Privacy Policy

1. Responsible institution for data protection purposes

Albert-Ludwigs-Universität Freiburg
Friedrichstraße 39
79098 Freiburg
++49 (0)761/203-0

2. Data protection officer

Albert-Ludwigs-Universität Freiburg
Der Datenschutzbeauftragte
79085 Freiburg

3. Note

This information on data protection/data protection declaration refers to the website of the mission statement of the University of Freiburg (, which is operated by the IT Services Department of the University of Freiburg. Other websites and web servers operated by departments and faculties of the university may have their own policies for dealing with personal data and therefore have other data protection declarations.

In general terms, we take the private sphere of our visitors very seriously and collect only data that are necessary for optimizing the functionality and usability of the web pages.

Insofar as the processing of personal data is necessary within the context of tasks lying within the responsibility of the University of Freiburg or a task  that is in the public interest, the processing is conducted on the basis of § 6 para. 1 lit. e of the EU General Data Protection Regulation (EU-GDPR) in conjunction with § 4 of the State Data Protection Act.

In addition, the university has a legitimate interest in processing certain personal data of users and visitors in areas concerning its public image as well as for press work and public relations, particularly with regard to the operation of websites.

4. Collection of personal data

Unless otherwise specified on the particular web pages, personal data are collected as follows:

4.1. Availability of web pages and creation of log files

4.1.1.Description and categories of data

When you visit this or other web pages, you send data to our web server via your web browser. The following data are retained temporarily in a log file during an ongoing connection only in the case of an error:

  • IP address of the requesting computer
  • Date and time of the access
  • Name, URL, and amount of transferred data from the requested file
  • Access status (requested file transferred, not found, etc.)
  • Browser type and operating system (if sent by the requesting web browser)
  • Web page from which access was obtained (if sent by the requesting web browser)

The data in this log file are processed as follows:

  • In individual cases, i.e., reported defects, errors, and security incidents, a manual analysis is conducted.

4.1.2. Purpose

The system needs to temporarily store the user’s IP address to enable the website to be sent to the user’s computer. The user’s IP address must be retained for the duration of the session.

The data are stored in a log file as a means of ensuring the proper functioning of the website. In addition, we use the data to optimize the website and guarantee the security of our information technology systems. The IP addresses included in the log entries are not combined with other retained data unless there are actual indications that there has been a disruption of proper operation.

These purposes also constitute our legitimate interest in processing data in accordance with § 6 para. 1 lit. f GDPR (General Data Protection Regulation).

4.1.3. Legal basis

The legal basis for the temporary retention of the data and the log files is § 6 para. 1 lit. f GDPR.

4.1.4. Recipient

In the case that investigative measures are initiated due to attacks on our information technology system, the data and log files named above under 4.1. may be passed on to state investigative bodies (e.g., police, public prosecutor).

The same applies if these bodies or courts direct inquiries at the university and the university is obligated to comply with them.

4.1.5. Duration of data retention

The data are deleted as soon as they are no longer needed to achieve the purpose for which they were collected. In the case of data collected to make the website available, this is the case at the end of the relevant session.

4.1.6. Consequences of nondisclosure, possibility of objection or removal

The collection of data for the purpose of making the website available and the storage of the data in log files is absolutely necessary for the operation of the website. Users who do not want their data to be processed as described may contact the university in other ways (by telephone, in writing, in person) to obtain information or perform functions available on the website.

4.2. Use of cookies

4.2.1. Description and categories of data

Our website uses cookies. Cookies are text files stored on the user’s computer system by the internet browser. If a user calls up a website, a cookie can be stored on the user’s computer system. A cookie can include, e.g., a characteristic character string that enables the site to identify the browser when the user again calls up the website.

The following data are stored in cookies and sent to the user’s computer system by this website:

Source Name Content (example) Purpose Validity nmstat Randomly generated ID Analysis of website usage 1000 days AWSELB / AWSELBCORS Session-ID session cookie Until the end of the browser session sz_notrack true opt-out cookie 5 years

For more information on the individual functions that use cookies (video portal, Siteimprove), please consult the relevant section of this declaration.

4.2.2. Purpose

The purpose of using the technically necessary cookies named under 4.2.1 is to simplify the use of the website for the user. Some functions of our website cannot be offered without the use of cookies. For these functions, it is necessary for the browser to be recognized when the user visits the website again later after leaving it.

The purpose of each cookie is listed in the table under 4.2.1.

The user data collected by the cookies are not used to create user profiles.

These purposes also constitute our legitimate interest in processing personal data in accordance with § 6 para. 1 lit. f GDPR.

4.2.3. Legal basis

The legal basis for the processing of personal data using cookies is § 6 para. 1 lit. f GDPR.

4.2.4. Recipient

The recipient of the information contained in the cookies is exclusively the authorized web server, i.e., the university web server that sent the cookie.

4.2.5. Duration of data retention

The cookies are retained for the periods listed in the table under 4.2.1.

Since the cookies are stored on your computer, you also have the possibility of deleting them earlier. For more information, please read the following section.

4.2.6. Consequences of nondisclosure, possibility of objection or removal

Cookies are stored on the user’s computer and transmitted to our site from it. As the user, you therefore also have complete control over the use of cookies – irrespective of the retention periods listed above. You can deactivate or limit the transfer of cookies by changing the settings of your web browser. You can also delete already stored cookies at any time. You can even set your browser to do this automatically. If you deactivate cookies for our website, you may no longer be able to use all functions of the website to their full extent.

4.2.7 Consent with Borlabs Cookie

Our website uses the Borlabs Cookie consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document this in accordance with data protection law. The provider of this technology is Borlabs GmbH, Rübenkamp 32, 22305 Hamburg (hereinafter referred to as Borlabs. When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not shared with the provider of Borlabs cookie

The collected data will be stored until you request us to delete it or until you delete the Borlabs cookie yourself or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at The use of Borlabs Cookie Consent Technology takes place in order to obtain the legally required consent for the use of cookies. The legal basis for this is Art. 6 para. 1 lit. c DSGVO.

4.3. VIMP / University of Freiburg video portal

4.3.1. Description and categories of data

Videos from the University of Freiburg’s video portal are integrated into our website and shown with a player. When you visit a page with a video integrated into it, the cookies named in 4.1. are used.

4.3.2. Purpose

Our web pages should provide you with the necessary information and create a pleasant media experience. This also includes the integration of videos.

This purpose also constitutes our legitimate interest in processing data in accordance with § 6 para. 1 lit. f GDPR.

4.3.3. Legal basis

The legal basis for the processing of personal user data is § 6 para. 1 lit. f GDPR.

4.3.4. Recipient

The data are used by the server that places the cookie,

4.3.5. Duration of data retention

See 4.1.

4.3.6. Consequences of nondisclosure, possibility of objection or removal

If you do not wish to use videos from the university’s video portal, you can avoid using the web pages with integrated videos.

5. Privacy policies for social media

5. Contact Form

If you send us inquiries via the contact form, your data from the inquiry form including the contact data you provided there will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested; the consent can be revoked at any time.

The data you enter in the contact form will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions - in particular retention periods - remain unaffected.

6. Your Rights

You have the right to receive information from the University of Freiburg on your personal data that has been retained and/or to have retained data that is incorrect corrected.

You also have the right to demand that your data be deleted or that the processing thereof be restricted as well as to object to the processing of your data.

If you have given us your consent to process your personal data, you also have the right to withdraw your consent at any time. The legality of any processing performed on the grounds of the consent prior to its withdrawal remains unaffected by the withdrawal of consent. For more information, please contact us at If the processing of data is based on consent or on a formal agreement, we will refer you to the proper authority.

If the data is also processed in automated form, you may have a right to data portability (§ 20 EU-GDPR).

You have the right to file a complaint with the regulating authority if you believe that the processing of your personal data is in violation of the law. An example of such a regulating authority is Baden-Württemberg’s state commissioner for data protection and freedom of information (Landesbeauftragte für den Datenschutz und die Informationsfreiheit).