Datenschutzerklärung | Privacy Policy

Data Privacy Statement for the Teaching/Learning Platform "Moodle" of Technische Hochschule Lübeck

General information

Data controller under data protection law

Technische Hochschule Lübeck
Mönkhofer Weg 239
23562 Lübeck
Phone: +49 (0) 451-300 6
Email: kontakt(at)th-luebeck.de

Responsible institution/unit of the Technische Hochschule Lübeck (THL):
Zentrum für Digitale Lehre

Data protection officer

Technische Hochschule Lübeck
Datenschutz
Mönkhofer Weg 239
23562 Lübeck
Email: datenschutz(at)th-luebeck.de

Rights of data subjects & right to object

You have a right to:

revoke any consent you have given or object to the processing of your data.
receive information about your data stored by us.
have incorrect data about you rectified by us.
have data about you that is no longer required erased by us.
have the processing of your data restricted under certain conditions.
This may be the case if, for example, erasure is not possible; however, the data may not be further processed.

If you believe that the processing of your data violates the legal regulations, you can contact a data protection supervisory authority directly.

If you have any questions about data protection, you can also contact the data protection officer directly or Technische Hochschule Lübeck (TH Lübeck) as the data controller under data protection law.

Notes on accessing our website

Functionality of the website without login – logfiles

Each time you access our website, your web browser transmits usage data, even if you have not yet logged in with your user account. These include your IP address and a description of the content accessed (URL). Without collection of the IP address of the accessing computer and the name of the accessed file, connection to our server and use of the website in question is not possible. In addition, depending on how you have it configured, your web browser transmits further data (browser type, browser version, operating system used, referrer URL). We use this data for browser-specific presentation of the content, or to optimise it to the end device.

For security reasons, in particular, to defend against attempts to attack our web server and for data protection control and data security, we monitor log data/log files.

IP address
Name of the accessed site
Action
Access status
Amount of data retrieved
Date and time of the action

This data is stored for a period of 30 days. Access to this data is limited to certain IT administrators. This data is not processed or linked to. The legal basis arises from Art. 6 (1) (e) GDPR in connection with our legitimate interest in the security of the IT network.

Notes on using the THLX Moodle

Purposes & legal basis

The THLX Moodle (https://thlx.th-luebeck.de) is web-based software that allows access to non-public environments for module- or course-related learning and collaboration. The use of the THLX Moodle is voluntary and can only take place if the user has agreed to the Terms of Use for the Moodle learning space.

If you log into the THLX Moodle with your account, we process your data

in order for the digital offering to function technically
for registration and authentication during use
for the purpose of conducting research and teaching
due to measures for the purposes of data protection control, data security, and protection against misuse and attacks, and to defend third-party claims

The legal basis arises from Art. 6 (1) (e) GDPR in conjunction with Art. 6 (3) of the State's Educational Mandate (Bildungsauftrag des Landes) as well as §3 of the State Data Protection Act of Schleswig-Holstein (LDSG-SH), §7 of the Higher Education Act (HSchlG) and the Constitution of Technische Hochschule Lübeck.

Processing by means of cookies

The THLX Moodle uses cookies. Cookies are text files stored within or by the Internet browser on the user's computer system. If the THLX Moodle is accessed, a cookie may be stored on the user's operating system. This cookie contains a distinctive character string enabling the unique identification of the browser when the website is accessed again.

The following cookies are used:

MoodleSession identifies the logged-in users via an anonymous ID and stores their registration for the current session in the THLX Moodle. It must be enabled in order for the login and access permissions within the THLX Moodle to be maintained during the session. The cookie is automatically deleted as soon as the user logs out of the system or closes the web browser.

The legal basis for the processing of personal data using cookies is Art. 6 (1) GDPR. Cookies are stored on the user's computer and transmitted to our site from there. For this reason, as a user, you also retain full control over the use of cookies. By changing the settings in your Internet browser, you can disable or restrict the transmission of cookies. Cookies which have already been saved may be deleted at any time. This can also be done automatically. If cookies are disabled for Moodle, it may no longer be possible to use all Moodle's features in full.

Recipients of data

Your data will be processed and stored on servers of the Technische Hochschule Lübeck's data centre.

Transfers to third countries

In principle, data processed in the system will not be transferred to countries outside the European Economic Area and associated countries (no transfer to third countries).

Storage & erasure

As part of registration, a THLX Moodle account will be created, in which the following data will be stored:

Email address
First name
Surname

This data will be stored until the THLX Moodle account is deleted. THLX Moodle accounts are automatically deleted after one year of inactivity. Upon request, you can have your account deleted at any time. To do this, simply send an informal email to thlxmoodle@th-luebeck.de.

For security reasons, in particular, to defend against attempts to attack our web server and for data protection control and data security, we monitor log data/log files.

IP address
Name/user account
File name of the accessed site
Action
Access status
Amount of data retrieved
Date and time of the action

In addition, there is data that you set or create yourself when participating in a course. This data is stored in a database. It includes, for example:

Files uploaded
Texts and media content (e.g., forum posts)
Information voluntarily provided in the user profile
Permissions and roles
Interactive content created (e.g., tutorials)
Participation in interactive content (e.g., completed tutorials, texts submitted)

The data from participating in the course will be stored until the course is deleted.

User activities (submitted assignments, etc.) will be retained until the THLX Moodle account in question is deleted. Forum posts will be retained in anonymised form and will be deleted together with the relevant course room.

Notes on using the video/audio module (BBB)

Purposes & legal basis

The THLX Moodle provides a video/audio module. We use BigBlueButton (BBB) web conferencing software.

If you use BBB via the THLX Moodle, we process your data

in order for the module to function technically
for the purpose of conducting research and teaching, and for conducting online teaching and blended learning in teaching, in particular, for transferring and sharing teaching content to participants at different locations and as a tool that enables participants to work together in groups at distributed locations
due to measures for the purposes of data protection control, data security, and protection against misuse and attacks, and to defend third-party claims

In individual cases, the organiser may have such a session recorded by the system. This can be seen by all participants in the interface of the web conference. In this case, the video, audio and text data will be recorded and then displayed in the Moodle course.

These recordings are then usually accessible to all participants of the course.

Both the recording and the provision of the recording are based on your consent.

Recipients of data

Your data will be processed and stored on servers of the Technische Hochschule Lübeck's data centre.

Transfers to third countries

In principle, data processed in the system will not be transferred to countries outside the European Economic Area and associated countries (no transfer to third countries).

Storage & erasure

The metadata (IP address and browser identifier) generated during the use of the web conference will be stored to ensure technical operation, troubleshooting and error analysis. It will be automatically deleted after a storage period of 30 days.

Processing for scientific research and statistical purposes

When using the courses, technical and automated log data is generated. These log files may be processed for scientific research and/or statistical purposes.

The processing of log data from log files for scientific research and statistical purposes may take place if you have given us your consent to this. The legal basis then arises from Art. 6 (1) lit a) GDPR.

The processing of log data from log files for scientific research and statistical purposes may also take place without consent in certain cases. If this is the case, Technische Hochschule Lübeck shall take the appropriate and specific measures required by law for this exception in order to safeguard your data protection interests. During the taking of measures, regard is shown to pseudonymisation, encryption and restriction of access to this data, in addition to technical security.

The legal basis in this case arises from Art. 6 (1) (e) and Art. 9 (2) (j) GDPR in conjunction with Art. 89 (1)+(2) GDPR and other permissions from §27 (1) of the Federal Data Protection Act (BDSG), §3 LDSG-SH, §13 LDSG-SH.

Back