The Data Controller or person with overall responsibility for data protection as defined in the General Data Protection Regulation, in other data protection legislation that is valid in member-states of the European Union and in other provisions relating to the protection and privacy of personal data is:
Prof. Dr. Ed Brinksma
President of the TUHH
Hamburg University of Technology
Am Schwarzenberg-Campus 1
External Commisioner for Data Protection of the TUHH
University of Hamburg
Whenever you visit and use the TU Hamburg website the system automatically records data and information. This data and information is stored in server log files.
The data stored about every website access is as follows:
Date and time
Page previously visited
The legal basis for storing data and for log files is Art. 6 para. 1 lit. f GDPR.
Temporary storage of the IP address by the system is necessary to enable provision of the website to the user’s computer. That requires the user’s IP address to be stored for the duration of the session.
Storage in log files is undertaken to ensure the functionality of the website, to optimize the content of the website and to guarantee the security of our IT systems.
Data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of data collection to provide the website this is the case once the session is over.
In the case of data storage in log files this is the case after seven days at the latest. Further storage is possible, but in that case the users’ IP addresses are deleted or altered so that identification of the calling client is no longer possible.
You have the right to information free of charge about your personal data that we store and to the correction, deletion or limitation of processing of the data we have collected.
You have the right for reasons arising from your specific situation to file at any time an objection to the processing of your personal data on the basis of Art. 6 para. 1 lit. e or f GDPR; this also applies to profiling based on these provisions.
You have the right to revoke your data protection declaration of consent at any time. Revocation of your consent does not affect the legality of processing undertaken prior to your revocation.
Regardless of any other administrative law or judicial redress procedure you have the right of appeal to a supervisory authority if you are of the opinion that processing of your personal data is in breach of the GDPR.