Data protection

With the following data protection declaration, we inform you in particular about the type, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or jointly with others on the purposes and means of the processing.

Privacy policy of the NORDAKADEMIE University of Applied Sciences


Personal data (hereinafter referred to as "data") are processed by us only as necessary and for the purpose of providing a functional and user-friendly website, including its contents and the services offered there.

.

Pursuant to Art. 4 no. 1. of Regulation (EU) 2016/679, i.e. the General Data Protection Regulation (hereinafter referred to as "GDPR"), "processing" shall mean any operation or set of operations which is performed upon personal data, whether or not by automated means, such as collection, recording, organisation, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

With the following privacy policy, we inform you in particular about the nature, scope, purpose, duration and legal basis of the processing of personal data, insofar as we decide either alone or jointly with others on the purposes and means of the processing. In addition, we inform you below about the third-party components used by us for optimization purposes and to increase the quality of use, insofar as third parties process data in turn on their own responsibility.

.

1 Person responsible for data processing

NORDAKADEMIE gemeinnützige Aktiengesellschaft Hochschule der Wirtschaft

Köllner Chaussee 11
25337 Elmshorn
Phone: +49 (0) 4121 4090-0
Fax: +49 (0) 4121 4090-40
Mail: info@nordakademie.de

2 Data Protection Officer contact details

.

If you have any questions regarding data protection, please contact our data protection officer:

Maximilian Mertin
c/o intersoft consulting services AG
Beim Strohhause 17
20097 Hamburg
E-mail: dsb@nordakademie.de

3 Purpose and legal basis for the processing

Personal data is only collected if you provide it to us of your own accord, such as when filling out the registration form for the Campus Information System (CIS). We use this data solely for the purpose for which you entered your data. It will only be used for other purposes after explicit notification or after obtaining your consent, Art. 6 para. 1 lit. a) DSGVO. In certain cases, personal data is used on the basis of a legitimate interest in accordance with Art. 6 (1) (f) DSGVO (see point 4).

.

4 Processing on the basis of a legitimate interest pursuant to Art. 6 (1) (f) DSGVO

.

A processing of personal data on the basis of Art. 6 para. 1 lit. f) DSGVO takes place in the following cases:

4.1 Collection of personal data when visiting our website

When you use the website merely for information purposes, we only collect the personal data that your browser transmits to our server. If you wish to view our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure its stability and security

.

-IP address, date and time of the request, time zone difference to Greenwich Mean Time (GMT), content of the request (specific page), access status/HTTP status code, amount of data transferred in each case, website from which the request comes, browser, operating system, and its interface, language and version of the browser software.

.

The legitimate interest of the responsible party lies in the proper presentation of its Internet presence and the guarantee of stability and security of its website.

.

4.2 Google Tag Manager

For reasons of transparency, we would like to point out that we use the Google Tag Manager. No personal data is collected through the Google Tag Manager itself. With the Google Tag Manager, website tags can be integrated and managed. Tags are small code elements which, among other things, measure traffic and visitor behaviour and thus help us to improve our offer. The individual tags can be deactivated, this is taken into account by the Google Tag Manager.

For more information on Google Tag Manager, please visit: https://www.google.com/intl/de/tagmanager/use-policy.html

4.3 Website analysis

For purposes of analyzing and optimizing our websites, we use various services, which are outlined below. For example, we may analyze how many users visit our site, what information is most in demand, or how users locate the service. Among other things, we collect data on which website a data subject came to a website from (so-called referrer), which subpages of the website were accessed or how often and for how long a subpage was viewed. This helps us to design our offers in a user-friendly way, to find errors and to improve our offers and this is also our legitimate interest in using these tools. The data collected in this way is not used to identify individual users personally. We proceed sparingly with data: Anonymous or at most pseudonymous data is collected.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google LLC, (1600 Amphitheatre Parkway Mountain View, CA 94043, USA). The responsible entity for users in the EU/EEA and Switzerland is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland. The use includes the Universal Analytics mode of operation. This makes it possible to assign data, sessions and interactions across multiple devices to a pseudonymous user ID and thus to analyse a user's activities across devices.

Google Analytics uses cookies to help the website analyze how users use the site. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. However, due to the activation of IP anonymization on this website, your IP address will be truncated by Google within Member States of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and shortened there.
. Personal data is transferred to the USA under the EU-US Privacy Shield on the basis of the European Commission's adequacy decision. You can access the certificate here: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

The IP address transmitted by your browser as part of Google Analytics is not merged with other data from Google. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity and providing other services relating to website activity and internet usage to the website operator. In these purposes also lies our legitimate interest in data processing via Google Analytics.

The data sent by us and linked to cookies or user IDs (e.g. user ID) are automatically deleted after 14 months. The deletion of data whose retention period has been reached takes place automatically once a month.

.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the https://tools.google.com/dlpage/gaoptout?hl=de. Opt-out cookies prevent the future collection of your data when visiting this website. To prevent collection by Universal Analytics across devices, you must opt-out on all systems used. If you click here, the opt-out cookie will be set: Disable Google Analytics

 

For more information on Google Analytics' terms of use and Google's privacy policy, please visit https://www.google.com/analytics/terms/de.html or https://policies.google.com/?hl=de.

The legal basis for this is your consent, Art. 6 para. 1 lit. a) DSGVO.

GA Audience

.

Our website uses GA Audience, a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: GA Audience). GA Audience uses, among other things, cookies that are stored on your computer as well as other mobile devices (e.g. smartphones, tablets, etc.) and that enable an analysis of the use of the respective devices. The data is in part evaluated across devices. Google Audience receives access to the cookies created in the context of the use of Google AdWords and Google Analytics. In the course of use, data, such as in particular the IP address and activities of the user, may be transmitted to a server of Google Inc. and stored there. Google Inc. may transfer this information to third parties where required to do so by law, or where such third parties process the information. You can prevent the collection and forwarding of personal data (in particular your IP address) and the processing of this data by deactivating the execution of JavaScript in your browser or installing a tool such as 'NoScript'. You can also prevent the collection of data generated by the Google cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available at the following link (http://tools.google.com/dlpage/gaoptout?hl=de). You can access further information on data protection when using GA Audience at the following link: https://support.google.com/analytics/answer/2700409?hl=en&ref_topic=2611283

.

The legal basis for this is your consent, Art. 6 para. 1 lit. a) DSGVO.

New Relic

On this website we use a plugin of the web analysis service of New Relic of the company New Relic Inc, 188 Spear Street, Suite 1200 San Francisco, CA 94105, USA. New Relic collects and stores data from which for the purpose of analyzing visitor behavior and improving the design of the offer, as well as for optimization and marketing purposes under a pseudonym user profiles are created. New Relic uses cookies, which are stored locally on the end device of the site visitor. New Relic will use this information for the purpose of evaluating user behaviour on our website, compiling reports on website activity and providing other services relating to website activity and internet usage. Specifically, New Relic collects so-called page view data, AJAX timing data, JavaScript error data and so-called session trace data each time you access our website. In this context, the following data is collected:

.

  • Time spent in the frontend (browser)
  • Duration in the backend (network and web app)
  • Geographic origin of your request (capturing your IP address)
  • Browser type and version and operating system
  • User interactions such as scrolling, mouse movements and mouse clicks
  • .

The data collected by the provider will be deleted by the provider after 90 days at the latest. Further information about the scope of data collection by New Relic, as well as the related rights and settings options to protect the privacy of users, can be found in the privacy policy of New Relic: https://newrelic.com/termsandconditions/privacy. More information about the cookies used can be found at https://newrelic.com/termsandconditions/cookie-policy and https://newrelic.com/termsandconditions/cookie-policy/cookie-table. If you would like to prevent the collection by the provider, you can do so through appropriate settings at http://optout.aboutads.info, http://optout.networkadvertising.org or http://youronlinechoices.eu achieve this.

The legal basis for this is your consent, Art. 6 para. 1 lit. a) DSGVO.

4.4 Advertising

We use cookies for marketing purposes to target our users with interest-based advertising. In addition, we use the cookies to limit the likelihood of an advertisement being served and to measure the effectiveness of our advertising efforts. This information may also be shared with third parties, such as ad networks. The legal basis for this is Art. 6 (1) a and f DSGVO. For the purposes pursued with the data processing, there is the legitimate interest of direct marketing. You have the right to object to the processing of your data for the purpose of such advertising at any time. For this purpose, we provide you with opt-out options of the respective services below. Alternatively, you can prevent the setting of cookies in your browser settings.

.

DoubleClick by Google

.

We continue to use the online marketing tool DoubleClick by Google on our website. DoubleClick uses cookies to display ads that are relevant to users, to improve campaign performance reports, or to prevent users from seeing the same ads more than once. Google records which ads are shown in which browser via a cookie ID. This prevents the same ad from being shown more than once. In addition, DoubleClick can use cookie IDs to record so-called conversions with reference to ads. This is the case, for example, when a user sees a DoubleClick ad and later calls up the advertiser's website with the same browser and makes a purchase.

 

When you call up a page that uses DoubleClick and where the DoubleClick script is permitted, your browser automatically establishes a direct connection with Google's server. We as the website operator have no influence on the scope and further use of the data collected by Google through the use of this tool. We inform you according to our state of knowledge: Through the integration of DoubleClick, Google receives the information that you have called up the corresponding part of our website or clicked on an advertisement from us. If you are registered with a Google service, Google can assign the visit to your account. Even if you are not registered with Google or have not logged in, there is a possibility that the provider learns your IP address and stores it.

.

Google has submitted to the EU-US Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI

You can prevent collection by this tracking method in several ways: a. by setting your browser accordingly. Suppressing third-party cookies will result in you not being shown third-party ads. b. By deactivating cookies for conversion tracking, you prevent interest-based advertising from being displayed. To do this, you must block cookies from the domain "www.googleadservices.com" in your browser. c. At https://www.google.de/settings/ads you can set an opt-out cookie. However, this setting will be deleted if you delete all your cookies. d. By opting out of interest-based ads from vendors that are part of the "About Ads" self-regulatory campaign at the http://www.aboutads.info/choices link, although this setting will be deleted when you delete your cookies; d. By permanently disabling cookies in your browser at the https://www.google.com/settings/ads/plugin link. Please note that in this case you may not be able to use all functions of our website to their full extent.

.

For more information on DoubleClick by Google, please visit https://www.google.de/doubleclick and https://support.google.com/adsense/answer/2839090, as well as Google's privacy policy in general: https://www.google.de/intl/de/policies/privacy. Alternatively, you can visit the Network Advertising Initiative (NAI) website at https://www.networkadvertising.org.

The legal basis for this is Art. 6 para. 1 lit. f) DSGVO. The legitimate interest consists in analysis, optimization and economic operation of our online offer.

Facebook Custom Audience

.

We use the Facebook "Custom Audience" technology, a service of Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA. The data collected through the integration of cookies, web beacons or similar third-party technologies allows us to measure and design our advertising activities on Facebook more effectively and, for example, to display posts or advertisements only to visitors to our website. We only use cookies, web beacons, and similar proven and widely used third-party technologies to collect this data. We do not share or upload lists of personally identifiable information to Facebook. The data collected in the process is only transmitted to Facebook in encrypted form. Possible personal data of individual users are not visible to us. For more information, please see Facebook's privacy policy at www.facebook.com/about/privacy/.

If you do not wish to have data collected via Custom Audience, you can disable Custom Audience here 

.

The purpose of using these web analytics services is to continually improve our features and services. Only non-personal data is used for this purpose for analysis and reporting purposes. We do not merge this data with any other personal data.

 

4.5 Use of cookies

When you use our website, cookies are stored on your computer. Cookies are small text files that are stored on your hard drive associated with the browser you are using and through which certain information flows to the entity that sets the cookie. Cookies cannot execute programs or transfer viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.

.

The legal basis for the processing of personal data using cookies is Art. 6 (1) lit. f DSGVO. The legitimate interest of the controller lies in the user-friendly and more effective design of its website.

The legal basis for the processing of personal data using cookies is Article 6 (1) lit. f DSGVO.

This website uses the following types of cookies, the scope and functionality of which are explained below:

Transient cookies

.

These cookies are automatically deleted when you close the browser. These include, in particular, session cookies. These store a so-called session ID, with which various requests of your browser can be assigned to the common session. This enables your computer to be recognised when you return to our website. The session cookies are deleted when you log out or close the browser.

Persistent cookies

.

These cookies are automatically deleted after a specified period of time, which may vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

.

Preventing cookies

.

You can configure your browser settings according to your preferences and, for example, refuse to accept third-party cookies or all cookies. Please note that if you do this, you may not be able to use all the features of this website.

4.6. reCAPTCHA

We use reCaptcha on our website. reCaptcha is an offer from Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) and serves to prevent abusive automated entries in web forms and thus to protect the technical systems of the hoster.

.

The legal basis for the use of reCaptcha is Art. 6 para. 1 lit. f) DSGVO. The legitimate interest of the responsible party lies in the prevention of misuse through automated entries in web forms.

The legal basis for the use of reCaptcha is Article 6 (1) f) DSGVO.

When you call up one of our websites in which reCaptcha is integrated, a connection is established to Google's servers. In any case, your IP address is transmitted, but this is anonymized in countries of the EU / EEA after retrieval.

In addition, reCaptcha collects the following data:

  • a record of the user's browser window at the time of interaction with reCaptcha
  • .
  • browser plugins used
  • .
  • the cookies set by Google in the last 6 months
  • .
  • Number of mouse clicks and touches you have made on this screen
  • .
  • CSS information for the page you are viewing
  • .
  • Javascript objects
  • the date
  • the browser language

You can find a way to prevent Google from using your data for advertising here: https://adssettings.google.com/anonymous

You can find Google's privacy policy here: https://www.google.com/policies/privacy/.

4.7 Gravatar

We use Gravatar within the Online Offerings. Gravatar is a service provided by Automattic Inc.  (Automattic Inc. 60 29th Street #343, San Francisco, CA 94110, USA) which allows users to personalize their own posts with a profile picture. To do this, the user must register with Gravatar and provide his email address and profile picture.

.

When comments are posted, the email address is transmitted to Gravatar to associate it with the profile picture and display the profile picture next to the comment. The email address is transmitted to Gravatar's servers in encrypted form. By displaying the images, your IP address is transmitted to Gravatar.

.

The legal basis for the data processing is the legitimate interest Art. 6 para. 1 lit. f) DSGVO. The legitimate interest of the controller is to give users the opportunity to personalize their comments by linking them to their profile picture.

More information on the collection and use of data by Gravatar can be found in Gravatar's privacy policy: https://automattic.com/privacy/.

4.8 Third Party Content

.

There is content from Google (Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), YouTube and Google Maps, embedded within this online offer. This always assumes that the providers of this content (hereinafter referred to as "third-party providers") are aware of the IP address of the user. This is because without the IP address they would not be able to send the content to the browser of the respective user. The IP address is thus necessary for the display of this content. We endeavour to only use content whose respective providers only use the IP address to deliver the content. However, we have no influence if the third-party providers store the IP address, e.g. for statistical purposes. Insofar as this is known to us, we inform the users about it. The legal basis for this is Art. 6 para. 1 f DSGVO. The legitimate interest consists in analysis, optimization and economic operation of our online offer.

More information on Google's handling of user data and cookies can be found in Google's privacy policy: https://www.google.de/intl/de/policies/privacy/.

4.9 Application

Apply as a prospective student

.

When you apply for a place on our website, you must first complete an online test. Please refer to the privacy policy on the online test website for the data collected from you in this process.

.

Apply as an employee

.

You can apply to our company electronically, in particular via e-mail. We will of course only use your details to process your application and will not pass them on to third parties. Please note that unencrypted e-mails will not be transmitted without access protection.

5 Use of social plugins

 This website uses social plugins from the providers:

  • Facebook (Operator: Facebook Inc, 1601 S. California Ave, Palo Alto, CA 94304, USA)
  • Twitter (Operator: Twitter Inc, 795 Folsom St, Suite 600, San Francisco, CA 94107, USA)
  • Xing (XING SE, Dammtorstraße 30, 20354 Hamburg, Germany)

These plugins usually collect data from you by default and transmit it to the servers of the respective provider. To ensure the protection of your privacy, we have taken technical measures to ensure that your data cannot be collected by the providers of the respective plugin without your consent. When you call up a page on which the plugins are integrated, they are initially deactivated. Only by clicking on the respective symbol are the plugins activated and you thereby give your consent for your data to be transferred to the respective provider. The legal basis for the use of the plugins is Art. 6 para. 1 lit. a) and lit. f) DSGVO.

The plugins also collect personal data such as your IP address after activation and send it to the servers of the respective provider, where it is stored. In addition, activated social plugins set a cookie with a unique identifier when the relevant website is called up. This also allows the providers to create profiles about your usage behavior. This also happens if you are not a member of the social network of the respective provider. If you are a member of the provider's social network and are logged into the social network during your visit to this website, your data and information about your visit to this website may be linked to your profile on the social network. We have no influence on the exact scope of the data collected from you by the respective provider. For more information about the scope, nature and purpose of data processing and about rights and setting options for protecting your privacy, please refer to the privacy policy of the respective provider of the social network. These are available at the following addresses:

Facebook: https://www.facebook.com/policy.php
Twitter: https://twitter.com/privacy/
Xing: https://www.xing.com/app/share?op=data_protection

6 Register with CIS (Campus Information System)

You have the option to register with us. For the registration we collect and store the following data from you:

.

  • First name
  • First name
  • Last name
  • Email (username)
  • Password
  • Address
  • Date of birth

We use the so-called double-opt-in procedure for registration, i.e. your registration is only completed when you have previously confirmed your registration via a confirmation e-mail sent to you for this purpose by clicking on the link contained therein. If your confirmation is not received within [24 hours], your registration will be automatically deleted from our database. The provision of the aforementioned data is mandatory, all other information you can provide voluntarily by using our portal. All information can be managed and changed in the protected area. The legal basis is Art. 6 para. 1 a, b and f DSGVO.

7 Data transfer and recipients or categories of recipients

As a matter of principle, your data will not be transferred to third parties unless we are legally obliged to do so, or the transfer of data is necessary for the performance of the contractual relationship, or you have previously expressly consented to the transfer of your data.

8 Duration of storage

Personal data that we collect will be deleted when the purpose of the processing ceases to apply or within the statutory retention periods

.

9 Information about obligations of the data subject to provide data

.

When using our website, you are not subject to any legal or contractual provision obligation.

10 Existence of automated decision making including profiling

An automated decision-making including profiling according to Art. 22 DSGVO does not take place.

11 Your rights

You have the following rights vis-à-vis us with regard to the personal data concerning you:

11.1 General rights

You have a right of access, rectification, erasure, restriction of processing, objection to processing and data portability. Insofar as processing is based on your consent, you have the right to revoke this consent with effect for the future.

You have the right to withdraw your consent with effect for the future.

11.2 Rights in data processing according to legitimate interest

According to Article 21(1) DSGVO, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1)(e) DSGVO (data processing in the public interest) or on the basis of Article 6(1)(f) DSGVO (data processing for the purposes of safeguarding a legitimate interest); this also applies to profiling based on this provision. In the event of your objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

.

11.3 Direct marketing rights

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of personal data concerning you for the purpose of such marketing pursuant to Article 21(2) of the GDPR; this also applies to profiling insofar as it is related to such direct marketing.

.

In the event of your objection to the processing for the purpose of direct marketing, we will no longer process your personal data for these purposes

.

11.4 Right to lodge a complaint with a supervisory authority

.

You also have the right to complain to a competent data protection supervisory authority about our processing of your personal data

.

12 Contacting us by email

When you contact us by e-mail, the data you provide (your e-mail address, first and last name, title and telephone number) will be stored by us in order to answer your questions. A communication of this information is expressly on a voluntary basis and with your consent, Art. 6 para.1 a DSGVO. Insofar as this involves information on communication channels (e.g. e-mail address, telephone number), you also consent to us contacting you via this communication channel, if necessary, in order to answer your request. Of course, you can revoke this consent for the future at any time.

We delete the data accruing in this context after the storage is no longer necessary, or restrict the processing if there are legal retention obligations.

13 Registration for events

On our website we offer a calendar with an overview of all events. Data from the calendar can be transferred to a Google calendar, Outlook calendar or Apple calendar. If you register for the events, the personal data you provide (name and email and telephone number, if applicable) will be stored by us in order to use the data for the organization and implementation of the event. The processing of the data is based on your voluntarily given consent, Art. 6 para. 1 lit. a) DSGVO. Of course, you can revoke this consent for the future at any time.

We delete the data accruing in this context after the storage is no longer necessary, or restrict the processing if there are legal retention obligations.

14 Data transfer and intended data transfer to a third country or an international organization

As a matter of principle, your data will not be transferred to third parties unless we are legally obliged to do so, or the transfer of data is necessary for the performance of the contractual relationship, or you have previously expressly consented to the transfer of your data.

15 Data security

We have implemented extensive technical and operational safeguards to protect your data from accidental or intentional manipulation, loss, destruction or access by unauthorized persons. Our security procedures are regularly reviewed and adapted to technological progress.

As of December 2019


Notes on data processing for electronic examinations


Here you can find out how NORDAKADEMIE University of Applied Sciences processes your personal data in the context of examinations that are conducted online without presence due to the Corona pandemic. 

In the following we inform you about the processing of personal data when using Moodle, Microsoft Lens and Zoom.

.

Notices about data processing at Moodle

.

Notes on data processing at Microsoft Lens

Notes on data processing at Zoom

Notes on data processing for Zoom during exams