SRH Hochschule in Nordrhein-Westfalen

Data privacy notes

Last updated on 11.12.2023

Data protection and data security for all parties involved, interested parties and users of our website and other of our services have a high priority. Transparency regarding the processing of your personal data as well as the protection of your data are therefore particularly important to us.

In the following, we explain what information we collect at SRH during your visit to our website and the use of our services and how it is used.

With the following information, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data. In addition, we inform you about the third-party components used by us for optimization purposes and to increase the quality of use, insofar as third parties process personal data as a result.

Controller of the processing
SRH Hochschulen GmbH
Ludwig-Guttmann-Str. 6
69123 Heidelberg
Germany
Tel.: +49 (0)2381/9291- 0
E-Mail: datenschutz.hsnrw@srh.de

Data protection officer of the enterprise
Jörg Flierenbaum
Symbion GmbH
Robert-Koch-Str. 3
97230 Estenfeld
E-Mail: datenschutzbeauftragter-srh@symbion-ag.de

What is personal data?
Personal data is any information that relates to an identified or identifiable natural person. What is essential here therefore is whether a personal reference can be made using the collected data. This includes information such as your name, address, telephone number or email address. Information which is not directly connected to your actual identity, such as favourite websites or number of users of a site, is not regarded as personal data.

How we collect and process your personal data
When you access our website or retrieve a file, data about this process is stored in a log file on our web server. In detail, the following data may be stored:
- IP address (if possible, this is stored anonymously)
- Domain name of the website from which you came
- Names of the retrieved files
- Date and time of a retrieval
- Name of your internet service provider
- As well as operating system and browser version of your terminal device, if applicable.

We only store IP addresses for data security reasons, in order to ensure the stability and security of our system (legal basis for this is Art. 6 (1) f) GDPR, our legitimate interest). We reserve the right to statistically evaluate anonymized data records.

How we use your personal data and how we disclose it
If the opportunity for the input of personal or business data (email addresses, name, addresses) is given, the input of these data takes place voluntarily.

We use the personal data you provide exclusively for the purpose of technical administration of the website and to fulfill your wishes and requirements, i.e. generally to process the contract concluded with you or to respond to your inquiry. The legal basis for the processing is accordingly
- Art. 6 para. 1 lit. a) GDPR: Your consent. You can revoke your consent at any time with effect for the future. Address your revocation to [contact address for revocation].
- Art. 6 para. 1 lit. b) GDPR (fulfillment of a contract or pre-contractual measures).
- Art. 6 para. 1 lit. f) GDPR (our legitimate interest).

Your personal data will not be passed on or otherwise transferred to third parties, unless this is necessary for the purpose of processing the contract or for legal reasons, or if you have given your express consent. We will not sell your data under any circumstances.

For how long will my data be stored?
In principle, we store all information that you transmit to us within the legal framework and only until it is no longer necessary for the purpose for which it was collected. For example, in the case of inquiries until this inquiry has been dealt with, in the case of newsletters until you unsubscribe from the newsletter. If longer storage is necessary or provided for by law, the data will be stored within this framework and then automatically deleted.

When will my data be deleted?
The deletion of the personal data stored is carried out if you revoke your consent to such storage, if knowledge of such data is no longer necessary for the fulfilment of the purpose pursued with the storage, or if the storage of such data is inadmissible on other legal grounds. Data for invoicing and accounting purposes will not be affected by a deletion request.

Cookies
Our website uses cookies. A cookie is a data record that is stored on your terminal device by the Internet browser you use. Through these cookies, certain information from you, such as your browser or location data or your IP address, is processed to an individual extent. This processing makes our website more user-friendly, effective and secure, as the processing enables, for example, the reproduction of our website in different languages or the offer of a shopping cart function. Cookies are partly necessary to enable the functionality of our website.  The legal basis is Art. 6 para. 1 lit. f) GDPR, the choice of our legitimate interests. If you wish to prevent the use of cookies in general, you can do this through local settings in your Internet browser (e.g. Internet Explorer, Mozilla Firefox, Opera or Safari). If the cookies are not technically necessary, we use them only on the basis of your consent, the legal basis is then Art. 6 para. 1 lit. a) DSGVO.

Contact forms
If you send us inquiries via the contact form, your data from the inquiry form, including the contact data you provide there, will be stored and processed by us exclusively for processing your inquiry and for the case of follow-up questions. The legal basis is Art. 6 para. 1 lit. b) GDPR.

What we do to ensure security of processing
Our company takes extensive technical and organizational security measures to protect your personal data from loss and misuse.

Your data protection rights
These are your data protection rights
- Art. 15 GDPR: the right to free information about your stored personal data, their origin and possible recipients and the purpose of data processing.
- Art. 16 GDPR: a right to correct or complete incorrect or incomplete data.
- Art. 17 GDPR: A right to the immediate erasure of the data concerning them, if the data are no longer necessary or have been processed unlawfully.
- Art. 18 GDPR: if further processing is still necessary, a right to restriction of processing.
- Art. 20 GDPR: the right to data portability of data provided by you.
- Art. 21 GDPR: the right to object to the processing of your personal data on the basis of legitimate interests, if there are grounds arising from your particular situation or if the objection is directed against direct marketing.
- Art. 77 DSGVO in conjunction with. § 19 BDSG: Right to complain to the competent supervisory authority (a list of contact details can be obtained from the following link: https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html.

To exercise your rights, please use the above contact details of the person responsible.

SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as requests that you send to us as the site operator, this site uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line.

Links to third-party websites
On this website, references to websites of third parties are offered in the form of so-called links. Only when you click on such a link will data be transmitted to the link destination. This is technically necessary. The transmitted data are in particular: Your IP address, the time at which you clicked on the link, the page on which you clicked on the link, information about your Internet browser. If you do not want this data to be transmitted to the link destination, do not click on the link.

Changes to this privacy policy
We reserve the right to change our security and data protection measures if this is necessary due to technical developments. We may also make significant changes to the content or functionality of our website. In all these cases, we will also adapt our data protection information accordingly. Please therefore refer to the current version of our data protection information.

How you can withdraw your consent to data processing?
A lot of data processing operations can only take place with your express consent. You can withdraw your consent at any time. All you have to do is send us a simple email. The legality of any data processing carried out before you withdraw your consent will not be affected by withdrawal of your consent.

Data protection in the case of job applications and the job application process
We collect and process personal data from applicants in order to handle the application process. Processing can occur electronically. This applies in particular if an applicant sends the corresponding application documents electronically, e.g. via email. Should the applicant sign an employment contract, the data submitted will be saved for the purposes of developing the occupational relationship, under consideration of legal regulations. If no employment contract is signed with the applicant, the application documents will be automatically deleted six months after the rejection decision has been conveyed, provided that no other justified interests prevent the controller responsible for processing from deleting these. In this context, other legitimate reasons could for example be the need for evidence in proceedings in accordance with the Allgemeinen Gleichbehand-lungsgesetz (AGG) [General Law on Equality of Treatment].

WhatsApp-Business
We would like to inform you about the processing of personal data in WhatsApp Business communications. We use this communication channel exclusively for the initial contact, which takes place through your address to SRH via WhatsApp. We will not send any confidential information through this channel from our side. Chats you conduct with us will be deleted after 6 months.

The legal basis for the processing is Art. 6 Para. 1 lit. b GDPR.

During communication via the Messenger WhatsApp Business (WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), personal data (e.g. name, telephone number) are processed.

As a result, WhatsApp, Inc. receives personal data that is also processed on servers in countries outside the EU (e.g. the USA). WhatsApp will share this information with other companies within and outside the Facebook group of companies. For more information, see WhatsApp's Privacy Policy (https://www.whatsapp.com/legal/#privacy-policy). We have no knowledge of, or control over, data processing by WhatsApp, Inc.

WhatsApp is certified under the Privacy Shield Agreement, which guarantees compliance with European data protection laws.

Allstay app
As part of the registration process, you agree to data processing in accordance with the information on data processing and data protection that can be viewed here. After your registration, we will check the legitimacy of your account and then activate it. We will only use your data for the defined purposes (download terms of use here) of SRH University of Applied Sciences in North Rhine-Westphalia. Important notes: Your consent is of course voluntary and you can revoke it at any time with effect for the future and stop using the APP. Your access will then be blocked immediately and your data will be deleted, taking into account any existing retention obligations. Please send your revocation to:

SRH University of Applied Sciences North Rhine-Westphalia GmbH
Janik Schäper
Prinz-Friedrich-Karl-Str. 39
44135 Dortmund
E-mail: janik.schaeper@srh.de

Data protection for applications and in the application process
We collect and process the personal data of applicants for the purpose of handling the application process. Processing may also take place electronically. This is particularly the case if an applicant sends us relevant application documents electronically, for example by e-mail. If an employment contract is concluded with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If no employment contract is concluded with the applicant, the application documents will be automatically deleted six months after notification of the rejection decision, provided that no other legitimate interests of the controller conflict with such deletion. Other legitimate interest in this sense is, for example, a duty to provide evidence in proceedings under the General Equal Treatment Act (AGG).

Newsletter
We send newsletters with promotional information only with the consent of the recipients or based on a legal permission. The registration for our newsletter is done via a double opt-in process: After registration, you will receive an e-mail in which you can confirm your registration. This confirmation is necessary to verify you are the owner of the e-mail address. The registration for the newsletter is logged in order to be able to prove the registration according to the legal requirements. This includes the storage of the times of registration and confirmation as well as your IP address. You can cancel the receipt of the newsletter at any time. You will find a link to cancel the newsletter in every newsletter e-mail.

Twitter

We maintain an online presence on Twitter to present our company and our services and to communicate with customers/interested parties. Twitter is a service of Twitter Inc, 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

In this respect, we would like to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may result in increased risks for the user in that, for example, later access to the user data may be made more difficult. We also do not have access to this user data. The access possibility lies exclusively with Twitter.

You can find Twitter's privacy policy at twitter.com/de/privacy

YouTube
We maintain an online presence on YouTube to present our company as well as our services and to communicate with customers/interested parties. YouTube is a service of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA.

In this respect, we would like to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may result in increased risks for users, e.g. by making later access to user data more difficult. We also do not have access to this user data. YouTube has exclusive access to this data. Google LLC is certified under the Privacy Shield and is therefore committed to complying with European data protection standards.

https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

You can find YouTube's privacy policy at https://policies.google.com/privacy


LinkedIn
We maintain an online presence at LinkedIn to present our company and our services and to communicate with customers/interested parties. LinkedIn is a service provided by LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085, USA.

In this respect, we would like to point out that there is a possibility that user data may be processed outside the European Union, in particular in the USA. This may result in increased risks for the user to the extent that, for example, later access to the user data may be made more difficult. We also do not have access to this user data. The access possibility lies exclusively with LinkedIn.

LinkedIn's privacy policy can be found at: https://www.linkedin.com/legal/privacy-policy

Instagram
We operate a company presence on the Instagram platform to promote our products and services and to communicate with interested parties or customers. On this social media platform we are jointly responsible with Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.

The Instagram Privacy Officer can be reached via a contact form: https://www.facebook.com/help/contact/540977946302970

We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the GDPR. This agreement, from which the mutual obligations arise, can be accessed under the following link: https://www.facebook.com/legal/terms/page_controller_addendum

The legal basis for the processing of personal data that takes place as a result and is reproduced below is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the analysis, communication, sale and advertising of our products and services.

The legal basis can also be the user's consent to the platform operator pursuant to Art. 6 Para. 1 lit. a DSGVO. According to Art. 7 para. 3 GDPR, the user can revoke this consent at any time for the future by notifying the platform operator.

When calling up our online presence on the Instagram platform, Facebook Ireland Ltd. as the platform operator in the EU processes the user's data (e.g. personal information, IP address, etc.).

This user data is used for statistical information about the use of our company presence on Instagram. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. These profiles enable Facebook Ireland Ltd., for example, to advertise users inside and outside Instagram on an interest-related basis. If the user is logged in to Instagram on their account at the time of the call, Facebook Ireland Ltd. may also link the data to the respective user account.

If the User contacts Instagram via Instagram, the User's personal data entered at that time will be used to process the request. We will delete the user's data provided that the user's request has been conclusively answered and there are no legal obligations to retain the data, such as in the case of subsequent contract processing.

Facebook Ireland Ltd. may also set cookies to process the data.

If the user does not agree with this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented using the browser settings, but by setting the Flash Player accordingly. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions are fully usable.

For more information about the processing activities, how to prevent them and how to delete the data processed by Instagram, please refer to Instagram's Data Policy: https://help.instagram.com/519522125107875

It cannot be ruled out that the processing by Facebook Ireland Ltd. may also take place via Facebook Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA.

Twitter social plug-in
In our internet presence we use the plug-in of the social network Twitter. Twitter is an Internet service of Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA, hereinafter referred to as "Twitter".

The certification according to the EU-US data protection shield ("EU-US Privacy Shield") https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active

Twitter guarantees that the EU's data protection requirements will also be complied with when processing data in the USA.

The legal basis is Art. 6 para. 1 lit. f) GDPR. Our legitimate interest lies in improving the quality of our website.

If the plug-in is stored on one of the pages of our website you have visited, your Internet browser will download a display of the plug-in from the Twitter servers in the USA. For technical reasons, it is necessary for Twitter to process your IP address. In addition, the date and time of your visit to our website are also recorded.

If you are logged in to Twitter while visiting one of our websites equipped with the plug-in, the information collected by the plug-in about your specific visit will be recognised by Twitter. Twitter may assign the information collected in this way to your personal user account there. For example, if you use the "Share" button on Twitter, this information is stored in your Twitter user account and may be published on the Twitter platform. If you wish to prevent this, you must either log out of Twitter before visiting our website or make the appropriate settings in your Twitter user account.

Privacy information can be found at https://twitter.com/privacy

Twitter guarantees that the EU's data protection requirements will also be complied with when processing data in the USA.

Google Analytics
We use Google Analytics, a web analysis service from Google Inc. ("Google"). The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. Google uses cookies. The information generated by the cookie regarding use of this website by the user is usually transferred to a Google server in the USA and stored there. Google will use this information on our behalf to evaluate use of our website by users, to produce reports on activity within this website offer and to provide other services to us related to the use of the website offer and of the Internet. As part of this process, pseudonymised usage profiles of users may be generated out of the data processed. We only use Google Analytics with IP anonymisation enabled. This means that the IP address of users will first be abbreviated by Google within the Member States of the European Union or in other States party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the US and shortened there. On behalf of the operator of this website, Google will use this information to evaluate your use of the website in order to compile reports about website activities and to provide additional services relating to website and internet use. The IP address transmitted by the user’s browser will not be merged with other data by Google.

Browser plug-ins
You can prevent cookies from being stored by means of a special setting in your browser software; we must inform you, however, that if you do so, you will not be able to use all of the functions on this website fully. You can also prevent collection of the data (including your IP address) generated by the cookies and related to your use of the website by Google as well as the processing of this data by Google by down-loading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Further information on the use of data for advertising purposes by Google, as well as settings options and procedures available for opting out can be found on Google’s website:

https://www.google.com/intl/de/policies/privacy/partners/
(“How Google uses information from sites or apps that use our services”),

http://www.google.com/policies/technologies/ads
(“Advertising”),

http://www.google.de/settings/ads
(“Control the information Google uses to show you ads”) and

http://www.google.com/ads/preferences/
(“Take control of your Google ads experience”).

Data processing
We have concluded an agreement with Google on contract data processing and implement in full the strict provisions of the German data protection authorities for the use of Google Analytics.

Google Adwords and Google Conversion Tracking
We use the online advertising program “Google AdWords” and conversion tracking in the context of Google AdWords. A cookie is placed on your computer by Google Adwords for this purpose if you have reached our website via a Google Ad. These cookies lose their effectiveness after 30 days and cannot be used for personal identification. If the user visits certain pages on our website and the cookie has not yet expired, we and Google are able to recognise that you have clicked on the advert and have been forwarded to this page. Every Google AdWords customer receives a different cookie. Cookies therefore cannot be traced via the websites of AdWords customers. The information that is gathered with the help of conversion cookies serves to produce conversion statistics for AdWords customers who have opted for conversion tracking. As a result, the customers are informed about the total number of users who have clicked on their advert and been forwarded to a site with a conversion tracking tag. However, they do not receive any information with which the users could be personally identified. Users who do not wish to participate in tracking can simply disable the Google Conversion Tracking cookie via their Internet browser under the user settings. This user will then not be included in the conversion tracking statistics. The basis for storing “conversion cookies” is Article 6(1)(f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its web content and the advertising shown with it. Find out more about Google’s privacy regulations (http://www.google.de/intl/de/privacy.html)

Google Analytics Remarketing
Our websites make use of the functionality of Google Analytics Remarketing in conjunction with the multi-device functionality of Google AdWords and Google DoubleClick. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

This functionality makes it possible with Google Analytics Remarketing to link ad target groups to the multi-device functionality of Google AdWords and Google DoubleClick. This enables interest-related and personalised ads, which have been adjusted for you based on your previous usage and browsing habits on a device (e.g. mobile phone), to be displayed on another one of your devices (e.g. tablet or PC).

If you have given your consent accordingly, Google will then link your web and app browsing history to your Google account for this purpose. As a result, the same personalised ads will be displayed to you on each device on which you are logged in to your Google account.

To support this feature, Google Analytics collects Google-authenticated IDs of users that are temporarily linked to our Google Analytics data to define and create audiences for multi-device ad promotion. You can permanently opt out of multi-device remarketing/targeting by disabling personalised ads in your Google Account; to do this, simply follow this link: https://www.google.com/settings/ads/onweb/.

The aggregation of the data collected in your Google Account data is based solely on your consent, which you may give or withdraw from Google (Article 6(1)(a) GDPR). For data collection operations not merged into your Google Account (for example, because you do not have a Google Account or have objected to the merge), the collection of data is based on Article 6(1)(f) GDPR. The website operator has a legitimate interest in analysing anonymous user behaviour for promotional purposes.

Further information along with the various privacy regulations can be found in Google’s Privacy Policy at: www.google.com/policies/technologies/ads/.

Application and use of YouTube
YouTube components are integrated on this website. YouTube is an Internet video portal that gives video publishers the opportunity to upload video clips free of charge, and also gives other users the opportunity to view, rate and comment on these video clips free of charge. YouTube authorises the publication of all kinds of videos, which is why entire film and television programmes along with music videos, trailers or videos made by users themselves can be viewed via the Internet portal. The operating company of YouTube is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Each time you visit a page on our website on which a YouTube component has been integrated (YouTube Video), your Internet browser is automatically instructed by the respective YouTube component to down-load the corresponding YouTube component from YouTube. Further information on YouTube can be re-trieved at https://www.youtube.com/yt/about/de/. As part of this technical process, YouTube and Google are both informed of the specific subpages on our website that you have visited. If you are logged in to YouTube at the same time, YouTube is informed when you visit a sub-page containing a YouTube video of which specific subpage of our website the data subject has visited. This information is collated by YouTube and Google and assigned to the respective YouTube account of the data subject. YouTube and Google will always be informed via the YouTube component about the fact that the data subject has visited our website if you are also logged in to YouTube at the same time as visiting our website. This happens regardless of whether you click on a YouTube video or not. If you do not want such information to be transferred to YouTube and Google, you can prevent this from happening by logging out of your YouTube account before visiting our website. The privacy regulations published by YouTube, which can be retrieved at https://www.google.de/intl/de/policies/privacy/, give an insight into the collection, processing and use of personal data by YouTube and Google.

Registration
The data subject has the option to register on the website of the controller responsible for processing by entering personal data. In terms of which personal data is transmitted to the controller responsible for processing, this is evident from the respective input screen used for the registration. The personal data entered by the data subject will be collected and stored exclusively for internal use by the controller re-sponsible for processing and for internal purposes. The controller responsible for processing may instigate disclosure to one or more processors, such as a package service provider, who will also only use the per-sonal data for internal use attributable to the controller responsible for processing. By registering on the website of the controller responsible for processing, the IP address assigned by your Internet service provider (ISP), the date and the time of the registration are stored. This data is stored against the backdrop that this is the only way to prevent misuse of our services, and that this data makes it possible, where required, to identify any criminal acts and copyright infringements committed. The storage of this data is necessary in this regard to protect the controller responsible for processing. No disclosure of this data is made to third parties, unless there is a legal obligation to pass this on or the disclosure of this data serves for the purposes of criminal or law enforcement. Registration of the data subject by entering personal data on a voluntary basis helps the controller re-sponsible for processing to offer to the data subject certain content or services that may only be offered to registered users owing to the nature of the issues involved. In addition, registration of the data subject (in the Privacy Policy Generator) enables monitoring of the use of text published by us and subject to copyright protection, along with a review of the linking and specification of the author’s name, and is also used for internal documentation purposes. Furthermore, we also use the data collected via the Privacy Policy Generator for customer acquisition purposes, including in particular for contact by telephone and the dispatch of advertising material via post and email. The option remains open to registered individuals to arrange for the personal data specified for registration purposes to be deleted in its entirety from the database of the controller responsible for processing. The controller responsible for processing must provide information, upon request to do so and at any time, to each data subject as to what personal data is stored about the data subject. In addition, the controller responsible for processing must rectify or delete personal data upon request or receipt of information to do so by the data subject, unless such action runs contrary to statutory retention obligations. The data protection officer along with all of the employees of the controller responsible for processing named in this Privacy Policy are on hand for the data subject as the interlocutor in this context.

Notes on data processing in connection with the Facebook fan page
We use our Facebook fan page to provide information about us and our products or services. And, of course, to get in touch with Facebook users and to communicate.
The legal basis for the resulting processing of personal data is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the communication, sale and advertising of our products and services.
Technically, the data processing is provided by Facebook. In this respect, we refer to the data protection information of Facebook. According to the jurisdiction of the European Court of Justice, however, parts of the Facebook fan page may be the joint responsibility of Facebook and us. This processing then takes place on the basis of an agreement on joint processing, which can be accessed here. You can find further data protection information about our company here: www.srh-hochschule-nrw.de/en/footer-meta/data-privacy/

Meta
Our website contains links to the external social network Facebook. This website is operated solely by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (Facebook). The links within the framework of our website are identifiable by way of the Facebook logo or the “Like” add-on (no Facebook plug-ins are used). When visiting our website, the functionalities and the transmission of data to Facebook are not enabled automatically. It is only by clicking on the links that the Facebook plug-ins are enabled and your browser establishes a direct connection to the Facebook servers. If you follow the links and are also logged in to your Facebook user account at the same time, the information confirming you have visited our website will be forwarded to Facebook. Facebook is able to assign your visit to the website to your account. This information is transmitted to Facebook and stored there. In order to prevent this happening, you need to log out of your Facebook account before clicking on the link. For information on the purpose and extent of data collection and the further processing and use of your data by Facebook as well your rights in this regard and settings options for the protection of your personal privacy, please refer to the Facebook Privacy Policy (https://www.facebook.com/privacy/explanation).
To advertise our products and services and to communicate with interested parties or customers, we operate a company presence on the Facebook platform.

On this social media platform we are responsible together with Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland.

The Facebook data protection officer can be reached via a contact form: https://www.facebook.com/help/contact/540977946302970

We have regulated the joint responsibility in an agreement regarding the respective obligations within the meaning of the DSGVO. This agreement, from which the mutual obligations arise, can be accessed under the following link: https://www.facebook.com/legal/terms/page_controller_addendum

The legal basis for the processing of personal data that takes place as a result and is reproduced below is Art. 6 para. 1 lit. f DSGVO. We have a legitimate interest in the analysis, communication, sale and advertising of our products and services.

The legal basis can also be the user's consent to the platform operator pursuant to Art. 6 Para. 1 lit. a DSGVO. According to Art. 7 para. 3 DSGVO, the user can revoke this consent at any time for the future by notifying the platform operator.

When calling up our online presence on the Facebook platform, Facebook Ireland Ltd. as the operator of the platform in the EU processes the user's data (e.g. personal information, IP address, etc.).

This user data is used for statistical information about the use of our company presence on Facebook. Facebook Ireland Ltd. uses this data for market research and advertising purposes and to create user profiles. Using these profiles, Facebook Ireland Ltd. is able, for example, to advertise users inside and outside Facebook on an interest-related basis. If the user is logged in to his Facebook account at the time of access, Facebook Ireland Ltd. can also link the data to the respective user account.

If the user contacts Facebook via Facebook, the user's personal data entered on this occasion will be used to process the request. The user's data will be deleted by us provided that the user's request has been conclusively answered and there are no legal storage obligations, e.g. in the case of subsequent contract processing.

Facebook Ireland Ltd. may also set cookies to process the data.

If the user does not agree with this processing, it is possible to prevent the installation of cookies by setting the browser accordingly. Cookies that have already been saved can also be deleted at any time. The settings for this depend on the respective browser. In the case of Flash cookies, processing cannot be prevented using the browser settings, but by setting the Flash Player accordingly. If the user prevents or restricts the installation of cookies, this may mean that not all Facebook functions are fully usable.

Further details on the processing activities, their prevention and the deletion of the data processed by Facebook can be found in Facebook's data policy: https://www.facebook.com/privacy/explanation

It cannot be ruled out that the processing by Facebook Ireland Ltd. may also take place via Facebook Inc., 1601 Willow Road, Menlo Park, California 94025 in the USA.

Facebook Inc. has submitted to the "EU-US Privacy Shield" and thereby declares its compliance with the data protection regulations of the EU when processing data in the USA. https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Facebook of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA, operated within the EU by Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland.

Privacy information can be found at https://www.facebook.com/policy.php

Through certification according to the EU-US Privacy Shield

https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

Facebook guarantees that the data protection requirements of the EU will also be complied with when processing data in the USA.

The Deutsche Bahn AG
Students of the SRH Hochschule  in Nordrhein-Westfalen in attendance, dual and part-time studies receive a free NRW semester ticket from Deutsche Bahn AG. As regulated in the scale of fees, the semester ticket of Deutsche Bahn AG is subject to a charge for distance students. Should the student require a semester ticket, he/she can notify the university of this and purchase it at his/her own expense. The university will collect the semester ticket in the name and for the account of the Verkehrsverbund. To this end, the student consents to the transfer of his/her personal data (surname, first name, gender, address, birthday date, e-mail address, birthday date, end of standard period of study) to DB (consent to study-relevant data). Without consent, the semester ticket will not be transmitted and thus not issued. A given consent can be revoked at any time with effect for the future. The purpose and scope of data collection by Deutsche Bahn AG and the further processing and use of your data there, as well as your rights in this regard and setting options to protect your privacy, can be found in the data protection information of Deutsche Bahn AG under the following link:https://www.bahn.com/en/view/home/info/privacy.shtml

eTermin
Personal data are only collected and processed by eTermin Ltd., on our behalf, to the extent necessary within the scope of this online appointment booking system. Only the fields that have an asterisk next to them indicate obligatory data; this information is essential for the use of the service (Article 6, paragraph 1, sentence 1 (b) GDPR). The specification of further data may be helpful, but is not mandatory (voluntary information, Article 6, paragraph 1, sentence 1 (a) GDPR). We process and store your personal data as long as it is necessary for the fulfilment of our contractual and legal obligations. If the storage of personal data is no longer required to fulfil these obligations, they will be deleted, unless there are statutory storage requirements.

Revoking consent
If you have given us consent, you can revoke it with effect in the future at any time.
You can send us your revocation to the contact details under "Responsible party".

Your rights
You have the following rights with respect to your personal data:
•    Right to information
•    Right to rectification or deletion
•    Right to restriction of processing
•    Right to object to the processing
•    Right to data transfer
You also have the right to lodge a complaint about the processing of your personal data to a data protection supervisory authority.

Responsible party
Contact details of the person responsible for the data processing, as well as contact data of a data protection official, if needed, can be found under the information in the imprint.

The Municipal Library Hamm
Students of the SRH Hochschule  in Nordrhein-Westfalen receive a free library card from the Stadtbibliothek Hamm. The library card will be collected by the university in the name of the city of Hamm. To this end, the student consents to the transfer of his/her personal data (surname, first name, gender, address, birthday date, e-mail address, birthday date, end of standard period of study) to the city (consent to study-relevant data). Without consent, the Bib card will not be transmitted and thus issued. A given consent can be revoked at any time with effect for the future. The purpose and scope of the data collection by the City of Hamm and the further processing and use of your data there, as well as your rights in this regard and possible settings to protect your privacy, can be found in the data protection information of the City of Hamm under the following link: https://www.hamm.de/stadtbuecherei/datenschutz.htmlhttps://www.hamm.de/datenschutz.html

Matomo

With your consent, we use the open-source software Matomo for analyzing and statistically evaluating the use of the website. For this purpose, cookies are used. The information obtained about the use of the website is transmitted exclusively to our servers and summarized in pseudonymous usage profiles. We use the data to evaluate the usage of the website. The collected data will not be shared with third parties.

The IP addresses are anonymized (IP masking), so that allocation to individual users is not possible.

The processing of data is based on Article 6(1)(a) of the GDPR. We pursue our legitimate interest in optimizing our website for our external representation.

You can revoke your consent at any time by deleting the cookies in your browser or changing your privacy settings.

Matomo Cookieless Tracking

We utilize the open-source software Matomo for the analysis and statistical evaluation of anonymized usage data on our website. The information obtained regarding website usage is exclusively transmitted to our servers and summarized in anonymized usage profiles. We use this data to assess website usage. The collected data will not be shared with third parties.

IP addresses are anonymized (IP masking), preventing any association with individual users. We have activated the "do-not-track" setting and ensured that personally identifiable information (such as email addresses) is not stored.

Data processing is based on Article 6(1)(f) of the GDPR, representing our legitimate interest in optimizing our online offerings.

You have the option to decide whether this anonymized collection and analysis may take place. If you wish to opt out, please click the following link to place the Matomo deactivation cookie in your browser.