
b. Please be aware that on this website, Google Analytics has been complemented with the code “anonymizelp”, which guarantees the anonymous collection of IP addresses (using so-called IP masking). The code shortens your Google IP address in the European Union member countries and other associate countries in the European Economic Area. The complete address is transferred only in exceptional cases to a server in the USA and gets shortened there.
c. On behalf of the website operator, Google will use this information to analyse your use of the website to create reports about website activity, which can be used to provide more services related to website and internet use.
d. The IP address provided by your browser for Google Analytics will not be combined with other Google data.
e. You can block the storage of cookies with the appropriate settings in your browser. Additionally, you can block Google from collecting and analysing the data about your website use created by the cookie (including your IP address) by downloading and installing the browser plugin available at this link http://tools.google.com/dlpage/gaoptout?hl=de. You can block gathering by Google Analytics using the following link, which creates an opt-out cookie that blocks the future collection of your data when you visit this website:
f. Information about the third-party provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001
Data privacy: www.google.com/intl/de/analytics/learn/privacy.html
· Processing the collected data—which is stored for 12 months—allows us to analyse the surfing behaviour of our users. The legal framework for the processing of user data is article 6(1) point a GDPR.
On our website we use social media plugins for YouTube and Twitter. We use the so-called two-click solution, which means that when you visit our website no personal data is initially shared with the plugin providers. A connection to YouTube and Twitter is created only when you agree to their use.
a. We have integrated YouTube components into our website in order to fulfil our tasks as defined in article 6(1) point c and e GDPR and present our services using audio-visual means, which are stored at http://www.YouTube.com and can be played directly from our website. These contents are linked through an upstream image file in such a way that none of your user data is shared with YouTube. The data is shared with Google, usually their USA-based servers, only when you confirm their use by clicking on the file. We have no influence on the sharing of this data.
b. By accessing its website, YouTube gets the information that you have visited the corresponding page in our website. Additionally, the data mentioned in chapter 4 of this Data Protection Declaration is shared. This happens whether there is a YouTube user account that you are logged into, or not. If you are logged into Google, your data is directly matched to your account. If you do not wish to match with your YouTube account, you need to log out before clicking on the button. YouTube stores your data as a user profile and uses it for advertising, market research and/or to tailor its website. This kind of analysis is used in particular to create custom advertising and to inform other users of the social network about your activities on our website (even when a user is not logged in). You have the right to refuse the creation of this user profile; to make use of this right, please contact YouTube.
c. For more information about the purposes and the extent of the collection of data and its processing by YouTube please see their data protection declaration. You can also acquire more information about your rights and configuration alternatives to protect your privacy: https://www.google.de/intl/de/policies/privacy.
d. Information about the third-party provider : Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
a. When you click your consent to the use of the Twitter plugin, the content from Twitter will be transferred directly to your browser and embedded in the page. Unlocking the stream can lead to further data processing steps; the operators of this website have no influence on this.
b. By embedding the plugin, Twitter is informed that your browser accessed the appropriate page in our web presence, even if you do not have a user profile or you are not logged in. This information (including your IP address) is transferred from your browser directly to Twitter and stored there. If you are logged on your Twitter account, your visit to our website can be directly matched to your profile.
c. The purpose and the extent of the collection of data and its analysis and further use by the plugin provider, as well as your related rights and configuration alternatives to protect your privacy can be found in the data protection declaration at: https://twitter.com/privacy
d. The legal framework for the use of the plugin is article 6(1) subparagraph 1 point f GDPR (processing for the purposes legitimate interests). We have a legitimate interest in the use of the plugin, because with it we offer the possibility to interact with the operator and other users in both platforms. In this way we can better shape our services and make them more interesting for the users.
e. Information about the third party: Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07 Ireland
You have the following rights:
As long as your personal data is processed based on legitimate interests according to article 6(1) point f GDPR, you have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data, or when the personal data are processed for direct marketing purposes. In the last case you have a general right to object, which will be put into effect without the need to provide a particular reason.
If you wish to avail yourself to your right to object or withdraw your consent, please write an email to firstname.lastname@example.org.
When you visit our website, we use the widespread SSL process (Secure Socket Layer) in combination with the highest encryption level supported by your browser, usually 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology. To recognise whether individual pages from our website are being encrypted during transfer, look for the key or the lock symbols on the lower status bar in your browser.
a. As a service to our users, we offer them the possibility to network using the online platform ruhrvallinked, which belongs to the Innoloft Network, a digital B2B network. The operator of ruhrvallinked is thus the company Innoloft. When you follow the link https://ruhrvallinked.ruhrvalley.de/public/ , you will leave this website. The data protection rules from Innoloft apply on the ruhrvallinked.ruhrvalley.de website.
b. The purpose and the extent of the collection of data and its analysis and further use by the by Innoloft, as well as your related rights can be found in the data protection declaration at:
c. Information of third-party provider: Innoloft GmbH c/o digitalHUB Aachen Jülicher Straße 72 a 52070 Aachen
To guarantee that our data protection declaration always meets the current legal framework, we reserve the right to make changes to it at any time. This also applies when the data protection declaration needs to be updated because of changes or additions to our services. The new data protection declaration is effective as of the next time you visit our website.
This data protection declaration is currently valid in its version from May 2021.
If you have any questions, please contact us.
+49 (0) 2323 91987 026