Who we are

Privacy Policy

We, the Hertie School, Friedrichstra?e 180, 10117 Berlin, Germany herewith inform you about the processing of personal data for which we are responsible in the sense of the EU General Data Protection Regulation (GDPR).

You can reach our data protection officer by sending an email to hertie-school@daspro.de or by sending a letter to DPO Hertie School, daspro GmbH, Kurfürstendamm 21, 10719 Berlin

Below we have compiled the most important information on typical data processing for you, broken down by groups of data subjects. For certain data processing operations, which only concern specific groups, the information requirements are fulfilled separately. Where the term "data" is used, only personal data within the meaning of the GDPR are meant.

  1. Website visitors of the Hertie School
  2. Students and participants in research and further education programmes
  3. Interested parties as well as applicants for study courses, and for research and further education programmes
  4. Users of Unibuddy
  5. Participants in online events of the Hertie School via Zoom
  6. Hertie School Alumni
  7. Newsletter recipients
  8. Event participants
  9. Business partners and their employees
  10. Interested parties and communication partners
  11. Applicants for Hertie School Jobs
  12. Rights of data subjects and further information

 

1. Website visitors of the Hertie School

1.1 Server log data

(i) When using the website, certain information is sent to the server of our website by the browser used on your device for technical reasons. This data is stored and processed on our server.

(ii) We process the following data for the purpose of providing the contents of the website that you have visited, to ensure the security of the IT infrastructure used, to correct errors, to enable and simplify searches on the website and to manage cookies.

(iii) The data processed is HTTP data: HTTP data is protocol data that is generated when the Website is visited via the Hypertext Transfer Protocol (Secure) (HTTP(S)) for technical reasons: This includes IP address, type and version of your Internet browser, operating system used, the page visited, the page previously visited (referrer URL), date and time of the visit. HTTP(S) data also accumulates on the servers of service providers (e.g. when requesting third-party content).

The legal basis for the processing is our legitimate interest in the operation of an Internet presence and the communication with communication partners in accordance with Article 6 (1) (f) GDPR.

(iv) The data is automatically transmitted by the browser of the user.

(v) Recipients of the personal data are IT service providers which we use as processors within the framework of a data processing agreement.

(vi) The data will be anonymised and deleted after 7 days at the latest.

(vii) Without disclosure of personal data such as the IP address, the use of the website is not possible. Communication via the website without disclosure of data is technically not possible.

1.2 Technically required cookies

We use cookies on our website. Cookies are small text files containing information that can be stored on the user's end device via the browser when visiting a website. The information stored in cookies can be read and processed when the website is visited again using the same device. In doing so, we use processing and storage functions of the browser of your device and collect information from the storage of the browser of your device.

In the structure of our Privacy Policy, we differentiate between Technically Required Cookies, Statistics Cookies and Social Media Content from Third Party Providers. For the function of the website, Technically Required Cookies cannot be deactivated via the cookie management function of this website. However, you can deactivate cookies generally in your browser at any time. Different browsers offer different ways to configure the cookie settings in the browser. We would like to point out, however, that some functions of the website may not function or may no longer function properly if you deactivate cookies in your browser in general.

a) Google Tag Manager

We use the Google Tag Manager on our website. The Google Tag Manager enables us to manage cookies and control their placement. This enables us to implement, for example, your consent, a revocation of consent or an opt-out. The Google Tag Manager does not set its own cookies and does not process data stored in cookies.

(i) The purpose of the data processing is to control the placement of cookies on our website and to ensure the security of the application.

(ii) The data processed is HTTP data: HTTP data is protocol data that is generated when the Website is visited via the Hypertext Transfer Protocol (Secure) (HTTP(S)) for technical reasons: This includes IP address, type and version of your Internet browser, operating system used, the page visited, the page previously visited (referrer URL), date and time of the visit. HTTP(S) data also accumulates on the servers of service providers (e.g. when requesting third-party content). Your IP address is automatically anonymized during processing.

(iii) The legal basis for the processing is our legitimate interest in the simple and reliable control of cookies in accordance with Article 6 (1) (f) GDPR.

(iv) The data is automatically transmitted by the browser of the user.

(v) The recipient of the data is Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, which we use as processor within the framework of a data processing agreement.

(vi) The data will be deleted after six months.

(vii) Without disclosure of personal data the use of the website is not possible. Communication via the website without disclosure of data is technically not possible.

b) Consent Cookies

We use so-called Consent Cookies to store your consent, possible revocation of consent and opt-out of the use of cookies on our website.

(i) The purpose of data processing is the storage of the user decisions on cookies (consent, revocation, opt-out).

(ii) The processed data are:

  • HTTP data: HTTP data is protocol data that is technically generated when the website is visited via the Hypertext Transfer Protocol (Secure) (HTTP(S)): This includes IP address, type and version of your Internet browser, operating system used, the page visited, the page previously visited (referrer URL), date and time of the visit.
  • User decision on cookies: User's decision on individual cookies or groups of cookies. Time of the decision and of the last visit.

(iii) The legal basis for the processing is our legitimate interest in the easy and reliable control of cookies settings in accordance with the respective user decisions in accordance with Article 6 (1) (f) GDPR.

(iv) The data is actively provided by the user (decision on cookies) or automatically transmitted by the user's browser (protocol data, time stamp).

(v) Recipients of the personal data are IT service providers which we use as processors within the framework of a data processing agreement.

(vi) A negative user decision with regard to cookies is deleted at the end of the session. The other data will be deleted after one year.

(vii) Without disclosure of personal data, the use of the website is not possible. Communication via the website without the disclosure of data is technically not possible.

1.3 Statistics Cookies

We use cookies on our website. Cookies are small text files containing information that can be stored on the user's device via the browser when visiting a website. The information stored in cookies can be read out and processed when the website is visited again using the same device. In doing so, we use processing and storage functions of the browser of your device and collect information from the storage of the browser of your device.

In the structure of our Privacy Policy, we differentiate between Technically Required Cookies, Statistics Cookies and Social Media Content from Third Party Providers.

Depending on their function and purpose, the use of certain cookies may require the user's consent. Your consent is given through a so-called "cookie banner": When you visit our website, we display our cookie banner. In our cookie banner you can declare your consent to the use of all cookies requiring consent on this website by clicking on the "Accept" button. Without such consent, the cookies requiring consent are not activated. By clicking the "Close" button, you can also completely reject the use of cookies requiring consent. Your decision will be saved in a cookie. Alternatively, you have the possibility to access our "cookie board" by clicking on the "More information" button. In the cookie board, you can make an individual selection of cookies and customize them at a later time. We store your cookie settings in the form of a cookie on your device in order to determine whether you have already made cookie settings the next time you visit the website.

a) Google Analytics

If you have given your consent, we use the web analysis tool Google Analytics on our website. With the help of Google Analytics, we can analyze the user behaviour of visitors to our website in pseudonymized and anonymised form.

You can deactivate the data processing by Google Analytics at any time in our "cookie board". Alternatively, you can install a browser plug-in from Google which prevents data collection by Google Analytics: https://tools.google.com/dlpage/gaoptout?hl=en

(i) The purpose of data processing is to analyze user behaviour and to measure the reach of our website and advertisements to optimize our website.

(ii) The processed data are:

  • Google Analytics HTTP data: This is protocol data that is generated for technical reasons when using the web analysis tool Google Analytics via the Hypertext