List of active policies

Name Type User consent
Datenschutzerklärung/Data Protection Declaration Privacy policy All users
Rechte und Pflichten/Rights and Responsibilities Other policy All users

Summary

  • General
  • Responsible Body
  • Contact Data of the Officially Appointed Data Protection Officer
  • Purposes and Legal Bases of Data Processing
  • Categories of Data
  • Recipients or Categories of Recipients of Personal Data
  • Transmitting Personal Data to a Third-Party Country or International Organisations
  • Duration of Storage of Personal Data

 


 

Full policy

This data protection declaration [1] applies to the following learning platform: https://ilearn.th-deg.de

 

General

Data protection is both our concern and a statutory obligation. In order to appropriately protect the security of your data when transmitting them, we use relevant encryption methods such as SSL/TLS, and secure technical systems based on state-of-the-art technology.
For the websites, we use Javascript as an active component. If you have disabled this function on your browser, you will receive a message to (re-)activate it.

 

Responsible Body

Technische Hochschule Deggendorf (Deggendorf Institute of Technology, or "TH Deggendorf")
represented by its President Prof. Waldemar Berg
Dieter-Görlitz-Platz 1, 94469 Deggendorf
Phone: 0991/3615-0, Fax: 0991/3615-297
info@th-deg.de

 

Contact Data of the Officially Appointed Data Protection Officer

Prof. Dr. Sascha Kreiskott
Dieter-Görlitz-Platz 1, 94469 Deggendorf
Phone: 0991/3615-153
datenschutz@th-deg.de

 

Purposes and Legal Bases of Data Processing

We also offer cooperation with other tertiary and educational institutions (Section 16 of the Bavarian Tertiary Education Act, or BayHSchG), the commercial sector and other vocational and professional practitioners (Section 2, Subsection 5, Sentence 2 of the BayHSch) and a platform for teaching, learning and the exchange of views in accordance with Section 55, Subsection 2, Sentence 3 of the BayHSch, Section 3, Subsection 2 of the BayHSch, Section 4, Subsection 1, Sentences 1 and 2 of the Bavarian E-Government Act, or BayEGovG and Section 8, Subsection 1, Sentence 1 of the BayEGovG.
This is the background to the fulfilment of our statutory tasks (Section 6 Subsection 1 (c) of the EU General Data Protection Regulation (EU GDPR). Under certain circumstances you may also use our learning platform or individual elements voluntarily (Section 6 Subsection 6 Subsection 1 (a) of the EU GDPR).
We use cookies, log files, profile data and use files in pseudonymised or anonymised form for purposes of analysis, to carry out maintenance on or test our web service and to guarantee network and information security in accordance with Section 32, GDPR.

 

Categories of Data [2]

Administration and Course Supervision

For administration and course supervision purposes, we have created function identifiers and personal identifiers with access mechanisms and use these to record alterations we make.

 

Profile Data

Log-in data are required in order to use the platform; for messages we require your email address. You can select your time-zone, country, city or language, upload an image for your profile, add further details to your name and publish further contact information. The data from the standard university account are used as log-in data for members of the Technische Hochschule Deggendorf (students and employees).
The content data of the platform are your role, tasks, questions, discussion posts, answers and solutions etc. Your first and last name will be shown in the courses you have enrolled in. There is also a comprehensive, freely configurable message system. The lecturer for each course regularly assesses the courses. Each course instructor may assign other people to carry out tasks in iLearn. This means that those people will gain access to user files.
Each course instructor may include web conference rooms. In doing so, the equipment of the DFN (Verein zur Förderung eines Deutschen Forschungsnetzes e.V./Association for the Promotion of a German Research Network) will be used. You will find more information on data protection for web conference rooms of the DFN at: https://www.vc.dfn.de/fileadmin/dokumente/Datenschutz_bei_Adobe_Connect.pdf.

 

Log Files

When you call up these or other internet sites, you send data to our web server via your internet browser. The following data are recorded during a current connection for communicating between your internet browser and our web server:

  • date and time of the request
  • name of the requested file
  • the page from which the file was requested
  • access status, e.g. "File transmitted", "File not found"
  • web browser, screen resolution and operating system used
  • the full IP address of the requesting computer
  • the quantity of data transmitted

 

Cookies

The e-learning system (iLearn) of DIT uses cookies. Cookies are text files that are stored in the Internet browser on the user’s computer system. When a user visits a website, a cookie may be stored on the user’s operating system. This cookie contains a distinctive character string that allows the browser to be uniquely identified when the website is visited again.

Categories

We use cookies for different purposes and with different functions. We make a distinction depending on whether the cookie is required for technical reasons, for how long it is stored and used, whether this cookie was set by our platform itself or by a third party and by what provider.

Technical requirement

Cookies required for technical reasons: We use certain cookies because they are required for our platform and its functions to work properly (session cookies).
Cookies not required for technical reasons: Cookies that are not required for technical reasons serve to improve the convenience and performance of our platform or to save certain settings you have made (e.g. “MoodleID”).

Period of storage, possibility of objection and elimination

Session cookies: Most cookies are only required for the duration of your session and are deleted again or lose their validity once you close your current browser session.
Permanent cookies: Cookies of the “MoodleID” type are stored for a longer, predefined period of time, for example to recognise your login data when you access the system again at a later point and to be able to retrieve saved settings.
Cookies are stored on the user’s computer, which transmits them to this website. You as the user have full control over the use of cookies at all times. You can disable or restrict the transmission of cookies by making specific settings in your Internet browser. You can delete the cookies stored at any time.
If you disable cookies that are required for the DIT e-learning system for technical reasons, you may no longer be able to use all functions of the system to their full extent.
The following cookies are used by iLearn and the following data are stored therein and transmitted:

  • MoodleSession
    Technical requirement: Yes
    Period of storage: Session cookie (at the end of the browser session – i.e. when the browser is closed)
    Provider: DIT e-learning system (Moodle)
    Purpose: This cookie identifies logged-in users by an anonymous ID and stores their login data for the current session in iLearn. It must be enabled to ensure that the user remains logged in from page to page when using Moodle.
  • Shibboleth-Session (shibsession + saml_idp)
    Technical requirement: Yes
    Period of storage: Session cookie (at the end of the browser session)
    Provider: DIT e-learning system (Moodle)
    Purpose: These cookies must be enabled to ensure that you can log in to the system with your university login data. The university uses Shibboleth (single sign-on) for authentication. After successful login, a cookie specific to that user’s session is set and used to associate the rest of that session’s requests back to the user’s login information. The cookie itself contains an opaque, pseudo-random value and no other information.
  • MoodleID (login cookie)
    Technical requirement: No
    Period of storage: Permanent cookie
    Provider: DIT e-learning system (Moodle)
    Purpose: This cookie serves convenience; it stores the login name in the Web browser. This cookie is retained after logging out of the e-learning system, so the login data is already entered the next time the user wants to log in. Enabling this cookie is not absolutely essential.
  • Matomo mtm_consent (tracking cookie)
    Technical requirement: No
    Period of storage: Permanent cookie
    Provider: DIT Matomo server (on premise)
    Purpose: When a video is accessed in the player, this cookie transmits anonymised usage data to the internal DIT server. These include anonymised data relating to information on contents accessed, actions carried out by the user (e.g. play, pause, fast forward) and time ranges of the contents played.

 

Communication

If you wish to raise a matter with us or give us your opinion on the platform by email, the ticket system, post or phone, the information you provide will be processed for the purposes of handling this matter and for any possible supplementary questions and exchange of opinions. To do this, we will always use the same method of communication unless you want to alter this or if a change is absolutely necessary for handling the matter you have raised.

 

Recipients or Categories of Recipients of Personal Data

Plagiarism detection

To check for plagiarised work in exercises etc. we use the software from the service provider Urkund (Prio Infocenter AB).
In the past we used two solutions from the service provider Turnitin LLC (Ephorus and Turnitin) to ckeck for plagiarised work in exercises. The plagiarism detection by Turnitin LLC was deactivated for productive operation in 07/2019.

 

Opencast video server and iLearn

By using the learning platform iLearn, you automatically have the opportunity to use the integrated Opencast video platform, where most videos made available in iLearn can be found. To use Opencast, you do not need to log in again, because the platform uses the so-called single sign-on procedure, allowing you to automatically watch videos stored on the video platform with your respective user rights after you have logged in to iLearn. Both systems use Shibboleth for authentication and are linked to the user’s university account.
When you use Opencast, the following information stored in iLearn is automatically linked to your account in Opencast and stored:

  • Name
  • First name
  • iLearn username
  • Email address

 

Media usage analysis by Matomo

The iLearn learning management system uses Matomo to create usage statistics in respect of audio-visual contents. For this purpose, the usage information generated by the cookie is transmitted to our internal university server and stored for usage analysis purposes, which serves to optimise the video server. In this process, your IP address and user data are anonymised, which means that you as the user remain completely anonymous.

Extent of data processing

The Matomo open source software (formerly PIWIK) is only active in the video player and is stored in its entirety for media analysis purposes. When videos are accessed, the following data are stored:

  • Information on the contents accessed
  • Actions carried out by the user (e.g. play, pause, fast forward)
  • Time ranges of the contents played

The data are sent to the Matomo server of DIT for processing. Only there are the personal data stored in non-aggregated form. Data aggregated by content may be passed on in anonymised form to the respective persons in charge of the contents and/or the point of contact.

 

Transmitting Personal Data to a Third-Party Country or International Organisations

All our service providers are certified under the EU-US Privacy Shield and visible to every person, so that there is a legally appropriate level of protection for personal data::
Youtube (Youtube LLC) unter Google LLC https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

 

Duration of Storage of Personal Data

Log Files

Are normally stored as personal data for 365 days.

Administrative Access

Personalised administrative access to our platform is subject to restricted processing after the departure of the member of the TH Deggendorf concerned and is deleted one year after the date on which this person departed.

Profile Data

Profile data about our platform concerning each member of TH Deggendorf (Deggendorf University of Applied Science) are deleted two years after the end of the year of departure.
The content you have created on the platform and which is not covered by the provisions of any examination regulations is kept in pseudonymised form for teaching and research purposes.

Cookies

The storage duration of the respective cookies is listed in the overview of the existing cookies.

Communication

Postal communications, emails and messages are deleted six years after the end of the year in which the matter concerned was raised.

 


 

[1] Regulatory authorities consider the term "Data Protection Declaration" to be partially misleading. As an alternative, the term "Information for Data Processing and Data Protection" might equally be selected. However, the regulatory authority responsible for Bavarian state tertiary educational institutions has chosen to use the term "Data Protection Declaration"
(as at 2 May 2018: https://www.datenschutz-bayern.de/ODSP.htm
[2] According to the wording of Section 13 of the EU GDPR, this is not necessary but the data categories should be named in requests for information.


Summary

  • General obligations of the user
  • Special obligations for instructors and Manager
  • Handling copyright
  • Rights of Parties Affected
  • Obligation to Provide Data
  • Miscellaneous Matters concerning Our Data Protection Declaration

 


 

Full policy

General obligations of the user

Upon registration, the user is granted a simple, non-transferrable right of use for this learning platform. The storage space made available to the user may only be used for storing generated content. All users are obligated to treat data of other users to which they have access as strictly confidential and to refrain from forwarding said data to third parties without the written permission of the respective person. This especially applies to the name and email addresses of other users registered in the system. This learning platform exclusively serves the generation and execution of iLearn courses at the Deggendorf Institute of Technology and the internal communication between learners and instructors. Any other use of the platform, such as for other private and/or commercial purposes, is not permitted. All users are obligated to observe legal regulations, especially those regarding copyright and data protection. If users add links to external internet sites, they must first check to make sure that the linked external website does not contain illegal content
Generally, all users of the platform are prohibited from:

  • Changing, deleting, suppressing or disabling data in an unauthorised fashion or using said data in another way than its intended use
  • to breach copyright,
  • Especially disseminating material from unconstitutional organisations and/or their ideas
  • Making defamatory, insulting or libellous statements about others
  • Damaging the image of the Deggendorf Institute of Technology

 

Special Obligations for Teaching Staff and Managers

In iLearn certain student-related data are assigned to registered students. If students deregister from the system or if they are deleted from the Central Identity Management system ergo and thus also from the iLearn database, for example due to deregistration, certain student-related data will be lost. In accordance with the prescribed storage period of two years (Section 12, Subsection 1 of the Bavarian State Examination Framework Regulations), examination results will be stored in iLearn. The storage period begins at the end of the calendar year in which students are informed of the results of each module examination.

 

Handling copyright

Material and/or components such as course material, master documents, excerpts from other works, images, etc. that are used in an iLearn course and/or are generated explicitly for a course room may not as a rule be used outside of the course room and/or forwarded to third parties.
This especially applies to teaching and learning material generated by course instructors and to copyrighted contributions that have been made within the course of an iLearn course by participants individually or together.
Transfer to third parties and/or use outside of this iLearn platform of the Deggendorf Institute of Technology is explicitly only permitted with the written permission of the originator. However, all users explicitly declare that they agree that all content posted by them personally, regardless of whether or not said content is subject to copyright laws, may be used for the purposes of the course.
The Deggendorf Institute of Technology reserves the right to definitively delete iLearn courses and all content contained within them one year after the course has ended at the earliest.

 

Rights of Parties Affected

According to the EU GDPR, you have the following rights:

  • If your personal data are processed, you are entitled to receive information on the personal data stored about you (Section 15, EU GDPR).
  • Should incorrect personal data be processed, you are entitled to have these corrected (Section 16, EU GDPR).
  • If statutory conditions are fulfilled, you can request that these data be deleted or that processing be restricted and formally object to processing (Sections 17, 18 and 21, EU GDPR).
  • If you have consented to your data being processed or a data processing agreement exists and your data are processed using automated processes, you may where appropriate be entitled to data portability (Section 20, EU GDPR).
  • If processing of your data is based on consent, you may rescind this consent at any time without this affecting the legality of such processing based on your consent before the rescission date.
  • Should you exercise any of your above-mentioned rights, a public body will examine whether the statutory requirements for this have been fulfilled.
  • You still have the right of appeal to the Bavarian Data Protection Commissioner.

 

Obligation to Provide Data

The obligation to provide personal data in accordance with Section 42, Subsection 4 of the Bavarian Tertiary Education Act (BayHSchG), to have work assessed, details submitted electronically and work checked for plagiarism is based on the applicable Study and Examination Regulations. Without such details, a course of study and use of the platform is either impossible or possible only to a very limited extent.
Your respective course lecturers are obliged to evaluate your work in accordance with Section 10, Subsection 2, Sentence 2 of the Bavarian Tertiary Education Act (BayHSchG). Refusal to do so may entail disciplinary consequences, employment contract-related consequences or (other) contractual consequences.

 

Miscellaneous Matters concerning Our Data Protection Declaration

If you have any questions, you can send them by email to: elearning-support@th-deg.de as well as to the Data Protection Officer datenschutz@th-deg.de