Here we inform you in accordance with Article 13 of the General Data Protection Regulation (DSGVO) about the nature, scope and purpose of the collection and use of personal data.
In addition, you will find details about the relevant legal basis and your rights regarding this data processing.
Contact
Allgemeiner Studierendenausschuss der TU-Hamburg
Am Schwarzenberg-Campus 3
Building E, Room 0.069
21073 Hamburg
Responsible person
Mr. Felix Schlösser
Email: dsgvo@asta.tuhh.de
Scope
This privacy policy applies to the following websites operated by the General Student Committee of the TU-Hamburg:
Types of data processing
This site is operated on the servers of the TU-Hamburg Computer Center, which are located on campus. No data is processed outside the TU-Hamburg network or outside the European Union. Under no circumstances will data be passed on to third parties.
General usage data
When you visit the website, the following usage data is automatically logged by the web server:
- your IP address
- requested hostname and port
- requested resource
- HTTP status code
- size of the response in bytes
- timestamp
The data is processed solely for the purpose of ensuring the reliability of the web server and is stored in a log file for 30 days. For troubleshooting purposes, longer storage periods are possible for a limited period of time. The processing is based on Art. 6 para. 1 lit. f DSGVO (legitimate interest).
Inquiries via forms
In addition to the above-mentioned usage data, when you contact us via our forms, the data you provide will be stored and processed by us. In the case of the contact form at www.asta.tuhh.de/en/contact, these are, for example:
- name
- email address
- inquiry text
This is done solely for the purpose of processing your request and, if desired, for a subsequent contact. The processing is based either on Art. 6 para. 1 lit. a DSGVO (consent) or in the case of the contact form Art. 6 para. 1 lit. f DSGVO (legitimate interest). The data is stored exclusively on the mail server provided by the Computing Center of the TU-Hamburg and can only be processed by authorized persons. The processing is based on our legitimate interest. The data collected in connection with your request will be deleted a maximum of 5 years after the last mail contact.
Use of the ticket platform
If you use our ticket store at tickets.asta.tuhh.de, we process the following data in addition to the one listed above:
- name
- e-mail address
- billing address
- payment information
These are processed for the purpose of processing the ticket purchase, creating the invoice and for any queries or refunds. The legal basis is Art. 6 para. 1 lit. b DSGVO (contract fulfillment).
For payment processing, we use the external payment service provider Mollie B.V., based in the Netherlands. When using Mollie, your payment information is transmitted directly to Mollie and is not stored by us. For more information, please see the privacy policy of Mollie.
Your name, email address and billing address data will be stored for the legally required retention period (usually 10 years for accounting records). After this period the data will be deleted.
Use of cookies
Cookies are small text files that a website can store in the browser of a website visitor. They do not contain any personal data and expire automatically after the specified time. Session means in most cases until the Internet browser is closed. The following cookies are sent with every request to our domains:
| Name | Purpose | Domain | Expiration Time |
|---|---|---|---|
| django_language | Saving the language preference of the user | www.asta.tuhh.de | Session |
| sessionid | Convenient usage, e.g. automatic login | www.asta.tuhh.de | 2 weeks |
| csrftoken | Protection against cross-site request forgery attacks | www.asta.tuhh.de | 1 year |
| pretix_language | Saving the language preference of the user | tickets.asta.tuhh.de | Session |
| pretix_session | Storage of session data when using Pretix | tickets.asta.tuhh.de | 2 weeks |
| pretix_csrftoken | Protection against cross-site request forgery attacks | tickets.asta.tuhh.de | 1 year |
You can prevent the placement of cookies by setting your browser accordingly. In this case, the functionality of some forms can no longer be guaranteed.
Your rights
- Art. 15 GDPR: Right of access of the data subject
You have the right to obtain information from us about what data we process about you. - Art. 16 GDPR: Right to rectification
If the data concerning you is incorrect or incomplete, you may request the correction of incorrect or the completion of incomplete information. - Art. 17 GDPR: Right to erasure
Under the conditions of Art. 17 GDPR, you can request the erasure of your personal data. - Art. 18 GDPR: Right to restriction of processing
Under the conditions of Art.18 GDPR, you may request the restriction of the processing of personal data concerning you. - Art. 20 DSGVO: Right to data portability
You have the right to receive your personal data, in a structured, common and machine-readable format, or to request the transfer of this data to another responsible person, as far as this is technically feasible. - Art. 21 GDPR: Right to object
For reasons arising from your particular situation, you may object at any time to the processing of data concerning you. - Art. 7 para. 3 GDPR: Right to withdraw consent
You have the right to revoke your consent to the processing of your personal data at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.
Supervisory authority
In the event of difficulties in exercising your rights or if you are of the opinion that we have not complied with data protection regulations when processing your data, you can lodge a complaint with the Hamburg Commissioner for Data Protection and Freedom of Information:
Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Strasse 22, 7th floor
20459 Hamburg
Phone: +49 (0) 40 42854-4040
Email: mailbox@datenschutz.hamburg.de
Updated: March 18, 2023