Last changed 19.02.2019
The LMU as a corporate body of public law is subject to the BayDSG (bavarian legislation on data-protection), in some points the BDSG (Federal Data Protection Act), the GDPR (General Data Protection Regulation), and the corresponding articles of special laws (Telemedia, Telecommunication, Employment Law, etc.) relevant to data protection.
This data privacy statement fulfills the obligations to inform the user as result from the formalities mentioned above.
Data Protection Official of the LMU Munich
- Dr. Rolf Gemmeke
- Geschwister-Scholl-Platz 1, 80539 München
- Telefon: +49 (0) 89 2180-2414
- Website of the data protection official of the LMU
Supervisory body for data protection in the public sector
- Bayerischer Landesbeauftragter für den Datenschutz
- Promenade 27
- 91522 Ansbach
- Telefon: +49 (0) 981 53 1300
- Website of the bavarian Data Protection Commissioner
Data Protection Coordinator of the department Institut für Informatik of the LMU
- Robert Hofer
- E-Mail: firstname.lastname@example.org
- Telefon: +49 (0) 89 / 2180 - 9198
Legal person responsible for data processing
- Ludwig-Maximilians-Universität München
- Geschwister-Scholl-Platz 1
- 80539 München
- Telefon: +49 (0) 89 / 2180 - 0
- E-Mail: email@example.com
The LMU Munich is a corporate body of the public law.
It is legally represented by its president, Prof. Dr. Bernd Huber.
- IT Operations Team (RBG) of the department Institut für Informatik of the LMU Munich
- Oettingenstraße 67
- D-80538 München
- E-Mail: firstname.lastname@example.org
- Tel.: +49 (0) 89 / 2180 - 9198
Processing of Personal Data
The IT service and organization at the department Institut für Informatik follows the state of the art and best practices regarding security and IT operations.
The protection of personal data as well as the sustainable operation of services in the scope of their possibilities is therefore guaranteed.
1. Webserver protocol
Data subjectsEvery user of this webserver is affected by the acquisition and processing of the data.
Which data is acquiredThe webserver records
- Pseudonym corresponding to the IP address of the user's webclient
- Date and time of the request of an element of the website
- Address of the requested element
- Amount of requested data
- Info on whether the request was successful
- Type and version of the webclient
- Error messages if applicable
- Text of any search, filter, or sorting parameter as applicable
In case of a disturbance or security incident, the pseudonymisation of the IP address will be temporarily suspended.
ipscrub (http://www.ipscrub.org) is used to generate pseudonyms for IP addresses.
The collected data is only used for statistical analysis (in anonymised form), for enhancing Uni2work, for analysis, elimination and protection against disturbances, and in case of security incidents.
Only the IT administrators responsible for the operation of the department Institut für Informatik have access to the data.
Legal or Contractual Basis of Data Processing
- Obligation to sustainable and secure operation of IT services according to the state of the art (TMG, TKG, DSG, EUDGV, BayDSG, BDSG)
- Legislation pertaining to the retention period and type of webserver protocols
- Performing of a function that is of public interest
First point of contact is the above-mentioned responsible department.
Entries of the webserver protocol will be automatically deleted after seven days.
Data that is processed due to a disturbance or a security incident will be deleted after the incident has been concluded.
Consent, Correction, Revocation, Request for Deletion or Transmission
Consent is not required for the processing of the data due to the type of the collected data, its designated use, the automated deletion and the basis of the collection (GDPR, Art. 6 Para. 1 e+f).
The right of withdrawal for data processing, the right of petition for deletion, the right of petition for correction, and the right of petition for transmission are not applicable due to the consent to data processing not being necessary as well as the type and use of the collected data.
Right to appeal
Users generally have the right to appeal to the supervisory body concerning any processing or transmission of their personal data.
In case of the LMU Munich, the supervisory body is the above-mentioned Bavarian Data Protection Commissioner.
Apart from that, any other above-mentioned legal contact person may be contacted concerning appeals and inquiries.
Obligation to participate in the processing of the data
The user is obligated to provide the data and allow its processing when using this service.
We reserve the right to exclude users from the service who do not provide the data.