Skip to main content

Data Privacy Statement

for Goethe University’s Social Media Accounts

Privacy Policy containing Information on the Processing of Personal Data in the Form of Photographs, Film and Audio Recordings on Goethe University Frankfurt’s Website, as well as Notes and Rules of Conduct for the University’s Social Media Accounts

In case of doubt in the interpretation of the English version of the privacy policy, the German version shall prevail.

With these data protection notices, Goethe University Frankfurt (hereinafter also referred to as “GUF”) meets its obligation to provide information regarding the above-mentioned processing of personal data in accordance with Article 13 of the General Data Protection Regulation (GDPR). Additional information can be found in GUF’s privacy policy (https://www.goethe-university-frankfurt.de/173050136/Privacy_Policy). 

For definitions of further terms such as “personal data”, “processing”, “controller”, “third party”, etc., please refer to Article 4 of the GDPR.

 

I. Introduction

As part of its press and public relations work, Goethe University Frankfurt uses not only the official websites www.uni-frankfurt.de (English: https://www.goethe-university-frankfurt.de/en) and the web magazine www.aktuelles.uni-frankfurt.de (English: https://aktuelles.uni-frankfurt.de/english/), but also various social media accounts on different platforms. These include LinkedIn, Instagram, Bluesky, Facebook, and the video platform YouTube. The following privacy policy as well as behavioral guidelines apply to these social media accounts.

The data processing associated with these platforms enables immediate and rapid interaction with users on current topics, information, and decisions of Goethe University Frankfurt in an accessible and contemporary language. To protect personal data, GUF limits its use of these accounts to content related to its press and public relations work.

Links in social media posts refer to the university’s websites, where related information is provided. Occasionally, and for informational purposes only, Goethe University Frankfurt also refers to third-party content on its social media channels. In such cases, the privacy policies of these third-party providers apply.

User can access GUF’s social media channels from the websites – typically via the footer section of the page where logos of the relevant platforms are linked through so-called hyperlinks. Clicking these results in the transfer of personal data to third parties.

Please do not share any personal data – e.g., in posts, comments, or reposts – on our social media channels. We kindly ask that you use our official communication channels (post, phone, email) for any personal inquiries.

All interactions with our social media accounts (sharing, liking, rating, commenting, or quoting posts) are publicly visible. This applies both to third-party actions involving GUF posts and vice versa.

These platforms do not handle administrative services (e.g., submission of formal complaints, statements, or reports) and communication beyond their stated use. We kindly ask that you refer to our regular contact channels (post, phone, email) for such inquiries.

 

2. Contact Details

The legal entity in charge of the processing is Johann Wolfgang Goethe University Frankfurt am Main, a university of the federal state of Hesse, legally recognized as a public foundation under German law, and represented by President Prof. Dr. Enrico Schleiff. 
 

a) Controller: 
Goethe University Frankfurt
60629 Frankfurt
Germany
Phone: +49 (0)69 7980
www.uni-frankfurt.de

b) Information Processing:

The Internet pages of Goethe University’s central administration are managed by the PR & Communications Office – https://www.goethe-university-frankfurt.de/130441595/PR___Communication

Phone: +49 (0)69 7980
Email: webmaster@uni-frankfurt.de
 

c) Data Protection Officer:

You can reach GUF’s data protection officer under the postal address listed above or via:
Phone: +49 (0)69 798 12238
Email: dsb@uni-frankfurt.de 
https://www.goethe-university-frankfurt.de/173050136/Privacy_Policy

 

III. Information on the Processed Personal Data

In the context of publishing photos, videos, and audio recordings on GUF’s website and social media pages, the following personal data may be processed:

  • Photographs (individual or group shots)
  • Videos (individual or group shots), video statements, or interviews
  • Audio recordings (e.g., podcast content, social media videos/reels)
  • Possibly: first and last names or usernames
  • Possibly: degree program, number of semesters, and professional/academic background
  • Possibly: publications or publication lists
  • Possibly: employment status, department
  • Possibly: e-mail or phone number (for contact purposes only, not shared with third parties)

 

IV. Purposes of and Legal Basis for Processing

GUF places great importance on data protection. Personal data is processed in accordance with the GDPR, Hesse's Data Protection Act (HDSIG), and Germany’s Art Copyright Act (KUG), for purposes such as:

Individual or group photos of university employees, e.g. (select) members of a department, serve to enhance the university’s public presence, its information and communication work, as well as its website content. 

The legal basis for the publication of group or individual photos where the people are not the focus but serve as part of event documentation is Article 6(1)(e), (3) GDPR in conjunction with §3(3) HessHG and §24 HDSIG. 

The legal basis for publication of other group or individual images on the university’s Intranet, its web pages and social media platforms is consent in accordance with Article 6(1)(a) GDPR and §22 KUG.  

Additional information on the legal basis is contained in the relevant paragraph on Goethe University Frankfurt’s Social Media Account. 

 

V. Retention Period and Data Deletion

GUF will store your personal data as long as needed for the stated purposes in accordance with IV, as mandated by a legal contract, or by legal obligations. Afterwards, the data will be deleted. 

 

VI. Data Subject Rights 

You may exercise the following rights under the GDPR at any time:

  • Right to access information on whether and what personal data has been processed (Art. 15 GDPR). The restrictions outlined in § 33 HDSIG apply.  
  • Right to rectification or completion of the data (Art. 16 GDPR)
  • Right to data erasure (Art. 17 GDPR). The restrictions outlined in § 34 HDSIG apply.
  • Right to restriction of data processing (Art. 18 GDPR)
  • Right to object to the future processing of personal data (Art. 21 GDPR)
  • Right to withdraw consent at any time. This does not affect the legality of the data processed in accordance with the approval given until the time of such a withdrawal. (Art. 7(3) GDPR) 

If you feel like your data was processed in a manner violating with GDPR, you may also lodge a complaint with a supervisory authority, as outlined in Art. 77 GDPR:

Hessian Commissioner for Data Protection and Freedom of Information

P.O. Box 3163, 65021 Wiesbaden, Germany
Phone: +49 (0)611 14080
Email: poststelle@datenschutz.hessen.de

We kindly ask that you contact our Data Protection Officer first so that we may try to resolve your concern directly.

 

VII. Social Media Data Processing 

GUF advises that social media platforms process user data (e.g. personal information, IP addresses, device and location data, network provider, as well as information on website visits and other data) according to their own privacy policies, and – with the exception of Bluesky – also for commercial purposes. GUF has no control over how these platforms collect or use your data, and cannot verify

  • where and for how long which volumes of your data is stored,
  • whether data is deleted when required,
  • how data is analyzed or combined,
  • with whom data is shared.  

 

Goethe University Frankfurt points out that most of these platforms process data globally, especially in the U.S., which involves third-country transfers that may pose risks to your data rights. See the platforms’ privacy policies for details: 

If you wish to avoid third-country data transfers, please do not contact GUF via social media. Use standard channels instead. We would like to advise that responsibility for usage of these platforms and their functions rests with the user. This applies in particular to the public usage of interactive functions offered by US platforms (e.g. commenting, sharing, liking). 

The following contains details on the social media platforms used by Goethe University Frankfurt.

 

a) LinkedIn

Goethe University Frankfurt operates a company page under joint responsibility with LinkedIn on the platform operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”). 

LinkedIn uses cookies and similar technologies (e.g., web beacons, pixels, ad tags, and device identifiers) to collect information that allows it to recognize users and conduct comprehensive behavioral analysis. LinkedIn provides GUF with anonymized analytical insights into user interactions with its page. This enables GUF to evaluate how its LinkedIn presence is being used and helps guide its communication efforts.

LinkedIn can also use the collected data to create user profiles, allowing it to deliver targeted advertisements both on and off the platform. If you are logged into your LinkedIn account while visiting GUF’s LinkedIn page, your activity may be linked to your account.

Processing of personal data on LinkedIn by Goethe University Frankfurt:

While GUF processes data on LinkedIn, it does not collect any data. 

Data you voluntarily provide on LinkedIn – such as your name and the content you publish under your account – may be processed by GUF, for example, by sharing your post via the university’s LinkedIn company account (@Goethe-Universität Frankfurt) [https://de.linkedin.com/legal/privacy-policy], responding to your posts, or referencing your profile in its own posts. GUF may also respond to direct messages via the LinkedIn messenger tool.

Any content you make public on LinkedIn may be visible to GUF followers and may be integrated into GUF’s own offerings. Aside from this, Goethe University Frankfurt does not collect or store any additional personal data through the operation of its LinkedIn page @Goethe-Universität Frankfurt unless necessary to respond to inquiries or comments. The sole function of the LinkedIn page is to meet the university’s information and communication needs. 

The information and contact details provided by you determine which data can be collected. Please refrain from making any personal data available while using LinkedIn.  

GUF has entered into a joint controller agreement with LinkedIn in accordance with Article 26 GDPR, outlining shared responsibilities for the company website operated on the platform. Under this agreement, LinkedIn assumes key data protection obligations, including handling data subject rights (Articles 12–23 GDPR), implementing relevant technical and organizational measures, and managing data breach notifications. If you contact GUF about your rights, your request will be forwarded to LinkedIn. 

More information on the agreement is available at [https://www.linkedin.com/help/linkedin/answer/a1338708/ and https://legal.linkedin.com/pages-joint-controller-addendum].

 

b) Instagram and Facebook

Goethe University Frankfurt operates Instagram and Facebook fan pages via Meta Platforms Ireland Ltd., Merrion Road, Dublin 4, D04 X2K5, Ireland.

When you visit GUF’s fan pages, Meta collects your IP address and other information via cookies stored on your device – whether or not GUF is involved. These cookies may already be present unless you deleted them beforehand. Meta provides details about its use of cookies in its Cookie Policies: [https://www.facebook.com/privacy/policies/cookies and https://privacycenter.instagram.com/policy/].

In addition to processing this data, Facebook owner Meta may also transfer it to countries outside the EU, including the USA. These transfers are based on the EU Standard Contractual Clauses, such as the META EU-Data-Transfer Addendum [https://www.facebook.com/legal/EU_data_transfer_addendum] and the META Standard Clauses [https://de-de.facebook.com/help/566994660333381]. Meta is certified under the EU-US Data Privacy Framework [https://privacycenter.instagram.com/policies/data_privacy_framework/] (DPF) – an agreement between the European Union and the United States intended to ensure compliance with European data protection standards for data processing activities in the U.S. Every company certified under DPF commits to upholding these data protection standards.

Details on which information Facebook receives and how it uses this are available in the company’s data privacy policy [https://www.facebook.com/privacy/policy/]. This also includes information on contact options and ad settings.

GUF points out that Meta can track user activity across websites using cookies (if users are logged in, this applies to all devices). This applies to both registered and non-registered users.

To avoid this tracking:

Log out of your Facebook account and/or disable the “stay logged in” function. Clear cookies from your device. Restart your browser.

This deletes all Facebook information through which you can be identified and ensures your Facebook ID is not automatically linked when you visit GUF’s Facebook page.

According to Meta, data is retained until it is no longer needed for the service or until the user account is deleted. Storage duration depends on context and legal requirements. Further information is available in Facebook’s data privacy policy: [https://www.facebook.com/privacy/policy/].

Data processing by GUF on Instagram and Facebook:

GUF processes the data you share on your Facebook page – including your username and public posts – by sharing or commenting on posts published by your account. The only other instances of data processing are limited to necessary interactions, like responding to requests or comments. GUF also receives aggregated, anonymized statistics from Meta about the usage of its Instagram and Facebook pages.

 

c) Bluesky

Goethe University Frankfurt also operates an account on Bluesky (https://bsky.app/profile/goetheuni.bsky.social) and here, too, emphasizes that users engage with this platform at their own discretion, particularly regarding interactive features such as comments, reactions, and shares.

When you interact with GUF’s content on Bluesky, your interactions are processed by the platform and the data collected as a result may be transferred to countries outside the EU.

Bluesky provides options to control your privacy preferences. Details on user rights and settings can be found under “6. Your Privacy Choices and Rights” in their policy: https://bsky.social/about/support/privacy-policy#privacy-choices (as of March 14, 2025).

Bluesky collects personal data, such as your e-mail address and date of birth, either through user input, automatically via its services (as outlined in its privacy policy), or from third parties.

 

d) YouTube

Goethe University Frankfurt runs a YouTube channel on the video platform operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. GUF points out that use of YouTube – including liking, commenting, and subscribing – is at the user’s own discretion.

When visiting GUF’s YouTube channel, Google processes your personal data and stores cookies on your device. Further information is available here [https://policies.google.com/privacy]. This policy also explains that Google may share data with Google Inc. (USA) and other third parties outside the EU. Google is certified under the EU-US Data Privacy Framework.

If you are logged into your Google account, your activity may be linked to your YouTube profile. To avoid this, log out of your account before visiting our page. More information on YouTube’s privacy settings is available here [https://www.youtube.com/intl/ALL_de/howyoutubeworks/user-settings/privacy/].

Data processing by GUF on YouTube:

GUF may process the data you share on your YouTube account – including your username and public posts – by sharing or commenting on posts published by your account. The only other instances of data processing are limited to necessary interactions, like responding to requests or comments.

 

VIII. Validity of This Privacy Policy

We reserve the right to update this privacy policy to reflect changes in legal requirements or to improve clarity. The current version is dated March 14, 2025.