We process your personal data in compliance with the applicable data protection regulations, in particular the EU General Data Protection Regulation (GDPR) and the Brandenburg State Data Protection Law (BbgDSG).

Party responsible for data processing:

University of Potsdam
represented by the President, Professor Oliver Günther, Ph.D.
Am Neuen Palais 10
14469 Potsdam
Phone: +49 331 977-0
Fax: +49 331-97 21 63

Data Protection Officer:

Dr. Marek Kneis
Am Neuen Palais 10
14469 Potsdam
Phone: +49 331 977-124409
Fax: +49 331 977- 701821
E-mail: datenschutz@uni-potsdam.de

Purpose of data processing:

The data is collected for the purpose of enrollment and the purposes specified in Section 1 of the University Statistics Law (HStatG).

Legal foundation for data processing

The legal bases of data processing are provided by: Art. 6 subsection 1 (e) GDPR in conjunction with Section 14 subsection 9 BbgHG, Sections 3 and 4 HStatG, Sections 1 ff. BStatG, and the enrollment regulations of the University of Potsdam as amended. If you do not provide the data required for enrollment, including the required proof of a university entrance qualification and other qualifications, the proof of which is required for admission to the selected degree program in accordance with the provisions of the BbgHG and the enrollment regulations of the University of Potsdam, you cannot enroll.

Duration of data storage

If your application is not successful and enrollment does not take place, your data will be deleted 12 months after completion of the procedure. In the event you do enroll, data storage is not limited in time; regular checks are carried out on the necessity of continued storage.

Transfer of data to third parties

During the application phase, your data will not be passed on to third parties.

After enrollment, your data stored by the Division of Student Affairs can be transferred to the following offices under the conditions of the respective legal bases listed below:

  1. Receiver: Statutory health insurance company; Legal basis for data transmission: Sect. 199a Para. 3 SGB V; Categories of data transmitted: The date of enrollment of the student and the beginning of the semester; The end of the semester at which the membership in the university ends (de-registration); the beginning of a doctoral program.
  2. Receiver: German Pension Fund; Legal basis for data transmission: Section 67a subsection 2 no. 2 b) bb) SGB X, Sections 6, 8 BbgDSG; Categories of data transmitted: Date of enrollment; continuation of studies; date of de-registration; completion of studies.
  3. Receiver: Division for Educational Financial Aid (BAföG): ; Legal basis for data transmission: Section 48 subsection 3 BAföG; Categories of data transmitted: Expert opinions on educational status; further data may also be submitted on the following legal basis: Section 15 subsection 2 BAföG, Sections 3-7 SGB X, Sections 6-8 BbgDSG; Categories of data submitted: Continuation of studies; change of academic institution; completion of studies; date of de-registration; periods of leaves of absence.
  4. Receiver: The Family Office (Familienkasse); Legal basis for data transmission: Section 32 subsection 4 sentence 1 no. 2 EStG; Sections 93 subsection 1 sentence 2, 111 AO, Sections 6-8 BbgDSG; Categories of data transmitted: Use of semesters on leave of absence.
  5. Receiver: Foreigners’ Registration Office (Ausländerbehörde); Legal basis for data transmission: Section 16 subsection 2 sentence 5 AufenthG; Categories of data transmitted: Information on remaining certificates of achievement, which must still be provided for the completion of the respective studies at the time of the request from the Foreigners’ Registration Office, and the estimated further duration of the studies.
  6. Recipient: SER eGovernment Europe GmbH and subcontractors in individual cases of maintenance of the Doxis4 document management system; a commissioned data processing agreement was concluded as a basis.

Your rights:

You have the right to request from us information about the processing of personal data pertaining to you. This right to information includes, in addition to a copy of your personal data, the purposes of data processing, data recipients and the duration of storage.

If incorrect personal data is being processed, you can request that we immediately correct this data. If the legal conditions arising from Section 17 and 18 of the GDPR are met, then you also have the right to the deletion of personal data or to the restriction of data processing. Please note that restricted data processing might not be possible depending on the circumstances. You have the right to receive your personal data in a structured, common, and machine-readable format or to request that it be transfered to another responsible person (Article 20 of the GDPR). Moreover, you can object to the processing under the conditions specified in Article 21 of the GDPR.

We would like to ask that you contact the following person if you wish to exercise the aforementioned rights of objection, correction, deletion, data transfer, or restricted processing:

Division of Student Affairs
Dr. Sabina Bieber, Head of Division
Am Neuen Palais 10
14469 Potsdam
Phone: +49 331 977- 1016
Fax: +49 331 977- 1065
E-mail: sabina.bieber@uni-potsdam.de.

You can also alternatively send a request for information to the Chief Information Officer (University of Potsdam, Karl-Liebknecht-Straße 24-25, 14476 Potsdam). You can download the form for information requests from the Chief Information Officer’s website (https://www.uni-potsdam.de/de/praesidialbereich/praesident-vizepraesidenten/cio.html).

If you believe that the processing of your personal data is not being done in a lawful way, then you have the right to submit a complaint to the responsible supervisory agency for data protection.

The data specified in the following will be processed within the scope of applications in the Campus Management System of the University of Potsdam as well as in the service portal for applications, “hochschulstart.de”.

Information on specific processing

Processing of log data (access data): When using the website, the access to pages, whether access was successful, the time, the transferred data volume and the IP address of the requesting computer are collected to identify errors. The storage of the IP address is shortened so that identification is not possible or only with an effort that is out of proportion to the knowledge gained by the requesting connection. The stored log data is automatically deleted after 18 months at the latest. Stored log data is automatically deleted after one year in the case of applicants who have not been admitted, unless there is a justification for continuous data processing (for example, for defense in a court admission dispute procedure).


A user account is required for the use of non-public areas of the website, such as applicant management. The following personal data are absolutely necessary to create an account: Last name, first name, sex, date of birth, place of birth, nationality, address, e-mail address and a password of your choice.

Without all of this data, it is not possible to assign a user account, which means that the non-public areas of the website cannot be used. Processing is done in accordance with Section 6 subsection 1 letter e of the GDPR in conjunction with Section 14 subsection 9 of the Brandenburg Higher Education Act for the purpose of limiting access to non-public, protected parts of the University of Potsdam’s website to registered users. Account data is not transmitted to external parties. Deletion takes place upon the user's express request for deletion.

Automatic login for smartphones

When using the website with an account, it is possible to stay logged in with a smartphone. For this purpose, a cookie with the encrypted access data is stored on the end device. At the same time, a digital fingerprint of the end device is stored on the server. The digital fingerprint is calculated from several parameters. The following information is evaluated for this purpose:

The data used to identify the device is stored on the University's server. Storage and processing shall be based on consent pursuant to Art. 6 para. 1 sentence 1 lit. a GDPR, which shall be granted upon activation of automatic login by the user of the end device. A transfer to third parties shall not take place. The data is used exclusively for the unambiguous identification of the end device used in connection with the automatic login. An automatic login is only successful if the digital fingerprint matches and the user name and password can be decrypted and match the actual login data. If the automatic login is not used for four weeks, it is automatically deleted. In addition, the user can withdraw the automatic login at any time via the settings in his/her account, for example if the smartphone has been lost. By storing the above data on the respective end device, the user can also keep several of his/her end devices separate in his/her account and, if necessary, deactivate the automatic login also for individual end devices. The data processing carried out before such a revocation remains legitimate through the consent that exists until the revocation.


This application uses cookies, i.e. small files with short texts for technical processing. Without cookies – for example, if they are deactivated in the browser – it is not possible to fully use this application.