The controller or person responsible according to the General Data Protection Regulation (GDPR) and other national data protection laws of the EU member states as well as other data protection regulations is:
Dr. Jörg Cassens
IMAI - Institut für Mathematik und Angewandte Informatik
fon +49 5121 883 40190
fax +49 5121 883 40191
In principle, we process personal data of our users only to the extent necessary to provide a functional website and to deliver our content and services. Processing of personal data of our users takes place in principle only with consent of the user. An exception applies to cases in which prior consent can not be obtained for reasons of fact and the processing of the data is permitted by law.
Insofar as we obtain the consent of the user for processing of personal data, Art. 6 para. 1 lit. a of the EU General Data Protection Regulation (GDPR) is the legal basis.
If the processing of personal data is necessary due to a contract to which the user is a party, Art. 6 para. 1 lit. b GDPR is legal basis. This also applies to processing operations required to carry out pre-contractual obligations.
Insofar as the processing of personal data is required to fulfill a legal obligation that the aforementioned controller is subject to, then Art. 6 para. 1 lit. c GDPR applies as legal basis.
In the event that vital interests of the user or another natural person require the processing of personal data, Art. 6 para. 1 lit. d GDPR forms legal basis.
If the processing is necessary to safeguard legitimate interests pursued by the of the controller or a third party and if the interest, fundamental rights freedoms of the user concerned do not prevail over the first interest, Art. 6 para. 1 lit. f GDPR is legal basis for processing.
Every time our website is accessed, our system automatically collects data and information about the computer system of the user. The following data is collected here:
The data is also stored in the log files of our system. Storage of this data combined with other personal data of the user does not take place.
The legal basis for the temporary storage of data and log files is Art. 6 para. 1 lit. f GDPR.
The temporary storage of the IP address is necessary to allow delivery of the website to the computer of the user. For this purpose, the IP address of the user must remain stored for the duration of the session.
Storage in log files is done to ensure the functionality of the website. In addition, the data is used to ensure the security of our information technology systems. Evaluation of the data for other purposes does not take place.
For the specified purposes, our legitimate interest in the processing of data is according to Art. 6 para. 1 lit. f GDPR.
The data will be deleted as soon as it is no longer necessary for its purposes. In the case of temporarily collecting the data for providing the website, this is the case when the respective session is completed.
In the case of storing the data in log files, this is the case after two weeks at the latest. Additional storage is possible. In this case, the IP addresses are anonymized and the information about the browser type removed, so that identification of the client is no longer possible.
The collection of data for the provision of the website and the storage of the data in log files is essential for the operation of the website. Consequently, there is no option to object this data processing on the part of the user.
University of Hildesheim