Privacy Policy

The OWL University of Applied Sciences and Arts takes the protection of personal data very seriously. Therefore, we have taken technical and organizational measures to ensure that data protection regulations are complied with. All web activities are conducted in accordance with applicable statutory regulations to protect personal data and to maintain data security. Our security measures are continuously revised in response to technological development. If you communicate with us via e-mail, however, we are not able to guarantee complete data security. We recommend that you contact us via regular mail when sending confidential information.

Section 1 Information on the collection of personal data

(1) In the following document, we will inform you how personal data is collected when you use our website. Personal data includes all data that can be used to personally identify you, such as your name, address, e-mail addresses, and user behavior.

(2) The controller in accordance with Art. 4 para. 7 of the General Data Protection Regulation (GDPR) is the OWL University of Applied Sciences and Arts, Campusallee 12, D-32657 Lemgo. You can contact our Data Protection Officer at our mailing address with the note “Data Protection Officer” or at datenschutz@th-owl.de.

(3) When you contact us via e-mail and/or using the contact form, we store the data you provide (your e-mail address, and your name and inquiry in some cases) for the purpose of answering your questions. We delete the data collected during this process once storage is no longer required, or we restrict the processing of such data if statutory retention periods apply. The legal basis for doing so is Art. 6 I (a) GDPR in conjunction with the Higher Education Act of the state of North Rhine Westphalia (HG NRW), since you consent to the aforementioned processing of your data when you submit an inquiry via e-mail. You have the right to revoke the consent you have granted at any time, without this affecting the legality of processing carried out on the basis of the consent. For your entitlements to deletion and to information, please see clause 2 below regarding the rights of data subjects.

Section 2 Your rights

(1) You have the following rights towards us with respect to your personal data:

• to request information regarding your personal data processed by us according to Art. 15 GDPR. In particular, you can request information on the purposes of processing, categories of personal information, categories of recipients to whom your data was or will be disclosed, planned storage terms, the existence of a right to correct, delete, restrict processing, or object to use of your data, the existence of a right to submit complaints, the origin of your data if we did not collect it, as well as regarding the use of automated decision-making processes and profiling, and any meaningful information on the details thereof;
• according to Art. 16 GDPR,you can request the prompt rectification of your personal data we have saved that is incorrect or incomplete;
• according to Art. 17 GDPR, you can request the deletion of your personal data we have saved, unless the processing is necessary to exercise the right of free expression and information, or fulfill a legal obligation, or unless processing is required in the public interest or to assert, exercise or defend against legal claims;
• according to Art. 18 GDPR, you can request the restriction of processing for your personal data, insofar as you dispute the correctness of the data, or the data processing is illegal, but you object to its deletion and we no longer require the data, although you require the data to assert, exercise or defend against legal claims, or if you have objected to the processing according to Art. 21 GDPR;
• according to Art. 20 GDPR, you have the right to receive your personal data which you have provided to us in a structured, common, and machine-readable format or request its transmission to another controller;
• according to Art. 7 para. 3 GDPR, you have the right to revoke any consent you have granted to us at any time. If you do so, we will no longer be able to carry out data processing based on this consent in the future.

(2) If your personal data is processed based on legitimate interests according to Art. 6 para. 1 clause 1 lit. f GDPR, you have the right, according to Art. 21 GDPR, to submit objections to the processing of your personal data if there are reasons for doing so based on your specific situation, or if you are objecting to direct advertisements. In the latter case, you have a general right to object and may exercise it without indicating any particular situation with us.

Please direct your inquiry / objection to datenschutz@th-owl.de or in writing to the following address:

Technische Hochschule OWL,
Campusallee 12,
D-32657 Lemgo.

(3) In addition, you have the right to lodge complaints with a data protection supervisory authority regarding the processing of your personal data.

This authority is:

State Officer for data protection and freedom of information
North Rhine Westphalia
PO Box 20 04
40213 Düsseldorf
Tel.: +49 211 38424 0
Fax: +49 211 38424 10
Email: poststelle@ldi.nrw.de

Section 3 Collection of personal data when you visit our website

(1) If you simply use our website for informational purposes, for instance if you do not register and do not transmit information to us in any other manner, we only collect the personal data your browser transmits to our server. If you want to view our website, we collect the following data. This data is required for technical purposes to display the website to you and ensure the stability and security of the website (the legal basis is Art. 6 para. 1 clause 1 lit. f GDPR):

• Pseudonymized IP address
• Date and time of the inquiry
• Content of the request (specific page)
• Access status/HTTP status code
• Quantity of data transmitted
• Website from which the request comes
• Browser
• Operating system and interface
• Language and version of browser software

(2) In some areas, our website offers the option of providing us with further personal data using forms and web-based services. You can request information and subscribe to newsletters using web forms. The user takes advantage of such services expressly on a voluntary basis. The specific data which will be collected and processed is indicated in the relevant forms or web services. Use of these additional options and the associated entry of personal data are exclusively on a voluntary basis. Data is processed only for the purpose indicated there. If data is transmission to third parties, this is done only based on a legal permission to do so, or explicitly legitimated by an informed consent.

(3) We use cookies on our website. These are small text files automatically created by your browser and saved on your device (laptop, tablet, smartphone, etc.) when you visit our website. Cookies do not harm your device, and do not contain any viruses, Trojan horses, or other malware.

(4) Cookies are used to save information associated with the specific device used. However, this does not mean we receive any direct knowledge of your identity through them. We use cookies firstly to make it more convenient for you to use our services: We use so-called session cookies to detect if you have already visited sub-pages of our website in the past. These are automatically deleted after you leave our website.

(5) We also use temporary cookies to optimize user-friendliness. These are saved on your device for a set period of time. If you visit our page once again to take advantage of our services, these cookies automatically detect you have visited in the past and recall your inputs and settings so you do not have to enter them once again.

(6) In addition, we use cookies to record and analyze statistical information on the use of our website and optimize our services for you (see clause 4). These cookies allow us to automatically detect that you have visited our website in the past when you visit once again. These cookies are automatically deleted after a defined time period.

(7) Data processed using the cookies is required in order to safeguard our legitimate interests and those of third parties according to Art. 6 para. 1 clause 1 lit. f GDPR.

(8) Most browsers accept cookies automatically. However, you can configure your browser settings so that no cookies are saved on your computer, or so that a notice always appears before a new cookie is created. If you deactivate all cookies, however, you will not be able to use all of the functions of our website.

Data is collected and saved on this website based on our legitimate interest in completing statistical analyses of user behavior for optimization and marketing purposes in accordance with Art. 6 para. 1 lit. f GDPR. To do so, we use the web analytics software Matomo (www.matomo.org), a service of the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, (“Matomo”). This data can be used to create and analyze pseudonymized usage profiles for the same purpose. Cookies may be used to create these profiles. Cookies are small text files saved locally in the visitor's web browser buffer memory. Cookies make it possible for us to recognize the web browser, among other purposes. Data collected using the Matomo technology (including your pseudonymized IP address) is processed on our servers.
The information in the pseudonymized user profile generated by the cookie is not used to personally identify visitors to this website, nor is it combined with any personal data of the pseudonymized user.

If you do not agree to the saving and analysis of data on your visit, you can object to data being saved and used at any time with the click of a mouse. If you do so, an opt-out cookie will be saved on your browser. Afterwards, Matomo will not collect any session data.

Please note that if you delete all of your cookies, the opt-out cookie will also be deleted, and you may need to reactivate it.

(1) We use the Google Adwords service to make users aware of our attractive services on external websites with the help of advertising materials (so-called Google Adwords). We can determine how successful the individual advertising measures are in relation to the data from the advertising campaigns. By doing so, we are pursuing our interest in showing advertisements to you that are of interest to you, making our website more interesting for you, and calculating advertising costs fairly.

(2) These advertisements are delivered by Google via so-called “ad servers.” To do so, we use ad server cookies which can be used to measure certain success parameters, like ad displays or user clicks. If you access our website through a Google ad, the Google Adwords stores a cookie on your PC. Generally, these cookies are no longer valid after 30 days and are not intended to personally identify you. Normally, the unique cookie ID, the number of ad impressions per placement (frequency), the last impression (relevant for post-view conversions) and opt-out information (marking that the user no longer wants to view the ad) are saved for this cookie as analytic variables.

(3) These cookies allow Google to recognize your web browser. If a user visits certain pages of the website of an Adwords customer and the cookie saved on their computer has not yet expired, Google and the customer can see that the user has clicked the ad and was forwarded to the page. A different cookie is assigned to each Adwords customer. This means that cookies cannot be tracked via the websites of Adwords customers. We do not collect and process any personal data ourselves in the course of these advertising measures. We simply receive statistical analyses from Google. We can use these analyses to determine which of the advertising measures we use are particularly effective. We do not receive any further data from using the advertisement, in particular, we are not able to identify users based on this information.

(4) Your browser automatically forms a direct connection to Google servers based on the marketing tools used. We have no influence over the scope and further use of the data collected by Google's use of this tool, and therefore are providing you with information based on our own level of knowledge. Because we have integrated AdWords Conversion, Google is informed that you accessed the specific part of our website or clicked one of our ads. If you are registered with a Google service, Google can associate the visit with your account. Even if you are not registered with Google or not logged in, it is possible that the provider may learn and store your IP address.

(5) You can prevent being involved in this tracking process in different ways: a) by changing the settings of your browser software accordingly; in particular, suppressing third-party cookies will prevent you from seeing any ads from third-party providers; b) by deactivating cookies for conversion tracking through changing your browser settings so that cookies from the domain “www.googleadservices.com” are blocked, www.google.de/settings/ads, whereby this setting will be deleted when you delete your cookies; c) by deactivating interest-based advertisements from providers that are part of the self-regulation campaign (About Ads” using the link www.aboutads.info/choices, whereby this setting will be deleted when you delete your cookies; d) by permanent deactivation in your browser, including Firefox, Internet Explorer, or Google Chrome using the link www.google.com/settings/ads/plugin. Please note that you may not be able to use all functions of this website if you do so.

(6) Art. 6 para. 1 clause 1 lit. f) GDPR serves as the legal basis for processing your data. Further information on data protection at Google is available here. www.google.com/intl/de/policies/privacy and services.google.com/sitestats/de.html. Alternatively, you can visit the website of the Network Advertising Initiative (NAI) at www.networkadvertising.org.

Videos from third-party providers are integrated into this website via the video portal “YouTube,” of YouTube LLC, headquartered at 901 Cherry Avenue, San Bruno, CA 94066, USA. When you click a video and use YouTube, your data can be processed directly by “YouTube.” If you are logged into your user account at “Google/YouTube” at the same time when accessing the video, then YouTube can track the sub-page of our website from which the video was accessed. If you would like to prevent this data from being collected, please log out of YouTube before visiting our website or accessing the video. Further details are provided in the Terms of Use of “YouTube,” as well as the “Google” Data Privacy Policy, since “YouTube” is a “Google” company.

The legal basis is Art. 6 I (f) GDPR. We have a legitimate interest because we provide you with informative added value regarding our work as well as information of interest to you by embedding the videos. We do not store any of your data during this process. If you would like to prevent all data collection by Google, you should not access the videos. Embedding the videos and making them available for access is not considered a violation of your basic freedoms.

Section 6 Use of social media (Facebook, Twitter, Instagram)

The website of the OWL University of Applied Sciences and Arts does not directly integrate social media plug-ins (such as Like buttons) from the social networks Facebook, Twitter, or Instagram. This means that no data is transmitted to external social networks when you access the website. Only if you click icons/symbols/links to the social networks on the website of the University of Applied Sciences and access the linked pages will you leave the pages for which the OWL University of Applied Sciences and Arts is responsible. External websites are then accessed in accordance with the conditions of their respective providers / social networks.

Please note that user data may be processed outside of the European Union in this case. This may result in risks for the user, for instance because it may make it more difficult for users to enforce their rights.

For a detailed description of processing and your options for objection (opt-out), please see the following links to information from the providers.

Please note that the most effective way to assert any requests for information or user rights is against the providers themselves. Only the providers have access to the user's data and can take relevant measures directly or provide information. If you do require aid, however, you are welcome to contact us.

• Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), Facebook pages based on an agreement regarding joint processing of personal data – Data Privacy Declaration: www.facebook.com/about/privacy/, Opt out: www.facebook.com/settings?tab=ads and www.youronlinechoices.com,
• Google/ YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) – Data Privacy Declaration:  policies.google.com/privacy, Opt out: adssettings.google.com/authenticated,
• Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA) – Data Privacy Declaration/ Opt out: instagram.com/about/legal/privacy/
• Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA) – Data Privacy Declaration: twitter.com/de/privacy, Opt out: twitter.com/personalization

Section 7 Additional functions and services of our website

(1) In general, we do not provide personal data processed in conjunction with use of the website of the OWL University of Applied Sciences and Arts to third parties.

(2) In some cases, we use external service providers to process your data. We select and commission such providers carefully. They are bound to carry out our instructions, and undergo regular controlling. Data is provided on the basis of a contract in accordance with Art. 28 GDPR.

(3) Furthermore, we can transmit your personal data to third parties if this is necessary to carry out the educational mandate, to enforce our rights under the regulations of the Criminal Procedure Code (StPO), or to assert claims for damages in case of copyright violations or to clarify illegal activity, as well as to provide consultation and support to our students.

Section 8 Data security

When you visit our website, we use the popular SSL protocol (Secure Socket Layer) on our website in conjunction with the highest level of encryption supported by your browser. Typically, this is 256 bit encryption. If your browser does not support 256 bit encryption, we instead use 128 bit v3 technology. You can tell whether individual pages of our website are transmitted in an encrypted manner because you will see the image of a key or lock symbol in your browser's bottom status bar.

Furthermore, we use suitable technical or organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, and against unauthorized access by third parties. Our security measures are continuously revised in response to technological development.

Section 9 Amendments to the data privacy declaration

We reserve the right to update the data privacy declaration from time to time, in particular to integrate any changes to the case law or statutory regulations. Therefore, we recommend that you visit this website regularly to stay informed about the protection and processing of your data.