Skip to main content

Privacy Policy of the University of Applied Sciences Potsdam's Library

1. General information

The protection of your personal data is important to us. We only process personal data that is urgently necessary for the operation of the university library and strictly adhere to the data protection regulations of the EU general data protection regulation (GDPR) and the Brandenburg state data protection act (BdgDSG). In this privacy statement, we inform you about the most important aspects of the library's internal personal data processing and inform you about your rights as a person affected by the data processing.

The following persons will provide you with information on questions in this regard:

Head of the university library
Karen Falke
+49 331 580-2000

Responsible for data processing university library
Ulf Damerow
+49 331 580-2003

2. What data do we store?

Data collection
In order to handle library processes such as loans, reservations, renewals, inter-library loans, media orders, etc., we store a maximum of the following personal data:

User number
User group
Surname and first name
Date of birth (for unique identification)
OpacPin (encrypted)
Telephone no. (optional)
E-mail addresses
Date of admission
User fee status

This user data is automatically deleted after 6 semesters if no library transactions have been processed during this period and no further outstanding liabilities (loans or fees) have accrued. Processed transactions such as returned loans are not saved.

The above-mentioned data is also used for user notification of library transactions and messages via e-mail.

Data logging
When using digital library services that are based on the library's own platforms, data is logged that is largely not personal, such as search queries, number of hits and response times. This data is required for the collection of library statistics and is deleted annually.
The cookies required for the functionality of FHPKat are automatically deleted after the end of the search session.
IP addresses stored at the operating system level (Apache, Tomcat) are deleted after 7 days. IP addresses and user numbers are also stored in log files for the duration of 7 days via the EZproxy for the use of digital library services outside of the FHPcampus.

Via the library services of the FHP you can access numerous electronic media that are stored on platforms of third party providers. These include, for example, EbookCentral (an offer from ProQuest), various literature databases and publishing platforms with access to electronic journals and books. All providers are subject to the GDPR. Please find out exactly what data these third-party providers store and process.

3. Data exchange and order processing

The library system of the FHP with the personal data collected is hosted by the Bavarian Library Association (BVB). This is subject to the GDPR. The data transfer necessary for the operation of the library system is encrypted via SSH and stunnel. In the context of interlibrary loan, the university library works together with the cooperative library network Berlin-Brandenburg and other library networks. For the necessary library data processing, only the user numbers are passed on as personal data in encrypted form. After the library processes have been completed, this data is automatically deleted.

3.1 Internal data exchange with the department of student affairs
In order to achieve a low-threshold registration of first-year students for library use, the following personal data is transferred from the HIS to the library system:

Name and first name
Date of birth (for identification)
FHP e-mail

This data will be checked and completed during the personal library registration.

3.2 Data exchange with the Studierendenwerk
For the electronic payment of open library fees, the following data is exchanged between the library system and the Studierendenwerk (the payment system for the payment machine is run by the Studierendenwerk) in encrypted form (SSH):

User number
Name and first name

The Studierendenwerk is also subject to the legal framework of the GDPR.

4. Contact forms

Via the website of the university library you have the possibility to contact us using various online forms (online registration, renewal request, interlibrary loan, new acquisition suggestion, questions/wishes/suggestions). The personal data stored in the CMS system of the website includes the following information:

User group
Surname and first name
Date of birth (for unique identification)
E-mail address
Interlibrary loan order number
Interlibrary loan due date

When registering online, the data is transferred to the library system and after the process is completed, the mails generated by the CMS are deleted. This procedure also applies to interlibrary loan renewals. Generated mails of the forms "New acquisition proposal" and "Questions/wishes/suggestions" are deleted once a year at the end of the year.

The data of the contact forms stored in the CMS of the website are deleted at the end of each calendar year.

5. Rights

According to the GDPR, you have the right to information, correction and deletion of your data. Furthermore, you may object at any time to the processing of personal data relating to you that is collected and processed on the basis of a legitimate interest.

You can reach our data protection officer at:

Sven Hirsch
Data protection officer University of Applied Sciences Potsdam
Kiepenheuerallee 5
14469 Potsdam

You also have the right to contact a data protection supervisory authority in the event of a conflict:

The state commissioner for data protection and for the right to inspect files
Dagmar Hartge
Stahnsdorfer Damm 77
14532 Kleinmachnow
Fax: +49 33203 356-49
+49 33203 356-0


June 2018