Legal Notices and Privacy Policy

Contact

Hochschule Rhein-Waal
Rhine-Waal University of Applied Sciences
Professor Dr Eberhard Menzel, Interim Appointee to the Office of President

Kleve Campus

Marie-Curie-Straße 1
47533 Kleve, Germany

T: +49 2821 806 73 - 0
F: +49 2821 80673 - 160

Navigation address: Briener Straße

Kamp-Lintfort Campus

Friedrich-Heinrich-Allee 25
47475 Kamp-Lintfort, Germany

T: +49 2842 908 25 - 0

Contact us by email:

General enquiries: info@hochschule-rhein-waal.de

Study-related enquiries: studienberatung@hochschule-rhein-waal.de

Rhine-Waal University of Applied Sciences is a corporation under German Public Law (BGB). The University is represented before the law by the Executive Board.

Responsible regulatory authority:

Ministerium für Innovation, Wissenschaft und Forschung des Landes Nordrhein-Westfalen (MIWF)
Ministry of Innovation, Science and Research of the State of North Rhine-Westphalia
Völklinger Straße 49
40221 Düsseldorf, Germany

VAT number of the University: DE 815 145 426

Design and Technical Implementation:

Jens Schwalenberg

Privacy Policy according to Article 13 GDPR

The protection of the data and privacy of visitors to our website is important to us. For that reason, we pledge to protect your personal data and collect, process and use your data in strict accordance with the European General Data Protection Regulation (GDPR) and applicable German data privacy regulations. The following Privacy Policy contains a full and comprehensive overview of how your personal data is collected and subsequently used on our website. Our Privacy Policy is updated regularly in accordance with legal and technical requirements. Please always refer to the most current version of our Privacy Policy.

The following Privacy Policy applies to the website of Rhine-Waal University of Applied Sciences, https://www.gamelet.eu, only.

1. Name and Address of Controller

The controller within the meaning of the GDPR and other German privacy regulations as well as all other applicable data privacy regulations is:

Rhine-Waal University of Applied Sciences

Marie-Curie-Strasse 1

47533 Kleve

Germany

Telephone: +49 2821 806 73 – 0

Email: info@hochschule-rhein-waal.de        

Website: www.hochschule-rhein-waal.de

1. Data Protection Officer

Address of the Data Protection Officer of the controller:

Rhine-Waal-University of Applied Sciences
Data Protection Officer

Marie-Curie-Strasse 1

47533 Kleve

Germany

Email: datenschutz@hochschule-rhein-waal.de

III. General data processing information

1. Scope of processing personal data

Your personal data will only ever be processed to the extent required to provide a fully functional website, the contents thereof or our services. In many cases, processing of your personal data occurs only with your explicit consent, except in specific cases where practical reasons make it impossible to obtain consent beforehand and the processing of personal data is nevertheless permitted by law.

2. Lawfulness of processing

Article 6(1) GDPR governs the lawfulness of processing the personal data of users according to specific criteria, in particular:

Article 6(1) point (a) GDPR, provided we have obtained the consent of the data subject to the processing of his or her data for one or more specific purposes.

Article 6(1) point (b) GDPR, provided that processing is necessary for the performance of a contract to which the data subject is party. This also applies to processing that is necessary for taking steps prior to entering into a contract with the data subject.

Article 6(1) point (c) GDPR, provided that processing of personal data is necessary for compliance with a legal obligation to which our University is subject.

Article 6(1) point (d) GDPR, provided that processing is necessary to protect the vital interests of the data subject or of another natural person.

Article 6(1) point (f) GDPR, provided that processing is necessary for the purposes of the legitimate interests of our University or of a third party and these interests override the interests, fundamental rights and fundamental freedoms of the data subject.

3. Erasure and duration of storage

As soon as the purpose of storage no longer applies, your personal data will be erased or made unavailable. If European Union or German provisions, laws or other regulations to which the controller is subject obligate storage periods for personal data extending beyond the original purpose, storage may continue until the end of the storage period mandated by the aforementioned legislation. Following this storage period, personal data will be erased or made unavailable unless continued storage thereof is necessary for the conclusion or performance of a contract.

1. Providing the website and the creation of log files

1. Description and scope of processing

Whenever you access our website, data about your computer system is collected automatically.

This includes, in particular:

  1. a) your IP address
  2. b) date and time of access
  3. c) information about the type of browser used and its current version
  4. d) your operating system
  5. e) websites from which you accessed our website

This data is stored as a log file in our system. Log files are not stored in connection with your personal data.

2. Lawfulness of processing

The lawfulness of the temporary storage and processing of technical data and log files is established by Article 6(1) point (f) GDPR.

3. Purpose of processing

The provision of the website to your computer requires the temporary storage of your IP address by the system. To do this, your IP address must remain stored for the duration of the session.

To ensure the functionality of the website and the security of our IT systems and to optimize the website, this data is stored in log files. This gathered data is not evaluated for marketing purposes.

These purposes also represent our legitimate interest in data processing pursuant to Article 6(1) point (f) GDPR.

4. Duration of storage

If data collection is no longer necessary to achieve the purpose, the data will be deleted. When data is collected for the purpose of providing the website, deletion thereof occurs at the end of each session.

If the data is stored in log files, these will be deleted after seven days at the latest. It may also be possible to store data beyond this. In this case, the user IP addresses are deleted or otherwise distorted so that they can no longer be attributed to a calling client.

5. Possibility of objection and elimination

There is no possibility for you to object, as data collection and storage in log files is absolutely necessary for the provision and operation of the website.

1. Use of cookies

1. Description and scope of processing

Our website uses so-called “cookies”. These are text files that are stored in or by the browser on your computer system. A cookie can be stored on your operating system as soon as it accesses a website. This cookie contains a characteristic character string that enables a unique identification of the browser when the website is called up again.

Cookies are used to make our website user-friendly. Some parts of our website require identification of the browser used even after a page change.

2. Prevent the storage of cookies

Depending on the browser used, you can configure your options to only store cookies with your consent. If you only want to accept the cookies we use, but not those of any service providers and partners, you can enable the setting “Block third party cookies” in your browser. Usually, the help function in the menu bar of your web browser shows you how you can reject new cookies and deactivate cookies already received. We recommend that you always log out completely of shared computers that are configured to accept cookies and flash cookies.

3. Lawfulness of processing

The lawfulness of processing personal data using cookies is established by Article 6(1) point (f) GDPR.

4. Purpose of processing

Technically necessary cookies are used in order to simplify the use of our websites for you. Without the use of cookies, various functions of our website cannot be offered, as they require the recognition of your browser after a page change.

No user profiles are created using user data collected from technically necessary cookies.

These purposes also represent our legitimate interest in data processing pursuant to Article 6(1) point (f) GDPR.

5. Duration of storage, possibility of objection and elimination

Cookies are stored on your computer. From there they are transmitted to our website. This means that you as a user also have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your browser. You can also delete cookies that have already been saved at any time. This can also be done automatically. If you deactivate cookies for our website, this may restrict the use of the functions of our website.

1. Contact and application forms and email contact address

1. Description and scope of processing

To contact us online, for online applications, for providing information and data for various purposes or for creating individual accounts, we may offer contact and application forms or other according entry masks on our website. To use them, enter your data in the input mask. This data is then transmitted to us and stored. The following data can be collected, depending on the respective form used:

Title

Surname, first name

Email address

Home address

Other contact information

Nationality

Information about your organisation

Information about your individual account

When a message is sent by you, the following data is also stored:

Your IP address

Date and time of your registration

You can also contact us using the email address provided. Your personal data transmitted with the email will be stored.

This data is used exclusively for the processing of communication as well as for organisational processing of events. Data processed for communication will not be passed on to third parties.

2. Lawfulness of processing

The lawfulness of processing personal data is established by the user's consent in this regard pursuant to Article 6(1) point (a) GDPR.

If the transmission of personal data takes place via email, Article 6(1) point (f) GDPR represents the necessary legal basis for the processing of the data. If the conclusion of a contract is also intended with this establishment of contact, Article 6(1) point (b) GDPR constitutes the necessary legal basis for the processing of this data.

3. Purpose of processing

We process personal data collected via the input mask exclusively in order to establish contact. Contacting us by e-mail establishes the necessary legitimate interest to processing the transmitted data.

The other personal data processed during the sending process are used to prevent misuse of the contact form and to secure our IT system services.

4. Duration of storage

If data collection is no longer necessary to achieve the purpose, the data will be deleted. This is the case for personal data transmitted via the contact form and via e-mail, if the respective communication with you has finished. This is the case if circumstances indicate that the respective issues or questions have been clarified in a conclusive manner.

Any additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

5. Possibility of objection and elimination

You can revoke your consent to the processing of your personal data at any time. If you contact us by email, you can object to the storage of your personal data at any time. Please note that in this case further communication with you is no longer possible.

Both revocation and objection can be sent in writing to the following email address: ido.iurgel@hsrw.eu

Personal data stored for contact purposes will be completely deleted in this case.

VII. Rights of the data subject

If your personal data are processed, you are considered a data subject within the context of the GDPR. This entitles you to the rights below vis-à-vis the controller.

1. Right to information

You are entitled to request from the controller a confirmation of whether your personal information is being processed by us.

If this is the case, you can request from the controller information the following information:

Processing purposes;

The categories of personal data being processed;

The recipients or the categories of recipients to whom your personal data was disclosed or will be disclosed;

If possible the intended storage duration for your personal data or, if this is not possible, the criteria used to determine this storage duration;

The existence of a right to the rectification or erasure of your personal data, or to restrict the extent of processing by the controller, or to object to processing;

The existence of a right to lodge a complete with a supervisory authority;

If personal data are not collected from the data subject, all available information on the origin of the data;

The existence of automated individual decision-making including profiling pursuant to Article 22(1) and (4) GDPR and, in these cases at the least, informative data about the involved logic, extent and desired results of this kind of data processing for the data subject.

You may request information about the transmission of your personal information to non-EU countries or international organisations. If this is the case, you may request information on the appropriate guarantees in connection with the transmission of your data in accordance with Article 46 GDPR.

2. Right to rectification

You have the right to request the controller to rectify any inaccurate personal data concerning you. You can also request the completion of incomplete personal data – also by means of a supplementary declaration – taking into account the purposes of processing. The controller must make the desired correction without undue delay.

3. Right to erasure (“right to be forgotten”)

You have the right to request the controller to erase personal data concerning you without undue delay and the controller is obligated to erasure of this data without delay if one of the following reasons applies:

Your personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed.

You revoke your consent on which the processing is based according to point (a) of Article 6(1) (a) GDPR or point (a) of Article 9(2) GDPR and where there is no other legal ground for processing.

You object to processing pursuant Article 21(1) GDPR and there are no overriding legitimate grounds for processing, or you object to processing pursuant to Article 21(2) GDPR.

Your personal data have been unlawfully processed.

Your personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

Your personal data have been collected in relation to the offer of information society services referred to in Article 8(1) GDPR.

Where the controller has made your personal data public and is obliged pursuant to Article 17(1) GDPR to erase your personal data, the controller, taking account of available technology and the cost of implementation, will take reasonable steps, including technical measures, to inform controllers which are processing your personal data that you as data subject have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

The right to erasure does not apply to the extent that processing is necessary:

for exercising the right of freedom of expression and information;

for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;

for reasons of public interest in the area of public health in accordance with points (h) and (i) of Article 9(2) GDPR as well as Article 9(3) GDPR;

for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) GDPR in so far as the right referred to above is likely to render impossible or seriously impair the achievement of the objectives of that processing; or

for the establishment, exercise or defence of legal claims.

4. Right to restriction of processing

You have the right to obtain from the controller restriction of processing where one of the following applies:

the accuracy of your personal data is contested by you, for a period enabling the controller to verify the accuracy of your personal data;

the processing is unlawful and you oppose the erasure of your personal data and requests the restriction of their use instead;

the controller no longer needs your personal data for processing purposes, but they are required by you for the establishment, exercise or defence of legal claims;

you have objected to processing pursuant to Article 21(1) GDPR pending the verification whether the legitimate grounds of the controller override yours.

Where processing has been restricted, such personal data will, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest of the Union or of a Member State.

In so far as you have obtained restriction of processing pursuant to the aforementioned preconditions, you will be informed by the controller before the restriction of processing is lifted.

5. Notification obligations

In so far as you have asserted a claim to the controller for the aforementioned rights to rectification, erasure or restriction of processing, the controller will communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort.

You may request the names of these recipients from the controller.

6. Right to data portability

You have the right to receive your personal data, which you have provided to a controller, in a structured, commonly used and machine-readable format. You also have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where:

the processing is based on consent pursuant to point (a) of Article 6(1) GDPR or point (a) of Article 9(2) GDPR or on a contract pursuant to point (b) of Article 6(1) GDPR; and

the processing is carried out by automated means.

In exercising your right to data portability, you also have the right to have the personal data transmitted directly from one controller to another, where technically feasible.

Your right to data portability does not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Your right to data portability may not adversely affect the rights and freedoms of others.

7. Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data which is based on point (e) or (f) of Article 6(1) GDPR.

The controller will no longer process your personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

8. Right to revoke consent to the Privacy Policy

You have the right to revoke your consent to the provisions of this Privacy Policy at any time. Revocation of consent does not affect the lawfulness of processing carried out on the basis of consent in the period before revocation.

9. Right to lodge a complaint with the supervisory authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR.

The supervisory authority with which the complaint has been lodged will inform the complainant on the progress and the outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.

VIII. Current version and amendments to this Privacy Policy

This Privacy Policy is in force and was last updated in October 2019.