Privacy policy
1. An overview of data protection
General
The following gives a simple overview of what happens to your personal information when you visit our website (including catalogue OPACplus). Personal information is any data with which you could be personally identified. Detailed information on the subject of data protection can be found in our privacy policy found below.
Data collection on our website
Who is responsible for the data collection on this website?
The data collected on this website are processed by the website operator. The operator’s contact details can be found in the website’s required legal notice.
The web server for our catalogue OPACplus is operated by the Leibniz Supercomputing Centre (LRZ).
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or when you accessed the page. These data are collected automatically as soon as you enter our website.
What do we use your data for?
Part of the data is collected to ensure the proper functioning of the website. Other data can be used to analyze how visitors use the site.
What rights do you have regarding your data?
You always have the right to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or deleted. You can contact us at any time using the address given in the legal notice if you have further questions about the issue of privacy and data protection. You may also, of course, file a complaint with the competent regulatory authorities.
Analytics and third-party tools
When visiting our website, statistical analyses may be made of your surfing behavior. This happens primarily using cookies and analytics. The analysis of your surfing behavior is usually anonymous, i.e. we will not be able to identify you from this data. You can object to this analysis or prevent it by not using certain tools. Detailed information can be found in the following privacy policy.
You can object to this analysis. We will inform you below about how to exercise your options in this regard.
2. General information and mandatory information
Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy policy.
If you use this website, various pieces of personal data will be collected. Personal information is any data with which you could be personally identified. This privacy policy explains what information we collect and what we use it for. It also explains how and for what purpose this happens.
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Notice concerning the party responsible for this website
The party responsible for processing data on this website is:
Universitätsbibliothek Erlangen-Nürnberg
91051 Erlangen
Telephone: +49 9131 85–22151
Email: ub-direktion@fau.de
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).
Right to file complaints with regulatory authorities
If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protection officers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.
Right to data portability
You have the right to have data which we process in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
Information, blocking, deletion
As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.
3. Data protection officer
Statutory data protection officer
We have appointed a data protection officer for our company.
Data protection officer FAU:
Norbert Gärtner, RD
Schloßplatz 4
91054 Erlangen
Telephone: +49 9131 85-25860
Email: norbert.gaertner@fau.de
Responsible for data protection at the University Library:
Petra Heermann, BOR
Universitätsstr. 4
91054 Erlangen
Telephone: +49 9131 85-23920 (Mo, Do), 29394 (Di, Mi)
Email: ub-datenschutz@fau.de
4. Data collection on our website
Cookies
Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. These are:
- Referrer URL
- Name of the requested file
- Time of the server request
- Transferred data volume
- Status (file transferred, file not found, etc.)
- Browser type and browser version, Operating system used
- Host name of the accessing computer
- IP address
The stored data is used exclusively for technical or statistical purposes; the data will not be combined with data from other sources.
The log files with the access data are automatically deleted after 15 days at the latest. For technical reasons (e.g. due to storage space restrictions), access data may be deleted prematurely. In the event of technical problems or data network misuse, log files may be kept longer in exceptional cases and with the participation of the data protection officer.
The access statistics do not contain any personal information due to the previous anonymization.
Contact form
Should you send us questions via the contact form, we will collect the data entered on the form, including the contact details you provide, to answer your question and any follow-up questions. We do not share this information without your permission.
We will retain the data you provide on the contact form until you request its deletion, revoke your consent for its storage, or the purpose for its storage no longer pertains (e.g. after fulfilling your request). Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Registration on this website
You can register on our website in order to access additional functions offered here. The input data will only be used for the purpose of using the respective site or service for which you have registered. The mandatory information requested during registration must be provided in full. Otherwise, we will reject your registration.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
We will continue to store the data collected during registration for as long as you remain registered on our website. Statutory retention periods remain unaffected.
Leaving comments on this website
If you use the comment function on this site, the time at which you created the comment will be stored along with your comment, as well as your username, unless you are posting anonymously.
Storage of the IP address
Our comment function stores the IP addresses and browser user agent string of those users who post comments. We need this information to to help spam detection.
How long comments are stored
The comments and the associated data (e.g. IP address) are stored and remain on our website until the content commented upon has been completely deleted or the comments are required to be removed for legal reasons (slander, etc.).
Legal basis
The comments are stored based on your consent per Art. 6 (1) (a) DSGVO. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Gravatar
An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
Processing of data (customer and contract data)
We collect, process, and use personal data only insofar as it is necessary to establish, or modify legal relationships with us (master data). This is done for University Library Erlangen-Nuremberg based on the General Regulations on the Use of Bavarian Public Libraries (ABOB) of August 18, 1993 in conjunction with the General Data Protection Regulation (GDPR), which allows the processing of data to perform library tasks. We collect, process and use your personal data when accessing our website (usage data) only to the extent required to enable you to access our service or to bill you for the same.
Collected customer data shall be deleted after completion of the order or termination of the business relationship. Legal retention periods remain unaffected.
5. Social media
Social media plugin “Shariff Wrapper”
We offer you the possibility to use so-called “social media buttons” on our website. To protect your data, we rely on the “Shariff” solution for implementation. This means that these buttons are only integrated on our website as a static graphic that contains a link to the corresponding website of the provider. By clicking on the graphic, you are thus redirected to the website of the respective provider, just as it works with normal links. Only when you call up the provider’s website does the provider receive information about you, such as your IP address. If you do not click on the button graphics, no data exchange takes place. Information about the collection and use of your data in the social networks can be found in the respective terms of use of the corresponding providers. More information about the plugin and the Shariff solution can be found here: https://de.wordpress.org/plugins/shariff/.
We offer buttons for the following services / companies on our website: Facebook, Flipboard, Threema, Twitter, Weibo, WhatsApp.
6. Analytics and advertising
INFOnline
Our website uses the monitoring system (“SZMnG”) of INFOnline GmbH (https://www.infonline.de/en/) to determine statistical parameters on the use of our services. The aim of the usage measurement is to determine the number of visits to our website, the number of website visitors and their surfing behaviour statistically – on the basis of a uniform standard procedure – and thus to obtain comparable values throughout the market.
1. Legal basis for the processing
The measurement by means of the SZMnG measurement procedure by INFOnline GmbH is carried out with justified interest pursuant to Art. 6 para. 1 lit. f) DS-GVO.
The purpose of the processing of personal data is the compilation of statistics. The statistics serve to trace and document the use of our offer. Our legitimate interest results from the economic usability of the knowledge gained from the statistics and the market value of our website – also in direct comparison with the websites of third parties – which can be determined by means of the statistics.
Furthermore, we have a legitimate interest in making the pseudonymised data available to INFOnline GmbH and the University Library Centre of the State of North Rhine-Westphalia (hbz) for statistical purposes.
2. Nature of the data
INFOnline GmbH collects the following data, which, according to the DS-GVO, are personal data:
- IP address: On the Internet, every device requires a unique address, the so-called IP address, to transmit data. The at least short-term storage of the IP address is technically necessary due to the way the Internet functions. The IP addresses are shortened by 1 byte before any processing and are only processed further in an anonymised form. There is no storage or further processing of the unabridged IP addresses.
- A randomly generated client identifier: To recognize computer systems, the usage measurement alternatively uses either a third party cookie, a first party cookie, a “local storage object” or a signature, which is created from various automatically transmitted information of your browser. This identifier is unique to a browser as long as the cookie or local storage object is not deleted. A measurement of the data and subsequent assignment to the respective client identifier is therefore also possible when you call up other websites that also use the measurement method (“SZMnG”) of INFOnline GmbH.
The validity of the cookie is limited to a maximum of 1 year.
3. Use of the data
The INFOnline GmbH measurement method used on this website determines usage data. This is done in order to collect the performance values of page impressions, visits and clients. Furthermore, the measured data is used as follows:
- A so-called geolocalisation, i.e. the allocation of a website call to the location of the call, is carried out exclusively on the basis of the anonymised IP address and only up to the geographical level of the federal states / regions. From the geographical information obtained in this way, no conclusion can be drawn under any circumstances as to the actual location of a user.
4. Storage period of the data
The complete IP address is not stored by INFOnline GmbH. The shortened IP address is stored for a maximum of 60 days. The usage data in connection with the unique identifier is stored for a maximum of 6 months.
5. Passing on of the data
The IP address as well as the shortened IP address will not be passed on.
6. Rights of the data subject
The data subject has the following rights:
- Right of information (Art. 15 DSGVO)
- Right of rectification (Art. 16 DSGVO)
- Right of objection (Art. 21 DSGVO)
- Right of cancellation (Art. 17 DSGVO)
- Right to restrict processing (Art. 18f. DSGVO)
- Right to data transferability (Art. 20 DSGVO)
For inquiries of this kind, please contact ub-datenschutz@fau.de. Please note that in such requests we must ensure that the person concerned is indeed the person concerned.
Right of objection
If you do not wish to take part in the measurement, you can object to it by clicking on the following link: https://optout.ioam.de. To guarantee an exclusion from the measurement, it is technically necessary to set a cookie. If you delete the cookies in your browser, it is necessary to repeat the opt-out process under the above link.
The person concerned has the right to lodge a complaint with a data protection authority.
Advertising
In cooperation with VariFast GmbH and using the ad server of Adition AG, advertising banners are displayed on some of the university library’s websites.
Only session cookies and temporary cookies are used to statistically measure the number of readers/visitors and to limit the numerically determined delivery of the advertising media. For technical reasons, the IP address of the visitors is also forwarded to these two companies. Only technical data is collected, but no identifying data. All data including the IP addresses are only evaluated anonymously and purely statistically. The web server of Adition AG only temporarily stores the traffic data of the transmission, which may be recorded in this respect without the express consent of the user.
All relevant data protection regulations, in particular those of the German Telemedia Act and the Federal Data Protection Act, are observed by the University Library, VariFast GmbH and Adition AG.
By clicking on the following link, the collection of anonymized data is stopped. In this case, ADITION replaces the current cookie with a new OptOut cookie. This OptOut cookie deletes the previously stored information including the IP address and prevents further collection of anonymous information. If this OptOut cookie is deleted, ADITION can no longer determine that an OptOut has taken place. In this case, the opt-out process must be repeated.
Adition Technologies Data Privacy Statement: https://www.adition.com/en/privacy/
7. Plugins and tools
RDMO
The RDMO installation is a service by the university library of the Friedrich-Alexander-Universität Erlangen-Nurnberg (FAU). It is based on the software RDMO, the Research Data Management Organiser.
RDMO is a web application. Processing and storing some personal data to identify a user as participant of a project or a stakeholder from an institution is required. Personal data is only used for the stated purposes and will not be shared with third parties.
RDMO collects your personal data in a user profile, which limited to the minimal requirements. A profile consists of the name, the surname, the email address, the account name of the user, and optionally the ORCID of the user.
We use Shibboleth for authentication and access is provided via the Single-Sign-On service of the IT centre (RRZE). Currently only members of FAU can access the system.
Working within RDMO, a user is assigned certain roles and permissions within projects. Each project member is visible to all other project members. That is, their profile information – such as email address and names – is visible to other project members. RDMO maintains various data about these projects, which are entered and saved by the individual users. This data is not considered part of the user profile.
You can demand to deletion of your account. The data contained in your projects can be deleted by the project members. Each project can be deleted in its entirety by its creator. The service is provided on a best effort base, implying no guarantees of availability at all times. Backup of the data is done regularly, but no guarantee is given that all data will be available in all circumstances. RDMO service administrators can deactivate your account at any time.
Events Manager
We collect and store information you submit to us when making a booking, for the purpose of reserving your requested spaces at our event and maintaining a record of attendance.
We may use cookies to temporarily store information about a booking in progress as well as any error/confirmation messages whilst submitting or managing your events and locations.
Polylang
Polylang uses a cookie to remember the language selected by the user when he comes back to visit again the website. This cookie is also used to get the language information when not available in another way. Examples are ajax requests or the login page.
- Default name: ‘pll_language’
- Value: the language code of the last browsed page
- Default expiration time: 1 year
Cookie Notice
The plugin sets a cookie “cookie_notice_accepted” if you have agreed to the message. This consent is valid for 30 days as long as the cookie is not deleted.
BibTip
The recommender service BibTip also uses session cookies, but no personal reference is created. BibTip does not store any personal data (e.g. IP addresses).
subito-document delivery service
We are a member and thus a supplier library of the document delivery service Documents from libraries society, Berlin. Personal data will only be exchanged between us and subito if you make use of the subito delivery service. This data exchange serves only the purpose of enabling the subito research and ordering process.
Please refer to subito’s data protection declaration to find out exactly which personal data is exchanged: https://www.subito-doc.de/DSGVO?lang=en.