Privacy Statement
What is this?
By the present privacy statement the Friedrich Schiller University Jena, Fürstengraben 1, 07443 Jena, Germany, represented by the President Professor Dr. Andreas Marx, fulfils the requirement to provide information in accordance with sections 12 and 13 of the General Data Protection Regulation (GDPR)External link.
The Data Protection Officer of the University is avaiable for any questions relating to the data protection, please contact him via e-mail: datenschutz@uni-jena.de. The present version of the privacy statement was updated on 20th February 2025 by the Data Protection Officer.
Which terms and principles do apply?
The definitions used in the present privacy statement are determined by section 4 of GDPR. If reading the text carefully, these definitions should be easily understandable. The structure and the formulations in the privacy statement are based on the principle of transparency as defined in section 5 subsection 1(a) and in section 12 of GDPR.
If you, however, still might have some questions, please do not hesitate to contact the Data Protection Officer.
Why and how does the University process your data?
While visiting this website, your personal data is being processed in various ways. The type of processing depends on the features of a particular web page. Details on the individual processing steps can be found via the links in the tables.
Currently, the following types of processing are carried out:
|
Type of processing |
used for | Legal basis |
| Campus management system Friedolin | Campus Management (student life cycle management) | Art. 6 (1)(e) GDPR in conj. with ThürHG |
| Request processing via Jira Service-Desk | IT-Service, Campus Management |
Art. 6 (1)(a), Art. 9 (2)(a) GDPR |
| Teaching and learning platform Moodle | digital teaching | Art. 6 (1)(e) GDPR in conj. with ThürHG |
|
Administration via SAP |
Central administration (finance and procurement, personnel); only for staff (internal use only) | Art. 6 (1)(e) GDPR in conj. with ThürHG |
|
Digital Asset Management via Canto |
Image database Internal, for staff only |
Art. 6 (1)(a) GDPR |
|
Learning platform Mahara |
ePortfolio platform and personal learning environment | Art. 6 (1)(e) GDPR in conj. with ThürHG |
In the central content management system of the Friedrich Schiller University, the following processing operations take place on all websites:
| Type of processing | used for | Legal basis |
| Web presence | self-presentation | Art. 6 (1)(e) GDPR in conj. with ThürHG, Art. 6 (1)(f) GDPR |
| Matomo | web analysis | Art. 6 (1)(e) GDPR in conj. with ThürHG, Art. 6 (1)(f) GDPR |
| Registration features | access to protected areas | Art. 6 (1)(a) GDPR |
| establishing contact | Art. 6 (1)(a) GDPR |
While processing data in accordance with section 6 subsection 1(f) of GDPR, the University pursues the following legitimate interests:
| Type of processing | Legitimate interest | Legal basis |
| You Tube | Video | Art. 6 (1)(a) GDPR |
| Input/form function | Data input | Art. 6 (1)(a), Art. 9 (2)(a) GDPR |
| Newsletter | Information, Advertising | Art. 6 (1)(a) GDPR |
| ReCAPTCHA | Safety | Art. 6 (1)(e) GDPR in conj. with ThürHG, Art. 6 (1)(f) GDPR |
| Comment/upload functions | Communication | Art. 6 (1)(a) GDPR |
| Live chat | Communication |
Art. 6 (1)(a) GDPR |
Friedrich Schiller University pursues the following legitimate interests in processing operations based on Article 6(1)(f) GDPR.
| Web presence | presentation of the University’s offers and activities |
| Matomo | analysing the user behaviour to be able to adjust the online offers to the users |
| ReCAPTCHA | Protection against automated access to websites |
According to section 21 of GDPR, you have the right to object the data processing, as defined in section 6 subsection 1(f) of GDPR, if you give reasons relating to your particular situation in which data processing seems unreasonable to you. In the cookies section below, you may de-activate the data processing related to Matomo services.
What about cookies?
Cookies are small text files which website providers store in your web browser and represent them in there. Apart from “session cookies”, which are deleted by closing the web browser, the University uses a tracking cookie within Matomo’s web analysis tool. This cookie enables us to analyse your behaviour on the University’s web pages as far as you do not object the tracking option (see below).
Fan-pages in social-media
As a modern university, the Friedrich Schiller University also has information pages on social media such as Facebook, Instagram, Bluesky, Youtube, Mastodon, LinkedIn and TikTok. These are used for rapid communication and public relations work by the university, primarily with our members, relatives and other interested parties.
We would like to inform you that when using the social media services of the Meta Group (Facebook and Instagram), Youtube or TikTok data security cannot be guaranteed under European law.
Should you therefore have concerns about the processing of your personal data, we offer you data protection-compliant alternatives for this purpose.
For example, you can also obtain any information published via these services from the official websites of the Friedrich Schiller University Jena https://www.uni-jena.de/ de and via the decentralised network Mastodon https://mastodon.social/@unijenaExternal link.
An existing account with social media services is therefore not required for communication with us.
How long do we store your data?
We store your data not longer than necessary for a particular type of data processing. If there are any retention/storage periods determined by law, they shall apply.
What rights can you exercise?
In accordance with sections 15–22 and section 77 of GDPR, you have various rights with regard to processing of your personal data by the University.
-
Right to object
You can object a particular type of data processing if you can give reasons relating to your particular situation in which data processing seems unreasonable to you.
-
Right to access
You have the right to learn whether the University processes your data and, if yes, to what extent.
-
Right to rectification
You have the right to obtain the rectification of inaccurate or incomplete personal data from the controller.
-
Right to erasure
You have the right to have your personal data erased by the controller if one of the reasons named in section 17 subsection 1 of GDPR are given; for example, if the data are no longer necessary in relation to the purposes for which they were collected.
-
Right to restriction of processing
You have the right to restrict the processing from the controller if one of the reasons named in section 18 subsection 1 of GDPR are given; for example, if the accuracy of the personal data is contested during the verification process.
-
Right to data portability
You have the right to have the University provide you your data in a machine-readable format or transfer those to another controller upon your request if this is technically possible.
-
Right to lodge a complaint
You have the right to lodge a complaint against the processing of your personal data by the University, i.e. with the responsible supervisory authority. In our case, this is the Thuringian Data Protection Officer, Häßlerstraße 8, 99096 Erfurt, Germany