Privacy policy

General data protection information

This data protection information is divided into two levels. The first level comprises general information that applies to all PLUS processing activities. On the corresponding subpages, you will find information that relates specifically to individual processing activities of the PLUS. Processing activities of individual research projects are not included. You will find this information in the context of the respective research project.

Responsible for data processing
Paris Lodron University Salzburg
Kapitelgasse 4-6
5020 Salzburg
+43(0) 662 8044-0
rector@plus.ac.at

Contact data protection officer
Paris Lodron University Salzburg
Data Protection Officer
Kapitelgasse 4-6
5020 Salzburg
+43 662 8044 2007
datenschutz@plus.ac.at

Contact data protection authority
Austrian Data Protection Authority
Barichgasse 40-42
1030 Vienna
+43 1 52 152-0
dsb@dsb.gv.at

Your rights
You have the following rights in connection with data processing by PLUS:

Right to information
Right to rectification
Right to cancellation
Right to restriction
Right to data portability
Right to object
Right to withdraw consent
The right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

Further information on these rights and the modalities for asserting these rights can be found at here.

Types of data processed and purposes of processing

Server log files

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data is collected:

IP address of the requesting computer
Date and time of access
Name and URL of the retrieved file
Website from which the access is made (referrer URL)
Browser used and, if applicable, the operating system of your computer and the name of your access provider

The data is stored in the log files of our system. This data is not merged with other personal data of the user.

Legal basis: The temporary storage of data and log files is based on Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in improving the stability and functionality of our website.

Storage duration: The data is deleted as soon as it is no longer required to fulfil the purpose for which it was collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended. If the data is stored in log files, this is the case after 7 days at the latest.

WordPress cookies

Our website uses WordPress as a content management system. WordPress sets the following cookies by default:

wordpress_test_cookieTests whether cookies can be set. Expires at the end of the browser session.
wordpress_logged_in_[hash]Is set after login and saves your authentication. Expires at the end of the browser session.
wordpress_sec_[hash]Is set after login and saves your authentication. Expires at the end of the browser session.
wp-settings-[UID]Is used to customise the view of the administration area and possibly also the view of the main website. Expires after one year.
wp-settings-time-[UID]Is used to customise the view of the administration area and possibly also the view of the main website. Expires after one year.

Legal basis: The processing is carried out on the basis of Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the optimal functionality of the website.

Hosting and data transmission

Our website is hosted by the hosting provider netcup GmbH, Daimlerstraße 25, 76185 Karlsruhe, Germany. This provider processes personal data on our behalf as part of an order processing contract in accordance with Art. 28 GDPR. This includes the server log data collected when you visit our website.

Legal basis: Data processing by our hosting provider is carried out on the basis of Art. 6 para. 1 lit. f GDPR. Our legitimate interest lies in the secure and efficient provision of our website.

No disclosure to third parties

Your personal data will not be passed on to third parties for purposes other than those listed below. We only pass on your personal data to third parties if:

you have given your express consent to this in accordance with Art. 6 para. 1 lit. a GDPR
the disclosure pursuant to Art. 6 para. 1 lit. f GDPR is necessary for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data
in the event that there is a legal obligation for disclosure pursuant to Art. 6 para. 1 lit. c GDPR
this is legally permissible and necessary for the processing of contractual relationships with you in accordance with Art. 6 para. 1 lit. b GDPR

No use of analysis tools and tracking

We deliberately refrain from using web analysis tools such as Google Analytics, Matomo or similar services. No tracking cookies are set and no user profiles are created.

Technical and organisational protective measures

In accordance with Art. 32 GDPR, we take appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.

The measures include in particular

Encryption of the website using SSL/TLS
Regular updates of the WordPress content management system
Restricting access to personal data to authorised persons
Regular backups to ensure availability

Up-to-dateness and amendment of this privacy policy

This privacy policy is currently valid and was last updated in March 2025.

It may become necessary to amend this privacy policy as a result of the further development of our website and services or due to changes in legal or official requirements. The current privacy policy can be accessed at any time on this website.