The following data protection declaration refers to the central web offer of www.uni-kl.de and other official websites of the Technische Universität Kaiserslautern (TUK), its organs and institutions. For contents of other providers, to which reference is made, for example, via links, other conditions than those described in this data protection declaration may apply.

Responsible for the processing of your personal data is

TU Kaiserslautern (TUK)
represented by the President
Gottlieb-Daimler-Strasse, Building 47
67663 Kaiserslautern
Phone: +49 631 205 0
e-mail: president(at)uni-kl.de

You can reach our data protection officer by phone +49 631 205-4434 or by e-mail: datenschutz(at)uni-kl.de

The postal address is:
TU Kaiserslautern
The Data Protection Officer
PO Box 3049
67653 Kaiserslautern

The TUK uses the open source software tool Matomo on its websites for statistical evaluation of the accesses, for error detection and to be able to improve our websites continuously. The following data is stored for this purpose:

• the anonymous IP address of the calling system
• Date and time of access
• the web page or file consulted
• the HTTP status code
• referencing website
• Subpages that are called up from the called up web page
• Frequency of the website visit
• the web browser used and the operating system

This data is only stored on TUK servers. The data will not be passed on to third parties. Due to the anonymization of IP addresses, it is no longer possible to assign them to the calling computer.

The data is deleted as soon as it is no longer required for our analyses. The software sets a cookie for 7 days on the user's computer in order to recognise returning visitors.

The legal basis for the collection and evaluation of this data is Art. 6 para. 1 lit. e in conjunction with Art. 6 para. 3 lit. b General Data Protection Regulation (DSGV) in connection with § Article 3 of the State Data Protection Act of Rhineland-Palatinate (LDSG). If you do not agree with the storage and evaluation of this data, you can object to its storage and use at any time by clicking on the mouse. In this case a so-called opt-out cookie is stored in your browser, which means that Matomo does not collect any session data.

Your objection only remains effective if you do not delete the Matomo deactivation cookie on your computer. You will have to perform the opt-out again if you use another computer or another web browser. If you have activated the "Do Not Track" setting in your browser, no opt-out is required.

On the TUK website there are contact forms which can be used for electronic contact. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and stored. Your consent is obtained for the processing of the data during the sending process and reference is made to this data protection declaration.

Alternatively, it is possible to contact us via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored. In this context, the data will not be passed on to third parties. The legal basis for the processing of the data is Art. 6 para. 1 lit. a DSGVO, if the user has given his consent.

The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. f DSGVO. If the e-mail contact is aimed at the conclusion of a contract, the legal basis for this processing is Art. 6 para. 1 lit. b DSGVO.

This data is used exclusively for the processing of the conversation. The data will be deleted as soon as they are no longer required for the purpose of their collection. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended.
The user has the possibility to revoke his consent to the processing of personal data at any time. If the user contacts us by e-mail, he can object to the storage of his personal data at any time. In such a case the conversation cannot be continued. You can revoke your consent and object to the storage via the contact form or by e-mail. All personal data stored in the course of the contact will be deleted in this case.

When accessing individual pages, cookies may be used which are required for the functionality of our content management system (e.g. for password-protected pages and forms). Some elements of our website require that the calling browser can be identified even after a page change. These technically necessary cookies are not used to create user profiles and are usually deleted after closing your browser. You can deactivate or restrict the storage of cookies on your system by the settings in your Internet browser. Cookies already stored can be deleted at any time. If cookies for our website are deactivated or deleted, it is possible that not all functions of the website can be fully used.

Every time our website is accessed and used, data and information is automatically recorded in the log files of our servers. This collection is necessary to ensure proper operation, to detect errors and to identify attacks and malfunctions of our web offer. The following data is collected during access (access logs):

• Date and time of access
• visited website
• referencing website
• Browser configuration

The following data is collected in case of an error message (error logs):

• Date and time of access
• Nature of the error
• URL of the called web page and, if applicable, the referencing web page
• IP address of the user
• User name in the event of an authentication error for password-protected websites

This data is not stored together with other personal data of the user. The legal basis for the temporary storage of the data in the log files is Art. 6 para. 1 lit. e.V.m. Art. 6 para. 3 lit. b DSGVO in conjunction with § ARTICLE 3 LDSG.
The error logs are used exclusively to identify and rectify technical faults. The data will be deleted as soon as they are no longer required for the purpose of their collection. In the case of the collection of data for the purpose of providing the website, this is the case when the respective session has ended. In the case of storage of the data in log files, this is the case after seven days.

As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our contents and services.

Possible legal bases of the processing

The legal basis is Art. 6 para. 1 letter a DSGVO, if the data processing of TUK is based on your consent as a data subject.

When processing personal data which is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b DSGVO serves as the legal basis. This also applies to processing operations which are necessary to carry out pre-contractual measures.

Insofar as processing of personal data is necessary for the fulfilment of a legal obligation to which the TUK is subject, Art. 6 para. 1 sentence 1 lit. c in conjunction Art. 6 para. 3 lit. b DSGVO in conjunction with § 3 LDSG as legal basis.

In the event that vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.

If the processing is necessary for the performance of a task of the TUK which is in the public interest or is carried out in the exercise of official authority, Art. 6 para. 1 lit. e in conjunction with Art. 6 para. 3 lit. b DSGVO in conjunction with § 3 LDSG as legal basis for the processing.

If the processing is necessary to safeguard a legitimate interest of the TUK or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Art. 6 para. 1 lit. f DSGVO serves as the legal basis for the processing; unless the TUK acts in a sovereign capacity in the processing in question.

Recipients of personal data

As a matter of principle, your personal data will not be passed on to other bodies or persons, unless required by law.

Storage period

The personal data will be stored until the processing is completed. They are deleted immediately when the stated purpose is achieved or the procedure concerned is completed and there is no obligation to archive them. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU ordinances, laws or other regulations to which the person responsible is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires.

According to the DSGVO, every person affected by data processing has the following rights in particular:

• The right to information about the personal data stored about you and the processing thereof (Art. 15 DSGVO).
• The right to correction if the data concerning you is incorrect or incomplete (Art. 16 DSGVO).
• The right to have your personal data deleted, if one of the conditions according to Art. 17 DSGVO applies. However, the right to deletion under Art. 17 (1) and (2) DSGVO does not exist, among other things, if the processing of personal data is necessary to perform a task in the public interest or in the exercise of official authority (Art. 17 (3) b DSGVO).
• The right to restrict processing, in particular where the accuracy of the data is disputed, for the duration of the verification of its accuracy, if the data are processed unlawfully but the data subject requests that the processing be restricted instead of deleted, if the data subject needs the data in order to assert or exercise legal claims or to defend himself against such claims and the data cannot therefore be deleted, or if, in the event of an objection under Art. 21, it is not yet clear whether the legitimate interests of the controller outweigh those of the data subject (Art. 18 DS-GVO).
• The Right to object to the processing of personal data on personal grounds, unless there is an overriding public interest in processing which overweighs the interests, rights and freedoms of the data subject, or the processing is necessary for the assertion, exercise or defence of legal claims (Art. 21 DSGVO).

Right of revocation in case of consent

You have the right to revoke your consent at any time. The revocation is only effective for the future; i.e., the revocation does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

They have the right to complain to the State Commissioner for Data Protection and Freedom of Information of Rhineland-Palatinate if they believe that their personal data is being processed unlawfully by the TUK.

Postal address:

The Rhineland-Palatinate State Commissioner for Data Protection and Freedom of Information
P.O. Box 3040
55020 Mainz
Website: www.datenschutz.rlp.de

In order to take into account current legal requirements and technical changes, as well as to implement our services and offers in a data protection-compliant manner, we reserve the right to update this data protection declaration regularly. The current status is January 2020.