General information on data processing
Scope of processing
As a matter of principle, we process personal data of our users only to the extent necessary to provide a functional website and our contents and services. The processing of personal data of our users regularly only takes place with the user's consent. An exception is made in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted by law.
Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a General Data Protection Regulation (GDPR) serves as the legal basis.
When processing personal data which is necessary for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations which are necessary to carry out pre-contractual measures.
Insofar as processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.
The legal basis is Art. 6 para. 1 lit. e GDPR in connection with § 5 ThürHG and §16 ThürDSG, if the processing of the personal data provided by you is necessary for the processing of your request within the scope of the fulfilment of our tasks.
If the processing is necessary to safeguard a legitimate interest of our company or of a third party and if the interests, fundamental rights and freedoms of the person concerned do not outweigh the former interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for the processing.
Erasure and storage period
The personal data of the person concerned will be deleted or blocked as soon as the purpose of the storage no longer applies. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other regulations to which the person responsible is subject. Data will also be blocked or deleted when a storage period prescribed by the above-mentioned standards expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.
The University of Erfurt automatically collects and stores information in its server log files that your browser sends to us. These are:
- Browser type/ -version
- Operating system used
- Website from which the access takes place (referrer)
- Host name of the requesting computer (IP address)
- Date and time of the server request
- Name and URL of the retrieved data
- Amount of data transmitted
- Message whether the call was successful (http status code)
The University of Erfurt cannot assign this data to specific persons. It is used for evaluation purposes to ensure system security and stability, to detect misuse and to ensure that our website is easy to use. This data is not merged with other data sources, and the data is regularly deleted after statistical evaluation. The data will not be passed on to third parties.
The legal basis for data processing is Art. 6 para. 1 p. 1 lit. f GDPR.
This site uses SSL encryption for security reasons and to protect the transmission of all content.
You can recognise an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in the adress line of your browser.
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. Cookies serve to increase the functionality and comfort of the website for you.
The use of our website is normally possible without cookies. Only if you log in to an access-protected area of the website will a personalised database entry be generated, consisting of session ID, anonymised IP address, time stamp, user ID and session data, which is deleted when you log out. Only the last timestamp is stored permanently. A personalized cookie is also created, which is usually deleted when the browser is closed completely.
For backend editors, a function cookie is created when logging in to the backend, which is deleted again when logging out of TYPO3.
Matomo is used for reach measurement (web statistics). Matomo sets a cookie that allows the evaluation of visitor behaviour (see below). The legal basis is your consent in accordance with §25, Para. 1, Sentence1 TTDSG.
You can set your browser not to accept cookies, and the above website tells you how to remove cookies from your browser. However, in a few cases, some of our website features may not function as a result. Example Firefox
You can also adjust the cookie settings for this website:
In addition to this website, the University of Erfurt has also made appearances at
The corresponding information on responsibility and data protection can be found at the respective websites.
Translated with assisstance of www.DeepL.com/Translator (free version)
This website uses Matomo to analyse user flows and measure reach. Matomo is Open Source. The obtained information is used to evaluate the use of the website and to enable a demand-oriented design of our website. For this purpose, a cookie is set on the user's computer after consent by the user (opt-in).
The following data will be stored:
- 2 bytes of the IP address of the user's calling system
- the website accessed
- the website from which the user has reached the page called up (referrer)
- the subpages that are called from the called web page
- the time spent on the website
- the frequency with which the website is accessed
The legal basis is your consent in accordance with Art. 6 Para. 1 letter e GDPR.
The data will be deleted as soon as they are no longer required for our purposes, at the latest after 365 days.
Contact form and e-mail contact
On the University of Erfurt's website there are simple contact forms which can be used for electronic communication. The data entered in the input mask is transmitted. Your consent is obtained for the processing of the data during the sending process and reference is made to this data protection declaration. The legal basis for the processing is Art. 6 para. 1 lit. a GDPR.
Alternatively, you can contact us at any time using the e-mail addresses provided. In this case, the personal data of the user transmitted with the e-mail will be stored. The data will not be passed on to third parties.
The legal basis for the processing is Art. 6 para. 1 lit. e GDPR in connection with § 5 ThürHG, if the processing of the personal data provided by you is necessary for the processing of your request within the scope of the fulfilment of our tasks. The communication of further information by you is voluntary based on your consent in accordance with Art. 6 para. 1 lit. a GDPR.
The data will be used exclusively for the processing of the conversation. The data will be deleted as soon as they are no longer required for the purpose of their collection. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended.
Integration of videos and podcasts
Videos (Youtube, Vimeo) on our pages are only integrated as still images with an embedded link. No data is transferred to third parties until clicking on the still image. Only when player and video load will data be transmitted to:
Spotify, Anchor, Podigee
On some of our pages you will find 360°models of buildings of the University. For this offer we use the service of the company Matterport.
By actively clicking on the model still image, you give your consent in accordance with Art. 6 Para. 1 lit. a DSGVO to the forwarding to the Matterport site and to the data exchange that this triggers.
When using this service, personal data is collected by Matterport and, since Matterport is based in America, also transmitted to the USA and processed there. This involves the following data: Your IP address, browser version and displaying device, origin and destination URL, possibly location data and the ID of the respective 3D tour.
You must be aware that by using the service you also enable the setting of cookies by Matterport. We have no influence on this data transmission and the setting of cookies by Matterport. However, we would like to inform you about this:
The provider of the service is Matterport, Inc, 352 E. Java Dr., Sunnyvale, CA 94089, with its registered office in the USA.
- Legal basis for data processing in the USA: According to its own information, Matterport has committed itself to the EU's Standard Contractual Clauses (SCC) to ensure adequate protection when transferring data outside the EEA. However, we would like to point out that even these recognised standard contractual clauses cannot protect against access to the data by US authorities that is permitted under US law.