Privacy Policy

1. Objective and responsible body

This Privacy Policy clarifies the nature, scope and purpose of the processing (including collection, processing, use and consent) of personal information contained in our online offering and the related websites, features and content (collectively referred to as “online offer” or “Website”). The privacy policy applies regardless of the domains, systems, platforms, and devices (such as desktop or mobile) on which the online offering is being run.

Provider of the online offer and responsible for data protection law is University College Digital of the University of Hamburg, owner: Prof. Dr. med. Dieter Lenzen, President of the University of Hamburg, Mittelweg 177, 20148 Hamburg, Schlüterstr. 51, 4th floor, 20146 Hamburg (hereinafter referred to as “provider”, “we” or “us”).

For the contact possibilities we refer to our imprint. The term “user” includes all customers and visitors of our online offer. The terms used, such as “Users” are to be understood gender-neutral.

2. Basic information on data processing

We only process personal data of users in compliance with the relevant data protection regulations in accordance with the requirements of data minimization and data avoidance. This means that the data of the users are processed only if a legal permission exists, in particular if the data for the performance of our contractual achievements as well as on-line services is required, or prescribed by law or in the presence of a consent.

We take organizational, contractual and technical security measures in accordance with the state of the art to ensure that the provisions of the data protection laws are complied with and in order to protect the data processed by us against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons protect.

If, within the framework of this data protection declaration, content, tools or other means are used by other providers (collectively referred to as “third-party providers”) and their registered office is abroad, it can be assumed that data will be transferred to the states of residence of the third-party providers , The transfer of data to third countries takes place either on the basis of a legal permission, the consent of the users or special contract clauses, which ensure a legally required security of the data.

3. Processing of personal data

In addition to the use expressly stated in this privacy policy, the personal data is processed for the following purposes on the basis of legal permissions or user consent:
– The provision, execution, maintenance, optimization and security of our services, services and user services;

When contacting us (via contact form or e-mail), the details of the user are stored for the purpose of processing the request as well as in the event that follow-up questions arise.
Personal data will be deleted if they have fulfilled their purpose and deletion does not conflict with any retention requirements.

4. Collection of access data

We collect data about every access to the server on which this service is located (so-called server log files). Access data includes:

* IP address
* Information about the browser type and version used
* Date and time of access
* Internet service provider of the user
* Operating system of the user
* Websites from which the system of the user reaches our website
* Websites accessed by the user’s system through our website

The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f DSGVO.

Temporary storage of the IP address by the system is required to allow delivery of the website to the user’s computer. For this purpose, the IP address of the user must remain stored for the duration of the session.

Storage in log files is done to ensure the functionality of the website, to optimize the content of the website and to ensure the security of our information technology systems.

The data will be deleted as soon as it is no longer necessary for the purpose of its collection. In the case of collecting the data for providing the website, this is the case when the respective session is completed.

In the case of storing the data in log files, this is the case after no more than seven days. Further storage is possible. In this case, the IP addresses of the users are deleted or alienated, so that an assignment of the calling client is no longer possible

5. Cookies

What are cookies?

Cookies are small pieces of data, stored in text files, that are stored on your computer or other device when websites are loaded in a browser. They are widely used to “remember” you and your preferences, either for a single visit (through a “session cookie”) or for multiple repeat visits (using a “persistent cookie”). They ensure a consistent and efficient experience for visitors, and perform essential functions such as allowing users to register and remain logged in. Cookies may be set by the site that you are visiting (known as “first party cookies”), or by third parties, such as those who serve content or provide advertising or analytics services on the website (“third party cookies”).

Both websites and HTML emails may also contain other tracking technologies such as “web beacons” or “pixels.” These are typically small transparent images that provide us with statistics, for similar purposes as cookies. They are often used in conjunction with cookies, though they are not stored on your computer in the same way. As a result, if you disable cookies, web beacons may still load, but their functionality will be restricted.

Controlling Cookies

Visitors may wish to restrict the use of cookies or completely prevent them from being set. Most browsers provide for ways to control cookie behavior such as the length of time they are stored – either through built-in functionality or by utilizing third party plugins. If you disable cookies, please be aware that some of the features of our service may not function correctly.

To find out more on how to manage and delete cookies, visit aboutcookies.org. For more details on your choices regarding use of your web browsing activity for interest-based advertising visit youronlinechoices.eu (EU based) or optout.aboutads.info (US based). On a mobile device, you may also be to adjust your settings to limit ad tracking.

You can opt out of Google Analytics by installing Google’s opt-out browser add-on.

What Cookies do we use?

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

5. Jetpack plugins

The jetpack plugin used, comes with following features:

Activity Log

This feature only records activities of a site’s registered users, and the retention duration of activity data will depend on the site’s plan and activity type.

Data Used: To deliver this functionality and record activities around site management, the following information is captured: user email address, user role, user login, user display name, WordPress.com and local user IDs, the activity to be recorded, the WordPress.com-connected site ID of the site on which the activity takes place, the site’s Jetpack version, and the timestamp of the activity. Some activities may also include the actor’s IP address (login attempts, for example) and user agent.

Activity Tracked: Login attempts/actions, post and page update and publish actions, comment/pingback submission and management actions, plugin and theme management actions, widget updates, user management actions, and the modification of other various site settings and options. Retention duration of activity data depends on the site’s plan and activity type. See the complete list of currently-recorded activities (along with retention information).

Data Synced: Successful and failed login attempts, which will include the actor’s IP address and user agent.

Mobile Theme

Data Used: A visitor’s preference on viewing the mobile version of a site.

Activity Tracked: A cookie (akm_mobile) is stored for 3.5 days to remember whether or not a visitor of the site wishes to view its mobile version. Learn more about this cookie.

Protect

Data Used: In order to check login activity and potentially block fraudulent attempts, the following information is used: attempting user’s IP address, attempting user’s email address/username (i.e. according to the value they were attempting to use during the login process), and all IP-related HTTP headers attached to the attempting user.

Activity Tracked: Failed login attempts (these include IP address and user agent). We also set a cookie (jpp_math_pass) for 1 day to remember if/when a user has successfully completed a math captcha to prove that they’re a real human. Learn more about this cookie.

Data Synced: Failed login attempts, which contain the user’s IP address, attempted username or email address, and user agent information.

Subscriptions

Data Used: To initiate and process subscriptions, the following information is used: subscriber’s email address and the ID of the post or comment (depending on the specific subscription being processed). In the event of a new subscription being initiated, we also collect some basic server data, including all of the subscribing user’s HTTP request headers, the IP address from which the subscribing user is viewing the page, and the URI which was given in order to access the page (REQUEST_URI and DOCUMENT_URI). This server data used for the exclusive purpose of monitoring and preventing abuse and spam.

Activity Tracked: Functionality cookies are set for a duration of 347 days to remember a visitor’s blog and post subscription choices if, in fact, they have an active subscription.

No data is shared with a third party. For more information on jetpack, visit https://jetpack.com/support/privacy/

6. Comments

When visitors leave comments on the site we collect the data shown in the comments form.

After approval of your comment, your profile picture is visible to the public in the context of your comment.

7. Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website

8. Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracing your interaction with the embedded content if you have an account and are logged in to that website.

9. How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

10. What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

11. Contact

Please use contact us as described on http://uncertain2degrees.blogs.uni-hamburg.de/?page_id=422 for inquiries and requests to receive an export file of the your personal data or the request to erase your personal data.

12. Changes to the privacy policy

We reserve the right to change the privacy policy in order to adapt it to changed legal situations, or to changes in the service and data processing. However, this only applies to declarations of data processing. If users’ consent is required or elements of the privacy policy contain provisions of the contractual relationship with the users, the changes will only be made with the consent of the users. Users are requested to inform themselves regularly about the content of the privacy policy.

As of: 05.06.2018 12:12