Privacy Policy

IX. Google Custom Search

a) Scope and Purpose of Data Processing

To help you find information on our pages, we use Google Custom Search. No Google ads are displayed in the search results. The search field on this website ("Google Custom Search") is provided by Google LLC ("Google").

Your data will only be transmitted when you use the search field and submit the form entries. In this case, you acknowledge or agree that Google may use the personal data for its own purposes pursuant to Google's privacy policy (available at https://policies.google.com/privacy?hl=en-GB). The use of Google Custom Search is the sole responsibility of the user.

b) Legal Basis of Data Processing

Data processing is done subject to Article 6 paragraph 1 letter a GDPR.

c) Duration of Data Processing

Data processing is based on Google's privacy policy (https://policies.google.com/privacy?hl=en-GB).

d) Objection and Deletion Options

If you do not want to transmit data to Google or do not want to accept Google's privacy policy, please refrain from using the search feature. Only if you use the search field will data be transmitted to Google.

If you do not want to use this service, you can use https://duckduckgo.com/?s ite=www.lmu.de or https://www.qwant.com/?q=site:www.lmu.de to search our website.

<h2 >Specific information on data processing on the LMU internet pages

X. Your Data Protection Rights

Personal data is processed to the extent described above on LMU's website. To this extent, you are a data subject as defined by the GDPR and you have the following rights with respect to LMU:

X.1 Right of Access

Pursuant to Article 15 GDPR, you may request confirmation from LMU as to whether we are processing personal data relating to you.

If such processing is taking place, you may request information about the personal data being processed and the following additional information:

• The purposes for which the personal data is processed;
• The categories of personal data being processed;
• The recipients or categories of recipient to whom the personal data relating to you has been or will be disclosed;
• The planned duration of storage of the personal data relating to you or, if specific information on this is not possible, criteria for determining the storage period;
• The existence of a right to rectification or erasure of the personal data relating to you, a right to restriction of processing by the controller or controllers, and a right to object to such processing;
• The right to lodge a complaint with a supervisory authority; the data protection supervisory authority directly responsible for LMU is the Bavarian Data Protection Commissioner (https://www.datenschutz-bayern.de/index.html.en).
• Any available information about the source of the data, if the personal data is not collected from you;
• The existence of automated decision-making, including profiling, pursuant to Article 22 paragraphs 1 and 4 GDPR and, at least in these cases, meaningful information about the logic involved and the scope and intended effects of such processing for the data subject;
• You have the right to request information about whether personal data relating to you is transmitted to a third country or to an international organization. In this context, you may request to be informed about the appropriate safeguards pursuant to Article 46 GDPR in connection with the transmission.
• The right to access information is subject to legal restrictions and does not apply absolutely, but rather is limited in particular in the following cases:
• If a large amount of information is stored about the data subject, LMU may require specification as to what information or processing operations the request for information specifically relates to.
• Manifestly unfounded or excessive requests or frequent repetitions may lead to rejection or to an obligation to reimburse costs.
• The provision of information must not infringe the rights of LMU or other persons (in this respect, professional secrecy, business secrecy, data relating to other persons are excluded).
• Under the conditions specified in Article 10 BayDSG, information may be withheld.
• If data is processed for scientific or historical research purposes and for statistical purposes, your right to access data may be further restricted to the extent that it is likely to render impossible or seriously impair achievement of the research or statistical purposes and restriction is necessary for fulfillment of those purposes (Article 25 BayDSG).

X.2 Right to Rectification

Pursuant to Article 16 GDPR, you have a right of rectification and/or completion with respect to LMU, if the personal data processed relating to you is inaccurate or incomplete. LMU will rectify the data without undue delay to the extent required by law.

If data is processed for scientific or historical research purposes and for statistical purposes, your right to rectification may be further restricted to the extent that it is likely to render impossible or seriously impair achievement of the research or statistical purposes and restriction is necessary for fulfillment of those purposes (Article 25 BayDSG).

X.3 Right to Restriction of Processing

Under the following conditions, you may request the restriction of the processing of personal data relating to you pursuant to Article 18 GDPR:

• If you dispute the accuracy of the personal data relating to you for a period enabling LMU to verify the accuracy of the personal data;
• Processing is unlawful and you object to the erasure of the personal data and request the restriction of the use of the personal data instead;
• LMU no longer requires the personal data for the purposes of processing, but you need them for the assertion, exercise, or defense of legal claims, or
• If you have objected to the processing pursuant to Article 21 paragraph 1 GDPR and it has not yet been determined whether the legitimate grounds of LMU override your legitimate interests.

Where the processing of personal data relating to you has been restricted, such data may be processed, with the exception of their storage, only with your consent or for the assertion, exercise, or defense of legal claims or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or a Member State.

If processing has been restricted pursuant to the above conditions, you will be informed by LMU before the restriction is lifted.

If data is processed for scientific or historical research purposes and for statistical purposes, your right to restriction of processing may be further restricted to the extent that it is likely to render impossible or seriously impair achievement of the research or statistical purposes and restriction is necessary for fulfillment of those purposes (Article 25 BayDSG).

X.4 Right to Erasure ('Right To Be Forgotten')

Pursuant to Article 17 GDPR, you may demand that LMU immediately erase the personal data relating to you. LMU is obligated to immediately erase this data if one of the following reasons applies:

• The personal data relating to you is no longer necessary for the purposes for which it was collected or otherwise processed, and processing for other purposes is unlawful.
• You withdraw your consent on which processing was based pursuant to Article 6 paragraph 1 letter a or Article 9 paragraph 2 letter a GDPR and there is no other legal basis for processing.
• You object to processing pursuant to Article 21 paragraph 1 GDPR and there are no overriding legitimate grounds for processing, or you object to processing pursuant to Article 21 paragraph 2 GDPR.
• The personal data relating to you has been processed unlawfully.
• The erasure of the personal data relating to you is necessary for fulfillment of a legal obligation under Union or Member State law to which the controller is subject.
• The personal data relating to you has been collected in connection with information society services offered pursuant to Article 8 paragraph 1 GDPR.
• If LMU has made public the personal data relating to you and is obligated to erase it pursuant to Article 17 paragraph 1 GDPR, it shall take reasonable steps, including technical measures, to inform data controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to, or copies or replications of such personal data, taking into account the available technology and the cost of implementation.
• The right to erasure does not apply to the extent that processing is necessary for the exercise of the right to freedom of expression and information.
• For compliance with a legal obligation which requires processing under Union law or the law of a Member State which LMU is subject to, or for the performance of a task carried out in the public interest, or in the exercise of official authority vested in LMU.
• For reasons of public interest in the area of public health pursuant to Article 9 paragraph 2 letters h and i and Article 9 paragraph 3 GDPR.
• For archiving purposes in the public interest, scientific or historical research purposes, or for statistical purposes pursuant to Article 89 paragraph 1 GDPR, if the right referred to in (a) above is likely to render impossible or seriously impair the achievement of the objectives of such processing; or
• For the assertion, exercise, or defense of legal claims.

X.5 Right to Notification

If you have asserted the right to rectification, erasure, or restriction of processing with respect to LMU, we are obligated pursuant to Article 19 GDPR to notify all recipients to whom the personal data concerning you has been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right with respect to LMU to be notified about these recipients.

X.6 Right to Data Portability

Under the conditions of Article 20 GDPR, you have the right to receive the personal data concerning you that you have provided to LMU in a structured, common, and machine-readable format. In addition, you have the right to transmit this data to another controller without hindrance by LMU, provided that processing is based on consent pursuant to Article 6 paragraph 1 letter a GDPR or Article 9 paragraph 2 letter a GDPR or on a contract pursuant to Article 6 paragraph 1 letter b GDPR and processing is carried out with the help of automated means.

In exercising this right, you also have the right to have the personal data relating to you transmitted directly from LMU to another controller if technically feasible. The freedoms and rights of others must not be affected by this.

The right to data portability does not apply to the processing of personal data necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in LMU.

X.7 Right to Object

Under the conditions of Article 21 GDPR, you have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6 paragraph 1 letter e or f GDPR.

LMU will no longer process the personal data relating to you unless it can demonstrate compelling legitimate grounds for processing which override your interests, rights, and freedoms, or for the assertion, exercise, or defense of legal claims.

You have the option, in the context of the use of information society services, notwithstanding Directive 2002/58/EC, to exercise your right to object by means of automated means using technical specifications.

Where personal data relating to you is processed for scientific or historical research purposes and for statistical purposes pursuant to Article 89 paragraph 1 GDPR, you also have the right to object to such data processing on grounds relating to your particular situation.

Your right to object may be restricted to the extent that it is likely to render impossible or seriously impair the achievement of the research or statistical purposes and the restriction is necessary for the fulfillment of those purposes (Article 25 BayDSG).

X.8 Right to Withdraw the Declaration of Consent under Data Protection Law

You have the right to withdraw your declaration of consent under data protection law at any time with effect for the future. The right of withdrawal will not affect the lawfulness of processing based on consent before its withdrawal (Article 7 paragraph 3 GDPR). Withdrawal must always be declared to the department at LMU that obtained the consent or to whom you gave your consent.

X.9 Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, place of work, or the place of the alleged infringement if you believe that the processing of personal data relating to you infringes the GDPR (Article 77 GDPR).

The supervisory authority responsible for LMU is the Bavarian Data Protection Commissioner (https://www.datenschutz-bayern.de). The supervisory authority with which the complaint has been lodged shall inform the complainant of the progress and outcome of the complaint including the possibility of a judicial remedy pursuant to Article 78 GDPR.

X.10 Assertion of Rights

If you believe that the processing of the personal data relating to you violates the GDPR or if you wish to otherwise exercise your rights, please first get in touch with the contact person responsible for the content of the respective website — as named in the imprint — and/or the responsible department with which you have been in contact regarding the data processing in question, as this will make a prompt review and any necessary remedial action possible on your behalf. This particularly applies if you wish to withdraw your consent. You can also contact the data protection officer at LMU. It is our goal and ambition to immediately clarify any questions related to data protection and to resolve any data protection issues without delay.

1. Scope and Purpose of Data Processing

Some of LMU's websites use the map service Google Maps. The provider is Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The map service can be used to display geographical information for contacts and directions. The use of Google Maps is not absolutely required to get information from our website and therefore it is entirely up to you if you want to use it. However, embedding Google Maps on our website is done to increase the attractiveness of our website and to ensure that you can quickly and easily find the places we have indicated on our website. This is done as part of LMU's public relations work.

Embedding takes place exclusively using an API (2-click solution). In this programming interface, only when you click the "Switch to Google Maps" button will data be transmitted to Google.

When using Google's features, Google processes your IP address and possibly other personal data (e.g., information on the use of this website or sub-pages or the data provided in Google Maps, the language of the system, and various browser-specific details). When accessing the site with a GPS-enabled device, the location may also be transmitted. Google uses cookies.

This provides Google with information, among other things, that you have accessed our website or the sub-page. This information is usually transmitted to a Google server in the USA and stored there. This occurs regardless of whether Google provides a user account which you are logged into or whether there is no user account. If you are logged into Google, your data can be associated with your user account.

If you do not want this data to be associated with your profile at Google, you must first log out of your user account at Google before switching to Google Maps. However, Google stores your data (even for users who are not logged in or registered) as usage profiles and evaluates them for its own purposes of advertising, market research, and needs-based design of its websites and may also inform other users of the social network (e.g., Google+) about your activities on our website.

More information about the handling of usage data is available in Google's terms of service and privacy policy.

Google's terms of service are available at https://policies.google.com/terms?hl=en-GB and for Google Maps at https://www.google.com/intl/en_US/help/terms_maps/.

Google's privacy policy is available at https://policies.google.com/privacy?hl=en-GB and https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active and for Google Maps at https://www.google.com/intl/en_US/help/terms_maps/.

2. Legal Basis of Data Processing

Data processing is done subject to Article 6 paragraph 1 letter a GDPR. When you access the respective pages, you will be asked for your consent to use the map service under these terms and conditions. You can withdraw this declaration of consent at any time.

3. Duration of Data Processing

LMU does not process any additional personal data on its website when Google Maps is used. LMU has no influence on the type, scope, and duration of the data processed by Google, the way in which it is processed and used, or the disclosure of this data to third parties. LMU also has no effective means of control.

4. Objection and Deletion Options

You have the right to object to the creation of these usage profiles, although you must contact Google directly and exclusively to exercise this right. As the provider of its website, LMU has no influence over this data processing. If you do not agree to the transmission of your personal data to Google, do not click on "Switch to Google Maps." No data will then be transmitted to Google, but no map will be opened either.

Alternatively, you also have the option of changing your personal settings in Google's Privacy Center (https://policies.google.com/privacy?hl=en).

II. Use of Social Media and Social Media Icons and Links

Our presence on social media is part of our public relations work. Our aim is to provide information tailored to the target group and to exchange ideas with you. This also enables us to make quick contact with you online and to communicate directly with you through the media of your choice, art. 16 BayDig, Section 5 paragraph 1 no. 2 DDG. When using social media icons from Facebook, Instagram, Twitter, and YouTube on LMU's website, no automatic transmission of your personal data takes place. To avoid automatic data transmission to social media providers, the content embedded on LMU's website is based on a link. No social media plugins are used on LMU's website for data protection reasons.

II.1 Data Protection Provisions on the Use and Application of Facebook and Facebook Icons

Our website uses social media icons of the social network facebook.com. The web pages at https://www.facebook.com/ and the services on these pages are provided by Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland, ("Facebook"). The icons feature a Facebook logo.

1. Scope and Purpose of Data Processing

We use social media icons from Facebook only in extended privacy mode. By default, no automated connection is made to Facebook's servers. This means that Facebook does not receive any data from website visitors when they access LMU's website.

If you are logged into Facebook while visiting our website, Facebook can associate the visit with your Facebook account. If you interact with Facebook, this information is transmitted directly from your browser to Facebook and stored there. We are not aware of what data Facebook associates with the personal data received and for what purpose Facebook uses this data.

If you are not a user of Facebook, there is still the possibility that Facebook will store your IP address.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by Facebook.

The purpose and scope of data collection and the further processing and use of data by Facebook is available in Meta’s privacy policy at https://www.facebook.com/about/privacy/.

2. Legal Basis of Data Processing

The data processing takes place for the performance of a public task and in the public interest in accordance with Article 6 paragraph 1 letter e, paragraph 3 GDPR in conjunction with Article 4 paragraph 1 of the BayDSG and serves the purpose of public relations (Article 2 of the BayHIG).

For data processing by Meta in the USA, there is currently no recognised adequate level of data protection within the meaning of Article 45 paragraph 1 GDPR, particularly because unauthorized access by third parties is not effectively excluded and the exercising of rights by data subjects is not effectively ensured. However, we take suitable measures to protect personal data. To the extent possible, we work with Meta to arrange the standard EU data protection clauses and provide for additional technical and organizational protective measures.

The use of Facebook is the responsibility of the user based on Meta’s privacy policy (https://www.facebook.com/about/privacy/; https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).

3. Duration of Data Processing

LMU has no influence on the type, scope, and duration of the data processed by Meta, the way in which it is processed and used, or the disclosure of this data to third parties. LMU also has no effective means of control.

4. Objection and Deletion Options

Please refer to Meta’s privacy policy at https://www.facebook.com/about/privacy/ for your rights and settings options for protecting your privacy on Facebook.

If you do not want Facebook to be able to associate your visit to our website with your Facebook account, please log out of your Facebook account, delete the respective cookies, and block the execution of script content from Facebook in your browser, e.g., with script blockers from https://www.noscript.net or https://www.ghostery.com.

II.2 Data Protection Provisions on the Use and Application of Instagram and Instragram Icons

Our website uses social media icons of the social network instagram.com. Instagram is an ad-supported online photo and video sharing service owned by Meta. The icons feature an Instagram logo.

1. Scope and Purpose of Data Processing

We use social media icons from Instagram only in extended privacy mode. By default, no automated connection is made to Instagram's servers. This means that Instagram does not receive any data from website visitors when they access LMU's website.

If you are logged into Instagram while visiting our website, Instagram can associate the visit with your Instagram account. If you interact with Instagram, this information is transmitted directly from your browser to Instagram and stored there. We are not aware of what data Instagram associates with the personal data received and for what purpose Instagram uses this data.

If you are not a user of Instagram, there is still the possibility that Instagram will store your IP address.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by Instagram.

The purpose and scope of data collection and the further processing and use of data by Instagram is available in Instagram's privacy policy at https://help.instagram.com/519522125107875.

2. Legal Basis of Data Processing

Data processing is carried out for the performance of a public task and in the public interest in accordance with Article 6 paragraph 1 letter e, paragraph 3 GDPR in conjunction with Article 4 paragraph 1 of the BayDSG and serves the purpose of performing public relations (Article 2 BayHIG).

For data processing in the USA, there is currently no adequate level of data protection within the meaning of Article 45 paragraph 1 GDPR, particularly because unauthorized access by third parties is not effectively excluded and the exercising of rights by data subjects is not effectively ensured. However, we take suitable measures to protect personal data. To the extent possible, we work with Instagram to arrange the EU standard contractual clauses and provide for additional technical and organizational protective measures.

The use of Instagram is the responsibility of the user based on Instagram's privacy policy (https://help.instagram.com/519522125107875).

If you do not want Instagram to be able to associate your visit to our website with your Instagram account, please log out of your Instagram account, delete the respective cookies, and block the execution of script content from Instagram in your browser, e.g., with script blockers from https://www.noscript.net or https://www.ghostery.com.

II.3 Data Protection Provisions on the Use and Application of Bluesky and Bluesky Icons

Our website uses social media icons from the provider Bluesky (https://bsky.social).

We use the technical platform and services of Bluesky PBLLC (Cherry St # 24821 Seattle, Washington 98104-2205, USA) for the short message service offered here at https://bsky.app/profile/lmu.bsky.social. Bluesky is a decentralized service consisting of a large number of servers (“Bluesky instances”) operated by private individuals or organizations. Our account is located on the Bluesky instance “bluesky.social”, which is operated by Bluesky PBLCC. Bluesky PBLLC has confirmed that it complies with European Union law (https://apps.apple.com/de/app/bluesky-social/id6444370199).

1. Scope and Purpose of Data Processing

When you visit our website at lmu.de, no data is transferred to Bluesky. Personal data will only be transferred to Bluesky when you explicitly confirm the Bluesky icon or use Bluesky and the “RePost” function. Your data may be assigned to the data of your Bluesky account or your Bluesky profile and disclosed to other users.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by Bluesky. We have no influence on the type and scope of the data processed by Bluesky, the type of processing and use or disclosure of this data to third parties.

Information about which data is processed by Bluesky and for what purposes it is used and further data protection information can be found in Bluesky's privacy policy at Bluesky App Privacy Policy or at https://bsky.social/about/support/privacy-policy.

2. Legal Basis of Data Processing

Data processing by Bluesky is carried out for the performance of a public task and in the public interest in accordance with Art. 6 paragraph 1 letter e, paragraph 3 GDPR in conjunction with Art. 4 paragraph 1 BayDSG. Art. 4 paragraph 1 BayDSG and serves the purpose of public relations (Art. 2 BayHIG).

The use of Bluesky and its functions is the sole responsibility of the respective user on the basis of Bluesky's data protection guidelines (Bluesky App Privacy Policy). This applies in particular to the use of interactive functions (e.g. sharing, rating). Alternatively, you can also access the information offered on this page at https://www.lmu.de/newsroom/.

3. Duration of Data Processing

LMU has no influence on the type, scope and duration of the data processed by Bluesky, the type of processing and use or the transfer of this data to third parties. LMU also has no effective means of control.

As far as possible, your data will be deleted when we cease to operate our Bluesky website. Any further storage of this data by Bluesky is governed exclusively by the provisions of the Bluesky Privacy Policy and the Bluesky Terms of Use.

4. Objection and Deletion Options

For a detailed description of the respective forms of processing and the opt-out options, please refer to Bluesky's privacy policy and information:

• Information on what data is processed by Bluesky and for what purposes can be found in Bluesky's privacy policy: Bluesky App Privacy Policy
• Further information on these points is available on the following Bluesky support pages: https://bsky.social/about/support
• Information on the available personalization and data protection setting options can be found here (with further links): Privacy and Security - Bluesky
• You also have the option of requesting information via the Bluesky data protection form or via the archive: https://bsky.social/about/support/network-services-privacy-notice

If you do not want Bluesky to be able to associate your visit to our website with your Bluesky account, please log out of your Bluesky account, delete the relevant cookies and block the execution of script content from Bluesky in your browser, e.g. with script blockers from https://www.noscript.net or https://www.ghostery.com.

On mobile devices (smartphones, tablet computers), you should restrict Bluesky's access to contact and calendar data, photos, location data, etc. in the settings options there. However, this depends on the operating system used.

You also have the option of contacting Bluesky directly regarding data protection issues: https://bsky.social/about/support/privacy-policy#contact.

II.4 Data Protection Provisions on the Use and Application of X (formerlyTwitter) and X Icons

Our website uses social media icons of the provider Twitter (https://x.com). They are provided by Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA. For those residing within the EU, the responsible company is the Irish company Twitter International Company, One Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Ireland (https://legal.x.com/de/imprint). The icons feature a X logo.

1. Scope and Purpose of Data Processing

By using X and the "re-tweet" feature, the websites you visit are associated with your X account and disclosed to other users. Data is also transmitted to X.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by X.

More information about this is available in X’s privacy policy at https://x.com/privacy.

2. Legal Basis of Data Processing

Data processing is carried out for the performance of a public task and in the public interest pursuant to Article 6 paragraph 1 letter e, paragraph 3 GDPR in conjunction with Article 4 paragraph 1 BayDSG and serves the purpose of public relations (Article 2 BayHIG).

For data processing in the USA, there is currently no adequate level of data protection within the meaning of Article 45 paragraph 1 GDPR, particularly because unauthorized access by third parties is not effectively excluded and the exercising of rights by data subjects is not effectively ensured. However, we take suitable measures to protect personal data. To the extent possible, we work with Twitter to arrange the EU standard contractual clauses and provide for additional technical and organizational protective measures.

The use of X is the responsibility of the user based onX’s privacy policy (https://x.com/privacy).

3. Duration of Data Processing

LMU has no influence on the type, scope, and duration of the data processed by Twitter, the way in which it is processed and used, or the disclosure of this data to third parties. LMU also has no effective means of control.

4. Objection and Deletion Options

For a detailed description of the respective forms of processing and the
opt-out options, please refer to the data protection declarations and information provided by operator X at https://x.com/de/privacy.

If you do not want X to be able to associate your visit to our website with your Twitter account, please log out of your Twitter account, delete the respective cookies, and block the execution of script content from Twitter in your browser, e.g., with script blockers from https://www.noscript.net or https://www.ghostery.com/.

II.4 Data Protection Provisions on the Use and Application of YouTube and YouTube Icons

Embedded on some of our web pages are videos from the third-party video platform YouTube (https://www.youtube.com) operated by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. YouTube is a video portal owned by YouTube, LLC, a subsidiary of Google LLC. The icons feature a YouTube logo.

1. Scope and Purpose of Data Processing

We use embedded YouTube videos in extended privacy mode. By default, only disabled images from the YouTube channel are embedded, which do not automatically make a connection to YouTube's servers. This means that YouTube does not receive any data from website visitors when they access LMU's website.

You can decide for yourself whether the YouTube videos should be enabled. Only when you enable the playback of the videos by clicking "Permanent Activation" do you give your consent for the data required for this (including the URL of the current website and the IP address) to be transmitted to YouTube. When playing the videos, YouTube may store additional cookies via your browser and associate the data with its own user profiles or use the data for its own purposes. We have no influence over this storage.

We would like to point out that we have no knowledge of the content of the transmitted data or its use by YouTube.

To save the setting you want, we set a cookie that saves the parameters. However, when setting these cookies, we do not store any personal data; they only contain anonymized data for adjusting the browser. The videos are then enabled and you can play them.

If you enable YouTube videos and are logged in as a member of YouTube, YouTube will associate this information with your personal user accounts. For more information on the collection and use of data by YouTube, please refer to YouTube's privacy policy at https://www.google.com/intl/de/policies/privacy/; https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.

2. Legal Basis of Data Processing

Data processing is carried out for the performance of a public task and in the public interest pursuant to Article 6 paragraph 1 letter e, paragraph 3 GDPR in conjunction with Article 4 paragraph 1 BayDSG and serves the fulfillment of public relations (Article 2 BayHIG).

Due to data processing in the USA, however, there is currently no adequate level of data protection within the meaning of Article 45 paragraph 1 GDPR, particularly because unauthorized access by third parties is not effectively excluded and the exercising of rights by data subjects is not effectively ensured.

The use of YouTube is the responsibility of the user based on YouTube's privacy policy (https://policies.google.com/privacy?hl=en-GB).

3. Duration of Data Processing

LMU has no influence on the type, scope, and duration of the data processed by YouTube, the way in which it is processed and used, or the disclosure of this data to third parties. LMU also has no effective means of control.

4. Objection and Deletion Options

If you would like to disable the automatic playing of YouTube videos again, you can uncheck the box for consent below the privacy icon. This will also update the cookie settings.

For any options to object, we refer to the privacy policy and information from the operator YouTube:

• Information on what data is processed by YouTube/Google and for what purposes is available in YouTube and Google's privacy policy: https://policies.google.com/privacy?hl=en-GB
• Option to object (opt-out plugin): https://tools.google.com/dlpage/gaoptout?hl=en
• Settings for the display of ads: https://adssettings.google.com/authenticated

If you do not want YouTube to be able to associate your visit to our website with your YouTube account, please log out of your YouTube account, delete the respective cookies, and block the execution of script content from YouTube in your browser, e.g., with script blockers from https://www.noscript.net or https://www.ghostery.com.

III. Data Processing as Part of the "Online Donation Tool to Support Research and Teaching at LMU Munich"

1. Scope and Purpose of Data Processing

On our websites https://www.lmu.de/stiftungen and https://www.lmu.de/en/workspace-for-students/student-support-services/finance-your-studies/scholarships/deutschlandstipendium/index.html (Stiftungen@LMU as well as the Deutschlandstipendium program coordination), we use the online donation tool to enable and process online donation payments (financial services). They are used for supporting research and teaching at LMU. Responsible for this are Stiftungen@LMU (https://www.uni-muenchen.de/kooperationen/stiftungen/index.html) and Deutschlandstipendium program coordination.

Your data will be collected in order to

• Process online donation payments to LMU (in a business and accounting sense) and to manage the charitable contribution
• Be able to contact donors in connection with the charitable contribution (e.g., for expressions of thanks) and for the transmission of information about LMU's activities

2. Legal Basis of Data Processing

The legal basis for processing is Art. 6 paragraph 1 letter b GDPR (charitable pledge pursuant to Section 516 et seq. of the German Civil Code (BGB)) on the basis of consent (Article 6 paragraph 1 letter a GDPR).

The charitable contribution is voluntary, but it is not possible without your personal data. Your personal data will be transmitted to the contract data processor Wikando GmbH, Schießgrabenstr. 32, 86150 Augsburg, Germany, as the technical operator of the online donation tool. A data processing agreement pursuant to Article 28 GDPR has been concluded. Transmission of your personal data to a third country or an international organization does not take place.

3. Duration of Data Processing

After being collected by LMU, your data is stored for as long as it is necessary to fulfill the purpose. This means that we retain your data for reasons of budgetary and tax law until the end of the statutory retention periods (currently up to ten years pursuant to Section 147 of the German Fiscal Code (AO)).

4. Objection and Deletion Options

You have the option of withdrawing, objecting to, and requesting the erasure of your data. The withdrawal, objection, or request for erasure will be considered as a withdrawal of the application for a scholarship or a waiver of a scholarship.

IV. Data Processing as Part of Submitting Applications

1. Scope and Purpose of Data Processing

LMU collects and processes personal data of applicants for the purpose of filling public positions at LMU and, for this purpose, to ensure a lawful examination of the applications as part of the application process and to be able to make a selection decision. The data provided is collected, stored, and processed electronically. In particular, this comprises:

• Personal data (first name and last name, date of birth, address, school degree, severe disability, if applicable)
• Communication data (telephone number, cell phone number, fax number, email address)
• Education data (school, vocational training, university studies, doctoral studies, habilitation)
• Data on your professional career to date, educational and work references
• Information on other qualifications (e.g., language and PC skills)
• Application photo, if applicable
• Additional data required for the vacant position

The personal data you provide will be used exclusively for processing the application for the open position. The data will only be disclosed to persons involved in the application process. They may also include external experts, e.g., for appointment procedures, who are sworn to secrecy.

Unauthorized disclosure to third parties or third countries does not take place.

2. Legal Basis of Data Processing

Data processing is performed pursuant to Article 6 paragraph 1 sentence 1 letter b GDPR, Article 9 paragraph 2 letters b and h GDPR, Article 88 paragraph 1 GDPR, and Article 8 paragraph 1 sentence 1 nos. 2 and 3 BayDSG. By submitting your application, you confirm that you consent to data processing as part of and for the duration of the selection procedure. If an employment relationship is established following the application process, the personal data required in the context of employment will be processed in accordance with Article 88 paragraph 1 GDPR in conjunction with Article 8 BayDSG and, if applicable, in conjunction with Article 103 et seq. BayBG [Bavarian Civil Service Act].

3. Duration of Data Processing

If no employment relationship is established following the application process, the application documents are erased six months after notification of the rejection decision. The erasure period results from Article 17 paragraph 3 letter b GDPR in conjunction with Section 15 paragraph 4 AGG [General Equal Treatment Act], and Section 61b paragraph 1 ArbGG [Labor Court Act].

4. Objection and Deletion Options

You have the option of objecting to data processing and requesting the erasure of your data. Your objection or any request for erasure will prevent the data from being processed and will therefore be deemed to be a withdrawal of the application. Applicants will receive additional information on data protection from the department responsible for filling the position following receipt of the application.

V. Photo Publication

1. Scope and Purpose of Data Processing

During events and appointments, photos may be taken in which you may be identifiable. These photos may be published on LMU's website.

2. Legal Basis of Data Processing

Data processing is performed as part of public relations work pursuant to Article 6 paragraph 1 letter e GDPR in conjunction with Article 4 paragraph 1 BayDSG, Article 2 BayHIG, or based on your consent pursuant to Article 6 paragraph 1 letter a GDPR.

3. Duration of Data Processing

Data processing will be performed as long as it is necessary for the fulfillment of the LMU's tasks or until your consent is withdrawn.

4. Objection and Deletion Option

You can object to photos being taken and/or published. You can withdraw your consent at any time with effect for the future.

VI. Processing of personal data in contractual relationships

LMU processes personal data as a contracting party under civil law or as a public law office. Examples of this are the procurement of office materials, IT or auxiliary services. In pursuing its own interests, LMU may also process the personal data of the contracting party's employees. LMU's interest lies in the initiation, conclusion and execution of such contractual relationships.

LMU's Privacy Policy applies to all of LMU's websites for which LMU is responsible under data protection law.

It applies as a supplement to the extent that LMU processes personal data at its own responsibility on social networks:

• https://de-de.facebook.com/
• https://www.instagram.com/
• https://www.youtube.com/
• https://bsky.app/
• https://www.instagram.com/lmu.muenchen/
• https://www.youtube.com/channel/UCmIoovqeiujBp1sZHI7-poQ
• https://de.linkedin.com/school/lmu.muenchen/
• https://de-de.facebook.com/lmu.muenchen/
• https://web-cdn.bsky.app/profile/lmumuenchen.bsky.social

When we provide links to websites of other organizations, this Privacy Policy does not apply to the processing of personal data by those organizations. We therefore recommend that you read the privacy policies on the other websites you visit.

A supplementary Privacy Policy may also apply to the respective LMU website, to the extent that the person or persons responsible for the content of the LMU website perform additional processing of personal data and provide information about this. This applies in particular if specific services are provided by individual departments or units. In each case, the supplementary data protection information on each of LMU's websites is part of LMU's Privacy Policy.

LMU's Privacy Policy for its website was last revised on 24/06/2024. We reserve the right to update this Privacy Policy from time to time to reflect current legal requirements and technical changes and to implement our services and offerings in a manner that complies with data protection laws. If this is the case, we will update the date in this statement. For your visit to an LMU website, the current version applies at the time of the visit.

Revised 01/04/2025