Privacy Statement

This data privacy statement informs about the processing of personal data of journals hosted on the Journal Server of Hamburg University Press together with all sub-pages (hereinafter summarised: "website"), of the persons in charge as well as about your rights as a person concerned.

1. Contact details of the person responsible and the data protection officer

Pursuant to the General Data Protection Regulation, national data protection laws of the various Member States, and other privacy regulations, the responsible entity (“Controller”) is:

University of Bremen
Institute Technology and Education
(hereafter: “ITB” or “we / us”)
Am Fallturm 1, 28359 Bremen
Phone: +49 421 218-66250, Fax: +49 421 218-98-66250

Revocation of your consent to data processing

Some data processing operations are only possible with your express consent. A revocation of your already given consent is possible at any time. An informal communication by e-mail is sufficient for the revocation. The legality of the data processing carried out until the revocation remains unaffected by the revocation. The various data processing procedures are subsequently described here.

Right to complain to the competent supervisory authority

According to Article 77 of the GDPR, you have the right to lodge a complaint with a supervisory authority when you consider the processing of your personal data as infringing this regulation. The name and address of the supervisory authority responsible for this are:

Die Landesbeauftragte für Datenschutz und Informationsfreiheit
Arndtstraße 1
27570 Bremerhaven
Tel.: +49 421 3612010 oder +49 471 5962010
Fax: +49 421 49618495

2. Data processing

2.1 Use of our website

2.1.1 Accessing the website and creation of log files

When you access the website and the documents offered, the Internet browser that you use automatically sends data to the server of our website and stores it for a limited time in log files on the server. Until automatic deletion, data will be stored without further entry by the visitor. The following data is stored in log files and can include:

  • IP address
  • browser type / browser version
  • date and time of access
  • technical data for transmission (protocols, status code, data volumes)
  • user internet service provider of the user
  • user operating system
  • referring website
  • websites accessed by the User’s system through our website

The temporary storage of data and log files is lawful pursuant to Art. 6 (1) s. 1 lit. f General Data Protection Regulation (Datenschutz-Grundverordnung, hereafter DSGVO). The log files are stored for 28 days, afterwards the data is anonymized and stored for one year for evaluation of error logs, which log erroneous page views, and internal statistics applications.

Our legitimate interest in data processing derives from the purposes of rapidly establishing the connection to the website, enabling a user-friendly use of the website, recognizing and ensuring the security and stability of the systems and facilitating and improving the administration of the website.

The processing expressly does not take place for the purpose of gaining knowledge about your person.

Further storage is possible if required by further purposes. These purposes include the evaluation of error logs which log incorrect page views, and internal statistical applications. This serves to improve our offer, to recognize errors and to adapt our offer to user needs. The data is stored exclusively on servers operated by us. In this case, however, the IP addresses of the users are anonymized if possible, so that an assignment of the calling client is no longer possible. The legal basis for storing the above data and log files is Art. 6 (1) s. 1 lit. f DSGVO.

2.1.2 Registration / log-in forms

For some uses of our offer you have to register and later enter your user data assigned after registration to register for the use of the corresponding online services. Which personal data is transmitted is determined by the respective input mask used for registration.

During the registration process the user’s consent to the processing of this data will be obtained if necessary. As a rule however, data processing is carried out according to Art. 6 (1) s. 1 lit. b DSGVO and par. 4 Hamburg Higher Aducation Act (Hamburgisches Hochschulgesetz – HmbHG).

Registration of the user is required for the provision of certain contents and use of certain services on our website.

The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection; or the contractual relationship ends and no reasons for further storage (in particular legal reasons) are given.

2. Cookies

Our website uses cookies. Cookies are small data files, created and stored by the Internet browser on your computer’s hard drive. Accessing a website may result in a cookie being saved on your operating system. This cookie contains a specific string of characters that allows the browser to be clearly recognized every time the website is accessed.

We use cookies to make our website more user-friendly.

The legal basis for the processing of personal data using cookies is Art. 6 (1) s. 1 lit. f DSGVO.

Cookies are stored on the user's device and transmitted to us by the user. That is why you, as the User, have full control over cookie implementation. Cookies are largely accepted according to the basic browser settings. Cookies already stored on your hard drive can be deleted at any time. You can deactivate or restrict cookies by changing your browser settings. This can also be done automatically.

However, disabling cookies for our website may result in some functions not working correctly.

3. Data transfer to third parties

Personal data will only be transmitted by us to third parties if

  • the person concerned has expressly and informedly submitted the data pursuant to Art. 6 (1) s. 1 lit. a DSGVO;,
  • the disclosure pursuant to Art. 6 (1) s. 1,
  • DSGVO is necessary to assert, exercise or defend legal claims and there is no reason to assume that the data subject has an overriding interest worthy of protection in not disclosing his/her data,
  • there is a legal obligation for data transmission in accordance with Art. Art. 6 (1) s. 1 lit. c DSGVO, and/or
  • this is required pursuant to Art. Art. 6 (1) s.1 lit. b DSGVO for the fulfilment of a contractual relationship with the person concerned.

In other cases, personal data will not be passed on to third parties.

4. Matomo (web analysis)

We use Matomo, a tracking service provided by the Rechenzentrum (Computer Center) of the University of Hamburg, to collect key figures about the use of the journal and the content provided.

We have configured the Matomo software for use on the pages operated by the SUB in such a way that the data collected does not enable direct or indirect identification of a natural person:

  • The IP address is anonymized. This is done by the Regional Computer Center of the University of Hamburg (RRZ).
  • The use of cookies has been disabled in the tracking code.
  • The functions "visit log and visitor profile" have been deactivated by us in the settings.

The legal basis for the data processing is Art. 6 Abs. 1 lit. e, Abs. 3 DSGVO i.V.m. § 4 HmbDSG.

5. Your rights

You have the following rights:

  • to request information about your personal data processed by us in accordance with Art. 15 DSGVO.
    In particular, you may request information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction of processing or objection, the existence of a right to appeal, the origin of your data if these have not been collected by us, and the existence of automated decision-making including profiling and, if applicable, meaningful information on their details;
  • to immediately request the correction of incorrect or incomplete personal data stored by us in accordance with Art. 16 DSGVO;
  • to request the deletion of your personal data stored by us in accordance with Art. 17 DSGVO, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
  • to limit processing of personal data (Art. 18 DSGVO)
  • to object to the processing of your data conducted in our legitimate interest, public interest, or for profiling purposes unless we can demonstrate compelling grounds for processing said data that outweighs your interests, rights, and freedoms or where the processing of said data is required for the establishment, exercise, or defense of a legal claim (Art. 21, DSGVO); pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request its transfer to another person responsible;
  • pursuant to Art. 7 (3) DSGVO to withdraw your consent to us at any time. As a result, we are no longer allowed to continue processing data based on this consent in the future;
  • to complain to a supervisory authority pursuant to Art. 77 DSGVO. As a rule, you can contact the supervisory authority of your usual place of residence or work for this purpose.

If your personal data are processed on the basis of legitimate interests pursuant to Art. (1) s. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are reasons for this which arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection which we will implement without specifying a particular situation.

You can exercise your right to object, your right of rectification and your right to revoke consent to the processing of your personal data by contacting:

University of Bremen
Institute Technology and Education
Am Fallturm 1, 28359 Bremen
Phone: +49 421 218-66250, Fax: +49 421 218-98-66250

6. Data security

We use suitable technical and organisational security measures (so-called TOM) to protect our users' data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our websites are hosted partly on our own servers, partly on servers of a host based in Germany with whom we have concluded an agreement for order processing.

We generally use SSL encryption (Secure Socket Layer) in conjunction with the highest level of encryption supported by your browser when you visit our website. Usually this is a 256 bit encryption. Whether a single page of our website is transmitted in encrypted form can be seen from the closed display of the key or lock symbol in the status bar of your browser.

We would like to point out that complete data security cannot be guaranteed when communicating by email during transmission and recommend that confidential information should be sent by post.