Privacy Policy

• Download Data Privacy Policy (in English)
• Download Data Privacy Policy (in German)

Safeguarding your privacy is particularly important to Rhine-Ruhr 2025 FISU Games gGmbH (“RR2025 gGmbH” or “we“). Therefore, we only process your personal data if we are legally permitted to do so. The General Data Protection Regulation (GDPR) provides such legal permission. We take the data protection requirements of the GDPR into account in our processes and procedures. Among other things, we are required to inform you about which personal data we process for which purpose and for how long. In the following paragraphs, we will inform you in detail and comprehensively about the handling of your personal data, which we process when you visit our website at https://umedia-education.org/ (“Website“) and use our offers as part of the U-Media project. Personal data comprises any data with which you can be personally identified.

I. Data Controller

1. Name and address of the Data Controller

Responsible for the processing of your personal data in accordance with Art. 4 No. 7 GDPR and other national data protection laws of the Member States as well as other data protection regulations for our website is:

Rhine-Ruhr 2025 FISU Games gGmbH,

represented by Mr Niklas Börger,

Nördlicher Zubringer 9-1, D-40470 Düsseldorf

Phone: +49 (0) 151 6066 5016,

Email: info@rhineruhr2025.com

Responsible person means the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data.

2. Data Protection Officer

You can reach our Data Protection officer at:

werning.com GmbH,

represented by Mr Thomas Werning

Dieselstraße 12, D-32791 Location

Phone: +49 5232 980-4700

E-Mail: teamDatenschutz@werning.com

II. General information on data processing

We only process your personal data insofar as is permissible by law. Personal data will only be disclosed or passed on in the cases described in para. II and III. Personal data will be deleted or protected by technical measures (e.g. anonymisation) as soon as the purpose of the processing no longer applies. This is also done if a prescribed storage period expires unless there is a need for further storage of the personal data for a different storage purpose. Unless we are required by law to store it for a longer period of time or disclose it to third parties (in particular law enforcement authorities), the decision as to which personal data is processed by us depends on how you use our ticket website.

Please note that links on our website may take you to other websites or web offers that are not operated by us, but by third parties. Such links are either clearly marked by us or are recognizable by a change in the address line of your browser. We are not responsible for observing the data protection provisions and for a secure handling of your data on these internet sites operated by third parties.

III. Data processing when visiting our website (log files)

When visiting and using our website for information purposes only, the browser you use on your device automatically sends information to the server of our website and temporarily stores it in a log file (“server log files“). The following information is collected and stored until it is automatically deleted:

• anonymised by the last octet,
• date and time of access,
• name and URL of the accessed file,
• the website from which access is made (referrer URL),
• browser used and, if applicable, the operating system of your device as well as
• the name of your access provider.

The data listed will be processed by us for the following purposes:

• ensuring a smooth connection to the website,
• ensuring comfortable use of our website,
• Reviewing and ensuring system security and stability, as well as
• for other administrative purposes.

The legal basis for the processing of data is Art. 6 1 sentence 1 letter f DSGVO. Our legitimate interest derives from the aforementioned purposes for data collection. Under no circumstances will we use the data collected for the purpose of drawing conclusions about you. We do not merge this personal data with other data sources. The data will only be disclosed or passed on if it is necessary for the operation of our ticket website, e.g. when it is stored by our host provider. A transfer to a third country or to an international organisation is not intended.

IV. Data processing when using individual services on our website

As part of the U-Mediaproject (“project“), we offer the following services and offers, which you can use or participate in, and which can be accessed via our website:

• U-Media Student Newshub,
• U-Media Ambassadors,
• Contact form,
• Commenting function and
• Newsletter.

We collect personal data from you – if you decide to use or participate in these services.

1. U-Media Student Newshub

The U-Media Student Newshub, available at https://umedia-education.org/student-newshub/, offers students the opportunity to publish news articles about the Rhine-Ruhr 2025 FISU Games available to the general public via the Internet (“Newshub“). If you would like to use this offer, we will request the following personal data from you via the Student  Newshub Submission Tool, which is available at https://forms.office.com/e/F8jhwvJ0fa:

• News article/photos,
• First name,
• Last name,
• Age,
• Country,
• City,
• University,
• University major,
• Email,
• Phone number.

Except for your contact details, the aforementioned data will be published by us as part of Newshub.

The aforementioned data will be processed in order to process and review your submitted contribution and then to select it in accordance with the General

To upload your contributions and the aforementioned data, we use the “Microsoft Forms” tool from Microsoft Corporation, One Microsoft Way, Redmond, WA 98052, USA (“Microsoft“). The mentioned data will generally not be passed on to third parties unless the data is intended to be passed on or is necessary for the fulfilment of the objective. Microsoft necessarily becomes aware of this data as a processor in accordance with Art. 28 GDPR as part of its service provision. Since the data collected about you may be transferred to countries outside the European Union, the order processing contract with Microsoft contains the EU standard contractual clauses according to Art. 46 para. 2 lit. c GDPR. In addition, Microsoft is certified according to the EU-US Data Privacy Framework (Art. 45 GDPR).

The data is stored in the Microsoft Cloud and retrieved by us from there. Insofar as there is no operational necessity, legal obligation or a special operational interest in permanent storage, all information will be deleted after their use case is no longer given.

Further information regarding data processing by Microsoft is available here: https://support.microsoft.com/de-de/office/sicherheit-und-datenschutz-in-microsoft-forms-7e57f9ba-4aeb-4b1b-9e21-b75318532cd9.

2. U-Media Ambassadors

In addition, you have the opportunity to become one of a total of 12 U-Media ambassadors as part of the project, where we select six ambassadors from Germany and six ambassadors from other EU countries. These will support media coverage in the Mixed Zones during the Rhine-Ruhr 2025 FISU Games for student athletes.

In order to become a U-Media Ambassador, it is necessary that you apply in accordance with the terms and conditions for the U-Media Ambassadors, available at https://umedia-education.org/u-media-ambassadors/regulations/. We also process your personal data for this. Please refer to the data protection information for the application and participation as a U-Media ambassador, available at https://multimedia.rhineruhr2025.com/u-media-ambassadors-data-privacy.

3. Project advertising/newsletter

RR2025 gGmbH takes measures to promote the project in a targeted manner. We will provide a digital e-mail newsletter (“newsletter“) for this particular purpose.

To sign up for the newsletter, you can either give consent during the upload process to publish articles in Newshub by clicking on the corresponding opt-in box or via our input mask on our website by entering your e-mail address.

The registration for our newsletter takes place in a so-called double opt-in procedure: After registration, you will receive an email asking you to confirm your registration. This confirmation is necessary to prevent registration with email addresses that do not belong to you. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. The record contains the time of subscription and confirmation as well as the relevant IP address.

The data provided when registering for our newsletter will be used exclusively for sending our newsletter informing you about any news about the project.

The newsletter will be sent on the basis of your consent in accordance with article 6 para. 1, sentence 1 lit. a) and art. 7 GDPR. The subscription procedure is recorded on the basis of our legitimate interests in accordance with article 6 para. 1, sentence 1, letter f GDPR. Our interest is based on the use of a user-friendly and secure newsletter system that serves our business interests as well as users’ expectations and also allows us to prove consent.

You can unsubscribe, i.e. revoke your consent, from receiving our newsletter at any time. A link to unsubscribe from the newsletter can be found at the end of every newsletter email. We will delete your data immediately after unsubscribing. Likewise, we will delete your data immediately in the event of an incomplete registration. We reserve the right to delete the data without giving reasons and without notifying you before or after the deletion.

4. Contact

It is possible to contact us via the e-mail addresses and phone numbers provided on our website. In this case, the personal data transmitted with the e-mail or telephone call and provided by you (name, e-mail address, your IP address as well as the date and time of the e-mail/call, telephone number) will be stored. The data will not be passed on to third parties in this context. The data will only be used in the context of your contact. The processing of personal data is therefore exclusively for the purpose of processing your contact request, in particular answering your question. In addition, the security of our IT systems is to be guaranteed. This is also the necessary legitimate interest in the processing of the data. The legal basis for the processing of the data transmitted in the course of sending an e-mail is Art. 6 1 sentence 1 letter f DSGVO. If your contact request aims to conclude a contract or if such a contract is concluded, the additional legal basis for the processing is Art. 6 para. 1 sentence 1 lit. b GDPR.

Personal data will only be processed for as long as necessary to answer your request. The data will be deleted as soon as it is no longer required to fulfil the purpose for which it was collected. This is the case when each respective conversation ends. The conversation is considered to have ended when it is evident from the circumstances that the matter at hand has been conclusively resolved.

5. Commenting function

You also have the opportunity to post comments on our website via the comment function. The following personal data is processed:

• Content of the comment,
• time of creation of the comment,
• email address and
• the username you have chosen.

The legal basis for this is your consent in accordance with Art. 6 1 sentence 1 lit. a GDPR, which you give us by uploading the comment. You can revoke your consent at any time without stating reasons and disadvantages. In the event of revocation, we will delete your data and, in particular, your comment immediately or restrict its use if there are other legitimate purposes for using the data.

V. Cookies on our website

In order to make your visit to our website attractive and to enable the use of certain functions, we use cookies on the various subpages of our website. These are small text files that are stored on your device and have various functions. Cookies do not damage to your end device, and do not contain viruses, trojans or other malware. Information is stored in the cookie which links to the specific end device which has been used. However, this does not provide us with direct information about your identity. Some of the cookies we use are deleted after the browser session ends, i.e. after you close your browser (these are so-called session cookies). Other cookies remain on your device and enable us or our partner companies (so-called third-party cookies) to recognise your browser on your next visit (so-called persistent cookies). If cookies are set, they collect and process certain user information such as browser and location data as well as IP address values on an individual basis. Persistent cookies are automatically deleted after a certain period of time, which may vary depending on the cookie. There are also cookies that serve to evaluate user behaviour or to display advertising (so-called analysis or marketing cookies).

We use technically necessary cookies as well as analysis and marketing cookies on our website. These can be found under the following link via our cookie consent tool: CookieYes (https://www.cookieyes.com/).

The purpose of using technically necessary cookies is to ensure the functionality and services of the website as well as to make it easier for users to use websites and thus ensure user-friendliness. Some functions of our website cannot be offered without the use of cookies. For this, it is necessary that your browser remains recognisable after you have changed websites. Marketing and analysis cookies serve to collect the statistical data on website use and to be able to analyse it for the purpose of improving the offer and thus to evaluate user behaviour or to display advertising.

With regard to functional or technically necessary cookies, the legal basis is our legitimate interest in the aforementioned factors in accordance with Art. 6 para. 1, sentence 1, letter f GDPR. We have a legitimate interest in storing cookies for the technically error-free and optimal provision of our services. We will only set marketing and analysis cookies if we have previously obtained your consent. The legal basis for this is Article 6 1 sentence 1 lit. a) GDPR.

Cookies are stored on your device and transmitted to our website. Therefore, as a user you have full control of the use of cookies. Our cookies are stored in your browser until they are deleted or, if it is a session cookie, until the session has expired. By changing the settings in your browser, you can disable or restrict the setting of cookies. Cookies which have already been saved may be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent. You can find out about this option for the most used browsers at the following links:

• Microsoft Internet-Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
• Mozilla Firefox: https://support.mozilla.org/de/kb/Cookies-blockieren
• Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=de
• Safari: https://support.apple.com/kb/ph21411?locale=de_DE

1. Consent to cookies via Cookie Consent Tool

This website uses the Cookie Consent Tool from CookieYes (https://www.cookieyes.com/) to enable the privacy-compliant use of certain cookies, scripts, or embedded content. In particular, various technologies can be integrated via the Cookie Consent Tool and managed on the basis of a legitimate interest or consent.

When you visit our website, the following personal data is transferred to CookieYes (https://www.cookieyes.com/):

• Your consent or the revocation of your consent
• Your IP address
• Information about your browser
• Information about your device
• Time of your visit on the website

Furthermore, the Cookie Consent Tool stores a cookie in your browser in order to be able to assign the given consents or their revocation to you. The data collected in this way will be stored until you ask us to delete it, delete the corresponding cookie itself or the purpose for storing the data no longer applies. Mandatory legal retention requirements remain unaffected.

The cookie consent tool is used to obtain the legally required consents for the use of certain technologies. The legal basis for this is Article 6 para. 1 sentence 1 lit. c) GDPR. We differentiate functional cookies and cookies for generating statistics. You can change the cookie settings at any time by clicking on “Cookie settings” at the bottom of our website.

2. Cookies that are processed when you give us your consent

2.1 Genially and third-party providers

On our website, we integrate (interactive) content from the provider Genially, GENIALLY WEB SL, PLAZA RAMÓN Y CAJAL, 4, 4º CP 14003 Córdoba, Spain (“Genially“). The following third-party external services are involved and corresponding connections to the third-party providers are established or cookies are set.

2.1.1 Google Analytics

For web analysis, we use Google Analytics, Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (“Google“) through Genially on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a) GDPR. For this purpose, cookies are used, which generate information about your use of the online offer. This information is usually transmitted to a Google server in the US and stored there.

Google will use this information to evaluate the use of our online offer, to compile reports on the activities within the online offer and for other services related to the use of this online offer and Internet use for us, where pseudonymous usage profiles can be created from the processed data.

We only use Google Analytics with activated IP anonymisation, which means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Your IP will be transferred to a Google server in the USA and shortened there in exceptional cases only. The IP address transmitted by your browser will not be connected with other data by Google.

We have entered into a contract with Google to outsource our data processing in accordance with art. 28 GDPR and have fully implemented the strict requirements of the German data protection authorities when using Google Analytics. Since the data collected about by Google may be transferred to countries outside the European Union, the order processing contract contains the EU standard contractual clauses according to Art. 46 para. 2 lit. c GDPR. In addition, Google is certified according to the EU-US Data Privacy Framework (Art. 45 GDPR).

You can prevent the storage of cookies by setting your browser software accordingly; you can also prevent the collection of the data generated by the cookie and related to your use of the online offer by Google and the processing of this data by Google by downloading and installing the browser plug-in available at the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

Further information on Google’s use of data for advertising purposes, setting and objection options can be found on Google’s websites:

• https://www.google.com/intl/de/policies/privacy/partners/
• http://www.google.com/policies/technologies/ads.

2.1.2 Google Fonts

Our website also uses (in some cases also through Genially) external fonts from Google Fonts on the basis of our legitimate interest in n an appealing presentation of our website accordance with Art. 6 para. 1 sentence 1 lit. f GDPR. Google Fonts is also a service of Google.

When you visit our website, the fonts are loaded via the Google Fonts API. Through this external retrieval, data is transmitted to Google’s servers, which may be located outside the EU (in particular in the USA). Among other things, Google receives information that you or your IP address have accessed our website. The Google Fonts API was developed with the aim of limiting the use, storage, and collection of data from end users to the extent necessary for the proper provision of fonts. According to its own information, Google generally deletes transmitted IP addresses after one (1) year at the latest.

For more information, please refer to Google’s privacy policy at the following links:

• https://developers.google.com/fonts/faq/privacy?hl=de
• https://policies.google.com/privacy?hl=de

2.1.3 Google Tag Manager

Genially also uses Google Tag Manager. This service allows websites to be managed through an interface. The Google Tag Manager only implements tags. This means that no cookies are used, and personal data are not collected. The Google Tag Manager triggers other tags that capture data again, if necessary. However, the Google Tag Manager does not access this data. If deactivation occurs at domain or cookie level, it remains in use for all tracking tags, insofar as they are implemented with Google Tag Manager.

2.2 Matomo

For analysis purposes, we use the open-source web analysis service Matomo (formerly PIWIK), a service of provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, which stores a web analysis cookie in your browser in order to collect and store data for marketing and optimization purposes. The software sets a cookie on your device that can be used to recognise your browser. This stores the following data:

• the user’s IP address, shortened by the last two bytes (anonymised)
• the subpage accessed and time of access
• the page from which the user came to our website (referrer)
• which browser with which plugins, which operating system and which screen resolution is used
• the duration of stay on the website,
• the pages that are accessed from the accessed subpage

The data collected through Matomo is stored on our own servers. It will not be passed on to third parties. In the event that this data is passed on to Matomo, we comply with the guarantees under Section IV.

The legal basis for the processing of your data is the consent given by you via the Cookie Consent Tool (Art. 6 para. 1 sentence 1 lit. a) GDPR). Matomo also takes into account the “Do-Not-Track” setting of modern browsers.

Further information on the privacy settings of the Matomo software is available here: www.matomo.org/docs/privacy/.

VI. Transmission of data

Personal data will not be transmitted to third parties for purposes other than those listed below. We will only disclose your personal data to third parties if:

1. you have given your express consent in accordance with Art. 6 para. (1) sentence 1 (a) GDPR,
2. the disclosure in accordance with Article 6 para. 1 sentence 1 lit. f) GDPR is required for the assertion, exercising or defence of legal claims and there is no reason to believe that you have an overriding interest in not disclosing your data,
3. in case the disclosure is required by law as defined in Article 6 para. 1 sentence 1 lit. c) GDPR,
4. this is legally permissible and necessary for the performance of a contract with you according to Article 6 para. 1 sentence 1 lit b) GDPR or
5. this is done by a service provider acting on our behalf and on our exclusive instructions, whom we have carefully selected (Art. 28 Para. 1 GDPR) and with which we have a corresponding contract for processing (Art. 28 para. 3 GDPR), which obliges our contractor, among other things, to implement appropriate security measures and grants us comprehensive control.

V.II Duration of storage

All your data will be deleted if it is no longer needed for the purposes for which it was collected.

On the basis of proof and retention obligations in accordance with § 147 Fiscal Code, we are obliged to store or document certain documents/records for up to ten years, starting at the end of the calendar year of creation. After expiration of this period, the data will be deleted.

VIII. Data subjects’ rights

As a data subject, you have various rights: the right to information from the responsible person regarding relevant personal data (Art. 15 GDPR) and to correction (Art. 16 GDPR) or deletion (Art. 17 GDPR) or to restriction of processing (Art. 18 GDPR) as well as a right to data portability (Art. 20 GDPR).

In the case of processing procedures that are based on an overriding legitimate interest (Art. 6 para. 1 sentence 1 lit. f GDPR), you have the right to object to the processing in accordance with Art. 21 GDPR.

In the case of data processing for direct marketing on this basis, you can object without stating reasons.

If your personal data is processed on the basis of your consent in accordance with Art. 6 1 sentence 1 lit. a GDPR, you have the right to revoke your consent at any time without stating reasons. As a result, we will no longer be allowed to continue processing data based on this consent in the future. Withdrawal of consent does however not affect the legality of processing conducted based on your consent before its withdrawal.

If you are also of the opinion that our data processing violates data protection law, you have the right to complain to a data protection supervisory authority of your choice (Art. 77 GDPR in conjunction with § 19 BDSG, Federal Data Protection Act). This also includes the data protection supervisory authority responsible for us:

Landesbeauftragte für Datenschutz und Informationsfreiheit

Nordrhein-Westfalen

Postfach 20 04 44

40102 Düsseldorf

Phone: +49 211/38424-0

Fax: +49 211/38424-10

E-Mail: poststelle@ldi.nrw.de

To assert your rights as a data subject, with the exception of the right to appeal to the supervisory authority, an email to teamDatenschutz@werning.com suffices.

IX. Data security

We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorised access by third parties. We continuously adapt our security measures in line with technological developments.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling both physical access to the data and associated access, input, transmission, security of availability, and its separation. We have also established procedures which guarantee the exercise of the rights of data subjects, deletion of data, and reaction to risks concerning the data. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software, and procedures in accordance with the principle of data protection through technology design and data protection-friendly defaults.

Please note that data transmitted via the internet (e.g., via email communication) may be subject to security breaches. Complete protection of data against access by third parties is not possible.

X. Updates and amendments to this privacy policy

We reserve the right to adjust the content of this privacy policy at any time. This is usually done in the event of further development or adaptation of the services or due to changes in legal or official requirements. You can view the current privacy policy on our website at any time at https://umedia-education.org/data-privacy/.

Last updated: April 2025