Data protection

Data protection is an important concern for Coburg University of Applied Sciences. We therefore also attach great importance to data-saving and citizen-friendly data processing in the processing of personal data associated with the fulfillment of our tasks.
This data protection declaration also refers to the processing of personal data and information within the meaning of § 25 TDDDG within the framework of this website, including the services offered there.

The controller within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is:

Coburg University of Applied Sciences
Friedrich-Streib-Straße 2
96450 Coburg

Phone: +49 9561 317 0
Email: poststelle@hs-coburg.de

Please contact our data protection officer directly with all questions relating to data protection and data security:

Data Protection Officer of the Coburg University of Applied Sciences

Friedrich-Streib-Straße 2
96450 Coburg
T. +49 9561-317443
F. +49 9561-317109
E-mail: datenschutz@hs-coburg.de

The purpose of the processing is to fulfill the public tasks assigned to us by the legislator.
Unless otherwise stated, the legal basis for the processing of your data results from Art. 4 para. 1 of the Bavarian Data Protection Act (BayDSG) in conjunction with Art. 6 para. 1 lit. e of the General Data Protection Regulation (GDPR). Accordingly, we are permitted to process the data required to fulfill a task incumbent upon us. Insofar as you have consented to processing, the data processing is based on Art. 6 para. 1 letter a GDPR.

The technical operation of our data processing systems is carried out by

Verein zur Förderung eines Deutschen Forschungsnetzes e.V.
Alexanderplatz 1, 10178 Berlin
Germany

If necessary, your data will be transmitted to the responsible supervisory and auditing authorities to exercise the respective control rights.
To avert threats to information technology security, log data may be forwarded to the State Office for Information Technology Security on the basis of Art. 44 BayDiG-E (for more details, see "Logging").

Your data will only be stored for as long as is necessary for the fulfillment of tasks, taking into account statutory retention periods.

If we process your personal data, you have the following rights as a data subject:

– You can request information as to whether we process your personal data. If this is the case, you have a right to information about this data and to further information related to the processing (Art. 15 GDPR). Please note that this right to information may be restricted or excluded in certain cases (see in particular Art. 10 of the Bavarian Data Protection Act – BayDSG).
– If incorrect personal data is processed, you have the right to rectification (Art. 16 GDPR).
– If the legal requirements are met, you can request the erasure or restriction of processing (Art. 17 and 18 GDPR). However, the right to erasure pursuant to Art. 17 para. 1 and 2 GDPR does not apply if the processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority (Art. 17 para. 3 lit. b GDPR)
– If you have consented to the processing and the processing is based on this consent, you can revoke your consent at any time for the future. This does not affect the lawfulness of data processing based on consent before its withdrawal.
DSB – Status 12.03.2026
– You have the right to object to the processing of your data at any time for reasons arising from your particular situation (Art. 21 GDPR). If the legal requirements are met, we will then no longer process your personal data.

Further restrictions, modifications and, where applicable, exclusions of the aforementioned rights may result from the General Data Protection Regulation or national legislation. You can also obtain more detailed information on these rights from our data protection officer.

You also have the right to lodge a complaint with the Bavarian State Commissioner for Data Protection. You can reach him at the following contact details:
Postal address: Postfach 22 12 19, 80502 Munich
Address: Wagmüllerstraße 18, 80538 Munich
Telephone: 089 212672-0
Fax: 089 212672-50

Online registration: https://www.datenschutz-bayern.de/service/complaint.html

When you access this or other Internet pages, you transmit data to our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your Internet browser and our web server:

– Date and time of the request
– Name of the requested file
– Page from which the file was requested
– Access status (file transferred, file not found, etc.)
– Web browser and operating system used
– Complete IP address of the requesting computer
– Amount of data transferred.

We store this data for reasons of technical security, in particular to defend against attempted attacks on our web server. After seven days at the latest, the data is anonymized by shortening the IP address at domain level, so that it is no longer possible to establish a reference to individual users.
To prevent threats to information technology security, this data is forwarded to the State Office for Information Technology Security on the basis of Art. 44 BayDiG-E.

By accessing this information service, we offer a connection encrypted with HTTPS and Perfect Forward Secrecy, which is secured with at least the TLS 1.2 encryption protocol, so that your data is protected from being read by third parties during data transmission. We recommend that you keep your internet browser up to date to use this option.

We use cookies to ensure the correct technical and functional provision of this information service. Cookies are small text files that are stored on the device you are using.

The legal basis for the storage of information and the processing of personal data by means of technically necessary cookies is § 25 para. 2 TDDDG and Art. 6 para. 1 lit. e GDPR in conjunction with Art. 4 BayDSG. Art. 4 BayDSG
Technically necessary cookies are only valid for the current session and are automatically deleted as soon as you close your browser.
The use of functional cookies is voluntary. If these cookies are blocked, the provision of certain functions may not be fully possible.

The legal basis for the use of technically unnecessary cookies is the user's consent in accordance with Section 25 (1) TDDDG in conjunction with Art. 6 para. 1 lit. a GDPR
When you access this website, cookies (small files) are stored on your device.

These have a validity of:

Alternatively, you can contact us via the e-mail address provided. In this case, your personal data transmitted with the e-mail will be stored. No data will be passed on to third parties in this context.
The data will be used exclusively for processing the conversation.

The legal basis for the processing of your personal data transmitted in the course of sending an e-mail is Art. 6 para. 1 lit. e GDPR in conjunction with Art. 4 BayDSG. Art. 4 BayDSG. If the purpose of contacting us by e-mail is to conclude a contract, the additional legal basis for processing is Art. 6 para. 1 lit. b GDPR.

The other personal data processed during the sending process is used to prevent misuse of the contact form and to ensure the security of our information technology systems.

Your personal data will be deleted as soon as it is no longer required for the purpose for which it was collected. For personal data sent by email, this is the case when the respective conversation with you has ended. The conversation is ended when it can be inferred from the circumstances that the matter in question has been conclusively clarified.
The additional personal data collected during the sending process will be deleted after a period of seven days at the latest.

You have the option at any time to object to the processing of your personal data in the context of contacting us by e-mail for the future. In such a case, the conversation between you and us cannot be continued. All personal data stored in the course of contacting us will be deleted in this case.

Information that you send to us unencrypted by electronic mail (e-mail) may be read by third parties during transmission. As a rule, we are also unable to verify your identity and do not know who is behind an e-mail address. Legally secure communication by simple e-mail is therefore not guaranteed. Like many e-mail providers, we use filters against unwanted advertising ("SPAM filters"), which in rare cases automatically classify normal e-mails as unwanted advertising and delete them. E-mails that contain harmful programs ("viruses") are automatically deleted by us in any case.
If you have concerns about the transmission of personal data or other sensitive data, please agree suitable encryption with the recipient (our employees) before transmission, or use letter post.

Active components such as Javascript, Java applets or Active-X controls are used in the information provided. You can disable this function by changing the settings in your Internet browser.

When you apply for advertised positions at our university, we process your application data exclusively for this purpose. Further information on data processing and the legal basis can be found here: https://www.hs-coburg.de/wp-content/uploads/2025/03/2025-03-24-Datenschutzhinweise-BITE.pdf.
When you apply for a study place, we process your application data exclusively for this purpose. Further information on data processing and the legal basis of the PRIMUSS application and student portal can be found here: https://www.hs-coburg.de/datenschutzerklaerung-primuss/.

Our website offers you a newsletter in which we inform you about news from Coburg University of Applied Sciences. If you would like to subscribe to the newsletter, you must enter the following data:
– title
– surname* (first name, last name)
– company
– function
– e-mail address*
*mandatory field

If you subscribe to the newsletter, you agree to receive the newsletter and the procedures explained.
The newsletter is sent by the dispatch service provider rapidmail, a dispatch platform of rapidmail GmbH, Wentzingerstraße 21, 79106 Freiburg im Breisgau, Germany. For this purpose, we only transmit your e-mail address to rapidmail GmbH. Rapidmail GmbH is prohibited from using your data for purposes other than sending the newsletter. Rapidmail GmbH is not permitted to pass on or sell your data. rapidmail is a German, certified newsletter software provider that has been carefully selected in accordance with the requirements of the GDPR and the BDSG. Information about the data protection provisions of the mailing service provider can be found at: https://www.rapidmail.de/datenschutz.

The legal basis for the processing of your personal data in the context of sending the newsletter is the existence of consent Art. 6 para. 1 lit. a GDPR.

The purpose of collecting your personal data is to send you the newsletter. The purpose of processing your personal data in the context of sending the newsletter is to inform you about current events and offers.

Your personal data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. Your personal data will therefore be stored for as long as the subscription to the newsletter is active.

You can cancel your subscription to the newsletter at any time. For this purpose, you will find a corresponding link in every newsletter. Your personal data will be deleted after you unsubscribe. Cancelling your subscription also enables you to withdraw your consent.

We use the Microsoft 365 service. The provider of the service is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, D18 P521, Ireland.
Personal data is processed on the basis of the fulfillment of our legal and official duties (including Art. 6 para. 1 lit. e GDPR, Art. 4 BayDSG in conjunction with other legal regulations, e.g. BayHIG, BayDiG, TDDDG, BayHO).
We have concluded an order processing contract with Microsoft for the use of the service in accordance with Art. 28 GDPR.
The use of the service may result in data being transferred to a third country (USA). The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection. In addition, the data transfer is secured by the EU standard contractual clauses and additional technical and organizational measures.
Further information can be found in the provider's data protection information at the following URL: https://privacy.microsoft.com/de-de/privacystatement

This website uses Google Analytics, the web analysis service of Google Inc. (hereinafter "Google"), 1600 Amphitheatre Parkway Mountain View, CA 94043, USA.
We use Google Analytics to analyze the surfing behavior of our users. Google Analytics uses "cookies", which are text files placed on your computer, to help the website analyze how users use the site.
The information generated by the cookie about your use of the website will generally be transmitted to and stored by Google on servers in the United States. Since we have activated IP anonymization on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there. By using the code "anonymizeIp", we enable the anonymized collection of IP addresses (so-called IP masking). The software runs exclusively on the servers of our website. Users' personal data is only stored there. The data is not passed on to third parties.
DSB – as at 12.03.2026
The software is set so that the IP addresses are not stored in full, but two bytes of the IP address are masked (e.g. 192.168.xxx.xxx). In this way, it is no longer possible to assign the shortened IP address to the calling computer.
On behalf of the operator of this website, Google Analytics will use the information to evaluate your use of the website, to compile reports on website activity and to provide other services related to website activity and internet usage to the website operator. We would like to learn from these statistics how we can offer you an even better user experience, but we will not identify you ourselves.
The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by downloading and installing the available browser plug-in.
You can find more information at Google Terms of Use and Google Privacy Policy.

The legal basis for the processing of your personal data is Art. 6 para. 1 lit. a GDPR.

The processing of your personal data enables us to analyze your surfing behavior. By analyzing the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to constantly improve our website and its user-friendliness. By anonymizing the IP address, your interest in the protection of personal data is adequately taken into account.

Your personal data will be deleted as soon as it is no longer required for our recording purposes.

Cookies are stored on your computer and transmitted from it to our website. As a user, you therefore have full control over the use of cookies. You can deactivate or restrict the transmission of cookies by changing the settings in your Internet browser. Cookies that have already been saved can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.
Users of this website who do not want their data to be collected by Google Analytics can install the browser add-on to deactivate Google Analytics. This add-on instructs the Google Analytics JavaScript (ga.js, analytics.js and dc.js) running on websites not to allow information to be sent to Google Analytics.

If you wish to deactivate Google Analytics, go to this page and install the add-on to deactivate Google Analytics for your browser. Detailed information on installing and uninstalling the add-on can be found in the relevant help resources for your browser. Browser and operating system updates may result in the deactivation add-on no longer working as intended. Further information on managing add-ons for Chrome can be found here: https://support.google.com/chrome_webstore/answer/2664769?hl=de.
If you do not use Chrome, check directly with the manufacturer of your browser whether add-ons are working properly in the browser version you are using. The latest versions of Internet Explorer occasionally load the add-on to deactivate Google Analytics after data has been sent to Google Analytics. Therefore, if you are using Internet Explorer, the add-on will install cookies on your computer. These cookies ensure that any data collected is immediately deleted from the server that collected the data. Make sure that third-party cookies are not disabled for Internet Explorer. If you delete your cookies, these cookies will be reset within a short time by the add-on to ensure that your Google Analytics browser add-on continues to work without restriction. The browser add-on for deactivating Google Analytics does not prevent data from being sent to the website or to other web analysis services. You can find more information on terms of use and data protection at https://marketingplatform.google.com/about/analytics/terms/de/ or at
https://policies.google.com/?hl=de. IP anonymization is activated on this website.

We use "Google Ads/AdSense" (formerly Google AdWords) on our website, a service provided by Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland (hereinafter referred to as "Google").

Google Ads enables us to draw attention to our attractive offers with the help of advertising material on external websites. This allows us to determine how successful individual advertising measures are. These advertising materials are delivered by Google via so-called "AdServers". We use so-called AdServer cookies for this purpose, through which certain parameters for measuring success, such as the display of ads or clicks by users, can be measured. If you access our website via a Google ad, Google Ads will store a cookie on your PC. These cookies generally lose their validity after 30 days. They are not intended to identify you personally. The following information is usually stored as analysis values for this cookie: unique cookie ID, number of ad impressions per placement (frequency), last impression (relevant for post-view conversions). These cookies enable Google to recognize your web browser. If a user visits certain pages of an Ads customer's website and the cookie stored on their computer has not yet expired, Google and the customer can recognize that the user clicked on the ad and was redirected to this page. A different cookie is assigned to each Ads customer. Cookies can therefore not be tracked via the websites of Ads customers. We ourselves do not collect and process any personal data in the aforementioned advertising measures. We only receive statistical evaluations from Google. Based on these evaluations, we can recognize which of the advertising measures used are particularly effective.

We do not receive any further data from the use of the advertising material; in particular, we cannot identify users on the basis of this information. Due to the marketing tools used, your browser automatically establishes a direct connection with the Google server. We have no influence on the scope and further use of the data collected by Google through the use of Google Ads. To the best of our knowledge, Google receives the information that you have accessed the relevant part of our website or clicked on one of our ads. If you have a user account with Google and are registered, Google can assign the visit to your user account. Even if you are not registered with Google or have not logged in, there is a possibility that Google will find out your IP address and store it.

We use Google Ads for marketing and optimization purposes, in particular to display ads that are relevant and interesting to you, to improve campaign performance reports and to achieve a fair calculation of advertising costs.
The legal basis for the use of Google Ads is consent pursuant to Art. 6 para. 1 lit. a GDPR.

You can prevent the installation of cookies by deleting existing cookies and deactivating the storage of cookies in the settings of your web browser. We would like to point out that in this case you may not be able to use all the functions of our website to their full extent. You can also prevent the storage of cookies by setting your web browser to block cookies from the domain "www.googleadservices.com"(https://www.google.de/settings/ads). Please note that this setting will be deleted if you delete your cookies.
You can also deactivate interest-based ads via the link http://optout.aboutads.info. Please note that this setting will also be deleted if you delete your cookies.

Information from the third-party provider:
Google Ireland Limited, Google Building Gordon House, Barrow St, Dublin 4, Ireland

Further information on the use of data by Google, on setting and objection options and on data protection can be found on the following Google websites:

– Privacy policy: https://policies.google.com/privacy?hl=de&gl=de
– Google website statistics: https://services.google.com/sitestats/de.html

This website may use Google Web Fonts for the uniform display of fonts. When using these fonts, your browser downloads the required fonts from our website system. These are then temporarily stored in the browser cache in order to display the fonts correctly. Your browser does not establish a connection to Google's servers. This ensures that Google does not gain any knowledge of your visit or your IP address.

We use interface software to make web processes run more efficiently. All further information on data processing by this service provider can be found in its data protection information.
This processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR, which can be revoked at any time.
We use the Google APIs service on our website.
The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data being transferred to a third country (USA). The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's data protection information at the following URL: https://policies.google.com/privacy.

We use tools on our website that protect against unauthorized access, spam or other attacks. This increases the security of our website.
We base this processing on the consent of the user (Art. 6 para. 1 lit. a GDPR).
We use the Google Content Security Policy service on our website.
The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data being transferred to a third country (USA). The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's data protection information at the following URL: https://policies.google.com/privacy.

We use a content delivery network (CDN) to optimize the performance and availability of our website. For this purpose, this service provider, which makes this network available, processes your IP address and the information about when you visited our website.
You can find all further information on data processing by this service provider in its data protection information.
This processing is based on consent pursuant to Art. 6 para. 1 lit. a GDPR, which can be revoked at any time.
We use the Google Static service on our website.
The provider of the service is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

The use of the service may result in data being transferred to a third country (USA). The provider is certified in accordance with the EU-U.S. Data Privacy Framework and therefore offers an adequate level of data protection.
Further information can be found in the provider's data protection information at the following URL: https://policies.google.com/privacy.

On our website, we use the Google Tag Manager of Google LLC. (1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; "Google").
If you have your habitual residence in the European Economic Area or Switzerland, Google Ireland Limited (Gordon House, Barrow Street, Dublin 4, Ireland) is the controller responsible for your data. Google Ireland Limited is therefore the company affiliated with Google that is responsible for the processing of your data and compliance with the applicable data protection laws.
This application is used to manage JavaScript tags and HTML tags that are used to implement tracking and analysis tools in particular. The data processing serves the purpose of designing and optimizing our website in line with requirements.
The Google Tag Manager itself neither stores cookies nor does it process personal data. However, it enables the triggering of other tags that can collect and process personal data.
The legal basis for the processing of personal data by Google Tag Manager is consent pursuant to Art. 6 para. 1 lit. a GDPR.
You can find more information on terms of use and data protection at: https://www.google.com/intl/de/tagmanager/use-policy.html

We use sentry.io for error reporting on our website. Sentry.io is a software from Functional Software, Inc. based at 45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA.
Sentry provides an application monitoring solution that allows developers to detect, monitor and report errors, bugs and other performance issues in their applications.
By integrating it on our website, data may be transmitted to Functional Software during active error reporting. This includes the IP address, a browser error log (console logs), referrer URL, location information and information about the browser.
The legal basis for this processing is the user's consent pursuant to Art. 6 para. 1 lit. a GDPR, which can be revoked at any time.
Further information on data protection can be found at: https://sentry.io/privacy/

Our website uses plugins from "Spotify", an audio streaming platform operated by Spotify AB, Birger Jarlsgatan 61, 113 56 Stockholm, Sweden. An overview of the Spotify plugins can be found at: developer.spotify.com We use Spotify by embedding individual audio files, albums, playlists or podcasts from the platform on our website as so-called iFrame, so that they can be played directly on our website as a stream.
When you visit a subpage of our website on which a Spotify plugin is embedded, a connection to the Spotify servers is established and the plugin is displayed within our website. This tells Spotify which website you have visited. Your IP address may also be transmitted to Spotify. If you play an embedded audio file, an album or a playlist, this information will also be passed on to Spotify. If you are logged in as a Spotify user, Spotify will assign this data to your user account. If you do not want Spotify to be able to assign your visit to our website to your Spotify user account, please log out of your Spotify user account.
Further information on data protection at Spotify can be found at www.spotify.com/de/legal/privacy-policy

Videos from the external video platform YouTube are embedded on our website. By default, only deactivated images from the YouTube channel are embedded, which do not establish an automated connection with the YouTube servers. This means that the operator does not receive any data from the user when the web pages are accessed.

You can decide for yourself whether the YouTube videos should be activated. Only when you allow the videos to be played by clicking on "Permanent activation" do you give your consent for the necessary data (including the Internet address of the current page and the user's IP address) to be transmitted to the operator.

In order to save the setting requested by the user, we set a cookie that saves the parameters. When these cookies are set, however, we do not store any personal data; they only contain anonymized data for browser customization. The videos are then active and can be played by the user. If you would like to deactivate the automatic loading of YouTube videos again, you can uncheck the consent box under the data protection symbol. This will also update the cookie settings.

YouTube is a service provided by YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, a subsidiary of Google Inc, 1600 Amphitheater Parkway, Mountainview, California 94043, USA. Further information on the purpose and scope of data processing (including outside the European Union and outside the USA) and information on setting options to protect your privacy can be found in the privacy policy:

https://policies.google.com/privacy?hl=de&gl=de

Google processes your personal data in the USA, among other places.

On our website, iFrames (i.e. embedded content from other websites) are used for ticket reservations and ticket sales for events. Ticket reservations and ticket sales are processed via the "Eventfrog" platform. This is operated by an external service provider – Eventfrog AG, Neuhardstrasse 38, CH -4600 Olten. For this purpose, we have integrated a corresponding iframe from Eventfrog into our website. There you have the option of registering for the event or purchasing a ticket. When purchasing tickets or registering, Eventfrog collects the data requested from participants and then transmits it to us as the organizer.
The service provider collects, processes and stores the following data in particular: E-mail address, title, first and last name, address, mobile phone number if applicable, date of birth if applicable, other event-related information, such as menu preferences or intolerances, accompanying person(s), school qualifications, "how did I hear about the event"? payment method for chargeable offers (e.g. by credit card, direct transfer or Twint), IP address of the requesting computer, date and time of access.
This data is also stored by us for the purpose of contract processing. The collection and transmission of data is necessary for the execution of the contract (e.g. for controlling admission to the event) on the basis of Art. 6 para. 1 lit. b GDPR. If a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 para. 1 lit. a GDPR. Consent can be revoked at any time.
All of your registration data will be encrypted and forwarded to Eventfrog when you enter it.
Further information on the handling of user data can be found in Eventfrog's privacy policy at https://eventfrog.ch/de/datenschutzerklaerung.html.

Our website uses the donation form of twingle GmbH, Prinzenallee 74, 13357 Berlin. For this donation form, twingle GmbH provides the technical platform for the donation process. The data you enter when making a donation (e.g. address, bank details, etc.) will only be stored by twingle on servers in Germany for the purpose of processing the donation.

We have concluded a contract with twingle for commissioned data processing and fully implement the strict requirements of the GDPR and the German data protection authorities when using the twingle donation form. Your data is transmitted on the basis of Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing for the performance of a contract). If you have given your consent to data processing, you can withdraw your consent at any time. A revocation does not affect the effectiveness of data processing operations in the past.

Collection, processing and use of personal data for donations

When you make a donation, we collect and use your personal data only to the extent necessary to fulfill and process your donation and, if applicable, to process your inquiries. The provision of the data is necessary for the processing of the donation process. Failure to provide it means that your donation cannot be received. Processing is carried out on the basis of Art. 6 para. 1 lit. b GDPR and is necessary for processing the donation. Your data will not be passed on to third parties without your express consent. The only exceptions to this are our service partners that we need to process the donation or service providers that we use as part of order processing. In addition to the recipients named in the respective clauses of this privacy policy, these are, for example, recipients of the following categories Payment service providers, service providers for sending the donation receipt.
In all cases, we strictly observe the legal requirements. The scope of data transmission is limited to a minimum. You have the option of withdrawing your consent to data processing at any time. A revocation does not affect the effectiveness of data processing operations in the past.
Further information on the handling of user data can be found in Twingle's privacy policy at https://www.twingle.de/datenschutz/.

We use a social media plugin from Studycheck, an integration of OAK – Online Akademie GmbH, Zollstockgürtel 63 50969 Cologne, Germany, on our website.
Studycheck enables reviews and star ratings from students of a university on selected degree programs. These reviews generate rankings for universities and degree programs. We use the Studycheck widget to present awards and average ratings about our university in a neutral way.

The legal basis for the use of Studycheck is the consent of the user in accordance with Art. 6 para. 1 lit. a GDPR.
You have the option to revoke the processing by Studycheck at any time. In this case, all personal data collected in connection with Studycheck will be deleted, provided that there are no legal storage periods to the contrary.
Studycheck establishes a connection to the OAK – Online Akademie GmbH server in your web browser as soon as you call up a page with the widget. Further information can be found in the Studycheck privacy policy: https://www.studycheck.de/datenschutz.

We use embeddings of Wikimedia content on our website. Responsible for Wikimedia in Europe is Bird & Bird, 29 Earlsfort Terrace, Dublin 2, D02 AY28, Ireland.
With the help of this tool, various images and representations can be visually presented on our website.
The legal basis for processing by Wikimedia is the consent of the user in accordance with Art. 6 para. 1 lit. a GDPR.
You have the option to revoke this consent at any time. In this case, all personal data will be deleted, provided that there are no legal storage periods to the contrary.
In this case, Wikimedia content cannot be displayed.
Further information can be found in Wikimedia's privacy policy: https://foundation.wikimedia.org/wiki/Policy:Privacy_policy.

This website uses services from "Cloudflare" (provider: Cloudflare, Inc., 101 Townsend St, San Francisco, CA 94107, USA). Cloudflare operates a content delivery network (CDN) and provides protection functions for the website (web application firewall). The data transfer between your browser and our servers flows via Cloudflare's infrastructure and is analyzed there to ward off attacks. Cloudflare uses cookies to enable you to access our website. The use of Cloudflare is in the interest of the secure use of our website and the defense against harmful attacks from outside. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. e GDPR i.V.m. Art. 4 BayDSG.
Further information can be found in the Cloudflare privacy policy: https://www.cloudflare.com/de-de/privacypolicy/

The sharing functions on the website are so-called share links. As these are pure links and not an integration, they are harmless under data protection law. The social networks are only accessed when you explicitly click on or activate these links.

As part of our public relations work, we maintain online presences within social networks and platforms; they are part of our external presence and our public relations work in accordance with Art. 2 Para. 2 S. 3 and S. 5 BayHIG, Art. 17 Para. 1 BayDIG. Our aim is to provide target group-oriented information and to communicate with interested parties and users. Recommendation buttons for Facebook and Instagram, X (Twitter), YouTube, Xing and LinkedIn are integrated on our website.

To ensure data protection on this website, we only use these elements together with the so-called "Shariff" solution. This application prevents the social media elements integrated on this website from transferring your personal data to the respective provider when you first enter the site. A direct connection to the provider's server is only established when you activate the respective social media element by clicking on the corresponding button (consent). As soon as you activate the social media element, the respective provider receives the information that you have visited this website with your IP address. If you are logged into your respective social media account (e.g. Facebook) at the same time, the respective provider can assign the visit to this website to your user account. Activating the plugin constitutes consent within the meaning of Art. 6 para. 1 lit. a GDPR and Section 25 para. 1 TDDDG. You can revoke this consent at any time with effect for the future.

The service is used to obtain the legally required consent for the use of certain technologies.
We use the services of the following providers for our social media presence:

– Facebook (Meta Platforms Ireland Ltd, Merrion Road, Dublin 4, D04 X2K5, Ireland)
– Instagram (Meta Platforms Ireland Ltd, Merrion Road, Dublin 4, D04 X2K5, Ireland)
– X (Twitter) (X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. The Twitter International Unlimited Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland, is responsible for the data processing of persons living outside the USA
– YouTube as a service of Google (Google Ireland Limited, Gordon House, Barrow Street Dublin 4, Ireland)
– LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland)
– Xing (New Work SE, Dammtorstraße 30, 20354 Hamburg)

We disclose and block or delete content and posts, requests that violate the rights of third parties or that constitute a criminal offense or administrative offense or do not comply with legal or contractual obligations of conduct by transmitting them to the responsible authority or social media service.

Please note that when using the above-mentioned services, user data may be processed outside the European Union. This may result in risks for users because, for example, the enforcement of users' rights could be made more difficult. With regard to US providers who rely on the so-called standard contractual clauses of the European Commission, among other things, we would like to point out that they thereby undertake to comply with the data protection standards of the EU.
Furthermore, user data is generally processed for market research and advertising purposes. For example, user profiles can be created from user behavior and the resulting interests of users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the users. For these purposes, cookies are usually stored on the user's computer, in which the user's usage behavior and interests are stored. Furthermore, data can also be stored in the user profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of users' personal data is based on our legitimate interests in effective user information and communication with users in accordance with Art. 6 para. 1 lit. e GDPR, 4 BayDSG in conjunction with. Art. 2 para. 2 sentence 3 and sentence 5 BayHIG, Art. 17 para. 1 BayDIG. If the users are asked by the respective providers of the platforms for consent to the data processing described above, the legal basis for the processing is Art. 6 para. 1 lit. a., Art. 7 GDPR.
A detailed description of the respective processing and the opt-out options is available directly from the respective providers.

In the case of requests for information and the assertion of user rights, we would also like to point out that these can be asserted most effectively with the providers. Only the providers have access to the user's data and can take appropriate measures and provide information directly. Details of the services used can be found as follows:

– Facebook (Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland), Facebook pages based on an agreement on joint processing of personal data
Privacy Policy: https://www.facebook.com/about/privacy/
Opt-Out: https://www.facebook.com/settings
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active.

– Google/ YouTube (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland)
Privacy Policy: https://policies.google.com/privacy
Opt-Out: https://adssettings.google.com/authenticated
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

– Instagram (Instagram Inc., 1601 Willow Road, Menlo Park, CA, 94025, USA)
Privacy Policy/ Opt-Out: http://instagram.com/about/legal/privacy/.

– LinkedIn (LinkedIn Ireland Unlimited Company Wilton Place, Dublin 2, Ireland)
Privacy Policy https://www.linkedin.com/legal/privacy-policy
Opt-Out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active.

– Twitter (Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA)
Privacy Policy: https://twitter.com/de/privacy
Opt-Out: https://twitter.com/personalization
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000TORzAAO&status=Active.

– Xing (XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany)
Privacy Policy/ Opt-Out: https://privacy.xing.com/de/datenschutzerklaerung.

You can also contact the Student Advisory Service of Coburg University of Applied Sciences via WhatsApp. All posts can be seen by all members of the Student Advisory Service. The chat history and the associated telephone number will be deleted by us one month after the end of the consultation contact and will not be passed on to third parties. The data can be deleted immediately at any time on request. You can revoke your consent to us at any time for the future by sending us a WhatsApp message or notification, without affecting the legality of the processing carried out on the basis of the consent until revocation.

Please note that if you choose to communicate via WhatsApp, WhatsApp's terms of use and privacy policy apply, over which we have no control. WhatsApp is part of the Meta Platforms group of companies. When using WhatsApp, you allow the company to process your data extensively, including comprehensive advertising consent. WhatsApp contact with us takes place via a company account. This discloses your relationship with us to WhatsApp and Meta Platforms and your profile is used for targeted advertising, among other things.

When you contact us via WhatsApp, your data will also be processed abroad: For services in Europe, this is done by WhatsApp Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland and for services outside Europe by WhatsApp Inc.,1601 Willow Road, Menlo Park, California 94025, United States of America.
WhatsApp's terms of use(https://www.whatsapp.com/legal/terms-of-service-eea) and privacy policy(https://www.whatsapp.com/legal/?eea=1#privacy-policy) apply.

We use the YouTube.com platform to post our own videos and make them publicly accessible. YouTube is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.

Some subpages of our website contain links or links to YouTube content. In general, we are not responsible for the content of linked websites. However, in the event that you follow a link to YouTube, we would like to point out that YouTube stores the data of its users (e.g. personal information, IP address) in accordance with its own data usage guidelines and uses it for business purposes. YouTube content is only integrated in "extended data protection mode". This is provided by YouTube itself and ensures that YouTube does not initially store any cookies on your device.

However, when the relevant pages are accessed, the IP address and the other data mentioned in section 4 are transmitted and thus, in particular, which of our websites you have visited. However, this information cannot be assigned to you unless you have logged in to YouTube or another Google service before accessing the page or are permanently logged in.
The legal basis for this processing is consent pursuant to Art. 6 para. 1 lit. a GDPR.

As soon as you start the playback of an embedded video by clicking on it, YouTube only stores cookies on your device through the extended data protection mode, which do not contain any personally identifiable data, unless you are currently logged in to a Google service. These cookies can be prevented by making the appropriate browser settings and extensions.

Address and link to the privacy policy of the third-party provider:
Google/YouTube: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland – Privacy Policy: https://policies.google.com/privacy

Unless otherwise regulated, the use of all information that we have about you is subject to this privacy policy.
The controller reserves the right to continuously adapt this privacy policy to the necessary security measures in accordance with technological developments and will announce any changes here.

The controller has taken technical and organizational measures to protect your data from loss, destruction or unauthorized access.
In addition, both the controller's employees and any service providers are obliged to maintain confidentiality and to comply with data protection regulations.

For security reasons and to protect the transmission of confidential content that you send to us as the site operator, our website uses SSL or TLS encryption. This means that data that you transmit via this website cannot be read by third parties. You can recognize an encrypted connection by the "https://" address line of your browser and the lock symbol in the browser line.

When personal data is collected for the first time, there is an obligation to inform the data subjects. We comply with this obligation separately for the respective services.