Privacy Policy

Here we inform you in accordance with Article 13 of the General Data Protection Regulation (DSGVO) about the nature, scope and purpose of the collection and use of personal data.

In addition, you will find details about the relevant legal basis and your rights regarding this data processing.


Allgemeiner Studierendenausschuss der TU-Hamburg
Am Schwarzenberg-Campus 3
Building E, Room 0.069
21073 Hamburg

Responsible person
Mr. Felix Schlösser


This privacy policy applies to the following websites operated by the General Student Committee of the TU-Hamburg:

Types of data processing

This site is operated on the servers of the TU-Hamburg Computer Center, which are located on campus. No data is processed outside the TU-Hamburg network or outside the European Union. Under no circumstances will data be passed on to third parties.

General usage data

When you visit the website, the following usage data is automatically logged by the web server:

  • your IP address
  • requested hostname and port
  • requested resource
  • HTTP status code
  • size of the response in bytes
  • timestamp

The data is processed solely for the purpose of ensuring the reliability of the web server and is stored in a log file for 30 days. For troubleshooting purposes, longer storage periods are possible for a limited period of time. The processing is based on Art. 6 para. 1 lit. f DSGVO (legitimate interest).

Inquiries via forms

In addition to the above-mentioned usage data, when you contact us via our forms, the data you provide will be stored and processed by us. In the case of the contact form at, these are, for example:

  • name
  • email address
  • inquiry text

This is done solely for the purpose of processing your request and, if desired, for a subsequent contact. The processing is based either on Art. 6 para. 1 lit. a DSGVO (consent) or in the case of the contact form Art. 6 para. 1 lit. f DSGVO (legitimate interest). The data is stored exclusively on the mail server provided by the Computing Center of the TU-Hamburg and can only be processed by authorized persons. The processing is based on our legitimate interest. The data collected in connection with your request will be deleted a maximum of 5 years after the last mail contact.

Use of the ticket platform

If you use our ticket store at, we process the following data in addition to the one listed above:

  • name
  • e-mail address
  • billing address
  • payment information

These are processed for the purpose of processing the ticket purchase, creating the invoice and for any queries or refunds. The legal basis is Art. 6 para. 1 lit. b DSGVO (contract fulfillment).

For payment processing, we use the external payment service provider Mollie B.V., based in the Netherlands. When using Mollie, your payment information is transmitted directly to Mollie and is not stored by us. For more information, please see the privacy policy of Mollie.

Your name, email address and billing address data will be stored for the legally required retention period (usually 10 years for accounting records). After this period the data will be deleted.

Use of cookies

Cookies are small text files that a website can store in the browser of a website visitor. They do not contain any personal data and expire automatically after the specified time. Session means in most cases until the Internet browser is closed. The following cookies are sent with every request to our domains:

Name Purpose Domain Expiration Time
django_language Saving the language preference of the user Session
sessionid Convenient usage, e.g. automatic login 2 weeks
csrftoken Protection against cross-site request forgery attacks 1 year
pretix_language Saving the language preference of the user Session
pretix_session Storage of session data when using Pretix 2 weeks
pretix_csrftoken Protection against cross-site request forgery attacks 1 year

You can prevent the placement of cookies by setting your browser accordingly. In this case, the functionality of some forms can no longer be guaranteed.

Your rights 

  • Art. 15 GDPR: Right of access of the data subject
    You have the right to obtain information from us about what data we process about you.
  • Art. 16 GDPR: Right to rectification
    If the data concerning you is incorrect or incomplete, you may request the correction of incorrect or the completion of incomplete information.
  • Art. 17 GDPR: Right to erasure
    Under the conditions of Art. 17 GDPR, you can request the erasure of your personal data.
  • Art. 18 GDPR: Right to restriction of processing
    Under the conditions of Art.18 GDPR, you may request the restriction of the processing of personal data concerning you.
  • Art. 20 DSGVO: Right to data portability
    You have the right to receive your personal data, in a structured, common and machine-readable format, or to request the transfer of this data to another responsible person, as far as this is technically feasible.
  • Art. 21 GDPR: Right to object
    For reasons arising from your particular situation, you may object at any time to the processing of data concerning you.
  • Art. 7 para. 3 GDPR: Right to withdraw consent
    You have the right to revoke your consent to the processing of your personal data at any time. The revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

Supervisory authority

In the event of difficulties in exercising your rights or if you are of the opinion that we have not complied with data protection regulations when processing your data, you can lodge a complaint with the Hamburg Commissioner for Data Protection and Freedom of Information:

Hamburg Commissioner for Data Protection and Freedom of Information
Ludwig-Erhard-Strasse 22, 7th floor
20459 Hamburg
Phone: +49 (0) 40 42854-4040

Updated: March 18, 2023