thd-logo Deutsche Version

Data Protection Declaration for the iLearn (1)Learning Platform

This data protection declaration applies to the following learning platform: iLearn


Data protection is both our concern and a statutory obligation. In order to appropriately protect the security of your data when transmitting them, we use relevant encryption methods such as SSL/TLS, and secure technical systems based on state-of-the-art technology. For the websites, we use Javascript as an active component. If you have disabled this function on your browser, you will receive a message to (re-)activate it.

Responsible Body

Technische Hochschule Deggendorf (Deggendorf Institute of Technology, or "TH Deggendorf")
represented by its President Prof. Dr. rer. nat. Peter Sperber
Dieter-Görlitz-Platz 1, 94469 Deggendorf
Phone: 0991/3615-0, Fax: 0991/3615-297

Contact Data of the Officially Appointed Data Protection Officer

Prof. Dr.-Ing. Herbert Fischer
Dieter-Görlitz-Platz 1, 94469 Deggendorf
Phone: 0991/3615153

Purposes and Legal Bases of Data Processing

We also offer cooperation with other tertiary and educational institutions (Section 16 of the Bavarian Tertiary Education Act, or BayHSchG), the commercial sector and other vocational and professional practitioners (Section 2, Subsection 5, Sentence 2 of the BayHSch) and a platform for teaching, learning and the exchange of views in accordance with Section 55, Subsection 2, Sentence 3 of the BayHSch, Section 3, Subsection 2 of the BayHSch, Section 4, Subsection 1, Sentences 1 and 2 of the Bavarian E-Government Act, or BayEGovG and Section 8, Subsection 1, Sentence 1 of the BayEGovG.
This is the background to the fulfilment of our statutory tasks (Section 6 Subsection 1 (e) of the EU General Data Protection Regulation (EU GDPR). Under certain circumstances you may also use our learning platform or individual elements voluntarily (Section 6 Subsection 6 Subsection 1 (a) of the EU GDPR). We use cookies, log files, profile data and utilisation files in pseudonymised or anonymised form for the purposes of analysis, checking or maintaining our on-line service and guaranteeing network and information security in accordance with Section 6, Subsection 1 of the Bavarian Data Security Act (BayDSG).

Categories of Data 2

Administration and Course Supervision

For administration and course supervision purposes, we have created function identifiers and personal identifiers with access mechanisms and use these to record alterations we make.

Profile Data

Log-in data are required in order to use the platform; for messages we require your email address. You can select your time-zone, country, city or language, upload an image for your profile, add further details to your name and publish further contact information. The data from the standard university account are used as log-in data for members of the Technische Hochschule Deggendorf (students and employees). The content data of the platform are your role, tasks, questions, discussion posts, answers and solutions etc. There is also a comprehensive, freely configurable message system. The lecturer for each course regularly assesses the courses.

Log Files

When you call up these or other internet sites, you send data to our web server via your internet browser. The following data are recorded during a current connection for communicating between your internet browser and our web server:


MoodleSession: This cookie is used to log in and display your individual profile Log-In Cookie: This cookie is used for convenience. It stores the log-in name in the web browser. It also remains stored after you log out of iLearn so that your log-in name is already entered the next time you log in. This cookie is not strictly necessary: if it is not stored, it must be re-entered again each time you log in.


If you wish to raise a matter with us or give us your opinion on the platform by email, the ticket system, post or phone, the information you provide will be processed for the purposes of handling this matter and for any possible supplementary questions and exchange of opinions. To do this, we will always use the same method of communication unless you want to alter this or if a change is absolutely necessary for handling the matter you have raised.

Recipients or Categories of Recipients of Personal Data

To check for plagiarised work in exercises etc., two solutions from the service provider Turnitin LLC were used. The plagiarism detection software Ephorus was deactivated in December 2016 for live operation and we then used Turnitin. This solution was deactivated for live operation in March 2018. Archive data from both systems are still available. In order to check for plagiarised work in exercises, we now use solutions from the provider Turnitin LLC, PlagAware Unternehmergesellschaft or from another provider.
Other IT service providers may also be sent your personal data within the terms of order-processing agreements concluded with us. However, in order to guarantee the security of our data processing systems, we do not disclose the names of our service providers.

Transmitting Personal Data to a Third-Party Country or International Organisations

All our Turnitin service providers are certified under the EU-US Privacy Shield and visible to every person, so that there is a legally appropriate level of protection for personal data:

Duration of Storage of Personal Data

Log Files

Are normally stored as personal data for 365 days.

Administrative Access

Personalised administrative access to our platform is subject to restricted processing after the departure of the member of the TH Deggendorf concerned and is deleted one year after the date on which this person departed.

Profile Data

Profile data for our platform are subject to restricted processing after the departure of the member of TH Deggendorf concerned and are deleted two years after the date this person departed.


MoodleSession: This cookie is deleted when the browsing session ends. You can delete the cookies at any time via the settings on your browser.


Postal communications, emails and messages are deleted six years after the end of the year in which the matter concerned was raised.


By using the LMS platform iLearn, you will automatically receive the opportunity to use the integrated ePortfolio system Mahara. No further log-in is required to use Mahara, as the so-called single sign-on procedure is used, which allows you automatic access to the ePortfolio system with your user rights after registering at iLearn. By using Mahara, the following information pertaining to you and stored in iLearn will be linked to your account and stored in Mahara:

Use of the ePortfolio platform Mahara is voluntary

General obligations of the user

Upon registration, the user is granted a simple, non-transferrable right of use for this learning platform. The storage space made available to the user may only be used for storing generated content. All users are obligated to treat data of other users to which they have access as strictly confidential and to refrain from forwarding said data to third parties without the written permission of the respective person. This especially applies to the name and email addresses of other users registered in the system. This learning platform exclusively serves the generation and execution of iLearn courses at the Deggendorf Institute of Technology and the internal communication between learners and instructors. Any other use of the platform, such as for other private and/or commercial purposes, is not permitted. All users are obligated to observe legal regulations, especially those regarding copyright and data protection. If users add links to external internet sites, they must first check to make sure that the linked external website does not contain illegal content

Generally, all users of the platform are prohibited from:

Special obligations for instructors and Manager

Data relevant to examination regulations may not only be stored in iLearn. iLearn does not possess an archive function, but rather, certain participant-related data is allocated to the registered participant. If that participant signs off of the system or is deleted from the central identity management and consequently from the iLearn database due to disenrollment, for example, certain participant-specific data will be lost.

Handling copyright

Material and/or components such as course material, master documents, excerpts from other works, images, etc. that are used in an iLearn course and/or are generated explicitly for a course room may not as a rule be used outside of the course room and/or forwarded to third parties.

This especially applies to teaching and learning material generated by course instructors and to copyrighted contributions that have been made within the course of an iLearn course by participants individually or together.

Transfer to third parties and/or use outside of this iLearn platform of the Deggendorf Institute of Technology is explicitly only permitted with the written permission of the originator. However, all users explicitly declare that they agree that all content posted by them personally, regardless of whether or not said content is subject to copyright laws, may be used for the purposes of the course.

The Deggendorf Institute of Technology reserves the right to definitively delete iLearn courses and all content contained within them one year after the course has ended at the earliest.

Rights of Parties Affected

According to the EU GDPR, you have the following rights:

Obligation to Provide Data

The obligation to provide personal data in accordance with Section 42, Subsection 4 of the Bavarian Tertiary Education Act (BayHSchG), to have work assessed, details submitted electronically and work checked for plagiarism is based on the applicable Study and Examination Regulations. Without such details, a course of study and use of the platform is either impossible or possible only to a very limited extent.

Your respective course lecturers are obliged to evaluate your work in accordance with Section 10, Subsection 2, Sentence 2 of the Bavarian Tertiary Education Act (BayHSchG). Refusal to do so may entail disciplinary consequences, employment contract-related consequences or (other) contractual consequences.

Miscellaneous Matters concerning Our Data Protection Declaration

We reserve the right to occasionally amend this Data Protection Declaration so that it corresponds at all times to the applicable legal requirements or in order to implement changes to our services in the Data Protection Declaration, for example to introduce new services. Your next visit will be governed by the new Data Protection Declaration.

If you have any questions, you can send them by email to: as well as to the Data Protection Officer..


Upon registration and use of iLearn, having been informed of these instructions, you accept the data storage and use as cited. This acceptance can be revoked by the user at will at any time by submitting a corresponding declaration to the administration of iLearn. Upon doing so, your user access to iLearn shall be deleted. For this, please contact the eLearning Competence Centre

1 Regulatory authorities consider the term "Data Protection Declaration" to be partially misleading. As an alternative, the term "Information for Data Processing and Data Protection" might equally be selected. However, the regulatory authority responsible for Bavarian state tertiary educational institutions has chosen to use the term "Data Protection Declaration" (as at 2 May 2018:

2 According to the wording of Section 13 of the EU GDPR, this is not necessary but the data categories should be named in requests for information.