This data privacy statement informs about the processing of personal data of journals hosted on the Journal Server of Hamburg University Press together with all sub-pages (hereinafter summarised: "website"), of the persons in charge as well as about your rights as a person concerned.
1. Contact details of the person responsible and the data protection officer
Pursuant to the General Data Protection Regulation, national data protection laws of the various Member States, and other privacy regulations, the responsible entity ("Controller") is:
Hamburg State and University Library - Carl von Ossietzky
(hereafter: "SUB" or "we / us")
Von-Melle-Park 3, 20146 Hamburg
Phone: +49 40 42838 | 2233
Fax: +49 40 42838 - 3352
Email: auskunft@sub.uni-hamburg.de
Hamburg University Press is a service of the Hamburg State and University Library (SUB). The SUB is a state enterprise of the Free and Hanseatic City of Hamburg. It is part of the Hamburg Ministry of Science, Research and Euqalities (Behörde für Wissenschaft, Forschung und Gleichstellung) and is subject to its supervision. The state enterprise is represented by the deputy director Dr. Petra Blödorn-Meyer on a temporary basis.
The data protection officer of the SUB can be contacted as follows:
External Data Protection Officer of the Hamburg State and University Library - Carl von Ossietzky
Bernd Uderstadt
Mittelweg 177
20148 Hamburg
Phone: +49 40 42838-2957
Email: datenschutz@uni-hamburg.de
2. Data processing
2.1 Use of our website
2.1.1 Accessing the website and creation of log files
When you access the website and the documents offered, the Internet browser that you use automatically sends data to the server of our website and stores it for a limited time in log files on the server. Until automatic deletion, data will be stored without further entry by the visitor. The following data is stored in log files and can include:
- IP address
- browser type / browser version
- date and time of access
- technical data for transmission (protocols, status code, data volumes)
- user internet service provider of the user
- user operating system
- referring website
- websites accessed by the User’s system through our website
The temporary storage of data and log files is lawful pursuant to Art. 6 (1) s. 1 lit. f General Data Protection Regulation (Datenschutz-Grundverordnung, hereafter DSGVO).
Our legitimate interest in data processing derives from the purposes of rapidly establishing the connection to the website, enabling a user-friendly use of the website, recognizing and ensuring the security and stability of the systems and facilitating and improving the administration of the website.
The processing expressly does not take place for the purpose of gaining knowledge about your person.
The data will be deleted when they are no longer needed for the purpose they were collected. For data collected to provide access to the website, this will be at the end of every session.
Further storage is possible if required by further purposes. These purposes include the evaluation of error logs which log incorrect page views, and internal statistical applications. This serves to improve our offer, to recognize errors and to adapt our offer to user needs. The data is stored exclusively on servers operated by us. In this case, however, the IP addresses of the users are anonymized if possible, so that an assignment of the calling client is no longer possible. The legal basis for storing the above data and log files is Art. 6 (1) s. 1 lit. f DSGVO.
2.1.2 Registration / log-in forms
For some uses of our offer you have to register and later enter your user data assigned after registration to register for the use of the corresponding online services. Which personal data is transmitted is determined by the respective input mask used for registration.
During the registration process the user’s consent to the processing of this data will be obtained if necessary. As a rule however, data processing is carried out according to Art. 6 (1) s. 1 lit. b DSGVO and par. 4 Hamburg Higher Aducation Act (Hamburgisches Hochschulgesetz - HmbHG).
Registration of the user is required for the provision of certain contents and use of certain services on our website.
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection; or the contractual relationship ends and no reasons for further storage (in particular legal reasons) are given.
2. Cookies
Our website uses cookies. Cookies are small data files, created and stored by the Internet browser on your computer’s hard drive. Accessing a website may result in a cookie being saved on your operating system. This cookie contains a specific string of characters that allows the browser to be clearly recognized every time the website is accessed.
We use cookies to make our website more user-friendly.
The legal basis for the processing of personal data using cookies is Art. 6 (1) s. 1 lit. f DSGVO.
Cookies are stored on the user's device and transmitted to us by the user. That is why you, as the User, have full control over cookie implementation. Cookies are largely accepted according to the basic browser settings. Cookies already stored on your hard drive can be deleted at any time. You can deactivate or restrict cookies by changing your browser settings. This can also be done automatically.
However, disabling cookies for our website may result in some functions not working correctly.
3. Data transfer to third parties
Personal data will only be transmitted by us to third parties if
- the person concerned has expressly and informedly submitted the data pursuant to Art. 6 (1) s. 1 lit. a DSGVO;,
- the disclosure pursuant to Art. 6 (1) s. 1,
- DSGVO is necessary to assert, exercise or defend legal claims and there is no reason to assume that the data subject has an overriding interest worthy of protection in not disclosing his/her data,
- there is a legal obligation for data transmission in accordance with Art. Art. 6 (1) s. 1 lit. c DSGVO, and/or
- this is required pursuant to Art. Art. 6 (1) s.1 lit. b DSGVO for the fulfilment of a contractual relationship with the person concerned.
In other cases, personal data will not be passed on to third parties.
4. Web analysis
The website of the journal server uses AWStats, an open source software for the analysis and statistical evaluation of visitor access. This software runs on our own servers and only uses anonymized IP addresses for statistical analysis. AWStats does not use "cookies", i.e. Cookies are small data files, created and stored by the Internet browser on your computer’s hard drive. This means that no personal user data is passed on to third parties.
The information determined by the software is used to evaluate the use of the offer. The legal basis for the processing of data is Art. 6 (1) s. 1 lit. f DSGVO.
5. Your rights
You have the following rights:
- to request information about your personal data processed by us in accordance with Art. 15 DSGVO.
In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to appeal, the origin of your data if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details; - to immediately request the correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 DSGVO;
- to request the deletion of your personal data stored by us in accordance with Art. 17 DSGVO, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
- to limit processing of personal data (Art. 18 DSGVO)
- to object to the processing of your data conducted in our legitimate interest, public interest, or for profiling purposes unless we can demonstrate compelling grounds for processing said data that outweighs your interests, rights, and freedoms or where the processing of said data is required for the establishment, exercise, or defense of a legal claim (Art. 21, DSGVO); pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another person responsible;
- pursuant to Art. 7 (3) DSGVO to withdraw your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future;
- to complain to a supervisory authority pursuant to Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or work for this purpose.
If your personal data are processed on the basis of legitimate interests pursuant to Art. (1) s. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection which we will implement without specifying a particular situation.
You can exercise your right to object, your right of rectification and your right to revoke consent to the processing of your personal data by contacting:
Hamburg State and University Library - Carl von Ossietzky
Von-Melle-Park 3, 20146 Hamburg
Telefon: +49 40 42838 - 2233
Fax: +49 40 42838 - 3352
E-Mail: auskunft@sub.uni-hamburg.de
6. Data security
We use suitable technical and organisational security measures (so-called TOM) to protect our users' data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our websites are hosted partly on our own servers, partly on servers of a host based in Germany with whom we have concluded an agreement for order processing.
We generally use SSL encryption (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser when you visit our website. Usually this is a 256 bit encryption. Whether a single page of our website is transmitted in encrypted form can be seen from the closed display of the key or lock symbol in the status bar of your browser.
We would like to point out that complete data security cannot be guaranteed when communicating by email during transmission and recommend that confidential information should be sent by post.