Data Privacy policy

We are very pleased about your visit to our website and the interest you have shown in our offers. The protection of your personal data is of particular importance to our management. Visiting our websites is generally possible without providing your personal data. However, it may be necessary to process your personal data if you make use of a special service via the Internet pages. In this case, we always obtain your consent.

We always process your personal data confidentially and in accordance with the statutory provisions, in particular the Basic Data Protection Regulation, together with the applicable country-specific data protection regulations and this Privacy Policy.

We want you to feel safe at all times when visiting our websites, which is why we assure you that we have taken technical and organizational measures to ensure the highest possible protection of your rights and constantly work to ensure that the legal regulations are observed by both our employees and external service providers. Nevertheless, web-based services can always have security gaps, so absolute protection cannot be guaranteed. You are also welcome to send us your personal data using other communication channels, for example by post, telephone or fax.

1. Definitions of terms

The protection of your personal data is carried out in accordance with the Basic Data Protection Regulation, the Federal Data Protection Act as well as other area-specific laws and accordingly uses the same terminology, which will be explained for you below.

a) Personal data

Personal data is any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) Processing

Processing means any operation or set of operations which is performed upon personal data, whether or not by automatic means, such as collection, recording, organization, filing, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

c) Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

d) Profiling

Profiling means any type of automated processing of personal data that consists in using such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s job performance, economic situation, health, personal preferences, interests, reliability, behavior, location or change of location.

e) Pseudonymization

Pseudonymization is the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

f) Responsible party

A controller is any natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its designation may be provided for under Union or Member State law.

g) Third Party

Third party means a natural or legal person, public authority, agency or other body, other than the data subject, the controller, the processor and the persons who are authorized to process the personal data under the direct responsibility of the controller or the processor.

h) Consent

Consent of the data subject shall mean any freely given indication of his or her wishes in an informed and unambiguous manner, in the form of a declaration or other unambiguous affirmative act by which the data subject signifies his or her agreement to the processing of personal data relating to him or her.

2. Name and address of the data controller

Responsible for the processing within the meaning of the General Data Protection Regulation, as well as the data protection laws of the member states of the European Union and other area-specific laws with data protection character are:

COGNOS International GmbH

Postal address:
Kronengasse 21
D-50667 Cologne

3. Name and address of the data protection officer

The external data protection officer of the controller is:

COGNOS AG

At MediaPark 4e

50670 Cologne

Phone: +49 221 921512-782

Fax: +49 221 921512-10

E-mail: datenschutz@cognos-ag.de

Your trust and the protection of your data are important to us. We would therefore like to be available at any time to answer your questions on the subject of data protection and the processing of your data. If you would like more detailed information or have any suggestions beyond the scope of this data protection notice, please contact us at any time.

4. Rights of data subjects

b) Right to deletion

You have a right to know whether a controller is processing personal data relating to you. If this is the case, you further have a right to information about the circumstances of the data processing. This right of information extends to the respective data, the processing purposes, the categories of personal data that are processed and the recipients to whom the data are disclosed or have been disclosed. Furthermore, the planned duration of storage, the origin of the data, insofar as this was not collected from you yourself, and the existence of automated decision-making, including profiling. In addition, the right to information includes a right to information about the existence of a right to rectification or deletion of personal data and a right to information about the existence of a right of appeal to a supervisory authority.

b) Right to cancellation

You have the right to request the controller to erase the personal data concerning you without undue delay, provided that the following grounds apply and the processing is not necessary:

– The purpose of collecting or processing the data has ceased to exist or the data is no longer necessary for this purpose.

– You have exercised your right to object to data processing.

– You have revoked your consent to the data processing and there is no legal basis on which the data processing can now be based.

– The deletion was carried out on the basis of a legal obligation.

– The processing of the data was carried out without a legal basis.

c) Right to data portability

You have the right to receive personal data relating to you that you have provided to us as a controller in a structured, commonly used and machine-readable format, and you have the right to transfer this data to another controller without hindrance from the controller to whom the data was provided. This right is intended to apply where automated data processing was carried out for the performance of a contract or was based on consent. The entitlement also includes the right to obtain that the data be transferred directly from one controller to another controller, where technically feasible.

d) Right to object

The right to object includes, on the one hand, the possibility to object to the processing of one’s own data for promotional purposes. In addition, if special reasons exist, it is also possible to object to originally lawful data processing for other purposes.

e) Right to restriction of processing

With the right to restriction of processing, you can, if certain conditions are met, have your personal data blocked by the controller and thus not processed further. Thus, the blocking can be requested for the duration of the clarification, if the accuracy of the stored data is disputed.

f) Right to rectification

The right to rectification includes your right as a data subject to demand that we, as the controller, correct any inaccurate personal data relating to you without undue delay.

5. Legal bases for processing

For the majority of processing operations, we obtain consent to them from you. Then, Art. 6 (1) lit. a and Art. 7 DSGVO serve as bases for processing operations. Some of the processing may also be necessary for the fulfillment of the contract or for the initiation of the contractual relationship; this applies in particular to the delivery of the information material requested by you and the application for a study place. In this case, the legal basis for the processing is Art. 6 para. 1 lit. b DSGVO. If the processing of data is necessary due to legal obligations, for example in the case of tax information requests, the processing is based on Art. 6 (1) lit. c DSGVO. Under certain circumstances, data processing may also be required to protect vital interests of affected or other natural persons, in which case the legal basis would be Art. 6 (1) (d) DSGVO. If none of these permissible circumstances is fulfilled, the processing can still be based on Art. 6 (1) (f) DSGVO. This may come into consideration if the processing is necessary to protect a legitimate interest of our company or of third parties and provided that the interests, fundamental rights and freedoms of us as the controller are not overridden. A legitimate interest is, for example, the performance of our company’s business activities to protect the interests of our employees and shareholders, for this purpose we also use the analysis and optimization of our marketing activities. Therefore, we also consider the tracking of user behavior through cookies in the context of advertising, which does not concern sensitive data and has no personal reference, as well as the playout of personalized advertising to the user profiles determined in this way as an expression of our legitimate interests.

6. Transfers to third countries

Our website includes tools from companies based in third countries. If these tools are active, your personal data may be passed on to the servers of the respective companies.

7. Cooperation with processors and third parties

If, during our processing, we disclose data to other persons and companies (processors, affiliated companies of the COGNOS group of companies or third parties), transmit it to them or otherwise provide them with access, this is always done on the basis of an authorization circumstance (e.g. if the transmission of payment data to the company in the group of companies responsible for this is necessary for the fulfillment of the contract or if the address data is passed on to the shipping service provider in order to send the study material requested by you, in accordance with Art. 6 Para. 1 lit. b DSGVO), consent, a legal obligation, on the basis of a legitimate interest or on the basis of an order processing contract in accordance with Art. 28 DSGVO.

8. SSL encryption

To protect the security of your data during transmission, we use state-of-the-art encryption procedures via HTTPS.

9. cookies

We use cookies on our internet pages. This enables web-based applications to manage the status of an online visit and to enable smooth navigation between the individual services and content on the website. Cookies are stored on your computer’s hard drive and do not cause any harm there.A cookie is a small data file that is transferred from the web server to your terminal device if you surf our pages. A cookie only contains information that we ourselves or a third party send to your computer, private data cannot be read with a cookie. If cookies are accepted by you, we do not have access to your personal information.

Different information is stored in cookies. This is primarily used to store information about the user during or after his visit within a website. A distinction is made between temporary cookies and permanent cookies. The former are deleted when the user leaves the website. The latter remain stored even after the browser is closed. This type of cookie is also used for range measurement and analysis of user behavior. In addition, there are the so-called third-party cookies from providers other than the party responsible for the website. This website uses temporary and permanent cookies, and we explain how they work in this privacy policy.

Most browsers accept cookies by default. If you wish to prevent the use of cookies for range measurement, the analysis of user behavior and the display of personalized advertising, we ask you to deactivate the corresponding default setting in your browser. Stored permanent cookies with the purpose just mentioned can also be deleted in this way. Furthermore, you can deactivate the setting of cookies for the purpose of online marketing via the http://www.youronlinechoices.com/ch-de/praferenzmanagement website. Cookies that have already been set can also be deleted in this way. If cookies are prohibited, certain features on our pages may not be available and some web pages may not be displayed correctly.

10. Access data

When you visit our website, access data is stored by us or our hosting provider about this process in a log file. In connection with the access, we receive usage data that is temporarily stored for statistical purposes and then deleted. This data is collected exclusively for internal purposes and is not forwarded to third parties.

This includes:

– IP address of the requesting end device,

– date and time of the request,

– access method/function requested by the requesting computer,

– input values transmitted by the requesting computer (e.g. file name),

– Access status of the web server (file transferred, file not found, command not executed, etc.),

– Name of the requested file and amount of data transferred,

– URL from which the file was requested/the desired function was initiated.

We collect this data based on our legitimate interests in the functionality of our information technology systems and for security interests (clarification of attacks). The stored data is anonymized at the earliest possible time (deletion of the last octet of the IP address) or deleted and only used for the purpose of identifying and tracking unauthorized access attempts and accesses to the web server. This does not apply to data whose further retention is required for evidentiary purposes. No further evaluation, with the exception of statistical purposes in anonymous form, is carried out. This data is not assigned to specific persons. Individual user profiles are not created. The data collected in this way is processed exclusively within the scope of the EU Data Protection Directive.

11. Collection of inventory data

When using some areas of our website, we ask you as a user to collect some data that can be clearly assigned to your person. This is done when you order information material or apply for a training or study place.

In doing so, we only collect the inventory data necessary for the respective purpose, such as:

– Name,

– telephone number,

– e-mail address

Which information is specifically required can be seen from the respective input mask.

12. Hosting

The hosting services used by us serve to provide the following services: Platform services, computing capacity, storage space, database services security settings and technical service and maintenance services that are necessary for the operation of the online offer. We or our hosting provider process data on the basis of our legitimate interest in providing our online presence in accordance with Art. 6 (1) f DSGVO in conjunction with Art. 28 DSGVO. Art. 28 DSGVO inventory, contact, usage, contract, meta and communication data of interested parties, applicants, students and visitors to our website.

13. Contact option via the website

If you send us inquiries via the contact form, your information from the inquiry form, including the contact data you provide there, will be stored by us for the purpose of processing the inquiry and in case of follow-up questions. No data will be passed on to third parties. Should this nevertheless be necessary to process your request, we would obtain this from you before passing it on.

14. Deletion and blocking of personal data

We process and store your personal data only as long as this is required for storage purposes or this is provided for in regulations of the European directives and/or regulations. The duration of the storage corresponds to the respective applicable legal retention periods. The legal requirements for storage in Germany are 6 years in accordance with § 257 para. 1 HGB, 10 years in accordance with § 147 para. 1 AO, in addition, the storage obligations of the cultural laws of the states and other regulations are authoritative for us. Your data will be routinely deleted after expiration of the periods, unless they are still required for contract fulfillment or contract initiation.

15 . We use the following services:

• Cookie Consent with Real Cookie Banner
  This website uses the “Real Cookie Banner” cookie consent technology to obtain your consent to the storage of certain cookies on your end device or to the use of certain technologies and to document this in compliance with data protection regulations.

The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling, website:
https://devowl.io/de/wordpress-real-cookie-banner/ (hereinafter “Real Cookie Banner”).

When you enter the website, the following personal data is transferred to Real Cookie Banner:
(1) Your consent(s) or the revocation of your consent(s)
(2) Information about your browser
(3) Information about your device
(4) Time of your visit to the website

Furthermore, Real Cookie Banner stores a cookie in your browser in order to be able to allocate the given consent or its revocation to you. The data collected in this way is stored until you request us to delete it, the Real Cookie Banner cookie deletes it itself, or the purpose for storing the data no longer applies.
Mandatory statutory retention requirements remain unaffected.

Real Cookie Banner is used to obtain the legally required consent for the use of certain technologies. The legal basis for this is Art. 6 S. 1 lit. c GDPR.er•

• Google Web Fonts
  Google Fonts – local
  On our website we use Google Fonts from Google Inc. The company Google Ireland Limited (Gordon House, Barrow Street Dublin 4, Ireland) is responsible for the European area. We have integrated the Google fonts locally, i.e. on our web server – not on the Google servers. As a result, there is no connection to Google servers and therefore no data transmission or storage.
  This site uses so-called web fonts provided by Google for the uniform display of fonts. When you call up a page, your browser loads the required web fonts into your browser cache in order to display text and fonts correctly.
  Google Fonts service provider: Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA
  Registered office in the EU: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
  Website: https://fonts.google.com/
  Privacy Policy: https://policies.google.com/privacy
• OpenStreetMaps
  We use the open source map service “OpenStreetMaps” (also called “OSM”) from the company OpenStreetMap Foundation, 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom to display geo-data. OSM serves to offer an interactive map on our website that shows you where we have our projects worldwide.
  This service enables us to present our website in an appealing way by loading map material from an external server. The following data is transmitted to the OSM servers during display:
  Our website that you visited and the IP address of your end device. The legal basis for the processing of your data in relation to the “OSM” service is Article 6 Paragraph 1 Sentence 1 Letter f) GDPR (legitimate interest in data processing).
  The legitimate interest results from our need for an appealing presentation of our projects.
  More information on handling user data can be found in OSM’s data protection declaration: https://wiki.osmfoundation.org/wiki/Privacy_Policy

  
  The following social networks are linked to our site:

   

  In order to be able to communicate with active customers, interested parties and users and to keep them up to date on news and services in a contemporary way, we maintain a social media presence. We have linked to them on our website. Visitor data can also be processed in countries outside of Europe. Other data protection standards apply there. We would therefore like to point out that this results in risks, for example data processing is subject to other regulations with regard to transparency or legal enforcement. User data can also be used for market research and advertising purposes. User profiles can also be created from the data collected, in particular from behavior when using certain offers and the interests determined in this way. These, in turn, can also be used to place advertisements within social media, but also on other channels. This information is often collected with the help of cookies on the end devices of the users and evaluated according to certain criteria. The data stored in the social networks for the individual profiles can also be linked to the data stored with the help of cookies.

  The maintenance of appearances in social media and the resulting processing of personal data takes place on the basis of our legitimate interests in effective and up-to-date information and communication of users and interested parties in accordance with Article 6 Paragraph 1 lit. f GDPR. If consent to data processing is obtained, processing is based on Article 6 Paragraph 1 Letter a, Article 7 GDPR. We would like to ask you to observe the individual information provided by the providers with regard to the details of the individual processing and objection options. For the assertion of user rights and requests for information, we would like to point out that these are most effectively submitted to the providers. Only they have the necessary database and the technical and organizational possibilities for the measures required for this purpose. We are at your disposal for any assistance you may need.

  • Facebook
  Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.
  Data protection declaration: https://de-de.facebook.com/policy.php

  • Twitter
  Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA
  Privacy Policy: https://twitter.com/privacy

  • LinkedIn
  LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland, a subsidiary of LinkedIn Corporation, 1000 W. Maude Avenue, Sunnyvale, CA 94085 USA.
  Privacy Policy: https://www.linkedin.com/legal/privacy-policy

  • Instagram
  Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.
  Privacy Policy: https://help.instagram.com/519522125107875

Status: 01/05/2022