Data protection and privacy

Privacy

Privacy notice in accordance with Article 12 of the EU General Data Protection Regulation (GDPR)
of Bingen Technical University of Applied Sciences (TH Bingen), public corporation and state institution. This privacy notice also applies to TH Bingen’s subdomain http://mintplus.th-bingen.de (in German only).

(1) TH Bingen takes the safeguarding of your fundamental rights and your personal data very seriously. It goes without saying that your personal data will always be collected, processed, and stored in compliance with the statutory data protection regulations. The procedures are based on the EU General Data Protection Regulation, the State Data Protection Act of Rhineland-Palatinate (LDSG), Section 5 of the German Telemedia Act (TMG), and the German Act on Copyright and Related Rights (KunstUrhG). Please take the time to familiarise yourself with the information in this privacy notice.

(2) To assure the protection of data, Bingen Technical University of Applied Sciences has a data controller and a data protection officer.

a) The data controller is the president of Bingen Technical University of Applied Sciences.

Contact details: Bingen Technical University of Applied Sciences
The President
Berlinstr. 109
55411 Bingen am Rhein
Phone: +49 6721 409-402
Fax: +49 6721 409-100
Email: praesidentin[at]th-bingen.de

b) The data protection officer performs the functions and tasks as defined in Sections 37–39 LDSG.

Contact details: Bingen Technical University of Applied Sciences
Data protection officer
Berlinstr. 109
55411 Bingen am Rhein
Phone: +49 6721 409-540
Email: datenschutz[at]th-bingen.de

c) The university’s transparency officer and hence the designated point of information as set out in Section 9(2) of the State Transparency Act (LTranspG).

Bingen Technical University of Applied Sciences

Berlinstr. 109

55411 Bingen am Rhein

Email: transparenz[at]th-bingen.de

(3) Collection and processing of personal data

You can use the online services of TH Bingen without disclosing your identity. If we request personal data (such as name, address, or email address) on the website, for example in the context of contact forms or during login/registration, you provide such data voluntarily. By voluntarily providing this data, you consent to the data being used by TH Bingen. You can revoke your consent at any time.
This information is used for our own organisational purposes (such as sending you the requested materials/information).

Once you have given your consent, for example for the purpose of receiving a newsletter or other interesting information from our university, you can revoke it at any time with effect for the future without giving any reason. To do this, you can contact one of those responsible mentioned under (2) or use another channel specified in the newsletter.

When you use the contact form on the TH Bingen homepage, various types of data are processed. The scope of the data also depends on the data you provide in the contact form. The following personal data will be processed:

User details: Name, email address.
Subject: here you can choose between “Personal counselling” and “Admission and selection procedure, withdrawal, and re-enrolment”.
Further information on the subject of the individual user’s request on a voluntary basis
Metadata: such as date, time.

The period for deletion of the data expires on completion of the request. The data are not stored. If you select “Personal counselling”, the data will be sent to TH Bingen’s Student Advisory and Counselling Centre (zsb[at]th-bingen.de). If you select “Admission and selection procedure, withdrawal, and re-enrolment”, the data will be sent to the Student Office (studierendensekretariat[at]th-bingen.de). The data are stored in the email system and are subject to the relevant retention and deletion periods.

If you have any questions at all, please contact us via the persons responsible listed under (2).

(3.1) Collection and processing of personal data on the intranet (job portal/accommodation portal)

In order to use the job portal and accommodation portal, the advertiser must provide personal data.

The provider collects the following data in the job portal:

Email
Password
Company name
Street/house number; postcode/town
Additional address line (optional)
Name and phone number of contact
Contact email
Consent to the privacy notice

The provider collects the following data in the accommodation portal:

Email
Password
Name and phone number of contact
Contact email
Consent to the privacy notice

The collection of data is mandatory, because without passing on the data to interested parties, a job or offer of accommodation is not possible or cannot be arranged.

These data are requested solely for the purpose of verifying the content and enabling interested parties to contact the respective person regarding a flat or job offer. The collection of these data is therefore for a specific purpose. The adverts and associated data are only visible to students and staff on the intranet. By registering on the portal, the advertiser agrees to their name and contact details being displayed within the protected environment of the intranet. The data are only made available to students and staff and are not used by TH Bingen itself. This group of people can access the job and accommodation portal using the internal Shibboleth access procedure (3.2). For the accommodation portal, deletion can be carried out by the advertiser themselves or by contacting webmaster[at]th-bingen.de.

(3.2) Shibboleth access procedure

Staff and students can use the internal intranet services made available to them. To log in, you will be asked for your personal email address and password. The login data are stored for up to 10 calendar days.

This procedure was developed by:

Association to Promote a German Research and Education Network (DFN Verein e. V.)

Alexanderplatz 1, 10178 Berlin

Email: dfn@dfn.de, phone: +49 30 884299-0

The privacy notice can be viewed at: https://wayf.aai.dfn.de/datenschutz.html

(4) Cookies

Cookies are text files that are stored on your computer and enable the analysis of your use of the website. They automatically recognise you the next time you visit. You can prevent the installation of cookies by selecting the appropriate settings in your browser. However, this may mean that you will not be able to use all the services offered by TH Bingen to their full extent.

(5) Log data

Every time the website is accessed, logs are created and processed for statistical purposes, but the individual user remains anonymous:

Referrer (page whose link you used to reach this website)
Keywords (with search engines as referrer)
IP is used to determine the country of origin and the provider
Browser, operating system, installed plug-ins, and screen resolution
Time spent on the pages

We process the above listed data on the basis of our legitimate interest in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR for the following purposes:

to ensure a smooth connection to our website,
to ensure the user-friendliness of our website,
to fulfil our duty to provide information as a public institution,
to ensure the efficiency of our university communication,
to analyse system security and stability,
to ensure information security and
for other administrative purposes.

We reserve the right to check these data at a later date if we become aware of tangible evidence of unlawful use.

(6) Sharing data

Personal data will not be shared with third parties for commercial or non-commercial purposes without your express consent.

We only pass on your personal data to third parties if this is legally permissible (e.g. on the basis of Article 6 GDPR) and/or necessary. TH Bingen’s own data centre hosts the website. In some cases, we use service providers for the legally required processing of data; the website is maintained by LABOR - Agentur für moderne Kommunikation GmbH (Agency for Modern Communication). Full responsibility for the processing of data remains with TH Bingen. We also use plug-ins from other providers on our website; you can find more details below.

(7) Liability for own content

The content of these pages has been created with the utmost care. However, we cannot accept liability for the accuracy, completeness, and current validity of the content. As a service provider we are responsible under general law for our own content on these pages.

(8) Liability for links (content of external providers)

Our own content is to be distinguished from cross-references (links) to content provided by other providers. We have no influence on their content. The respective providers or operators of the websites alone are responsible for the information contained on the linked sites.

(9) Your right to revoke, amend, correct, and update

In this notice, we inform you that under the conditions defined in Article 15 et seq. GDPR, you have the right of access to relevant personal data, the right to rectification or erasure, or to restrict processing, or the right to object to processing, and the right to data portability. In accordance with Article 77 GDPR, you also have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates this regulation. If the processing of data is based on Article 6(1)(a) GDPR or Article 9(2)(a) GDPR (consent), you also have the right to withdraw your consent at any time without affecting the lawfulness of processing based on your consent prior to its withdrawal.

(10) Your right of access, Art. 15 GDPR

You have the right to request information as to whether and to what extent your personal data are processed (in particular the purpose of processing, recipients of the data, storage period, etc.).

(11) Your right to rectification, Art. 16 GDPR

You have the right to request the correction of data stored on you if they are incorrect or incomplete. This includes the right to completion by providing supplementary statements or communications.

(12) Your right to erasure, Art. 17 GDPR

You have the right to request the erasure of personal data if they are incorrect or incomplete. This is possible, for example, if the data are no longer required for the purposes for which they were collected or if the data has to be erased for compliance with legal obligations. However, this right may be excluded in individual cases.

(13) Your right to restriction of processing, Art. 18 GDPR

You have the right to have the processing of your personal data restricted. This is possible, for example, if your data have been recorded inaccurately or the data processing is unlawful. If processing is restricted, the data may only be processed in strictly limited cases.

(14) Your right to data portability, Art. 20 GDPR

You have the right to request that the data relating to you be handed over to you or to a person named by you in a commonly used electronic, machine-readable data format if you have provided these data yourself.

(15) Your right to object, Art. 21 GDPR

You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you with effect for the future, provided that the data processing is carried out to serve legitimate interests (cf. Art. 6 para. 1 lit. e), f) GDPR). In the event of your objection, we will check whether the legal requirements for processing your data are met and, if this is not the case, will refrain from any further processing of your data.

(16) Exercising the aforementioned rights

You can exercise the rights mentioned under Nos. 9–15 of this notice vis-à-vis the authorised bodies named in No. 2 of this notice. You can always exercise your rights by contacting TH Bingen in text form or in written form.

(17) Your right to lodge a complaint with the competent supervisory authority, Art. 77 GDPR

You have the right to contact the competent supervisory authority of the Union or the Member States at any time regarding any violations of data protection regulations.

(18) Your complaints office for data protection/competent supervisory authority

For the domain of the German Federal Data Protection Act (BDSG)
The Federal Commissioner for Data Protection and Freedom of Information
Husarenstr. 30
53117 Bonn

For the domain of the German State Data Protection Act (LDSG)
The State Commissioner for Data Protection and Freedom of Information in Rhineland-Palatinate
P.O. Box 30 40
55020 Mainz

As a public corporation, TH Bingen is under the jurisdiction of the State Data Protection Act of Rhineland-Palatinate.

(19) Changes to our privacy provisions

We reserve the right to adjust our privacy provisions occasionally so that they conform to current legislative requirements or to make amendments to our services in our privacy notice, for example when introducing new services. The new privacy policy will then apply to your next visit.

(20) Google Maps

The website offers the use of Google Maps for directions: Bingen Technical University of Applied Sciences (TH Bingen) Locations | TH Bingen (th-bingen.de). Data collected during use can be authorised or rejected via a cookie banner.

Google Maps is a service provided by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. These pages are marked accordingly. By using this service, you consent to the collection, processing, and use of the data collected and the data you enter by Google. The terms of use for Google Maps can be found at https://www.google.com/intl/en_en/help/terms_maps/ [external page].

(21) X (formerly Twitter)

For TH Bingen’s presence on X https://x.com/th_bingen (formerly twitter.com/th_bingen), there is a specific privacy notice. Please take the time to familiarise yourself immediately with our privacy notice when you visit this page.

(22) YouTube

Our website uses plug-ins from YouTube, which is operated by Google. The operator of the pages is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit one of our pages featuring a YouTube plug-in, a connection to the YouTube servers is established and the YouTube server is informed about which of our pages you visit. If you are logged into your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account. Further information on the handling of user data can be found in YouTube’s privacy policy at: https://policies.google.com/privacy?hl=en-GB [external page]

For TH Bingen’s presence on YouTube https://www.youtube.com/channel/UCSFzHgOKuPKm6ONIuDIkDHQ, there is a specific privacy notice. Please take the time to familiarise yourself immediately with our privacy notice when you visit this page.

(23) Facebook

For TH Bingen’s presence on Facebook https://www.facebook.com/hochschule.bingen, there is a specific privacy notice. Please take the time to familiarise yourself immediately with our privacy notice when you visit this page.

(24) Instagram

For TH Bingen’s presence on Instagram https://www.instagram.com/hochschule.bingen/?hl=de, there is a specific privacy notice. Please take the time to familiarise yourself immediately with our privacy notice when you visit this page.

(25) LinkedIn

For TH Bingen’s presence on LinkedInhttps://www.linkedin.com/school/th-bingen/, there is a specific privacy notice. Please take the time to familiarise yourself immediately with our privacy notice when you visit this page (#TH-Bingen #Biotechnologie Akademie RLP).

(26) Online application

Prospective students can apply online for a study place at TH Bingen here: https://incampo.th-bingen.de/qisserver/pages/cs/sys/portal/hisinoneStartPage.faces?page=Bewerber/-innen&noDBAction=y&init=y You can only apply after you have read and understood the specific privacy notice for online applications and provided your consent, which you can withdraw at any time. TH Bingen collects, stores, and processes your data during the enrolment process. After enrolment, the data will be retained for 10 full calendar years after completion of the degree programme. The data will then be deleted. If the application process is not completed or the applicant is not enrolled, the data will be deleted immediately. Please read the specific privacy notice as soon as you start the application process.

(27) Bite – application portal

Bingen Technical University of Applied Sciences publishes job vacancies in the Bite application portal. This allows applicants to submit their application electronically. By agreeing to our terms of use and submitting your completed online form, you, the applicant, agree that your data may be stored in accordance with the statutory provisions. Failure to do so will result in your online application not being processed and no data being entered in the portal.

Personal data: personal data are individual details about personal or factual circumstances of a specific or identifiable natural person. These include information such as your correct name, address, telephone number, and date of birth. You can also enter/upload certificates, biographical details, and documents in the Bite portal. The collection of data requires the applicant’s consent.

When you visit the Bite application portal, the following data are saved temporarily:

· the connection data of the requesting computer

· the TH Bingen web pages visited

· the date and duration of your visit

· the identification data of the browser and operating system type used

We use the collected personal data exclusively for processing your application. Your personal data will only be shared or otherwise transmitted as part of the application process and only to persons who are involved in the application process. These include

the hierarchical superiors (president, registrar)
the hiring supervisors
the Staff Council
the representative body for severely disabled employees
the Equal Opportunities Officer
the human resources department

After completion of the application process or if the application is withdrawn, all data will only be deleted completely after 6 calendar months. This is due to the need to wait in case of legal disputes with competitors.

(28) Microsoft Teams

We use the web conferencing service Microsoft Teams to hold online meetings. Microsoft Teams is a cloud-based service of the Microsoft Corporation.

The controller responsible for data processing in direct connection with the organisation of online meetings is the controller named in section (2) a). The Microsoft Corporation acts as a processor for us in this respect.

If you access the Microsoft website to participate in a Teams online meeting, the Microsoft Corporation is responsible for the processing of data on the website. However, it is only necessary to access the aforementioned website in order to download the software to use Microsoft Teams. If you do not want to or cannot use the Microsoft Teams app, you can also use Microsoft Teams via your browser. The service will then also be provided via the Microsoft Teams website.

Various types of data are processed when using Microsoft Teams. The scope of the data also depends on what data you provide before or while participating in an online meeting. The following personal data will be processed:

user details: e.g. display name, email address if applicable, profile picture (optional), preferred language
meeting metadata: e.g. date, time, meeting ID, telephone numbers, location
text, audio, and video data: you may have the option of using the chat function in an online meeting. This means that any text entries you make will be processed in order to display them in the online meeting. In order to enable the display of video and the playback of audio, the data from the microphone of your end device and from any video camera of the end device are processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time via the Microsoft Teams applications.

Any audio and video content of the participants will only be processed during the respective online meeting, unless a recording is made with the prior consent of all participants in order to make the online meeting available afterwards to students who were unable to attend the live event.

The chat content is logged when using Microsoft Teams.

Automated decision-making within the meaning of Art. 22 GDPR is not used.

The video session is not recorded

(29) BigBlueButton

We use the web conferencing service BigBlueButton to hold online consultations for prospective students. BigBlueButton is provided by the Rhineland-Palatinate state network for the universities and colleges of Rhineland-Palatinate.

The controller responsible for data processing in direct connection with the organisation of online consultations is the controller named in section (2) a).

When participating in a conference

It is possible to take part in a digital consultation with or without registering via bbb.rlp.net. All you need to know is the address of a conference and the corresponding password if necessary.

Anonymous use

The following data is collected when you participate in a conference anonymously:

the name you choose yourself (real name not required)
language

Anonymous user data are only valid for the duration of participation in a conference; they are not stored permanently.

Conference content

When you actively participate in a consultation, the data you create will be distributed via the servers of bbb.rlp.net to the organisers and usually also to all other participants of the conference. These include:

whatever you say
the images from a shared camera
presentations you upload
screen content you share

You may have the option of using the chat function in an online meeting. This means that any text entries you make will be processed in order to display them in the online meeting. In order to enable the display of video and the playback of audio, the data from the microphone of your end device and from any video camera of the end device are processed accordingly for the duration of the meeting. You can switch off or mute the camera or microphone yourself at any time.

The operators of bbb.rlp.net have no influence on whether personal data are transmitted in the process. It is the responsibility of the conference organisers and the participants to ensure privacy in a conference.

Recording of conferences

Digital consultations are not recorded or stored. The organisers of a conference for the purpose of digital consulting guarantee that no recordings will be made.

(30) Userlike chatbot: Privacy notice for homepage and inCampo

Userlike’s chatbot application is a text-based dialogue system with AI support that allows users to communicate with a technical system in natural language via text input and text output based on questions and answers (stored in what are called knowledge databases). TH Bingen uses the chatbot application in different process contexts. The aim is to enable user groups to ask questions about different process contexts outside normal working hours and thus contribute to the user-friendliness of systems and processes.

Personal data are only processed when using the chatbot application if enquiries are to be forwarded to the TH Bingen ticket system for further processing at the user’s express request. In this case, the user’s first name, last name, and email address are recorded and stored in the chatbot application. The chatbot application continues to store cookies on users’ end devices. Cookies are deleted after 30 days, chat histories automatically after 90 days. The resulting statistics are processed anonymously. The aforementioned data and the communication between the user and the ticket processor are stored and processed in TH Bingen’s ticket system.

4. Legal basis

Insofar as the above data processing is not based on the data subject’s consent, the legal basis for data processing is Section 3 of the Rhineland-Palatinate State Data Protection Act in conjunction with Art. 6 para. 1 sentence 1 lit. e GDPR.

Bingen Technical University of Applied Sciences, 17.8.2023

Professor Antje Krause

President