Privacy policy

for ruhrvalley.tech

ruhrvalley is a cooperation of Dortmund University of Applied Sciences, Bochum University of Applied Sciences and Westphalia University of Applied Sciences focusing on mobility, energy and digitalization.

I. Overview

1. General Explanations

As the operator of this website, we are aware that the terminology used in and the collection of data is generally not always easy to understand. Therefore, we would like to explain some terms and answer questions that site users naturally often ask (FAQ) under I. in advance. After we have provided mandatory information and general information under II., you will finally find extensive and detailed information on the subject of data protection on our website in the data protection declaration listed under III. – VII.

2. Definitions of Terms and FAQ

a) What is the GDPR?

GDPR is the abbreviation for the General Data Protection Regulation. This is a regulation of the European Union, which aims to standardize the rules for processing personal data by private companies and public bodies throughout the EU. On the one hand, this is intended to ensure the protection of personal data within the European Union. At the same time, it is also intended to ensure the free movement of data within the European Single Market.

b) What is personal data?

Personal data is any information that relates or can at least be related to a natural person and thus enables conclusions to be drawn about that person’s personality. Such information may include, for example, the name, address, date of birth or e-mail address, but also the IP address assigned to the respective user when using the Internet.

c) What is meant by (data) processing?

According to Art. 4 of the GDPR, this refers to any operation or series of operations performed with or without the aid of automated processes in connection with personal data. This term is to be understood very broadly, so that practically every handling of data is included.

d) Who collects the data or who is responsible for the data collection on this website?

According to Art 4. GDPR, „responsible party” is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. The processing of data on this website is carried out by us as the operator of this website. The corresponding contact details can be found in the imprint of this website.

e) How do we collect your data?

Your data is collected on the one hand by you providing it to us. This can be, for example, data that you enter in a contact form or tell us by phone or e-mail. Other data is collected automatically by our IT systems when you visit our website, namely as soon as you enter it. The data collected here is mainly of a technical nature (e.g. information about the operating system you are using, the Internet browser you use to access the site or the time you access the website).

f) What do we use your data for?

Some of this data is collected to ensure that the website can be provided without errors. Other data, however, may be used to analyze your user behavior.

g) What is order processing?

Order processing makes it possible to transfer the authorization to process personal data to a service provider (contractor). For this purpose, a commissioned processing agreement is concluded between the client and the contractor, so that the security of the data processed is also guaranteed to the same extent here.

h) What rights do you have with regard to your data?

You have the right to receive information free of charge at any time about the origin, recipient and purpose of your stored personal data. You also have the right to demand the correction, blocking or deletion of this data. You can find more details on this under II. 4. of this declaration. If you have any further questions on the subject of data protection, you can contact the data protection officers directly (for contact details, see II. 2.). In addition, you have the right to lodge an appeal with the competent supervisory authority (see II. 4. of this declaration).

3. Analysis and Third-Party Tools

Your surfing behavior may be statistically evaluated when you visit our website. Such an evaluation is carried out primarily with the help of so-called cookies and through the use of so-called analysis programs. The analysis of your surfing behavior is usually anonymous; the surfing behavior cannot be traced back to you. You have the option to object to this analysis. In addition, you can prevent the analysis by not using certain tools. For detailed information on this and in particular on your objection options, please refer to the following data protection declaration.

II. Mandatory Information and General Information

1. Data Protection

As the operator of this website, we are aware of the great importance of data protection and therefore treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. When you use our website in any form, even if it is just by entering the site, various personal data are collected. Personal data is data by which you can be personally identified (for further explanations, please refer to I. In our present data protection declaration, we inform you about what data we collect and what we use it for. We also explain how and for what purpose and on what legal basis this is done. We point out that in the case of data transmission via the Internet (e.g. in the case of communication by e-mail), complete protection of the data against access by third parties is not possible, as security gaps can never be definitively ruled out.

2. Reference to the Responsible Person according to Art. 4 para. 7 GDPR

„Responsible Party“ pursuant to Art. 4 (7) EU General Data Protection Regulation (GDPR) is the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data.

The responsible party pursuant to Art. 4 (7) GDPR for data processing on this website is:

Fachhochschule Dortmund – University of Applied Sciences and Arts, represented by the Rector.

Sonnenstraße 96

44139 Dortmund

Germany

Phone: + 49 231 9112-0

Fax +49 (0)231 9112-313

Mailing Address

Fachhochschule Dortmund

Postfach 10 50 18

44047 Dortmund

Germany

Supervisory Authority:

Ministry of Culture and Science of the State of North Rhine-Westphalia (MKW NRW)

Data Protection Officers

If you have any further questions regarding data protection, please contact the Data Protection Officers of Fachhochschule Dortmund:

Dr. Thilo Groll and Katrin Zeigerer

E-mail: datenschutz@fh-dortmund.de

3. Revocation of your Consent to Data Processing

Some data processing operations are only possible if you have given your express consent beforehand. You can revoke any consent you have already given at any time. For this purpose, it is sufficient to send an informal message by e-mail to the data protection officers (contact see below under II. 2.). Your revocation does not affect the lawfulness of the data processing that took place until the revocation.

4. your rights

You have the following rights regarding the personal data concerning you:

– To request information about your personal data processed by us in accordance with Art. 15 DS-GVO. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data if it has not been collected from us, and the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;

– in accordance with Art. 16 GDPR, to demand the immediate correction of incorrect or completion of your personal data stored by us;

– pursuant to Art. 17 GDPR, to request the deletion of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defence of legal claims;

– pursuant to Art. 18 GDPR, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defense of legal claims or you have objected to the processing pursuant to Art. 21 DS-GVO;

– pursuant to Art. 20 GDPR, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request the transfer to another responsible party („right to data portability“);

– in accordance with Art. 7 (3) GDPR, to revoke your consent once given to us at any time. This has the consequence that we may no longer continue the data processing based on this consent for the future; and

– in accordance with Art. 77 DS-GVO, in the event of a data protection breach, you as the data subject have a right of appeal to the competent supervisory authority. The competent supervisory authority for data protection issues is the data protection commissioner of the federal state in which our institution is located, consequently

the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia

Kavalleriestrasse 2-4

40213 Düsseldorf

Phone: +49 2 11/384 24-0

Fax: +49 2 11/384 24-10

E-mail: poststelle@ldi.nrw.de

Homepage: http://www.ldi.nrw.de

5.SSL or TLS Encryption

For security reasons and to protect the transmission of confidential content, such as requests or orders that you send to us as the site operator, our site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of your browser changes from “http://” to “https://” and by the lock symbol in your browser line. If SSL or TLS encryption is activated, third parties cannot read the data that you transmit to us.

III. Data Collection on our Website

1. Use of Cookies

When you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which the body that sets the cookie (in this case by us), gets certain information. Cookies cannot execute programs or transfer viruses to your computer. They are used to make the website more user-friendly and effective.

a) This website uses the following types of cookies:

– Transient cookies (for this purpose b)

– Persistent cookies (c).

b) Transient cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the joint session. This allows your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.

c) Persistent cookies are deleted automatically after a specified period of time, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

d) You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that you may not be able to use all functions of this website.

Cookies that are required to carry out electronic communication or to provide certain functions are stored on the basis of Art. 6 (1) letter f GDPR. As the operator of this website, we have a legitimate interest in storing cookies in order to provide our services to you in a technically error-free and optimized manner. If other cookies (e.g. cookies that allow an analysis of your surfing behavior) are stored, they will be treated separately in this privacy policy.

2. Server Log Files

Our hosting provider automatically collects and stores information in so-called server log files, which are automatically transmitted to us by your browser.

This information is:

  • IP address
  • date and time of the request
  • time zone difference to Greenwich Mean Time (GMT)
  • content of the request (specific page)
  • access status/HTTP status code
  • amount of data transferred in each case
  • website from which the request comes
  • browser
  • operating system and its interface
  • language and version of the browser software.

The above data is not merged with other data sources. The collection of this data is technically necessary to display our website to you and to ensure stability and security. The legal basis for this is Art. 6 para. 1, p. 1 letter f GDPR. For security reasons, in particular to investigate cases of fraud or abuse, log file information is stored for a maximum of 7 days and then deleted. Excluded from this deletion is data whose further storage is necessary for evidentiary purposes. Such data will be stored until the final clarification of the respective facts.

3. Transfer of Data

This website is hosted by Strato in Berlin:

Otto-Ostrowski-Strasse 7, 10249 Berlin, Germany.

Strato receives the above data for this purpose as an order processor.

IV. Statistical Survey, Matomo

Scope of Data Processing

Scope of the Data Processing

We use the open source software application Matomo (formerly PIWIK) on our website to analyze the surfing behavior of our users. The software sets cookies on the computer of its users. If individual pages of our website are accessed, the following data is stored:

  • Two bytes of the IP address of the accesing user system
  • The website accessed
  • Information on the browser type and version used
  • The operation system of the user
  • The website from which the user has accessed our website (referrer)
  • Date and time of the access
  • The supages accessed from the website visited
  • The time spent on the website
  • How many times the website was accessed
  • Websites accessed by the user system via our website

The application solely runs on the servers of our website. Personal data of the users is only stored on the servers of our website. We will not pass on the data to third parties.

We collect and store data for statistical and optimization purposes on this website using the web tracking tool Matomo. The usage information generated by Matomo (including your anonymized IP address) is transferred to our server and stored. This function can be deactivated via the privacy settings on the left side of the screen.

The information generated by Matomo is used solely for statistical purposes and to improve our website and server. Your IP address is anonymized and cannot be traced back to you. It will not be passed on to third parties.

The software is set up so that the IP addresses are not saved entirely; instead two bytes of the IP address are masked. In this way, it is no longer possible to assign the shortened IP address to the accessing computer.

When a website is accessed, data regarding this process is stored. In detail, the following information will be stored: page title, search term (that leads the visitors to the page), search engines, page URL, number of pages visited, location of the visitor (country), provider, browser, operating system, screen resolution, browser plug-ins, visiting hours, visiting duration, entry pages, exit pages, downloads, referring pages.

4.1 Objection to Data Storage

As a user, you have the option to reject tracking by Matomo at any time.

If users have activated an option „I do not want to be tracked“ in their browser, then no data will be stored by Matomo.

Please note: If you delete your cookies, the opt-out cookie will also be deleted and you may have to reactivate it.

4.2 Legal Basis for Processing

The legal basis for processing users’ personal data is Section 6 (1) letter f GDPR.

4.3 Purpose of Processing

The processing of the users’ personal data enables us to analyze the surfing behavior of our users. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its usability.

4.4 Duration of Storage of Personal Data

The data is deleted as soon as it is no longer required for our recording purposes. Cookies are stored on the user’s computer and transmitted from it to our site. Therefore, you as a user also have full control over the use of cookies. By changing the settings in your Internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically. If cookies for our website are deactivated, it may no longer be possible to use all functions of the website to their full extent.

V. Plugins and Tools

1. Integration of YouTube Videos

We have integrated YouTube videos on our website. These videos are stored on http://www.YouTube.com and can be played directly from our website. The videos are all embedded in „extended data protection mode“, which means that no data about you as a user is transmitted to YouTube if you do not play the videos. Only when you play the videos by pressing the play button, the data mentioned in the following paragraph 2 will be transmitted. We have no influence on this data transmission.

By visiting the website, YouTube receives the information that you have accessed the corresponding subpage of our website. In addition, the data mentioned under III. 3. of this declaration are transmitted. This occurs regardless of whether YouTube provides a user account via which you are logged in or whether no user account exists. If you are logged in to YouTube, your data will be directly assigned to your account. If you do not want the assignment with your profile at YouTube, you must log out before activating the button. YouTube stores your data as usage profiles and uses them for the purposes of advertising, market research and/or demand-oriented design of its website. Such an evaluation is carried out in particular (even for users who are not logged in) to provide needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact YouTube to exercise this right.

The operating company of YouTube is YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. The latter is a subsidiary of Google LLC.

For more information on the purpose and scope of data collection and processing by YouTube, please refer to the privacy policy. There you will also find further information on your rights and setting options to protect your privacy: https://www.google.de/intl/de/policies/privacy.

The integration of YouTube or its videos is done in the interest of an appealing presentation of our online offers, which in turn represents a legitimate interest within the meaning of Art. 6 (1) letter f GDPR.

VI. Links to our Social Media Pages

On our website, social media channels are only integrated as mere links to the corresponding services and not as plugins. After clicking on the respective graphic integrated on our website, you will be redirected to the page of the respective provider, so that user information will also only then be transmitted to the respective provider. For information on how your personal data is handled when using the respective provider websites, please refer to the respective provider’s privacy policy. These are:

Facebook:

The provider is Facebook Inc, 1601 S California Ave, Palo Alto, California 94304, USA.

For further information on data protection, please refer to the Facebook data policy and the Facebook terms of use. These can be found at: https://de-de.facebook.com/about/privacy/und https://de-de.facebook.com/legal/terms/.

Instagram:

Provider is Instagram LLC, 1 Hacker Way, Building 14 First Floor, Menlo Park, CA, USA.

Further information and the applicable privacy policy of Instagram are available for you to view at https://help.instagram.com/155833707900388 and https://www.instagram.com/about/legal/privacy/.

LinkedIn:

The provider of LinkedIn is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland.

You can view LinkedIn’s privacy policy here: https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv

Twitter:

The provider is Twitter Inc, 1355 Market Street Suite 900 San Francisco, California 94103, USA.

Further information and the applicable data protection provisions of Twitter are available for you to view at https://twitter.com/de/privacy.

VII. Data transmission when using the contact form

If there is the possibility to enter personal data via a contact form within our internet offer, this data will be stored on the server of our website. At the time of sending the message via a contact form, the following data will be stored:

  • First name
  • Surname
  • Institution
  • Mail address
  • Date and time of registration confirmation by double opt-in when downloading publications

For the processing of data, the user’s consent is obtained during the submission process and reference is made to this privacy policy. No data will be passed on to third parties.

7.1 Purpose of data processing and legal basis

The processing of personal data by means of the online form serves us solely to process the contact and to handle your request (registration for an event or download of a publication). The legal basis for the processing of the data is Section 6 (1a)) GDPR if the user has given his consent.

7.2 Duration of data storage

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the user has consented to the storage of his data for the purpose of further contact by ruhrvalley on the main topics of the network, the data will continue to be stored by us.

7.3 Possibility of objection and removal

The user has the option to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of personal data at any time. In this case, a conversation cannot be continued. All personal data stored in the course of a conversation will be deleted in this case.

VIII. Currentness of Data and Change of this Privacy Policy

The above data protection declaration is currently valid and has the status: November 2022. In order to keep our offers and our website up to date, there is occasionally a need for further technical development, which is accompanied by further or other data protection-relevant processes and which sometimes make it necessary to amend the above data protection declaration. The same applies in the event of new or amended legal and/or regulatory requirements. You can access the current data protection declaration at any time on our website at https://ruhrvalley.tech/en/privacy-policy/ and also print it out.