top of page
Privacy Policy

Effective as of: November 2025

Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other applicable national data protection laws of the EU Member States, as well as other relevant data protection provisions, is:

Rector of RWTH Aachen University
Templergraben 55
52062 Aachen (physical address)
52056 Aachen (mailing address)
Telephone: +49 241 80-1
Email: rektorat@rwth-aachen.de
Email: auskunftsersuchen@zhv.rwth-aachen.de
Website: www.rwth-aachen.de/rektorat

Name and Address of the Data Protection Officer

The officially appointed Data Protection Officer of RWTH Aachen University can be contacted at:

Data Protection Staff Unit of RWTH Aachen University:
Templergraben 83
52062 Aachen (physical address)
52056 Aachen (mailing address)
Germany
Phone: +49 241 80-94114
Email: dsb@rwth-aachen.de

General Information on Data Processing

RWTH Aachen University processes personal data of website users only to the extent necessary to provide a functional website and to deliver the content and services offered on it. If individual websites, web pages, or features process data in ways that differ from this data protection notice, specific data protection notices will be provided there.

Provision of the Website and Creation of Log Files

a) Purpose and Scope of Data Processing

Each time you access this website, data is exchanged between your device (e.g., computer, tablet, smartphone) and the web servers to establish communication and deliver the website. During this process, data is temporarily stored in log files. Specifically, the following information is collected:

  • the user’s IP address

  • date and time of access

  • information about the web pages or files accessed

  • the referring website (if transmitted by your device)

  • the browser type and operating system used on your device (if transmitted by your device)

This log data is processed to ensure the proper functioning of the website, detect and remedy malfunctions, and maintain technical security, particularly for protection against and defense from cyberattacks.

b) Legal Basis for the Processing of Personal Data

The temporary storage of technical communication data and log files is based on Article 6(1)(e) and (3) GDPR in conjunction with Section 3 of the North Rhine-Westphalia Data Protection Act (DSG NRW) and Section 3(1) of the Higher Education Act of North Rhine-Westphalia (HG NRW).

c) Data Deletion and Retention Period

Data is deleted as soon as it is no longer needed for the purpose for which it was collected. This typically occurs after no more than 14 days. Longer storage is possible in exceptional cases; in such instances, IP addresses are anonymized so that the accessing client can no longer be identified.

d) Right to Object and Right to Erasure

The collection of data for the purpose of providing the website and the storage of data in log files is absolutely necessary for the operation of the website. Consequently, there is no possibility of objection on the part of the user.

Use of Cookies and Tracking Technologies

a) Purpose and Scope of Data Processing

The website uses cookies. Cookies are small text files stored in your browser that allow your device to be recognized upon revisiting the website. If a user visits a website, a cookie may be stored in the user's operating system. This cookie contains a specific string of characters which makes it possible to identify the browser when the website is accessed again.

These cookies are used exclusively to ensure the functionality of the website. The following data may be stored and transmitted:

  • Anonymous identifiers used to authenticate logged-in website editors

b) Legal Basis for Data Processing

The processing of personal data through technically necessary cookies is based on Article 6(1)(e) and (3) GDPR in conjunction with Section 3(1) DSG NRW and Section 3(1) HG NRW.

c) Data Deletion and Retention Period

Cookies are stored on your device and transmitted from it to our site. You therefore have full control over their use. You can disable or restrict cookies through your browser settings and delete already stored cookies at any time, either manually or automatically. Please note that disabling cookies may limit some website functions.

Forms and Email Contact

a) Purpose and Scope of Data Processing

The website provides a contact form for electronic communication. When you use this form, the information you enter will be transmitted to us and stored in our systems. When submitting the form, you consent to data processing, and reference is made to this Data Protection Notice.

Alternatively, you can contact us directly via the email addresses provided; in that case, any personal data transmitted with your message will also be stored. Your data will not be shared with third parties and is used solely for handling your inquiry.

Additional personal data collected during form submission serves to prevent misuse and to safeguard the University’s IT systems.

b) Legal Basis for Data Processing

Unless otherwise stated or specified in a separate data protection notice, the legal basis for processing data collected through our various forms is Article 6(1)(a) GDPR.

This processing is carried out to fulfill the university's official tasks in accordance with Article 6(1)(e) and (3) GDPR, in conjunction with Section 3(1) DSG NRW and Section 3(1) HG NRW).

Where email contact is intended to lead to a contract, the additional legal basis for processing is Article 6(1)(b) GDPR.

c) Data Deletion and Retention Period

Data is deleted once it is no longer needed for its intended purpose. For contact forms or email inquiries, this generally occurs when the conversation has been concluded. The conversation is considered concluded once it can be inferred from the circumstances that the matter in question has been fully clarified.

d) Right of Revocation and Objection

You may revoke your consent to the processing of your personal data at any time. If you contact us by email, you may object to the storage of your data at any time; in such cases, the conversation cannot continue. All personal data stored for this purpose will then be deleted unless legal retention obligations apply.

Social Media Channels

We do not use social media plug-ins. Instead, we provide social bookmarks, which are integrated as links to the respective services and can be recognized by their logos. When you click one of these links, your browser establishes a direct connection to the servers of the relevant social network. As a result, information about your visit to our website is transmitted to the platform operator, even if you are not logged in. This information (including your IP address) is transmitted directly to the operator and stored at the operator’s location. If you are logged in to the social network, selecting the link may allow the platform to associate your visit with your profile. Please note that clicking such a link enables the respective platform to make this association.

We have no influence over the type or scope of data collected and processed by the social media operators. Information about the purpose and scope of data collection, the further processing and use of data by the platform operators, as well as your rights and settings to protect your privacy, can be found in the respective privacy notices:

LinkedIn

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

LinkedIn Privacy Policy

 

Rights of the Data Subject

Under Article 15 GDPR, you have the right to access your personal data, including information about recipients and the intended storage period. If your personal data is inaccurate, you have the right to have it corrected under Article 16 GDPR. Where legal requirements are met, you may request erasure or restriction of processing under Articles 17 and 18 GDPR.

Based on Article 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Article 6(1)(e) or (f) GDPR. In such cases, the controller will cease processing unless they can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms, or the processing is necessary for establishing, exercising, or defending legal claims. The collection of data for the provision of the website and the temporary storage of data in log files is strictly necessary for the operation of the website.

If your personal data is processed on the basis of your consent (see Article 6(1)(a) GDPR), you may withdraw your consent at any time. This withdrawal does not affect the lawfulness of any processing that occurred prior to the withdrawal.

If you believe that the processing of your personal data violates data protection law, you have the right to lodge a complaint with the competent data protection supervisory authority (LDI – Landesbeauftragte für Datenschutz und Informationsfreiheit) in accordance with Art. 77 (1) GDPR.

bottom of page