The Freie Universität Berlin (hereinafter “FU Berlin”), is pleased that you are visiting our website. Data protection and data security when using our website are very important to us. We would therefore like to inform you at this point which of your personal data we collect when you visit our website and for what purposes it is used.

Since changes in the law or changes in our internal processes may make it necessary to adapt this privacy policy, we ask you to read it regularly. The privacy policy can be called up, saved and printed out at any time under privacy policy.

1. Data Controller

The data controller within the meaning of the EU General Data Protection Regulation (hereinafter: GDPR) and other national data protection laws of the member states as well as other data protection regulations is:

Freie Universität Berlin
vertreten durch den Präsidenten
Kaiserswerther Straße 16-18
14195 Berlin
Tel.: +49 (30) 838-1

2. Data Protection Officer

Attorney at Law Dr. Karsten Kinast, LL.M.
KINAST Rechtsanwaltsgesellschaft mbH
Hohenzollernring 54
D-50672 Köln
E-Mail: DSB-FUBerlin@kinast.eu

Deputy Data Protection Officer

Andreas Hübinger
E-Mail: datenschutz@fu-berlin.de

3. Principles of data processing

Personal data is any information relating to an identified or identifiable natural person. This includes, for example, information such as your name, age, address, telephone number, date of birth, e-mail address or IP address. Information where we cannot (or can only with a disproportionate effort) establish a link to your person, e.g. anonymous or anonymised information, is not personal data. The processing of personal data (e.g. collection, retrieval, use, storage or transmission) always requires a legal basis. Your personal data processed by us will be deleted as soon as the purpose of the processing has been achieved and there are no longer any legally prescribed obligations to retain the data.

If we process your personal data for the provision of certain offers, we will inform you below about the specific procedures, the scope and purpose of the data processing, the legal basis for the processing and the respective storage period.

4. Processing operations on the website

4.1 Website visit

a. Type and scope of data processing

When you visit and use our website, we collect the personal data that your browser automatically transmits to our server. This information is temporarily stored in a so-called log file. When you use our website, we collect the following data, which is technically necessary for us to display our website to you and to ensure stability and security:

• IP address and host name of the requesting computer
• Date and time of access
• Name and URL of the file accessed
• Website from which access was made (referrer URL)
• Amount of data transferred
• Browser used and, if applicable, the operating system of your computer, as well as the name of your access provider

b. Purpose of data processing

We collect and use personal data of our users only for the purpose of providing a functional website and our content and services.

c. Legal basis

Art. 6 (1) lit. f GDPR serves as the legal basis for the aforementioned data processing. The processing of the data is necessary for the provision of a website and thus serves to protect our legitimate interest.

d. Storage period

As soon as the data is no longer required to display the website, it will be deleted. The collection of data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object. Further storage may take place in individual cases if required by law.

4.2 Contacting us by e-mail

Of course, you can contact us at any time by sending us an e-mail with your request to our e-mail address.

a. Type and scope of data processing

If you make use of this option, the following personal data will be processed from you by default in addition to the content you specify in the e-mail:

• E-mail address
• Name
• If applicable, personal data resulting from the specific request

The purpose of providing your e-mail address is to be able to allocate your enquiry and reply to you. When contacting us by e-mail, your personal data will not be passed on to third parties.

b. Purpose of data processing

We process your personal data for the purpose of being able to allocate your contact enquiry and to be able to answer it accordingly. For this purpose, we would like to contact you via the e-mail address provided in order to answer an enquiry or in the event of a query on our part.

c. Legal basis

The data processing described above for the purpose of contacting you is carried out in accordance with Art. 6 (1) lit. a GDPR on the basis of the declaration of consent voluntarily submitted by you.

Please note that by contacting us via e-mail, you are providing a declaration of consent to the processing of your personal data for the purpose of contacting you. This data protection declaration applies to this declaration of consent.

Please also note that you have the option to revoke your consent at any time in accordance with Art. 7 (3) GDPR. You can declare the revocation of your consent by e-mail, under the above-mentioned e-mail address.

If you revoke your consent, the lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.

d. Storage period

As soon as the enquiry you have made has been dealt with and the relevant matter has been conclusively clarified, the personal data processed via the e-mail will be deleted. Further storage may take place in individual cases if this is required by law.

4.3 Newsletter

Via the website, we offer you the opportunity to sign up to receive our newsletter.

a. Type and scope of data processing

If you wish to be regularly informed about news and progress of the Arab-European Association for Media and Communication Researchers, you have the possibility to subscribe to our newsletter. For this purpose, we need the following personal data:

• E-mail address

b. Purpose of the data processing

We collect and use your personal data to provide you with the newsletter.

c. Legal basis

The processing for the purpose of sending the newsletter is based on your consent in accordance with Art. 6 (1) lit. a GDPR.

d. Storage period

Data within the scope of the newsletter dispatch will be stored and deleted as soon as the purpose on which the processing is based ceases to apply and the deletion does not conflict with any statutory regulation, cf. Art. 17 GDPR. This is regularly the case if you revoke your consent pursuant to Art. 7 (3) GDPR, Art. 17 (1) lit. b GDPR.

5. Cookies

We would like to inform you that we use various cookies on our website. Cookies are small text files that are stored in your internet browser when you visit our website. With the help of the cookies, a text programme is stored which can be read out during a later visit. This allows our website to be automatically adapted to the individual needs of our users.

a. Type and scope of data processing

Through the use of cookies, we may process various personal data.

These personal data include:

• Your IP address
• The frequency and duration of your visits to our website
• Passwords
• Personal data that you enter in online forms, such as your name, email address, address
• Individual user settings, such as a chosen language
• The contents of your shopping basket
• The sub-pages linked to and visited from our website.

b. Purpose of data processing

(1) Technically necessary cookies

We use technically necessary cookies on our website. With the help of technically necessary cookies, we process personal data for the purpose of the proper functioning of our website. Without the use of technically necessary cookies, it would not be possible for us to offer you our website

(2) Performance cookies

We use performance cookies on our website. With the help of performance cookies, we can process personal data for a specific purpose in order to examine your user behaviour. This enables us to make our website more customer-friendly and to ensure that our website is easier to use in the future. These cookies are used to determine possible error messages, the loading times of the website and the behaviour of the website with different browsers.

(3) Functional cookies

We use functional cookies on our website. With the help of functional cookies, we can process personal data for a specific purpose in order to simplify registration processes on our website. Functional cookies allow us to save the default settings on our website and store information that you enter in the login screen

c. Legal basis

(1) Technically necessary cookies

The legal basis for data processing using technically necessary cookies is:

• Our legitimate interest according to Art. 6 (1) lit. f GDPR. Our legitimate interest is based on the proper offering and smooth functioning of our website.

(2) Performance cookies

The legal basis for data processing with the aid of performance cookies is:

• Consent according to Art. 6 (1) lit. a GDPR.

You can revoke your declaration of consent at any time via our cookie banner by turning off the corresponding button. If you revoke your consent, the lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.

(3) Functional cookies

The legal basis for data processing using functional cookies is your consent according to Art. 6 (1) lit. a GDPR.

You can revoke your declaration of consent at any time via our cookie banner by turning off the corresponding button. If you revoke your consent, the lawfulness of the processing carried out on the basis of the consent until the revocation remains unaffected.

d. Storage period

We only store cookies for as long as their purpose requires. If you revoke your declaration of consent with regard to one or more cookies, we will delete the corresponding cookie.

So-called. Session cookies are only stored for the time you spend on our website. When you close your internet browser, the set session cookies are deleted again.

In addition, we store some cookies for a longer period of time. We take into account not to store cookies longer than their purpose requires.

e. Cookie-Banner

To manage the cookies and similar technologies used (tracking pixels, web beacons, etc.) and related consents, we use the consent tool “Real Cookie Banner”. Details on how “Real Cookie Banner” works can be found at <a href=https://devowl.io/rcb/data-processing/ rel=”noreferrer” target=”_blank”>https://devowl.io/rcb/data-processing/</a>.

The legal bases for the processing of personal data in this context are Art. 6 (1) lit. c GDPR and Art. 6 (1) lit. f GDPR. Our legitimate interest is the management of the cookies and similar technologies used and the related consents.

The provision of personal data is neither contractually required nor necessary for the conclusion of a contract. You are not obliged to provide the personal data. If you do not provide the personal data, we will not be able to manage your consents.

6. Passing on to third parties

We use BestWebSoft for our contact form. Within the framework of the contact form, your personal data is passed on to an external service provider. Our service provider, BestWebSoft acts as an order processor according to Art. 28 GDPR for our contact form. For this purpose, we have concluded an with our service provider in accordance with the requirements of the GDPR. Your personal data is processed exclusively on our instructions.

7. Third country transfer

We transfer your data to the service provider BestWebSoft in Ukraine.

For the transfer of your personal data to a third country or an international organisation, there is no adequacy decision of the Commission of the European Union according to Art. 45 GDPR. For the transfer of your personal data to a third country or an international organisation, we have provided appropriate safeguards in accordance with Art. 46 GDPR.

The transfer of your personal data to a third country is based on your consent in accordance with Art. 49 (1) lit. a GDPR.

8. Hyperlinks

Our website contains so-called hyperlinks to websites of other providers. When activating these hyperlinks, you will be forwarded from our website directly to the website of the other provider. You will recognise this by the change of URL, among other things. Except in the case of websites on which your personal data is processed under the joint responsibility of the FU Berlin and the website operator, we cannot accept any responsibility for the confidential handling of your data on these third-party websites, as we have no influence on whether these companies comply with data protection regulations. Please inform yourself about the responsibilities and the handling of your personal data here and by these companies directly on these websites.

9. Youtube

We use videos from YouTube on our website. YouTube is a service provided by YouTube LLC (“YouTube”), 901 Cherry Ave, San Bruno, CA 94066, USA. YouTube LLC is a subsidiary of Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.

a. Type and scope of data processing

YouTube is integrated by embedding the service on our website using a so-called “iFrame”. When loading this iFrame, YouTube or Google may collect information (including personal data) and process it. It cannot be ruled out that YouTube or Google also transmits the information to a server in a third country.

We ourselves cannot influence which data Google actually collects and processes. However, Google states that the following information (including personal data) may be processed:

• Log data (in particular the IP address)
• Location-related information
• Unique application numbers
• Cookies and similar technologies

Information on the types of cookies used by Google can be found at https://policies.google.com/technologies/types .

If you are logged into your Google Account, Google may add the processed information to your account and treat it as personal data, depending on your account settings.

Google states the following about this, among other things:

“If you are not signed in to a Google Account, we store the data we collect with unique identifiers associated with the browser, app or device you are using. This allows us to ensure, for example, that your language preferences are maintained across all browsing sessions.

If you are signed into a Google Account, we also collect data that we store in your Google Account and consider to be personal data.”

You can prevent this data from being added directly by logging out of your Google account or also by making the appropriate account settings in your Google account.

Furthermore, you can change your cookie settings (e.g. delete cookies, block cookies, etc.). You can withdraw your consent to cookies on this website at any time here.

You can find more detailed information in the privacy notices of Youtube and Google, which you can access here: https://www.google.com/policies/privacy/.

Information on the privacy settings of Youtube and Google can be found at https://policies.google.com/privacy#infochoices

b. Purpose of data processing

By integrating YouTube, we pursue the purpose of being able to present various videos to you on our website so that you can watch them directly on our website.

c. Legal basis for data processing

The legal basis for the processing of personal data described here is Art. 6 (1) a) GDPR. YouTube and Google have a legitimate interest in the (personal) data collected in order to improve their own services. The legal basis for this is therefore Art. 6 (1) lit. f GDPR.

d. Storage period

As soon as the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, it will be deleted. Further storage may take place in individual cases if this is required by law.

e. Third country transfer

The transfer to the USA depends on the function in which personal data is transferred. As the responsible party, we ourselves may transfer data to Google in the USA for further use.

Currently, there is no adequacy decision according to Art. 45 GDPR.

However, the transfer can be based on standard contractual clauses. Google has undertaken to comply with the standard contractual clauses for the transfer of personal data to third countries in accordance with Directive 95/46/EC (Standard Contractual Clauses – SCC).

The transfer of your personal data to a third country is based on your consent in accordance with Art. 49 (1) lit. a GDPR.

10. anchor.fm

On our website we use Anchor.fm, a podcast tool. The service provider is Spotify C/0 Anchor, 150 Greenwich St, New York, NY 10007, USA.

a. Type and scope of data processing

anchor.fm is integrated by embedding the service on our website using a so-called “iFrame”. When loading this iFrame, anchor.fm or Spotify may collect information (including personal data) and process it. It cannot be ruled out that anchor.fm or Spotify also transmits the information to a server in a third country.

We ourselves cannot influence which data anchor.fm or Spotify actually collects and processes. However, anchor.fm or Spotify states that the following information (including personal data) may be processed:

• Log data (in particular the IP address)
• Location-related information
• Unique application numbers
• Cookies and similar technologies

Information on the types of cookies used by anchor.fm can be found at https://anchor.fm/privacy.

Furthermore, you can change your cookie settings (e.g. delete cookies, block cookies, etc.). You can withdraw your consent to cookies on this website at any time here.

You can find more detailed information in the privacy police https://anchor.fm/privacy.

b. Purpose of data processing

By integrating anchor.fm, we pursue the purpose of being able to present various audios to you on our website so that you can listen to them directly on our website.

c. Legal basis for data processing

The legal basis for the processing of personal data described here is Art. 6 (1) a) GDPR. anchor.fm has a legitimate interest in the (personal) data collected in order to improve their own services. The legal basis for this is therefore Art. 6 (1) lit. f GDPR.

d. Storage period

As soon as the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, it will be deleted. Further storage may take place in individual cases if this is required by law.

e. Third country transfer

The transfer to the USA depends on the function in which personal data is transferred. As the responsible party, we ourselves may transfer data to anchor.fm in the USA for further use.

Currently, there is no adequacy decision according to Art. 45 GDPR.

However, the transfer can be based on standard contractual clauses. anchor.fm has undertaken to comply with the standard contractual clauses for the transfer of personal data to third countries in accordance with Directive 95/46/EC (Standard Contractual Clauses – SCC). The transfer of your personal data to a third country is based on your consent in accordance with Art. 49 (1) lit. a GDPR.

11. Data subject rights

The following rights arise from the GDPR for you as a data subject when personal data is processed:

Right to information: Art. 15 GDPR

• You can request information about your personal data that we process in accordance with Art. 15 GDPR.

Right to rectification: Art. 16 GDPR

• Pursuant to Art. 16 GDPR, you may request the correction of inaccurate or the completion of your personal data stored by us without delay.

Right to erasure (“right to be forgotten”): Art. 17 GDPR

• Pursuant to Art. 17 GDPR, you may request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims.

Right to restriction of processing: Art. 18 GDPR

• According to Art. 18 GDPR, you have the right to have your personal data restricted for the period of verification of data accuracy or in the event of unlawful data processing.

Right to data portability: Art. 20 GDPR

• You have the right to portability of your personal data in accordance with Art. 20 GDPR.

Right to object: 21 GDPR

• When your personal data is processed on the basis of legitimate interests pursuant to Art. 6(1)(f) GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the case of direct advertising, you have a general right of objection, which is implemented by us without specifying a particular situation.

Complaint to a supervisory authority: Art. 77 GDPR

• In accordance with Art. 77 GDPR, you have the right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence, your place of work or our university location for this purpose.

Withdrawal of consent according to Art. 7 GDPR

• You can revoke any consent you have given at any time in accordance with Art. 7 (3) GDPR. Please note that the revocation of consent does not affect the lawfulness of the processing carried out on the basis of the consent until the revocation.

12. Data security and security measures

We are committed to protecting your privacy and treating your personal data confidentially. In order to prevent manipulation, loss or misuse of your data stored with us, we take extensive technical and organisational security precautions, which are regularly reviewed and adapted to technological progress. These include, among other things, the use of recognised encryption procedures (SSL or TLS). However, we would like to point out that, due to the structure of the Internet, it is possible that the rules of data protection and the above-mentioned security measures are not observed by other persons or institutions not within our sphere of responsibility. In particular, data disclosed unencrypted – e.g. if this is done by e-mail – can be read by third parties. We have no technical influence on this. It is the user’s responsibility to protect the data he or she provides against misuse by encrypting it or in any other way.