Privacy policy

I. General preliminary remarks

Thank you for visiting our website and for your interest in QualidataNet. In doing so, we respect your privacy and ensure the protection of your personal data by processing your personal data in accordance with the content of this Privacy Policy and the applicable data protection laws. You can visit our website without telling us who you are. In order to display our website, you are only required to provide the data transmitted by your browser to our server (see ‚Log files‘). Further personal data from you will only be stored if you voluntarily enter it on the website or use the corresponding functions, e.g. when entering data via our contact forms.

II. Responsibility and competencies

No liability is assumed for the operation, accuracy and timeliness of the information. The Center for Networks (ZfN) at the University of Bremen is responsible for the operation of the server. The respective editors are responsible for the organization in the individual faculties. The Rectorate has general responsibility for the content and decides on the admissibility of the data in cases of doubt. Otherwise, the departments, units, faculties and institutions of the university are responsible for the content presented.

Name and address of the person responsible:

University of Bremen
Rector Prof. Dr. Jutta Günther
Bibliothekstrasse 1-3
28359 Bremen, Germany
Phone: +49 421 218-1

Name and address of the data protection officer:

University of Bremen
Katja Losch-Kremer
Department 06
Bibliothekstrasse 1-3
28359 Bremen, Germany
Phone: +49 421 218-60211
Fax: +49 421 218-60210

III. General information on data processing

(1) The University of Bremen takes the protection of personal data very seriously. We process personal data that is collected when you visit our website in compliance with the applicable data protection regulations. In particular, the EU General Data Protection Regulation (GDPR), the Bremen Implementation Act to the EU General Data Protection Regulation (BremDSGVOAG) as well as the Bremen Higher Education Act (§ 11 BremHG) and the Telecommunications and Telemedia Data Protection Act (TTDSG) apply.

(2) We only process the personal data of our users insofar as this is necessary to provide a functional website and our content and services. The processing of personal data of our users only takes place regularly with the consent of the user. An exception applies in cases where prior consent is not possible for factual reasons and the processing of the data is permitted by law. Any use of your personal data will only take place for the stated purposes and to the extent necessary to achieve these purposes.

(3) Your data will neither be published by us nor passed on to third parties without authorization. However, we would like to point out that we are entitled to provide information about data in individual cases by order of the competent authorities, insofar as this is necessary for the purposes of criminal prosecution, to avert danger by the police authorities of the federal states, to fulfill the legal tasks of the federal and state constitutional protection authorities, the Federal Intelligence Service (legal basis Art. 6 para. 1 subpara. 1 lit. c GDPR).

In the following, we inform you about the type, scope and purpose of the collection and use of personal data.

1. Data collection and processing when accessing from the Internet

The following data is collected:

The IP address of the requesting computer
Date and time of access
Access method/function requested by the requesting computer
Name and URL of the retrieved file
Amount of data transferred
Access status of the web server (file transferred, file not found, command not executed, etc.)
URL from which the access was made

The collection of data for the provision of the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.

2. Cookies

We use cookies on our websites, which are necessary for the use of the websites.

Cookies are small text files that can be stored and read on your end device. A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session.

We do not use these necessary cookies for analysis, tracking or advertising purposes.

Some of these cookies only contain information on certain settings and are not personally identifiable. They may also be necessary to enable user guidance, security and implementation of the site.

We use these cookies on the basis of our legitimate interest in accordance with Art. 6 para. 1 subpara. 1 lit. f GDPR.

You can set your browser to inform you about the placement of cookies. You can also delete them at any time via the corresponding browser setting and prevent the setting of new cookies. Please note that our websites may then not be displayed in full and some functions may no longer be technically available.

3. Data security

(1) Our technical and organizational security measures, with which we protect all data from unauthorized access, are always kept up to date. Insofar as your data is collected and recorded by us, it is stored on specially protected servers. These are protected by technical and organizational measures against loss, destruction, access, modification or dissemination by unauthorized persons. Access to your data is only possible for a few authorized persons. All our employees are obliged to maintain confidentiality. Personal information is always transmitted in encrypted form. The transmitted data is stored in log files and a database that is only accessible to administrators. In the case of the contact form, the data is also forwarded by e-mail within the University of Bremen.

(2) We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) may be subject to security vulnerabilities. Complete protection of data against access by third parties is not possible.

4. Links to websites of other providers

Our Internet pages contain links (references) to external third-party websites. Our website may also contain links to external social networks; however, no plug-ins of these networks are used. These websites are subject to the liability of the respective operators. Therefore, we cannot accept any liability for this external content. At the time the links were included, there was no illegal content on the respective pages. However, we have no influence on the current and future design and content of the linked pages. We cannot reasonably be expected to permanently monitor these third-party sites. Should we become aware of an infringement, we will remove the link immediately. When you leave this website, we recommend that you first read the privacy policy of each website carefully.

5. Contact form

You have the option of contacting us via our contact form. To use our contact form, we first need the data marked as mandatory fields.

We use this data on the basis of Art. 6 para. 1 subpara. 1 lit. f GDPR to answer your request.

Your data will only be processed to answer your request. We will delete your data if it is no longer required and there are no legal obligations to retain it.

With regard to processing in accordance with Art. 6 para. 1 subpara. 1 lit. f GDPR, you have the right to object at any time. To do so, please contact the e-mail address provided in the legal notice.

6. TLS encryption

This site uses TLS encryption for security reasons and to protect the transmission of confidential content, such as the requests you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. If TLS encryption is activated, it is almost impossible for third parties to read the data you transmit to us.

IV. Rights of the data subject

If the University of Bremen processes your personal data, you have the following rights as a data subject within the meaning of the GDPR:

1. Right to information (Art. 15 GDPR)

You have the right to request confirmation as to whether personal data concerning you is being processed; if this is the case, you have a right to information about this personal data and to the information listed in detail in Art. 15 GDPR.

2. Right to rectification (Art. 16 GDPR)

You have the right to obtain without undue delay the rectification of inaccurate personal data concerning you and, where applicable, to have incomplete personal data completed.

3. Right to restriction of processing (Art. 18 GDPR)

You have the right to request the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g. if you have objected to the processing, for the duration of the examination by the controller.

4. Right to erasure (Art. 17 GDPR)

You have the right to demand that personal data concerning you be deleted immediately if one of the reasons listed in Art. 17 GDPR applies.

5. Right to information (Art. 19 GDPR)

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right vis-à-vis the controller to be informed about these recipients.

6. Right to data portability (Art. 20 GDPR)

In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transfer of this data to a third party.

7. Right to object (Art. 21 GDPR)

If data is collected on the basis of Art. 6 para. 1 subpara. 1 lit. f GDPR (data processing to protect legitimate interests) or on the basis of Art. 6 para. 1 subpara. 1 lit. e GDPR (data processing to protect the public interest or in the exercise of official authority), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

8. Right to withdraw consent under data protection law (Art. 7 para. 3 GDPR)

If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 para. 3 GDPR. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.

You can contact us at the above addresses for this and other questions on the subject of personal data.

9. Automated decision-making in individual cases, including profiling (Art. 22 GDPR)

You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. This does not apply if the decision

(1) is necessary for the conclusion or performance of a contract between you and the controller

(2) is authorized by union or member state law to which the controller is subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests; or

(3) with your express consent.

However, these decisions may not be based on special categories of personal data pursuant to Art. 9 (1) GDPR, unless Art. 9 (2) (a) or (g) GDPR applies and appropriate measures have been taken to protect the rights and freedoms as well as your legitimate interests. With regard to the cases referred to in (1) and (3), the data controller shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express your point of view and to contest the decision.

10. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)

In accordance with Art. 77 GDPR, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the processing of data concerning you violates data protection regulations. The right to lodge a complaint can be asserted in particular with a supervisory authority in the member state of your habitual residence, place of work or place of the alleged infringement.

11. Assertion of your rights

Unless otherwise described above, please contact the office named in the legal notice to assert your rights as a data subject.

V. Validity and up-to-dateness of the privacy policy (as of December 2023)

By using our website, you consent to the use of data as described above. This data protection declaration is immediately valid and replaces all previous declarations. This statement will be updated as necessary in order to adapt it to the content of the website and to legal changes in general.