PRIVACY POLICY

This privacy policy informs you about the nature, scope, and purpose of the processing of personal data (hereinafter referred to as “data”) within our online services and the associated websites, functions, and content, as well as external online presences, such as our social media profiles (hereinafter collectively referred to as “online services”). Regarding the terminology used, such as “personal data” or its “processing,” we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Responsible party:

Company/Name: Ullrich Hans-Herbert, Ullrich Evgeniia

Landline: +49 511 9999 5101.
Phone number: +4915786287421

Email address: campus-bm@web.de

Types of data processed:

  • Inventory data (e.g., names, addresses).
  • Contact data (e.g., email addresses, telephone numbers).
  • Usage data (e.g., websites visited, interest in content, access times).
  • Meta/communication data (e.g., device information, IP addresses).

Processing of special categories of data (Art. 9 para. 1 GDPR):

  • No special categories of data are processed.

Categories of data subjects:

  • Customers / prospective customers / suppliers.
  • Visitors and users of the online service.

Hereinafter, we will refer to the data subjects collectively as “users.”

Purpose of processing:

  • Provision of the online service, its content, and functions.
  • Provision of contractual services, customer service, and support.
  • Responding to contact requests and communicating with users.
  • Security measures.

Last updated: November 1, 2025

1. Relevant legal bases

In accordance with Article 13 of the GDPR, we inform you of the legal bases for our data processing. Unless otherwise stated in the privacy policy, the following applies: The legal basis for obtaining consent is Article 6(1)(a) and Article 7 of the GDPR; the legal basis for processing data to fulfill our services and implement contractual measures, as well as to respond to inquiries, is Article 6(1)(b) of the GDPR; the legal basis for processing data to comply with our legal obligations is Article 6(1)(c) of the GDPR; and the legal basis for processing data to protect our legitimate interests is Article 6(1)(f) of the GDPR. In the event that processing personal data is necessary to protect the vital interests of the data subject or another natural person, Article 6(1)(d) of the GDPR serves as the legal basis.

2. Changes and updates to the privacy policy

We ask that you regularly review the content of our privacy policy. We will update the privacy policy as soon as changes to our data processing activities make this necessary. We will inform you if any changes require action on your part (e.g., consent) or any other individual notification.

3. Safety measures

3.1. In accordance with Article 32 of the GDPR, taking into account the state of the art, the costs of implementation, and the nature, scope, context, and purposes of processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, we implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk. These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data, as well as access to, input of, disclosure of, and ensuring the availability and separation of the data. Furthermore, we have established procedures to ensure the exercise of data subject rights, the erasure of data, and responses to data breaches. We also consider the protection of personal data during the development and selection of hardware, software, and processes, in accordance with the principles of data protection by design and by default (Article 25 of the GDPR).

3.2. The security measures include, in particular, the encrypted transmission of data between your browser and our server.

4. Cooperation with processors and third parties

4.1. If, in the course of our processing, we disclose data to other persons and companies (processors or third parties), transmit it to them, or otherwise grant them access to the data, this is done only on the basis of a legal permission (e.g., if the transfer of data to third parties, such as payment service providers, is necessary for the performance of a contract pursuant to Art. 6 para. 1 lit. b GDPR), if you have given your consent, if a legal obligation requires it, or on the basis of our legitimate interests (e.g., when using agents, web hosts, etc.).

5. Rights of data subjects

5.1. You have the right to request confirmation as to whether your personal data is being processed and to access this data, as well as further information and a copy of the data, in accordance with Article 15 GDPR.

5.2. In accordance with Article 16 GDPR, you have the right to request the completion of incomplete personal data concerning you or the rectification of inaccurate personal data concerning you.

5.3. In accordance with Article 17 GDPR, you have the right to request that your personal data be erased without undue delay, or alternatively, in accordance with Article 18 GDPR, to request the restriction of processing of your personal data.

5.4. You have the right to receive the personal data concerning you that you have provided to us, in accordance with Article 20 GDPR, and to request its transmission to another controller.

5.5. You also have the right, in accordance with Article 77 GDPR, to lodge a complaint with the competent supervisory authority.

6. Right of withdrawal

You have the right to withdraw your consent pursuant to Art. 7 para. 3 GDPR with effect for the future.

7. Right to object

You can object to the future processing of your personal data at any time in accordance with Article 21 of the GDPR. This objection can be made, in particular, against processing for direct marketing purposes.

8. Cookies and the right to object to direct marketing

We use temporary and permanent cookies, i.e., small files that are stored on users’ devices (for an explanation of the term and function, see the last section of this privacy policy). Some of these cookies are used for security purposes or are necessary for the operation of our online services (e.g., for displaying the website) or to save the user’s decision when confirming the cookie banner. In addition, we or our technology partners use cookies for audience measurement and marketing purposes, about which users are informed in the course of this privacy policy.

9. Deletion of data

9.1. The data we process will be erased or its processing restricted in accordance with Articles 17 and 18 of the GDPR. Unless expressly stated otherwise in this privacy policy, the data stored by us will be erased as soon as it is no longer required for its intended purpose and there are no legal obligations to retain it. If the data is not erased because it is required for other legally permissible purposes, its processing will be restricted. This means that the data will be blocked and not processed for other purposes. This applies, for example, to data that must be retained for commercial or tax law reasons.

9.2. Germany: According to legal requirements, records must be retained for 6 years in particular pursuant to Section 257 Paragraph 1 of the German Commercial Code (HGB) (commercial books, inventories, opening balance sheets, annual financial statements, commercial letters, accounting documents, etc.) and for 10 years pursuant to Section 147 Paragraph 1 of the German Fiscal Code (AO) (books, records, management reports, accounting documents, commercial and business letters, documents relevant for taxation, etc.).

10. Performance of contractual services

10.1. We process inventory data (e.g., names, addresses, and contact details of users) and contract data (e.g., services used, names of contact persons, payment information) for the purpose of fulfilling our contractual obligations and services in accordance with Article 6 Paragraph 1 Letter b of the GDPR. Entries marked as mandatory in online forms are required for the conclusion of the contract.

11. Making contact

11.1. When you contact us (via contact form or email), the information you provide will be processed in accordance with Article 6(1)(b) GDPR for the purpose of handling your inquiry.

11.2. Your information may be stored in our Customer Relationship Management system (“CRM system”) or a comparable system for managing inquiries.

12. Collection of access data and log files

12.1. Based on our legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR, we collect data about every access to the server on which this service is located (so-called server log files). Access data includes the name of the accessed website, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user’s operating system, referrer URL (the previously visited page), IP address, and the requesting provider.

12.2. Log file information is stored for a maximum of seven days for security reasons (e.g., to investigate misuse or fraud) and then deleted. Data whose further retention is required for evidentiary purposes is exempt from deletion until the final resolution of the respective incident.

13. Online presence on social media

13.1. We maintain online presences within social networks and platforms to communicate with customers, prospective customers, and users active there and to inform them about our services. When accessing these networks and platforms, the terms and conditions and data processing policies of their respective operators apply.

13.2. Unless otherwise stated in our privacy policy, we process user data when users communicate with us within these social networks and platforms, e.g., by posting on our online presences or sending us messages.

14. Cookies & Audience Measurement

14.1. Cookies are pieces of information that are transferred from our web server or third-party web servers to users’ web browsers and stored there for later retrieval. Cookies can be small files or other types of data storage.

14.2. Users are informed about the use of cookies for pseudonymous audience measurement in this privacy policy.

15. Integration of third-party services and content

15.1. Within our online services, we use content or service offerings from third-party providers based on our legitimate interests (i.e., our interest in the analysis, optimization, and economic operation of our online services within the meaning of Art. 6 para. 1 lit. f GDPR) to integrate their content and services, such as videos or fonts (hereinafter referred to collectively as “Content”). This always requires that the third-party providers of this Content are aware of the users’ IP addresses, as they could not send the Content to their browsers without the IP address. The IP address is therefore necessary for displaying this Content. We strive to use only Content from providers who use the IP address solely for delivering the Content. Third-party providers may also use so-called pixel tags (invisible graphics, also known as “web beacons”) for statistical or marketing purposes. These pixel tags allow information such as visitor traffic on the pages of this website to be evaluated. The pseudonymous information can also be stored in cookies on the user’s device and may include, among other things, technical information about the browser and operating system, referring websites, time of visit and other information about the use of our online service, as well as be combined with such information from other sources.

Campus für besondere Menschen. Hannover
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.