Privacy Policy
1. Scope
1.1 The following privacy policy applies to the use of the website (hereinafter also referred to as platform) www.thesis-elearning.com and the services offered through it. This website is offered by RyT Education GmbH, Niederstraße 2, 40789 Monheim am Rhein as the controller within the meaning of Art. 4 EU General Data Protection Regulation ('GDPR').
1.2 This privacy policy informs you pursuant to Art. 12 et seq. GDPR about the handling of your personal data when using our website. In particular, it explains what data we collect and what we use it for. It also informs you about how and for what purpose this is done.
1.3 When you use this website, different personal data is processed depending on the type and scope of use. Personal data is information that relates to an identified or identifiable natural person (hereinafter 'data subject'); a natural person is considered identifiable if they can be identified directly or indirectly (e.g., by assignment to an online identifier). This includes information such as name, address, phone number, and date of birth.
1.4 This page has been translated into several languages. The German version is authoritative.
2. General Data Collection and Processing of Voluntarily Provided Data
Data protection is not a simple topic and can sometimes be difficult to understand. To help you fully understand our privacy policy, you can find the official explanations from the General Data Protection Regulation (GDPR) at the following link: https://gdpr-info.eu/art-4-gdpr/.
Essentially, this website uses data so that you can use Thesis-Elearning.com optimally. For example, we store your thesis progress to show you content that is relevant to you. Of course, we don't just store your data indefinitely. There are legal retention periods (e.g., from commercial law and tax law) that we comply with. After the respective period expires, the corresponding data is routinely deleted. For example, you can delete your profile with just a few clicks. We will then remove your profile within a period of 30 days.
2.1 Automated Data Collection and Processing by the Browser
2.1.1 As with every website, our server automatically and temporarily collects information in the server log files that is transmitted by the browser, unless you have disabled this:
- IP address of the requesting connection
- Type of event
- Client file request
- HTTP response code
- Referrer URL
- Date, time, and duration of server request
- Browser type and version
- Type of device
2.1.2 The storage of server log files is technically necessary to provide a functioning website and ensure system security. This also applies to the storage of your IP address, which is necessarily carried out and may, under certain conditions, at least theoretically enable identification of your person. Beyond the aforementioned purposes, we use server log files exclusively for needs-based design and optimization of our internet offering in a purely statistical manner and without drawing conclusions about your person. The data mentioned in section 2.1, with the exception of the IP address, is also collected and processed by additional programs for statistical evaluation. No personal data is stored during the evaluation. Anonymized usage profiles are created from the collected data. Cookies or other tracking tools (see generally section 3) may be used for this purpose. The data collected via the statistics program cannot be used to personally identify the website user, as the data is not combined with personal data. The access data collected during the use of our website is only retained for the period for which this data is needed to achieve the aforementioned purposes. Your IP address is stored on our web server for a maximum of 7 days for IT security purposes.
2.1.3 If you visit our website to inform yourself about our product and service offering or to use it, the basis for the temporary storage and processing of the server log files is Art. 6 para. 1 sentence 1 lit. b GDPR (legal basis), which permits the processing of data for the fulfillment of a contract or for carrying out pre-contractual measures. Furthermore, Art. 6 para. 1 sentence 1 lit. f GDPR serves here as the legal basis for the temporary storage of technical access data. Our legitimate interest in this regard is to be able to provide you with a technically functioning and user-friendly website and to ensure the security of our systems.
2.2 Data Collection and Processing in the Course of Using our Service
2.2.1 When you use our website, we automatically collect and store information in so-called server log files. This information is automatically transmitted by your browser or device to our server or to our hosting company's server. This includes:
- IP address of the user's device
- Device used
- User's operating system
- Browser type and version if applicable
- Name of the requested file
- Time of the server request
2.2.2 Registration: To use our website, you must create a user account. We need this so that you can use Thesis-Elearning.com on multiple devices, for example, or to ensure that your learning progress is not lost. During registration, we collect the following additional data:
- First name
- Last name
- What are you studying? (optional)
- Where are you studying? (optional)
- Were you referred by a friend? (optional)
- Password
The processing of this data is necessary for you to use Thesis-Elearning.com at all. If you are interested in the legal bases for this, you can find them in the GDPR under Art. 6 para. 1 lit. b) GDPR for the performance of a contract and under Art. 6 para. 1 lit. f) GDPR based on our legitimate interest. Our legitimate interest here is the provision of our online service.
Your data will be deleted as soon as the user account on our website is deleted (specifically on the 'Profile' page in the 'Account Security' section and then 'Delete Account') and as long as there are no legal retention obligations. We deactivate your account immediately and delete it after 30 days. You can change your data or completely delete your user account. You can easily find this function in your profile. If you have any problems with this, you can contact our support at any time and we will implement your request immediately.
2.2.3 Optional Profile Information: After registration and in your profile, you can provide additional optional information that helps us improve and customize our service for you. This data is voluntary and can be changed or deleted in your profile at any time. This includes the following data:
- WhatsApp number
- University/College
- Course of study
- Type of thesis
- Title of thesis
- Expected completion date
2.2.4 Contact via Email, WhatsApp, Contact Form, or General Contact: When you submit inquiries to us via the contact form or through one of the specified contact methods, your message/communication (comment) including the contact details you provided will be stored and processed accordingly for the purpose of handling and responding to your inquiry and for any follow-up questions. We do not share this data with third parties unless this is necessary for processing and responding to your contact request or you have given us your corresponding consent. If you contact us within the scope of an existing contractual relationship or contact us in advance for information about our services or other offerings, the data and information you provide will be processed for the purpose of processing and responding to your contact request in accordance with Art. 6 para. 1 sentence 1 lit. b GDPR (legal basis), and otherwise to protect our legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f GDPR for the appropriate handling of customer/contact inquiries. The data you enter in the contact form remains with us until the purpose for data storage/processing no longer applies (e.g., after your inquiry has been processed). Mandatory legal provisions – particularly retention periods – remain unaffected.
2.2.5 Email Newsletter: By registering on our website, you give us your consent to subscribe to our email newsletter, allowing us to inform you about our current interesting offers (particularly including topics related to studying and career entry). We store your used IP addresses and registration timestamps. The purpose of storage is to verify your registration and to investigate any possible misuse of your personal data. Required information for sending the email newsletter are name, first name, and email address. After your registration, we store your provided data for the purpose of sending the email newsletter (legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR and § 25 para. 1 sentence 1 TTDSG). You can revoke your consent to receive the email newsletter at any time and unsubscribe from the email newsletter. You can declare the revocation by clicking on the link provided in every newsletter email.
We inform you that we analyze your user behavior when sending the newsletter. For this analysis, the sent emails contain so-called web beacons or tracking pixels, which are single-pixel image files stored on our website. For the analysis, we link the data mentioned in section 2 and the web beacons with your email address and an individual ID. With the data obtained in this way, we create a user profile to tailor the newsletter to your individual interests. We record when you read our newsletters, which links you click in them, and deduce your personal interests from this. We link this data with actions you have taken on our website. You can object to this tracking at any time by clicking on the separate link provided in every email or by informing us through another contact method. The information is stored for as long as you are subscribed to the newsletter. After unsubscribing, we store the data purely statistically and anonymously.
The newsletters are sent using the email service provider Mailchimp. The service provider may use the recipient data in pseudonymous form, i.e., without assignment to a user, to optimize or improve their own services, e.g., for technical optimization of the sending and presentation of newsletters or for statistical purposes. However, the service provider does not use the data of our newsletter recipients to contact them directly or to pass the data on to third parties.
2.2.6 WhatsApp Newsletter: By voluntarily providing your WhatsApp number in your profile on our website or by contacting us via WhatsApp, you give us your consent to inform you about our current interesting offers (particularly including topics related to studying and career entry) via WhatsApp newsletter. We store your WhatsApp number and your contact details for the purpose of sending the WhatsApp newsletter (legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR and § 25 para. 1 sentence 1 TTDSG). You can revoke your consent at any time. You can declare the revocation by sending us a message.
2.2.7 Direct Marketing via Email and WhatsApp: We also use your email address and/or WhatsApp number, which we have received in connection with registration or the sale of goods or services, for direct marketing via email and/or WhatsApp for our own similar goods or services. As well as for sending further offers related to studying and career entry, and particularly for recruiting and employer branding initiatives from third-party providers cooperating with us. The legal basis for this is § 7 para. 3 UWG (German Act Against Unfair Competition). You can object to these email/WhatsApp messages at any time (see 2.2.5 and 2.2.6). For direct marketing via email, we analyze your user behavior. Information about the analysis of user behavior can be found in the newsletter section of this statement.
2.2.8 Sweepstakes: In the context of sweepstakes, we use your data (name, contact details) for the purpose of winner notification (Art. 6 para. 1 lit. b) GDPR) and advertising our offers by mail (Art. 6 para. 1 lit. f) GDPR) or by email with your consent (Art. 6 para. 1 lit. a) GDPR). Additional information can be found in the terms and conditions of the respective sweepstakes.
3. Technologies, Services, and Cookies Used
3.1 We use the hosting service Vercel (Vercel Inc, 340 S Lemon Ave #4133, Walnut, CA 91789, U.S.A.) to provide our website. The website is delivered from the AWS Cloud in Frankfurt (AWS eu-central-1).
3.2 This website also uses other services, (tracking) technologies, and cookies. Cookies are small text files that contain an identification number. Cookies are stored on your computer, tablet, or smartphone (hereinafter: devices) when you visit our website. When you visit our website again, your device can be recognized using this identification number.
3.3 This website uses Local Storage Items and Session Storage Items. Local Storage is a mechanism that enables the storage of data within the browser on your device. This data usually includes user preferences, such as a website's 'day' or 'night mode', and remains until you manually delete the data. Session Storage is very similar to Local Storage, whereas the storage duration only lasts during the current session, i.e., until the current tab is closed. After that, the Session Storage Items are deleted from your device.
3.4 The legal basis for data processing by the programs described in this Section 3 is, unless otherwise stated, your consent pursuant to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 sentence 1 of the German Telecommunication and Telemedia Data Protection Act (TTDSG). During your first visit to our website, you will be asked whether you would like to give consent for cookies that collect personal data to be set. You can grant consent for all cookies (button '[Accept]') or decline under the button '[Reject All]'. Consent is voluntary and you can revoke it at any time with effect for the future under '[Privacy Settings]' in the footer of our website by unchecking a previously set checkbox.
3.5 Technologies, Services, Cookies, Local Storage Items, and Session Storage Items
3.5.1 Depending on the function and purpose of the data processing taking place, the technologies, services, and cookies used on our website are divided into the following three categories:
3.5.1.1 Necessary: These technologies, services, and cookies are required to provide you with website functions and to fulfill our legal obligations. This includes, for example, our hosting service Vercel as well as all Local Storage Items and Session Storage Items used. The legal basis for processing your personal data is our legitimate interest (Art. 6 para. 1 lit. f GDPR) to make our website usable for you and to fulfill our legal obligations (Art. 6 para. 1 lit. c GDPR). Technologies and services in this category are always used when you want to use our service. Furthermore, even when cookies are rejected (button '[Reject All]'), the necessary cookies remain activated.
3.5.1.2 Statistics: We use these technologies, services, and cookies for statistical analysis purposes to statistically record the use of our website. Statistics cookies help us improve our website and offer you content that is particularly relevant to you. The legal basis for processing your personal data is your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 sentence 1 TTDSG, which you can give via our cookie banner. Your consent is always voluntary and is not required for using the website itself.
3.5.1.3 Marketing: We use these technologies, services, and cookies for marketing purposes, i.e., for example, to provide you with personalized advertising (particularly regarding studying and career entry, as well as recruiting and employer branding initiatives). The legal basis for processing your personal data is your consent according to Art. 6 para. 1 lit. a GDPR and § 25 para. 1 sentence 1 TTDSG, which you can give via our cookie banner. Your consent is always voluntary, is not required for using the website itself, and can be revoked at any time. For revoking direct marketing and email newsletter delivery, see 2.2.7.
3.5.2 Storage Duration of Cookies: Session cookies (hereinafter: 'session cookies') are deleted when the browser is closed. We also use persistent ('permanent') cookies. Details about the storage duration can be found in the following sections and in the cookie overview.
3.5.3 Technologies, Services, and Cookies
3.5.3.1 Necessary
| Technology / Service / Cookie | Provider | Purpose |
|---|---|---|
| Calendly | Calendly LLC. | Appointment scheduling |
| Hostpoint AG | Contact and customer service | |
| Google Tag Manager | Google Ireland Ltd. | Integration of Google services |
| Local Storage Items and Session Storage Items | RyT Education GmbH (Thesis-Elearning.com) | Make website usable |
| Stripe | Stripe Inc. | Payment processing |
| Supabase | Supabase Inc. | Authentication and database operation |
| Synthesia | Synthesia Ltd. | Video embedding |
| Vercel | Vercel Inc. | Hosting |
| Meta Platforms Ireland Ltd. | Contact and customer service | |
| Zoom | Zoom Video Communications, Inc. | Video conference |
3.5.3.2 Statistics
| Technology / Service / Cookie | Provider | Purpose |
|---|---|---|
| Google Analytics | Google Ireland Ltd. | Analysis and optimization of website usage |
| Hotjar | Hotjar Inc. | Analysis and optimization of website usage |
3.5.3.3 Marketing
| Technology / Service / Cookie | Provider | Purpose |
|---|---|---|
| Facebook Pixel | Meta Platforms Ireland Ltd. | Display of content |
| Google AdWords | Google Ireland Ltd. | Display of content |
| Mailchimp | Rocket Science Group | Direct marketing and email newsletter delivery |
| Meta Platforms Ireland Ltd. | Direct marketing and WhatsApp newsletter delivery |
4. Transfer to Third Parties
4.1 We share at least some of your data that we collect according to the aforementioned sections with data processors. These process your data only on our instructions and not for their own purposes (Art. 28, 19, GDPR). These companies are:
| Data Processor | Provider | Purpose |
|---|---|---|
| Calendly | Calendly LLC | Appointment scheduling |
| Hostpoint AG | Contact and customer service | |
| Meta Platforms Ireland Ltd. | Display of content, contact and customer service / Direct marketing and WhatsApp newsletter delivery | |
| Google Ireland Ltd. | Integration of Google services, display of content, analysis and optimization of website usage | |
| Hotjar | Hotjar Inc. | Analysis and optimization of website usage |
| Mailchimp | Rocket Science Group | Direct marketing and email newsletter delivery |
| Stripe | Stripe Inc. | Payment processing |
| Supabase | Supabase Inc. | Authentication and database operation |
| Synthesia | Synthesia Ltd. | Video embedding |
| Vercel | Vercel Inc. | Hosting |
| Zoom | Zoom Video Communications, Inc. | Video conference |
4.2 In certain cases, we may share some of your data with other recipients. This may be the case if you have consented to this (Art. 6 para. 1 lit. a GDPR), if we are legally obliged to do so (Art. 6 para. 1 lit. c GDPR), or if this is necessary to protect legitimate interests (Art. 6 para. 1 lit. f GDPR).
4.3 If we transfer data to recipients in a third country (located outside the European Economic Area), you can find this information in the details about the data processors and the underlying legal basis according to Art. 46 para. 2 GDPR in the description of the respective data processing. The European Commission certifies some third countries with a data protection standard comparable to that in the European Economic Area through so-called adequacy decisions. A list of these countries can be found at ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en. If a country does not have a comparable data protection standard, we ensure that data protection is adequately guaranteed through other measures. This is possible, for example, through binding corporate rules, standard contractual clauses of the European Commission for the protection of personal data, certificates, or recognized codes of conduct. Otherwise, we do not transfer your personal data to countries outside the EU or the EEA or to international organizations unless explicitly stated otherwise in this privacy policy.
5. Use of WhatsApp
As part of our offered services, you can communicate with us via the WhatsApp messenger service. The associated data processing is carried out on the basis of Art. 6 para. 1 lit. b) GDPR, as the communication is related to the fulfillment of a contract or is necessary for the implementation of pre-contractual measures. The collected information is stored on the provider's servers, including outside of Europe (see below for the requirements for transferring personal data to third countries). For more information about the purpose and scope of data collection and its processing by the messenger provider, please refer to the provider's privacy policy at: https://www.whatsapp.com/legal/privacy-policy-eea#privacy-policy-legal-basis-for-processing-data.
6. Advertising
Our website uses tools that facilitate or enable the placement of advertisements and the evaluation of the success of placed advertisements. For this purpose, personal data is processed, in particular the IP address, access times, and device information. The legal basis for this processing is consent (Art. 6 para. 1 lit. a GDPR).
7. Duration of Storage
Unless otherwise stated, we initially process and store your personal data for the duration required by the respective purpose of use. This may also include the periods of contract initiation (pre-contractual legal relationship) and contract execution. On this basis, personal data is regularly deleted in the context of fulfilling our contractual and/or legal obligations, unless their temporary further processing is necessary for the following purposes: i. Compliance with legal retention obligations arising from, for example, the German Commercial Code (§§ 238, 257 para. 4 HGB) and the German Fiscal Code (§147 para. 3, 4 AO). The retention or documentation periods specified therein are up to ten years. ii. Preservation of evidence taking into account the statute of limitations. According to §§ 194 ff. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years.
8. Your Rights
8.1 Under the legal requirements, you have the following rights as a data subject: Under the conditions of Art. 15 GDPR, you can request information from us about whether we process data about you. If this is the case, you have the right to receive information about this data. If your data stored with us is incorrect or incomplete, you can request correction and, if necessary, completion of this data (Art. 16 GDPR). If the legal requirements are met, you can request the deletion (Art. 17 GDPR) or 'blocking' (Art. 18 GDPR) of your data. For automatically processed data that we have received from you on the basis of your consent or a contract, you can assert the right to data portability (Art. 20 GDPR). We will then send you your data in a machine-readable format. If you wish and this is technically possible, we will transfer this data to a third party. All aforementioned rights may be restricted or excluded by law in certain cases.
8.2 Withdrawal of consent: If you have given us consent to process personal data for specific purposes, the lawfulness of processing is based on your consent. Given consent can be withdrawn. You can send the withdrawal to: hello@thesis-elearning.com. Please note that your withdrawal only takes effect for the future. Processing that took place before the withdrawal is not affected.
8.3 Objection to processing based on legitimate interests: We also collect and process your personal data to protect our legitimate interests or the legitimate interests of third parties, insofar as data processing is necessary to protect these legitimate interests. In these cases, you have the right to object to processing for the future. You can send this to hello@thesis-elearning.com.
8.4 Right to complain to a supervisory authority: Under the conditions of Art. 77 GDPR, you have the right to complain to a competent supervisory authority. In particular, you can submit a complaint to the supervisory authority responsible for us or another competent supervisory authority. A list of data protection supervisory authorities and their contact details can be found at the following link: www.bfdi.bund.de/EN/Service/Addresses/addresses_table.html
8.5 Other concerns: Our data protection officer is available for further data protection questions and concerns. Corresponding inquiries and the exercise of your above rights should, if possible, be sent in writing to our address stated above or by email to hello@thesis-elearning.com.