Data protection and data security for our enterprise’s customers and partners as well as interested parties in and users of our website are of high importance within our enterprise. Transparency regarding the processing of your personal data as well as protecting your data are therefore of key importance to us. We created this Policy to provide you with an overview of how your personal data is collected and processed when using our website, and what you can personally do yourself to ensure your data is better protected, where applicable.
Controller of the processing
SRH University of Applied sciences Hamm - Part of the SRH network of Universities of Applied Sciences
Platz der Deutschen Einheit 1
Phone: +49 (0)2381 9291-0
What is personal data?
Personal data is any information that relates to an identified or identifiable natural person. What is essential here therefore is whether a personal reference can be made using the collected data. This includes information such as your name, address, telephone number or email address. Information which is not directly connected to your actual identity, such as favourite websites or number of users of a site, is not regarded as personal data.
How we collect and process your personal data
When you visit our web pages, we save the connection data from the requesting computer, the web pages you visit on our website, the date of your visit, identification data of the browser and operating system used and the website you are visiting us from for the duration of your visit as standard. Additional personal data, such as your name, your address, telephone number, or email address is not collected; unless you provide this data voluntarily, e.g. in connection with a registration, with a survey, with a prize competition, with the implementation of a contract, or with a request for information.
How we use your personal data and how we disclose it
If the online service includes the option to enter personal or commercial data (email addresses, names, addresses, etc.), this data may be disclosed by the user on a purely voluntary basis. Emails are transmitted via a contact form. When you send such a message, your personal data is collected only to the extent necessary to reply. The email is sent in an unencrypted manner. If you have provided us with any personal data, we shall only use this data for the technical administration of the web pages and to respond to your wishes and requests, which as a rule means to process any contract concluded with you or to reply to any queries you may have. The legal basis for processing is Article 6(1)(a) and Article 6(1)(b) GDPR. It is only if you have given us your consent beforehand, or if you – subject to it being provided for under statutory regulations – have not raised an objection, that we will also use this data for product-related surveys, marketing and statistical purposes. In this case the legal basis for processing is Article 6(1)(a) GDPR and Article 6(1)(f) GDPR. Your personal data is not disclosed, sold or transmitted in any other way to third parties unless it is necessary in order to fulfil a contract or you have given your express consent. Any consent granted can be revoked at any time with future effect.
For how long will my data be stored?
Generally speaking, we store all information that you send to us until the respective purpose, i.e. the contractual purpose, has been fulfilled. This means, for example, until any queries have been resolved, or in the case of newsletters, until you to choose to unsubscribe from them. If there is provision in place by law for an extended storage period, the data will be stored within this framework. If you no longer wish us to use your data, we will of course comply with this request immediately (please also refer to the address stated under “Data protection officer of the enterprise”).
When will my data be deleted?
The deletion of the personal data stored is carried out if you revoke your consent to such storage, if knowledge of such data is no longer necessary for the fulfilment of the purpose pursued with the storage, or if the storage of such data is inadmissible on other legal grounds. Data for invoicing and accounting purposes will not be affected by a deletion request.
What we do to ensure security of processing
Our enterprise takes all of the necessary technical and organisations security measures to ensure your per-sonal data is protected from loss or misuse. Accordingly, your data shall be stored in a secure operational environment that is not open to the public. In certain cases, your personal data is encrypted by Secure Socket Layer technology (SSL) during transmission. This means that an approved encryption procedure is used for communication between your computer and our enterprise’s servers if your browser supports SSL. For reasons of security and to protect the transfer of confidential content, such as the orders or enquiries that you send to us as the website operators, this site uses SSL and TLS encryption. You can identify an encrypted connection from the padlock symbol in your browser bar and the fact that “http://” in the address bar changes to “https://”. If SSL or TLS encryption is enabled, the data you send to us cannot be read by third parties. Should you wish to contact our enterprise via email, we would like to point out that the confidentiality of the transmitted information cannot be guaranteed. The content of emails may be viewed by third parties. We would therefore recommend that you arrange for confidential information to be sent to us exclusively by post.
Your data protection rights
In accordance with the various statutory provisions in place, you shall be entitled to obtain information at any time, and free of charge, regarding your stored personal data, its origin and potential recipients and the purpose of the data processing (Article 15 GDPR) and, where applicable, the right to rectification of inaccurate data (Article 16 GDPR), the right to erasure of such data (Article 17 GDPR), the right to restriction of processing according to Article 18 GDPR, the right to object (Article 21 GDPR) and the right to receive the personal data that you have provided according to Article 20 GDPR. The limitations according to Sections 34 and 35 BDSG apply to the right to information and the right to erasure. In addition, you shall also have the right to lodge a complaint with a responsible supervisory authority in the event of infringements under data protection law (Article 77 GDPR in conjunction with Section 19 BDSG). The responsible supervisory authority in data protection matters is the state data protection officer of the federal state in which our enterprise has its registered office. A list of data protection officers and their contact details can be found under the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html
How you can withdraw your consent to data processing
A lot of data processing operations can only take place with your express consent. You can withdraw your consent at any time. All you have to do is send us a simple email. The legality of any data processing carried out before you withdraw your consent will not be affected by withdrawal of your consent.
Changes may be made to these privacy notices that must also be published in a timely manner on this website.
Data protection in the case of job applications and the job application process
We collect and process personal data from applicants in order to handle the application process. Processing can occur electronically. This applies in particular if an applicant sends the corresponding application documents electronically, e.g. via email. Should the applicant sign an employment contract, the data submitted will be saved for the purposes of developing the occupational relationship, under consideration of legal regulations. If no employment contract is signed with the applicant, the application documents will be automatically deleted six months after the rejection decision has been conveyed, provided that no other justified interests prevent the controller responsible for processing from deleting these. In this context, other legitimate reasons could for example be the need for evidence in proceedings in accordance with the Allgemeinen Gleichbehand-lungsgesetz (AGG) [General Law on Equality of Treatment].
We offer webinars and online forms of instruction as well as consultation hours. For this we use the provider "zoom", a service of the US provider Zoom Video Communications, Inc.
Further information on the use of "zoom" can be found here.
The legal basis for the processing of data via "zoom" is Art. 6 para. 1 lit. b) DSGVO. With "zoom" we provide our contractual services of the teaching assignment. In addition to webinars, online forms of teaching, consultation hours and, if applicable, examinations, this also includes the follow-up processing of participation data, for example for the preparation of certificates of further training and examination results.
The appropriate level of data protection at Zoom Video Communications, Inc. is guaranteed by the following measures:
Zoom Video Communications, Inc. is certified under the Privacy Shield (more information here).
There is an order processing contract with Zoom Video Communications, Inc. based on the EU standard contract clauses.
We offer webinars and online forms of instruction as well as consultation hours. For this we use the software "Abobe Connect", a service of the US provider Abobe Inc. When participating in meetings via Zoom (Meeting), the users are registered in Zoom with their name and user data.
Further information on the use of "Abobe Connect" can be found here.
The legal basis for processing data via "Connect" is Art. 6 para. 1 lit. b) DSGVO. With "Connect" we provide our contractual services of the teaching assignment. In addition to conducting webinars, online forms of instruction, consultation hours and, if applicable, examinations, this also includes the follow-up processing of participation data, for example for the preparation of certificates of further training and examination results.
The appropriate level of data protection at Abobe Inc. is guaranteed by the following measures:
Abobe Inc. is certified under the Privacy Shield (more information here).
There is a contract with Abobe Inc. based on the EU standard contract clauses.
You can prevent cookies from being stored by means of a special setting in your browser software; we must inform you, however, that if you do so, you will not be able to use all of the functions on this website fully. You can also prevent collection of the data (including your IP address) generated by the cookies and related to your use of the website by Google as well as the processing of this data by Google by down-loading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
Further information on the use of data for advertising purposes by Google, as well as settings options and procedures available for opting out can be found on Google’s website:
(“How Google uses information from sites or apps that use our services”),
(“Control the information Google uses to show you ads”) and
(“Take control of your Google ads experience”).
We have concluded an agreement with Google on contract data processing and implement in full the strict provisions of the German data protection authorities for the use of Google Analytics.
Google Adwords and Google Conversion Tracking
We use the online advertising program “Google AdWords” and conversion tracking in the context of Google AdWords. A cookie is placed on your computer by Google Adwords for this purpose if you have reached our website via a Google Ad. These cookies lose their effectiveness after 30 days and cannot be used for personal identification. If the user visits certain pages on our website and the cookie has not yet expired, we and Google are able to recognise that you have clicked on the advert and have been forwarded to this page. Every Google AdWords customer receives a different cookie. Cookies therefore cannot be traced via the websites of AdWords customers. The information that is gathered with the help of conversion cookies serves to produce conversion statistics for AdWords customers who have opted for conversion tracking. As a result, the customers are informed about the total number of users who have clicked on their advert and been forwarded to a site with a conversion tracking tag. However, they do not receive any information with which the users could be personally identified. Users who do not wish to participate in tracking can simply disable the Google Conversion Tracking cookie via their Internet browser under the user settings. This user will then not be included in the conversion tracking statistics. The basis for storing “conversion cookies” is Article 6(1)(f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its web content and the advertising shown with it. Find out more about Google’s privacy regulations (http://www.google.de/intl/de/privacy.html)
Our websites make use of the functionality of Google Analytics Remarketing in conjunction with the multi-device functionality of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
This functionality makes it possible with Google Analytics Remarketing to link ad target groups to the multi-device functionality of Google AdWords and Google DoubleClick. This enables interest-related and personalised ads, which have been adjusted for you based on your previous usage and browsing habits on a device (e.g. mobile phone), to be displayed on another one of your devices (e.g. tablet or PC).
If you have given your consent accordingly, Google will then link your web and app browsing history to your Google account for this purpose. As a result, the same personalised ads will be displayed to you on each device on which you are logged in to your Google account.
To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for multi-device ad promotion. You can permanently opt out of multi-device remarketing/targeting by disabling personalised ads in your Google Account; to do this, simply follow this link: https://www.google.com/settings/ads/onweb/.
The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google (Article 6(1)(a) GDPR). For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in analysing anonymous user behaviour for promotional purposes.
Google Web Fonts
The Deutsche Bahn AG
Students of the SRH Hochschule Hamm in attendance, dual and part-time studies receive a free NRW semester ticket from Deutsche Bahn AG. As regulated in the scale of fees, the semester ticket of Deutsche Bahn AG is subject to a charge for distance students. Should the student require a semester ticket, he/she can notify the university of this and purchase it at his/her own expense. The university will collect the semester ticket in the name and for the account of the Verkehrsverbund. To this end, the student consents to the transfer of his/her personal data (surname, first name, gender, address, birthday date, e-mail address, birthday date, end of standard period of study) to DB (consent to study-relevant data). Without consent, the semester ticket will not be transmitted and thus not issued. A given consent can be revoked at any time with effect for the future. The purpose and scope of data collection by Deutsche Bahn AG and the further processing and use of your data there, as well as your rights in this regard and setting options to protect your privacy, can be found in the data protection information of Deutsche Bahn AG under the following link:https://www.bahn.com/en/view/home/info/privacy.shtml