Privacy Policy

This page provides information on the collection of personal data when you visit our website. Personal data is any information concerning you personally, e.g. name, home address, email address, user behaviour.

I. Name and address of the legally accountable institution

Legally accountable institution as per art. 4 para. 7 GDPR (General Data Protection Regulation) is

Ulm University
Department of Applied Cognitive Psychology
89069 Ulm

Represented by:
Prof. Dr. Marc Ernst
Ulm University
Department of Applied Cognitive Psychology
Albert-Einstein-Allee 43
89081 Ulm

Phone: +49-(0)731/50 32050
Fax: +49-(0)731/50 32059


II. General information on data processing

1. Collection of personal data as part of providing access to the website and storage of server log files

When you use our website for purely informative reasons, we collect the personal data that your browser transfers to our server and which are technically necessary in order to present our website to you and ensure stability and safety (legal basis is art. 6 para. 1 s. 1 GDPR):

  • Date and time of request
  • IP address
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of request (access address of the specific web page)
  • Access status / HTTP status code
  • Volume of transferred data (bytes)
  • “Referrer” address, if applicable
  • Browser type
  • Operating system and surface software
  • Language and version of the browser software

We store the above-mentioned data in so-called server log files in order to ensure the website’s functionality. This also serves to optimise the website and safeguard the security of our IT systems. The stored IP addresses are made anonymous each night by way of shortening to the last two domain parts. User profiles are not created. The shortened IP addresses and all other data are statistically evaluated once a month and deleted after 15 days. The collection of data for the provision of access to the website and the storage in server log files is a necessary requirement for the operation of the website. There is no option for the user to object.

2. TLS encryption

We use state-of-the-art encryption methods (e.g. TLS) via HTTPS in order to protect the security of your data during transfer.

3. Email communication

On our website, you usually have the option to get in touch with contact persons of Ulm University via the provided email addresses. In this case, the personal data transmitted by you are being stored. Ulm University uses these data exclusively for the processing of the conversation and deletes them once the purpose has been fulfilled. Legal basis is your agreement as per art. 6 para. 1 lit. a GDPR.

You have the right to object to the use of your data any time with effect for the future.

4. Social networks

IMRF maintains web presences in the social networks Facebook, Instagram and Twitter. These presences can only be opened via links. We deliberately refrain from embedding social plug-ins in order to prevent direct data exchange.

III. Your rights as “data subject”

You have the following rights with regards to personal data concerning you:

  • Right to information and access to your personal data that are stored by us (art. 15 GDPR)
  • Right to rectification of inaccurate or incomplete personal data (art. 16 GDPR)
  • Right to erasure of stored personal data, so long as their processing is not necessary for the purpose of exercising the right to freedom of speech and information, for the fulfilment of legal obligations, for reasons of public interest or the establishment, exercise or defence of legal claims (art. 17 GDPR)
  • Right to restriction of processing of personal data (art. 18 GDPR)
  • Right to object to processing that serves our legitimate or a public interest, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defence of legal claims (art. 21 GDPR); you have the right to withdraw your consent to the processing and use of your personal data at any time with effect for the future (art. 7 para. 3 GDPR). In consequence, we must discontinue the data processing which was based on this consent in the future.
  • Right to data portability (art. 20 GDPR)

You furthermore have the right to file a complaint with the supervisory authority for data protection regarding the processing of your personal data by us. Responsible supervisory authority is the State Commissioner for Data Protection and Freedom of Information Baden-Württemberg.

IV. Changes to our Privacy Policy

To continuously keep our Privacy Policy in line with the current legal requirements, we reserve the right to amend our Privacy Policy as needed. To your own protection we recommend that you read the Privacy Policy regularly. By using our website, you accept our Privacy Policy and its updates.