With this privacy policy, we aim to inform you about the nature, scope, and purpose of the processing of personal data (hereinafter also referred to as "data"). Personal data includes all information that relates to you personally, such as your name, address, email address, or user behavior. This privacy policy applies to all data processing operations carried out by us, both in the context of our core activities and with regard to our online media.
Controller Responsible for Data Processing
Responsible Party:
Hochschule RheinMain
Prof. Dr. Johannes Luderschmidt
Tel.: +49-611-9495-2295
E-Mail: johannes.luderschmidt@hs-rm.de
Unter den Eichen 5
65195 Wiesbaden
Germany
Data Processing
Within the Core Activities of Our OrganizationIf you are a member of our institution, support us, maintain business relations with us, or are interested in our activities, the nature, scope, and purpose of the processing of your data depend on the membership, contractual, or pre-contractual relationship between us. We process all data necessary to manage and fulfill the membership or business relationship, or to handle your inquiry or support. Data processing is limited to what is necessary and appropriate for these purposes. We will inform you about the specific data involved before or during the data collection process. Data will only be disclosed to third parties if required for internal organizational purposes such as accounting or to comply with legal obligations. If we use third-party providers to deliver our services, their terms and privacy policies also apply.
Processed Data
Contact details (e.g., email address, phone number, postal address)
Data Subjects
Interested parties, members, business and contractual partners
Purpose of Processing
Administration of members and support servicesManagement of contractual relationships Communication and response to contact inquiriesOffice and organizational procedures
Legal Basis
Consent (Art. 6(1)(a) GDPR)
Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR)
Legal obligations (Art. 6(1)(c) GDPR)
Legitimate interests (Art. 6(1)(f) GDPR)
Your Rights Under the GDPR
According to the General Data Protection Regulation, you have the following rights, which you may exercise at any time by contacting the data controller mentioned above:
Right of access - You have the right to ask whether we process your data and to request information about this data.
Right to rectification - You have the right to request the correction or completion of incorrect or incomplete data.
Right to erasure - You may request the deletion of your data.
Right to restriction - Under certain conditions, you can request that we restrict the processing of your data.
Right to data portability - You have the right to receive your data in a structured, commonly used, and machine-readable format and to transmit it to another controller.
Right to lodge a complaint - You have the right to lodge a complaint with a supervisory authority, particularly in your habitual residence, place of work, or the place of the alleged infringement.
Right to Withdraw Consent
You have the right to withdraw your consent to data processing at any time.
Right to Object
You have the right to object at any time to the processing of your personal data based on our legitimate interests under Art. 6(1)(f) GDPR. If you object, please explain your reasons. We will then cease processing your personal data unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms. You may also object at any time, without stating reasons, to the processing of your personal data for purposes of direct marketing or data analysis. Please address your objection to the contact details provided above.
When Do We Delete Your Data?
We delete your data when it is no longer needed or when you instruct us to do so. Unless otherwise stated in specific sections of this privacy policy, your data will be deleted:
when the purpose for processing no longer applies and the associated legal basis ceases to exist, e.g.:after the end of our contractual or membership relationship (Art. 6(1)(a) GDPR), or
when our legitimate interest no longer justifies further processing or storage (Art. 6(1)(f) GDPR),
when you withdraw your consent and no other legal basis under Art. 6(1)(b–f) GDPR applies,
when you object to processing and there are no overriding legitimate grounds for continued processing.
However, if certain data must be retained for other purposes—such as legal retention periods (usually 6 years for business correspondence or 10 years for accounting documents), or for the establishment, exercise, or defense of legal claims (up to 4 years)—we will delete such data only after those periods have expired. Until then, we will restrict processing to those specific purposes.
Cookies
Our website uses cookies. Cookies are small text files consisting of a string of letters and numbers stored on your device. They primarily serve to exchange information between your device and our website, such as language preferences, login status, or the playback position of a video.
We use the following types of cookies:
Temporary Cookies (Session Cookies):
These store a session ID to associate multiple browser requests with the same session. They are deleted when you log out or close your browser.
Permanent Cookies:
These remain on your device even after closing the browser, so our website can recognize you upon your next visit. They may store preferences (e.g., language settings or login information) or document your browsing behavior. These cookies may be used for statistics, marketing, or personalization purposes.Cookies may also be classified by purpose:
Necessary cookies: Essential for website functionality, such as login sessions or cart content, and for security purposes.
Statistics, marketing, and personalization cookies: Used for analytics, measuring reach, and displaying personalized content based on user profiles.
Processed data:
Usage data (e.g., access times, pages visited)
Communication data (e.g., device information, IP address)
Data subjects:
Users of our online services
Purpose of processing:
Displaying our website
Ensuring site operation
Improving the quality of our content
Communication and marketing
Legal basis:
Legitimate interest (Art. 6(1)(f) GDPR): If no consent is obtained, we base data processing on our legitimate interest in improving website quality and usability. You can manage or disable cookies via your browser settings. Disabling cookies may limit some website functionality.
Consent (Art. 6(1)(a) GDPR): If you consent to cookies being set when visiting our site, this consent forms the legal basis. You can revoke your consent at any time.
Web Hosting
We use a hosting provider to make our website available online. This provider processes all data transmitted through your browser during website use, including: Your IP address (necessary to deliver the site to your browser) Any inputs you submit on our site
Additional data collected may include:
- Date and time of access
- Time zone difference from GMT
- Access status (HTTP status)
- Amount of data transferred
- Your ISP
- Your browser and version
- Your operating system
- Referring site (if applicable)
- Pages/subpages visited on our site
This data is stored as server log files to ensure site stability and security.
Processed data:
Content data (e.g., posts, photos, videos)
Usage data (e.g., access times, pages visited)
Communication data (e.g., device information, IP address)
Data subjects:
Users of our website
Purpose of processing:
Displaying the website
Ensuring website functionality
Legal basis:
Legitimate interest (Art. 6(1)(f) GDPR) Hosting provider:
Content Delivery Services
We use external services to deliver content such as videos, images, fonts, maps, or music. These services process your IP address to deliver the content to your browser. They may also set cookies that collect information about your behavior, interests, device, browser, session time, etc. This information is typically used for analytics, statistics, and marketing and may be combined with other data—especially if you have an account with the provider and are logged in during your visit.
Please note that, depending on the provider’s location, your data may be transferred to and processed on servers outside the EU. In such cases, the level of data protection may not meet EU standards, and enforcing your rights may be more difficult.
Note: Services like YouTube or Webflow may be used here — please refer to the respective privacy notices of those providers for more information.
Security Measures
We implement technical and organizational security measures in accordance with the current state of the art to comply with data protection laws and to protect your data against accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties.
Updates to This Privacy Policy
This privacy policy is current as of July 2025. It may become necessary to amend this policy due to changes in legislation or official requirements. Please check back regularly for updates.