pursuant to Sections 17 and 25 of the DSG-EKD concerning the website of the Lutheran University of Applied Sciences Nuremberg (EVHN)

We, the Lutheran University of Applied Sciences Nürnberg, take the protection of your personal data and the legal obligations serving this protection very seriously. The legal requirements demand comprehensive transparency concerning the processing of personal data. Only if the processing is comprehensible to you as the data subject are you sufficiently informed about the purpose and scope of the processing. Our data protection declaration therefore explains in detail which so-called personal data is processed by us when you use the evhn.de website.

The data controller pursuant to the Church law on data protection of the Protestant Church in Germany (DSG-EKD), the GDPR as well as other data protection regulations that apply to Church organisations is

Professor Thomas Popp, University President
Evangelische Hochschule Nürnberg (EVHN)
Lutheran University of Applied Sciences Nürnberg
Bärenschanzstraße 4
90429 Nürnberg
Tel: 0911 27253-6
Fax: 0911 27253-799
E-mail: zentrale@evhn.de
Internet: www.evhn.de/en

Hereinafter referred to as the “Data Controller” or “we”.

Supervision under data protection law is carried out by the data protection commissioner of the EKD.
Der Beauftragte für den Datenschutz der Evangelischen Kirche in Deutschland (data protection commissioner of the Protestant Church in Germany)
Michael Jacob
Lange Laube 20
30159 Hannover
Telephone no.: 0511 76 8128-0
info@datenschutz.ekd.de
https://datenschutz.ekd.de

Please send enquiries first to the responsible branch office of the EKD data protection commissioner:
Außenstelle für die Datenschutzregion Süd des BfD-EKD (branch office for the data protection area Süd (south) of the BfD-EKD)
Hafenbad 22, 89073 Ulm
Telephone no.: 0731 140593-0
sued@datenschutz.ekd.de

Organisational/local data protection officer:
Markus Maiwald
Evangelische Hochschule Nürnberg
Bärenschanzstr. 4
90429 Nürnberg
Telephone no.: 0911 27253-776
E-mail: datenschutz.nuernberg@elkb.de

Please note that links on our website may take you to other internet sites that are not operated by us but by third parties. Such links are either clearly marked by us or are recognisable by a change in the address line of your browser. We are not responsible for compliance with data protection requirements and secure handling of your personal data on these websites operated by third parties.

This data protection declaration uses the terminology also used in the text of the DSG-EKD. You can access the definitions (Section 4 of the DSG-EKD) on the EKD’s website at datenschutz.ekd.de.

The EVHN takes the protection of your personal data very seriously. Personal data is treated as confidential in accordance with the legal data protection regulations as well as this data protection declaration.

The EVHN has taken organisational, contractual and technical security measures to ensure that legal regulations on data protection are complied with and to prevent accidental or intentional manipulation, loss, destruction of data as well as access to data by unauthorised persons.

The EVHN points out, however, that there may be security gaps when data is transferred via the internet (for example when communicating by e-mail). Complete protection of the data against access by third parties is not possible. We recommend that you send confidential information by post rather than by e-mail.

The EVHN uses cookies on their website. Cookies are not a threat to your computer and do not contain viruses. Their purpose is to make the website more user-friendly, more effective and more secure. Cookies are small files that are stored on the user’s computer and can store information for the website provider.

Temporary cookies, known as session cookies, are automatically deleted when you close your browser. Permanent cookies remain on your computer for a specified period and can provide the stored information when the user returns to the website. These cookies enable the identification and recognition of your browser on your next visit, for example.

Most web browsers are set up to allow cookies automatically. You can, however, influence the use of cookies. You can set your browser to inform you when cookies are set. You can also allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or in general, as well as activate automatic deletion of cookies when the browser is closed.

The EVHN endeavours to design its website in such a way that the use of cookies is not necessary. However, please note that some functions as well as the use and especially ease of use of the website may be restricted without cookies.

Specific cookies used are:

• has_js: Values 1 or 0 to indicate whether the user has activated Javascript or not and to deliver content accordingly.
• cookieconsent_status: Values “allow” or “dismiss” to indicate which button the user clicked on in the cookie consent window.

Further cookies are stored by Matomo if the user allows cookies; their names begin with “_pk”. Their purpose is to re-identify the visit.

No personal data is stored; IP-addresses are anonymised to two bytes.

EVHN automatically collects and stores data in so-called server log files every time the website is accessed. Data collected includes name of the accessed page, date and time when the page was accessed, data volume and data transmitted, notification of successful access, type and version of the users’ browser, operating system, referrer URL (the page visited previously), IP address and host name of the accessing computer.

Pursuant to legal regulations, EVHN uses the information from these log files only for statistical analyses for operational purposes, ensuring the security of and optimising the website. The data cannot be linked to specific individuals. This data is not combined with other data sources, for example for the purpose of profiling. EVHN does, however, reserve the right to check the log data retrospectively if there is justified suspicion of unlawful use, based on specific indications.

Personal data means individual pieces of information about personal or material circumstances of a specific identified or identifiable natural person. This includes information such as your name, address, postal address and telephone number. It does not include information that is not connected to your identity (such as the number of users on the website). It is generally possible to use this website without giving any personal data.

Insofar as personal data is collected on our website, we do so – wherever possible – on a voluntary basis and exclusively in cases permitted by law or with the user’s consent. It is normally recognisable to the user which data is stored when using the service.

We store your data on servers in Germany and Europe (back-up). Only a small number of specially authorised individuals who are responsible for its technical, business-related or editorial processing have access to it.

If you send enquiries to the EVHN by e-mail or using the contact form, data such as your name, e-mail address, subject and message including any further optional data will be stored for the purpose of processing your enquiry and in case of follow-up enquiries.

EVHN uses your personal data only within the organisation – to the extent possible. EVHN only forwards user data to third parties in cases where this is lawful, the user has expressly consented to the forwarding or transmission is necessary to fulfil a contract or a contractual obligation towards the user. For example, it is necessary to forward data if materials have been ordered and the delivery address is transmitted to a shipping company, a bank has to process a payment or donation, accommodation needs to be booked for an event or if the data is requested by competent agencies such as law enforcement agencies.

Your data is not forwarded to third parties without your express consent for purposes such as advertising or profiling.

E-mails with promotional information concerning EVHN and its services are only sent with the user’s express consent. If you wish to subscribe to the newsletters offered on the website, the EVHN needs your e-mail address and information that allows us to check that the given e-mail address is really yours and that you agree to the receipt of the newsletter.

Before starting the subscription, the owner of the e-mail address receives a message in which they need to confirm subscription to the newsletter. If the subscription is not confirmed, it will automatically be deleted within a maximum of four weeks.

When you subscribe, EVHN stores the time of subscription, time of confirmation and your IP address. EVHN is legally obliged to document subscriptions, in order to be able to prove that users subscribed properly. EVHN uses the data exclusively for the purpose of sending the requested information.

Messages sent in connection with the contractual relationship with the user do not constitute promotional information. This includes sending technical details, details on booked events or on payment procedures, follow-up questions on orders or similar messages.

You can revoke your consent to our storing and using your data and e-mail address for sending the newsletter at any time; you can do this using the “Austragen” (unsubscribe) [EJ(1] button in the newsletter itself or by sending an e-mail message to the address given in the legal notice.

Our website contains links to other websites. If you follow an external link, data is transferred from your computer to servers belonging to the provider of the other website. EVHN has no influence on the operator of that website adhering to data protection regulations.

To protect any data you communicate to us using this website from unwanted access, we use an encryption procedure. Your data is then transferred from your computer to our server and vice versa through the internet using 256-bit encryption (Secure Socket Layer). This is evident from the closed lock symbol in the status bar of your browser and the fact that the address line begins with “https://”. We might not encrypt generally available information that you access on our website.

As a user of this website, you are entitled to request information on which personal data concerning you is stored free of charge. Unless your request conflicts with a legal obligation to retain data (e.g. data retention), you have a right to have incorrect data corrected and to have your personal data blocked or deleted. To do so, please contact the address listed in the legal notice by post or e-mail or contact the above-mentioned company/local data protection officer.

On this website, data is collected and stored using the web analysis software Matomo (www.matomo.org), a service provided by InnoCraft Ltd. (150 Willis St, 6011 Wellington, New Zeeland), on the basis of our legitimate interest in the statistical analysis of user behaviour for optimisation and marketing purposes in accordance with Section 6 no. 8 of the DSG-EKD. Pseudonymised user profiles can be created and evaluated from this data for the same purpose. Cookies may be used for this purpose. Among other things, cookies enable recognition of the internet browser. The data collected using Matomo technology (including your pseudonymised IP address) is processed on our servers.

The information generated by the cookie in the pseudonymous user profile is not used to identify the visitor to this website personally and is not merged with personal data about the bearer of the pseudonym.

If you do not agree to the storage and evaluation of this data from your visit, you can object to its storage and use at any time. In this case, a so-called opt-out cookie is stored in your browser, which means that Matomo will not collect any session data. Please note that deleting all cookies means that the opt-out cookie is also deleted and may need to be activated again. Furthermore, if you use a different computer or a different web browser, you will have to complete the deactivation procedure again.

This website uses social plugins ("Plugins") of the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA ("Facebook"). The Plugins are recognisable by one of the Facebook logos (white "f" on a blue tile or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". The list and appearance of Facebook Social Plugins can be viewed at: https://developers.facebook.com/docs/plugins/.

When a user calls up a web page that is part of this website and that contains such a Plugin, their browser establishes a direct connection with the Facebook servers. The content of the Plugin is transmitted by Facebook directly to the user's browser and integrated into the web page by the browser. The provider therefore has no influence on the scope of the data that Facebook collects with the help of this Plugin and therefore informs users according to their level of knowledge: Through the integrated Plugin, Facebook receives the information that a user has accessed the corresponding page of the website. If the user is logged in to Facebook, Facebook can connect the visit to his or her Facebook account. If a user interacts with the Plugins, for example by clicking the Like button or posting a comment, the corresponding information is transmitted directly from their browser to Facebook and stored there. If a user is not a member of Facebook, there is still the possibility that Facebook can discover and store their IP address. According to Facebook, only an anonymised IP address is stored in Germany.

The purpose and scope of data collection and further processing and use of the data by Facebook, as well as the related rights and settings options for protecting the privacy of users, can be found in Facebook's privacy policy: https://www.facebook.com/about/privacy/.

If a user is a Facebook member and does not want Facebook to collect data about them via this website and link it to their membership data stored on Facebook, they must log out of Facebook before visiting the website and delete the corresponding Facebook cookies. It is also possible to block Facebook Social Plugins with add-ons for the browser, for example with the "Facebook Blocker".

When you access our website, a Plugin, the so-called share button, is loaded to make it more personal and to allow you to network more easily. This button is recognisable by words like “Twitter” in connection with their stylised bird logo. This button is provided by Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland ("Twitter"). Your browser loads the necessary Twitter code for using this button when you access our website. To do this, your browser has to connect to Twitter servers. This means that Twitter is informed that our website was accessed from your IP address. At the same time, Twitter can store and read cookies on your device, unless you have adjusted your browser settings to reject cookies.

The purpose of using the Twitter Plugin is to make the website more personal; it also allows you to display or comment on individual parts of our website quickly on your Twitter account. This represents an ecclesiastical interest as defined by Section 6 point 4) of the DSG-EKD.

We capture your IP address to enable transmission to Twitter. You are not obliged to supply this personal data; however the Plugin cannot be used without it.

If you do not wish for Twitter to connect the personal data that they collect from our website with your Twitter account, you need to log out of your Twitter account before visiting our website. You can access Twitter’s privacy policy at https://twitter.com/privacy/.

Parts of our website use the services of YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA ("YouTube") to display video content. Your browser loads the YouTube code that is necessary to show the videos when you access those pages. To do this, your browser has to connect to YouTube servers. This means that YouTube is informed that our website was accessed from your IP address. At the same time, YouTube stores and reads cookies on your device, unless you have adjusted your browser settings to reject cookies.

The purpose of using YouTube Plugins is to make the design of our website more appealing and to make it possible to display video content. This represents an ecclesiastical interest as defined by Section 6 point 4) of the DSG-EKD. Data transfer to the USA is performed in accordance with Commission Implementing Decision (EU) 2016/1250 (EU-US Privacy Shield).

We capture your IP address to enable transmission to YouTube. You are not obliged to supply this personal data; however the affected parts of our website cannot be used without it.

If you do not wish for YouTube to connect the personal data that they collect from our website with your YouTube account, you need to log out of your YouTube account before visiting our website. Follow this link for further information about YouTube: https://about.youtube/. YouTube’s privacy policy is available at https://www.google.com/policies/privacy/ as part of Google’s privacy policy.

In accordance with Sections 36 and 37 of the Act on Alternative Dispute Resolution in Consumer Matters (VSBG), EVHN draws attention to the following regulation: The European Commission has created an online dispute-resolution platform (ODR platform) for disputes arising from contracts that have been made online between consumers from EU countries and companies based in EU countries. Users can reach the platform via the following link: https://ec.europa.eu/consumers/odr/main/index.cfm?event=main.home2.show&lng=EN

EVHN prefers to resolve disputes with you directly. EVHN is not obliged and not willing to take part in conciliation/consumer conciliation procedures before a consumer conciliation body. If you have any questions or problems, please contact us directly.

We hereby object to the contact details that we are legally obliged to publish on this website being used by third parties in order to send us advertising or information material that we did not specifically request. EVHN expressly reserves the right to take legal action if unsolicited advertising information (for example spam e-mails) is sent.

For our webinars, we use the software provided by Zoom.us; this is provided to us by Connect4Video. Use therefore conforms to the GDPR and the DSG-EKD as the servers are in Germany. (Individual events may be recorded and streamed live on Facebook or YouTube. By participating in a public event, you declare your consent to your video, text and audio contributions being stored and published.)

EVHN reserves the right to amend its data protection declaration for the purpose of adapting it to a changed legal situation or a change in services offered or in data processing procedures.