- Scope of application
Stiftung öffentlichen Rechts
Represented by the Management Board
(hereinafter referred to as the “UMG”)
within the framework of the website provided at http://cuop-umg.de (hereinafter referred to as the “Website”).
The legal basis of the data protection can be found in the General Data Protection Regulation (GDPR), in the German Federal Data Protection Act (Bundesdatenschutzgesetz – BDSG), the Lower Saxony Data Protection Act (Niedersächsisches Datenschutzgesetz – NdsDSG) and the German Telemedia Act (Telemediengesetz – TMG). The UMG agrees to comply with the applicable laws, particularly when processing personal data.
The data protection officers of the UMG can be reached using the following details:
Tel: +49 (0)551 39-22762
The supervisory authority responsible for the UMG in terms of data privacy is the following:
Die Landesbeauftragte für den Datenschutz Niedersachsen
Tel: +49 (0511) 120 45 00
Fax: +49 (0511) 120 45 99
- Handling of personal data
Personal data means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (Art. 4 GDPR).
The law relates to the processing of personal data:
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction (Art. 4 GDPR).
Personal data is only processed by the UMG when legally permitted, or if the user agrees to the processing (see Art. 6 GDPR).
2.1 Processing when visiting the Website
Limited to the duration of your visit, we place so-called session cookies on the user access device (PC, smart phone etc.), enabling specific information to be stored about that device, for instance. Your computer can therefore be recognised when you return to our Website. As so-called transient cookies, session cookies are automatically deleted when you close the browser or log out.
Cookies cannot cause any damage to your computer. They pose no risk to security in the sense of viruses or spying on your computer.
Many online advertisement cookies from companies can be blocked via
the US website http://www.aboutads.info/choices/ or
the EU site http://www.youronlinechoices.com/uk/your-ad-choices/.
If you are merely using the Website for information, in other words if you do not register or otherwise provide us with information, we will only gather the personal data that your browser sends to our servers. If you wish to view our Website, we will collect the following information which is technically required for us to show you our Website and guarantee its stability and security (the legal basis is Art. 6[f] GDPR):
- Page title of the page accessed
- Date and time of the request
- URL (address) of the site accessed
- Previous URL (address) of the page accessed
- Operating system of the user
The processing of the log files and use of the cookies takes place exclusively for statistical purposes, in particular to improve our own Website.
2.2 Processing in the case of contact via email
If personal data (e.g. name, address and email address) is collected via email queries, this always takes place on a voluntary basis. We would like to point out that personal data which is provided to us via email as part of initial queries will be processed by means of memory technology. However, this process is exclusively for the purpose of handling queries.
Please note in this regard that communication via email may pose security risks. In particular, manipulation of electronic documents by third parties cannot be completely excluded. In addition, it may be possible for well-versed experts in this matter to view or change emails en route. If you do not wish to accept the risks associated with email use, you should select another method of communication.
Additional personal data will only be processed if you have provided it yourself in the email, for example if this is for the purpose of concluding non-disclosure agreements or other contracts.
Your data will only be passed on to third parties if this is necessary for the purpose intended with your query (e.g. the processing of personal data to fulfil a contract [see Art. 6(1b) GDPR] or for fulfilment of legal obligations [see Art. 6(1c) GDPR), or if vital interests of the data subject make this necessary [see Art. 6(1d) GDPR]).
- Right to information: erasure and blocking
Upon request, you have the statutory right to receive information from the responsible person named in the legal notice, in accordance with GDPR and the BDSG.
Namely, you have the following rights regarding your personal data:
- Right to information (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to objection to processing (Art. 21 GDPR)
The erasure or blockage of your stored personal data will take place in accordance with the statutory provisions.
In accordance with Art. 77 GDPR, you also have the right to lodge a complaint with a data privacy supervisory authority (e.g. with the data privacy supervisory authority responsible for the UMG, as listed above under point 1).
Version: August 2018