Data protection is important to us and it is our legal obligation. In order to protect the security of your data during transmission, we use appropriate encryption methods in line with the latest technology (e.g. SSL/TLS) and secure technical systems.
University of Passau
Public body pursuant to Art. 11 sec. 1 Bavarian Higher Education Act (BayHSchG)
The University of Passau is legally represented by its President, Professor Carola Jungwirth, Chairperson of the University Executive.
University of Passau
Phone: +49 851 5090
Fax: +49 851 509 1005
Contact details of the appointed official Data Protection Officer
Phone: +49 851 509 1107
Purposes of and legal bases for processing
Pursuant to Art. 2 sec. 6 Bavarian Higher Education Act (BayHSchG) and Art. 4 sec. 1 items 1 and 2 of the Bavarian E-Government Act (BayEGovG), we offer our services and administrative services, as well as information for the general public about our activities, on our website.
Our use of social media is part of our PR work. We aim to provide information according to specific target groups and to discuss our activities with you, in accordance with Art. 2 sec. 6 Bavarian Higher Education Act (BayHSchG). We permit rapid electronic contact and direct communication using the media of your choice pursuant to § 5 sec. 1 no. 2 TMG (German Telemedia Act).
We shall transmit content, articles or requests that violate third-party rights or constitute a criminal offence or misdemeanour and that are in breach of statutory or contractual obligations to the competent authorities or the relevant social media service, and shall block or delete them.
Administration and editing
For administration and editing purposes, function identifiers and personal identifiers with access protection mechanisms are generated and changes made with these identifiers are logged.
When you visit this website or other websites, your browser transmits data to our server. While a connection is established, the following data is recorded for communication between your browser and our server:
- full IP address of the requesting computer
- date and time of the request
- address of the requested item
- access status (e.g. file transmitted, file not found)
- volume of data transmitted
- address from which the item was requested
- browser used
Where you communicate your request or opinion to us by e-mail, post, phone, fax or social media, the details provided will be processed for the purpose of handling your request, for any follow-up questions and for exchanging opinions. We always use the same communication channel, unless you request otherwise.
Recipients or categories of recipients of the personal data
Our IT service providers may also receive your personal data within the context of order processing contracts concluded by us. In order to guarantee the security of our data processing systems, we shall, however, not disclose our service providers.
Transfers of personal data to third countries or international organisations
In accordance with CJEU ruling C210/16 we have a shared responsibility with the relevant social media service to ensure compliance with data protection laws with regard to our social media presence. In our view, this ruling also has an effect on the new General Data Protection Regulation.
The use of our social media profiles is also governed by the provisions of:
- Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
Facebook's data use policy
- Xing SE, Dammtorstraße 30, 20354 Hamburg, Germany
- Linkedin, Unlimited Company Wilton Place, Dublin 2, Ireland
In our social media profiles we create non-exclusive content and are able to view the posts and interactions of the community. Any content, posts and enquiries that infringe upon the rights of others, constitute a regulatory or criminal offence or are in breach of legal or contractual obligations will be reported to the competent authorities and/or the social media service concerned. In addition, they will be blocked or deleted. We forgo the use of statistics on views of content, posts and interactions and deactivate them as far as possible. We do not process these data.
Legal basis: Your consent, art. 6 (1) lit. a GDPR and art. 2 (6) BayHSchG, art. 4 (1) clauses 1 and 2 BayEGovG, § 5 sec. 1 clause 2 TMG.
Data recipients and international data transfers
Our social media services or their controlling owners are certified under the EU-US Privacy Shield programme and listed for viewing by all members of the general public, thus creating a legally appropriate level of protection for personal data:
Data retention period
We will check in biennial intervals whether any social media posts and non-public messages you have sent to us still need to be retained to answer any follow-up questions. If it is found that there is no need for further retention, processing of your data will be restricted and your data will be preserved in accordance with the relevant archives acts and related federal and state laws.
If your communication via a social media service was public or open to segments of the general public, you have the option of deciding directly on the duration for which it is open to the public; alternatively, you may put a request for deletion of the relevant communication to us. We will delete the communication, in accordance with the provisions of the relevant archives acts and related federal and state laws, insofar as it falls within our area of responsibility. If, after deletion, we still have copies of your data, processing of these will be restricted and they will be preserved in accordance with the retention requirements under the relevant archives acts and related federal and state laws.
Storage period of the personal data
Log files containing personal data are kept for seven days at the most and are then deleted.
The log-in cookie is deleted once the session has ended.
Rights of the data subject
Pursuant to the General Data Protection Regulation (GDPR), you have the following rights:
Where your personal data is processed, you have the right of access to the data stored under your name (Art. 15 GDPR).
Where incorrect personal data is processed, you have the right to rectification (Art. 16 GDPR).
Where statutory requirements are met, you may obtain erasure or restriction of processing and object to the processing (Art. 17, Art. 18, Art. 21 GDPR).
If you have given your consent to data processing or a contract for data processing exists and the processing is carried out by automated means, you also have the right to withdraw your consent with effect for the future (Art. 7 sec. 3 GDPR) and the right to data portability (Art. 20 GDPR).
Should you choose to exercise any of the above rights, the public authority shall check if the statutory requirements for this have been met.
You also have the right to lodge a complaint with the Bavarian state official for data protection (Bayerischer Landesbeauftragter für den Datenschutz).
Post box address:
Postfach 22 12 19
Phone: +49 89 212 6720
Fax: +49 89 212 67250
Technical option for objecting to Matomo web statistics
Our website uses Matomo (formerly PIWIK). The user information collected is transmitted to our Matomo installation and stored there. Your IP address is anonymised in this process. The stored data are not disclosed to third parties. If you do not wish your data to be stored and evaluated, you can prevent your data from being stored at any time with a click of the mouse. In that case, a so-called opt-out cookie is installed on your browser. No further information is then transmitted to our Matomo installation.
Please note: If you delete your cookies, the opt-out cookie is also deleted and you may have to re-enable it.
Other information about our Privacy Statement