Privacy Policy

This data protection declaration applies to the website

And as a supplement to the following websites, insofar as we process personal data under our own responsibility:


We currently assume that we are not subject to any joint responsibility under data protection law insofar as your data is processed by these providers for purposes specified by them.

I. Name and address of the data controller and contact data protection officer

Person in charge

Kempten University of Applied Sciences
Corporation under public law

Kempten Business School

Bahnhofstraße 61
87435 Kempten

Postfach 1680
87406 Kempten

Tel.: +49 (0) 831 2523-0
E-mail: [email protected]

Authorised representative

President Professor Wolfgang Hauke

Contact details of the appointed data protection officer

Data Protection Officer of Kempten University of Applied Sciences
Bahnhofstraße 61
87435 Kempten
Fax: 0831 2523-9283
E-Mail: [email protected]

II. General information

Data protection is our concern and our legal obligation.

Purposes and legal bases of the processing

In accordance with Art. 2 Para. 6 BayHSchG, Art. 4 Para. 1 S. 1 and 2 BayEGovG, we offer our services and administrative services as well as information for the public about our activities on our websites.

Our social media presences are part of our public relations work. Our aim is to inform and exchange with you in a way that is appropriate to the target group, Art. 2 para. 6 BayHSchG. We enable you to make fast electronic contact and communicate directly via the media of your choice, § 5 para. 1 no. 2 TMG.

We disclose and block or delete content and posts, requests which violate the rights of third parties or which constitute a criminal offence or misdemeanour, or which do not comply with legal or contractual obligations of conduct, by transmitting them to the competent authority or social media service.

We use cookies, log files, statistics from social media providers and the web analysis tool Matomo to compile business statistics, to conduct organisational studies, to test or maintain our web service and to ensure network and information security in accordance with Art. 6 Para. 1 BayDSG, Section 13 Para. 7 TMG, Art. 11 Para. 1 BayEGovG. Insofar as the processing purpose is not impaired, we anonymise or pseudonymise personal data.

Recipients or categories of recipients of the personal data

If you use our social media channels and pages, their providers also process your personal data.

Our IT service providers may also be recipients of your personal data as part of the contract processing agreements we have entered into. However, to ensure the security of our data processing facilities, we do not disclose our service providers.

Transfer of personal data to a third country or international organisations

All of our social media providers are certified under the EU-US Privacy Shield and available for anyone to view, so there is a legally adequate level of protection for personal data:

III. categories of data

log files

When you access this or other Internet pages, you transmit data to our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your internet browser and our web server:

  • Date and time of the request
  • Name of the requested file
  • Page from which the file was requested
  • Access status (e.g. file transferred, file not found)
  • Web browser and screen resolution used as well as the operating system used
  • complete IP address of the requesting computer
  • amount of data transferred

For the operation of the website, it is absolutely necessary to collect the above-mentioned data and store it in server log files. No user profiles are created from this data. There is no possibility for the user to object.

Log files are usually kept for a maximum of seven days.

2. administration and editing

For administration and editing, function identifiers and personal identifiers with access protection mechanisms are created and changes made with these identifiers are logged.

These identifiers are deactivated after the person concerned has left.

3. communication

If you communicate a concern or an opinion to us by e-mail, post, telephone or social media, the information provided will be processed for the purpose of dealing with the concern as well as for possible follow-up questions and for the exchange of opinions. We always use the same communication channel for this, unless you wish to change.

Mail, emails and social media posts and messages will be deleted no later than 6 years after the end of the year in which the respective event occurs.

4. Javascript

JavaScript is used as the active component for the website. If JavaScript is deactivated in the browser, the user is not currently shown a data protection notice. Without JavaScript activated, the Kempten University of Applied Sciences website can only be used to a limited extent. Essential components, such as the main and top navigation and the internal search function, are then not available.

5. forms: Data collection, storage and processing

The website of Kempten University of Applied Sciences contains forms where users can voluntarily enter personal data (e.g. name, address, e-mail address, telephone number) for certain purposes (e.g. contacting). The data will only be used for the purpose stated in the form and will be deleted after the process has been completed. Personal data will not be passed on, sold or otherwise transferred to third parties. Personal data will only be used for marketing purposes (e.g. newsletters) with the express consent of the user. Users have the right to revoke their consent at any time with effect for the future. Unless there are legal reasons to the contrary, the data will be deleted immediately.

6. Statistical evaluation with Matomo

This website uses Matomo, an open source software for statistical analysis of visitor access. Matomo uses “cookies”, which are text files placed on your computer, to help the website analyse how users use the site. The information generated by the cookie about your use of this website is stored on the provider’s server in Germany. The IP address is anonymised immediately after processing and before it is stored. The last two bytes of the visitor’s IP address are masked.

When entering the website, the user himself can decide whether his visit is recorded. This is done via the consent management tool.

7. integration of YouTube videos

On this website, YouTube videos are embedded using framing technology in “extended data protection mode”. YouTube videos are loaded via the domain. YouTube videos are only displayed with the prior, explicit consent of the user (opt-in method). Simply calling up a page with YouTube videos does not set a cookie, nor does it initiate a data processing process.

If the user watches the video, it cannot be ruled out that YouTube will initiate further data processing processes over which the website operator no longer has any control (e.g. the setting of cookies, the reading of stored cookies, the establishment of a connection with YouTube and the DoubleClick network).

Through the integrated opt-in method, we would like to give users the opportunity to object.

IV. Data subject rights

You have the following rights under the General Data Protection Regulation:

If your personal data is processed, you have the right to obtain information about the data stored about you (Art. 15 DSGVO).

If inaccurate personal data is processed, you have the right to rectification (Art. 16 DSGVO).

If the legal requirements are met, you may request the erasure or restriction of processing as well as object to processing (Art. 17, 18 and 21 DSGVO).

If you have consented to the data processing or if there is a contract for data processing and the data processing is carried out with the help of automated procedures, you may have a right to data portability (Art. 20 DSGVO).

Should you make use of your above-mentioned rights, the public body will check whether the legal requirements for this are met.

Furthermore, there is a right of appeal to the Bavarian State Commissioner for Data Protection.

V. Other information on our data protection declaration

We reserve the right to amend this data protection declaration from time to time so that it always complies with the current legal requirements or in order to implement changes to our services in the data protection declaration, e.g. when introducing new services. The new data protection statement will then apply to your next visit.

If you have any questions, in addition to the data protection officers, you can also send an e-mail to: [email protected]