Would you like to know what happens to your data and who to contact? Find out everything here:

What we do and what rights you have – our data protection summarized in a few words:

  • We, the AureaVR GmbH, are responsible for everything here.
  • We only store and use your data that we need or that you have expressly consented to processing.
    Of course, there is a § for everything. We only do what we are allowed to do.
  • Others only get your data if we cannot do something ourselves or on site. Of course, we have contracts with our service providers to ensure that they take care of your data as much as we do.
  • If we no longer need your data, they will be deleted. If we have to keep it, e.g. for the tax office, then the data will be blocked. “Blocking” means that they are technically protected in such a way that they can no longer be changed or processed further.
  • Your data is secure – we take good care of it!
  • If you want to know whether and what data we have from you, if you want this data to be deleted or handed over, or if you want to object to certain data processing, call us or write to us. You can also contact us if you wish to revoke your consent.
  • If you are dissatisfied with how we are handling your data, there is also a competent supervisory authority (state data protection authority of Saxony Anhalt) as a last step. You can call or write there.
  • Of course we hope that we can talk beforehand and find a common solution.


And here for the visitors of our website who want to know more details, the whole thing in detail:


Who is responsible for the processing?

Responsible according to Art. 4 Para. 7 DS-GVO:

AureaVR GmbH
Pfälzer Ufer 4
06108 Halle (Saale)

Managing director (CEO): Prof. Dr. Carsten Fussan

Fon: +49 345 68557874
E-Mail: hello@aureavr.com


Website hosting?

Our website is located on the web server (hosting) of

nvii-media GmbH
Leipziger Strasse 100
06108 Halle (Saale)

Germany (hereinafter: nvii).

Managing Director:
Paul Ashcroft, Tim Montag, Michele Lau, Nicholas Daddario

If you want to know more about their data protection, you will find the details in the data protection declaration: https://www.nvii-media.com/datenschutz/

We use nvii on the basis of Article 6(1)(f) GDPR, i.e. we have a legitimate interest in our website being displayed as reliably as possible.

What data do we collect and store for what purposes? When visiting the website for information only?

If you just look at our website, do not register and do not enter any data or actively send us any other data, then we will process the personal data that your browser transmits to our server. These are stored without you doing anything until they are automatically deleted. What information is this? This can be found below:


  • IP address of the requesting computer,
  • Date and time of access, time zone offset from Greenwich Mean Time (GMT)
  • Request content (visited page)
  • Access Status/HTTP Status Code
  • Amount of data transferred in each case
  • browsers
  • Operating system
  • Language and version of browser software

We use the above data for the operation of our website, in particular to identify and eliminate errors on the website, to determine the utilization of the website and to make adjustments and improvements. The legal basis for data processing is Art.6 Para.1 S.1 lit.f GDPR. Our legitimate interest follows from the data collection purposes just mentioned. Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person. The data is also not merged with other data sources.

The personal data mentioned will only be stored for the duration of your visit. They will then be deleted immediately.

If we use external links on our site that take you to other service providers, you can recognize this by the link symbol for external links, i.e. the mouse pointer changes shape when it is on a link. If you click on an external link, your IP address will be visible to the provider of the site.

When contacted by email and/or contact form

You can contact us via the email address provided or the contact form. In this case, the data you have provided (your e-mail address, your name and your telephone number and other information you have provided) will be stored, e.g m to process your request and answer your questions. If the request is assigned to a contract, we delete the data arising in this context after the deadlines for the contract period, otherwise after 24 months, or restrict the processing if there are statutory storage obligations.

How long do we store your data and when do we delete it?

If no specific deletion periods are specified in this data protection declaration for the respective case, then we will delete your personal data as soon as the purpose of storage no longer applies. However, we must continue to store your data if we are obliged to do so by European or national legislators in EU regulations, laws or other regulations to which we are subject.

However, if the storage period prescribed in the standards mentioned expires, then your data will of course be deleted – unless they are still required at this point in time for the conclusion of a contract with us or the performance of a contract that you have concluded with us.

What rights do you have as a data subject?

  1. a) Information

You can request information about the personal data we process from us at any time in accordance with Art. 15 GDPR. In particular, if you request it, we will provide you with information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to correction, deletion, restriction of processing or objection, the existence of a right of appeal, the origin of your data if they were not collected from us, as well as the existence of automated decision-making including profiling and, if necessary, meaningful information on their details.

  1. b) Correction

In accordance with Art. 16 GDPR, you can immediately request the correction of incorrect or completion of your personal data stored by us.

  1. c) Deletion

According to Art. 17 DSGVO, you have the right to request the deletion of your personal data stored by us.

  1. d) Restriction of processing

In accordance with Art. 18 GDPR, you can request the restriction of the processing of your personal data.

  1. e) Data Portability

In accordance with Art. 20 GDPR, you can request that we provide you with your personal data that you have provided to us in a structured, common and machine-readable format or transmit it to another person named by you.

  1. f) Withdrawal of consent

You can revoke your consent given to us at any time in accordance with Art.7 Para.3 GDPR. As a result, we are no longer allowed to continue the data processing based on this consent for the future.

  1. g) Objection to data collection in special cases and to direct advertising

According to Art. 21 GDPR, you can object to the processing of your personal data if there are reasons for this that arise from your particular situation or the OBJECTION AGAINST DIRECT ADVERTISING. In the latter case, you have a general right to object, which we will implement without specifying a particular situation. You can report your objection informally by telephone, email or to our postal address listed at the beginning of this data protection declaration.

If you would like to exercise one or more of your rights or need more information about this, please contact us using the contact details given above.

When do we share your information?

We only transfer your data to third parties if:

You have given your express consent in accordance with Art.6 Para.1 S.1 lit.a GDPR,

the transfer according to Art.6 Abs.1 S.1 lit.f DSGVO is necessary for the assertion, exercise or defense of legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,

in the event that there is a legal obligation for the transfer according to Art.6 Para.1 S.1 lit.c DSGVO, as well as

this is legally permissible and required according to Art.6 Para.1 S.1 lit.b DSGVO for the processing of contractual relationships with you.

If we use commissioned service providers for individual functions of our offer or would like to use your data for advertising purposes, we will always carefully select and monitor these service providers and inform you in detail below about the respective processes. We also state the specified criteria for the storage period.

As far as our service providers or partnersare based in a country outside the European Economic Area (EEA), we will inform you about the consequences of this circumstance in the respective description of our offer.


Right to lodge a complaint with the supervisory authority

You have the right to complain to a supervisory authority in accordance with Article 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or work or our company headquarters:


State representative for data protection in Saxony-Anhalt

Postal address:

9 Leiterstrasse

39104 Magdeburg


mailing address

P.O. Box 1947


39009 Magdeburg

Telephone: 03 91/81 803-0

Fax: 03 91/81 803-33

Email: poststelle{at}lfd.sachsen-anhalt{dot}de

Homepage: https://datenschutz.sachsen-anhalt.de


Do we collect and use data from your end devices (cookies and tracking)?

Our website uses so-called “cookies”. Cookies are small text files and do not cause any damage to your end device. They are stored on your end device either temporarily for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted after your visit. Permanent cookies remain stored on your end device until you delete them yourself or until they are automatically deleted by your web browser.

In some cases, cookies from third-party companies can also be stored on your end device when you enter our site (third-party cookies). These enable us or you to use certain services of the third-party company (e.g. cookies for processing payment services).

Cookies have different functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or to display advertising.

Cookies that are required to carry out the electronic communication process (necessary cookies) or to provide certain functions you want (functional cookies, e.g. for the shopping cart function) or to optimize the website (e.g. cookies for measuring the web audience). stored on the basis of Article 6 (1) (f) GDPR, unless another legal basis is specified. The website operator has a legitimate interest in the storage of cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies was requested, the relevant cookies are stored exclusively on the basis of this consent (Article 6 (1) (a) GDPR); the consent can be revoked at any time.

You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted.

If cookies are used by third-party companies or for analysis purposes, we will inform you of this separately in this data protection declaration and, if necessary, ask for your consent.

Server log files

The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Hostname of the accessing computer
  • Time of server request
  • IP address

This data is not merged with other data sources. This data is collected on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website – the server log files must be recorded for this purpose.

Facebook pixels

This website uses the visitor action pixel from Facebook to measure conversion. The provider of this service is Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland. According to Facebook, however, the data collected is also transferred to the USA and other third countries.

In this way, the behavior of site visitors can be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This allows the effectiveness of the Facebook ads to be evaluated for statistical and market research purposes and future advertising measures to be optimized.

The data collected is anonymous to us as the operator of this website, we cannot draw any conclusions about the identity of the users. However, the data is stored and processed by Facebook so that a connection to the respective user profile is possible and Facebook can use the data for its own advertising purposes in accordance with the Facebook data usage guidelines. This enables Facebook to place advertisements on Facebook pages and outside of Facebook. This use of the data cannot be influenced by us as the site operator.


The use of Facebook pixels is based on Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. If a corresponding consent was requested (e.g. consent to the storage of cookies), processing takes place exclusively on the basis of Article 6 (1) (a) GDPR; the consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:

https://www.facebook.com/legal/EU_data_transfer_addendum and


You will find further information on protecting your privacy in Facebook’s data protection information:


You can also use the Custom Audiences remarketing feature in the Ads Settings section at

Disable https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen. To do this, you must be logged in to Facebook.

If you do not have a Facebook account, you can deactivate usage-based advertising from Facebook on the website of the European Interactive Digital Advertising Alliance: http://www.youronlinechoices.com/de/praferenzmanagement/.

LinkedIn Insight Tag

This website uses LinkedIn’s Insight Tag. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland.

Data processing by LinkedIn Insight Tag

With the help of the LinkedIn Insight Tag we receive information about the visitors of our website. If a website visitor is registered with LinkedIn, we can u. analyze the professional key data (e.g. career level, company size, country, location, industry and job title) of our website visitors and thus better align our website to the respective target groups. We can also use LinkedIn Insight Tags to measure whether visitors to our website make a purchase or take another action (conversion measurement). The conversion measurement can also be carried out across devices (e.g. from PC to tablet). LinkedIn Insight Tag also offers a retargeting function, with the help of which we can show visitors to our website targeted advertising outside of the website, whereby, according to LinkedIn, the advertising addressee is not identified.

LinkedIn itself also collects so-called log files (URL, referrer URL, IP address, device and browser properties and time of access). The IP addresses are shortened or (if they are used to reach LinkedIn members across devices) hashed (pseudonymized). The direct identifiers of LinkedIn members are deleted from LinkedIn after seven days. The remaining pseudonymised data will then be deleted within 180 days. The data collected by LinkedIn cannot be assigned to specific individuals by us as the website operator. LinkedIn will collect the personal data of website visitors on its

Store on servers in the USA and use them for our own advertising purposes. Details can be found in LinkedIn’s data protection declaration at https://www.linkedin.com/legal/privacy-policy#choices-oblig.

legal basis

LinkedIn Insight is used on the basis of Article 6 (1) (f) GDPR. The website operator has a legitimate interest in effective advertising measures, including social media. If a corresponding consent was requested (e.g. consent to the storage of cookies), processing takes place exclusively on the basis of Article 6 (1) (a) GDPR; the consent can be revoked at any time.

Data transfer to the USA is based on the standard contractual clauses of the EU Commission.

Details can be found here:

https://www.linkedin.com/legal/l/dpa and


Objection to the use of LinkedIn Insight Tag Object to the analysis of usage behavior and targeted advertising by LinkedIn under the following link: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Furthermore, LinkedIn members can control the use of their personal data for advertising purposes in their account settings. To link data collected on our website by LinkedIn and your link To avoid dIn account, you must log out of your LinkedIn account before visiting our website. We have concluded an order processing contract with LinkedIn.

Google Analytics

This is a web analysis service.

Processing company:

Google Ireland Limited

Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland

data processing purposes

This list represents the purposes of data collection and processing. Consent is only valid for the stated purposes. The data collected cannot be used or stored for any purpose other than those listed below.

  • Analysis


Technologies used

release cookies

pixel tags

Data collected

This list contains all (personal) data collected on or through the use of the service.


  • IP address
  • Usage Data
  • Click path
  • App Updates
  • Browser information
  • Device Information
  • JavaScript support
  • Visited pages
  • Referrer URL
  • Downloads
  • Flash version
  • Location Information
  • Purchase Activity
  • Widget Interactions
  • Date and time of visit


legal basis

The legal basis for the processing of personal data required by Art. 6 I 1 GDPR is listed below.

Article 6 Paragraph 1 Clause 1 Letter a GDPR

place of processing

European Union

retention period

The retention period is the period of time during which the collected data is stored for processing. The data must be deleted as soon as they are no longer required for the stated processing purposes.


The retention period depends on the type of data stored. Each customer can specify how long Google Analytics keeps data before it is automatically deleted.

data receiver

alphabet inc

Google LLC

Google Ireland Limited

Data protection officer of the processing company

Below you will find the e-mail address of the data protection officer of the processing company.



Transfer to third countries

This service may transfer the collected data to another country. Please note that this service may transfer data outside of the European Union and the European Economic Area and to a country that does not offer an adequate level of data protection. If the data is transferred to the USA, there is a risk that your data may be processed by US authorities for control and monitoring purposes without you possibly being entitled to any legal remedies. Below is a list of the countries to which the data is transferred. This can be the case for various purposes, e.g. B. for storing or processing.



Click here to read the data processor’s privacy policy https://policies.google.com/privacy?hl=en</ a>


Click here to revoke consent on all domains of the processing company https://tools.google.com/dlpage/gaoptout?hl=de

Click here to read the data processor’s cookie policy




Instagram is an online platform of the US company Instagram LLC, 1601 Willow Road, Menlo Park, CA 94025, United States. The provisions of point 10 of this data protection declaration apply with regard to data processing and transmission.

This offer can use functions of Instagram. This links pages you visit to your Instagram account. Other Instagram users will be informed and your posts may be publicly viewable if you have not made them private. When used, data is sent to Instagram. The provider does not receive any user data or other evaluations from Instagram.

For more information, see the Instagram privacy policy at https://help.instagram.com/519522125107875 or https://www.facebook.com/help/contact/540977946302970 and your privacy settings at https://www. instagram.com/accounts/privacy_and_security/.


Twitter is a microblog of the US company Twitter Inc., Twitter, Inc. 1355 Market St, Suite 900, San Francisco, CA 94103, United States. The provisions of point 10 of this data protection declaration apply with regard to data processing and transmission.

This offer may use functions of Twitter, including the “Re-Tweet” function. This links pages you visit to your Twitter account ft. Other Twitter users will be informed and your posts (so-called “tweets”) will be publicly viewable unless you have made them private. When used, data is sent to Twitter. The provider does not receive any user data or other evaluations from Twitter.

For more information, see the Twitter privacy policy at http://twitter.com/privacy and your privacy settings at http://twitter.com/account/settings.


How secure is your data?

All information that you submit to us is stored on servers within the European Union. Unfortunately, the transmission of information over the Internet is not completely secure and we cannot guarantee the security of data transmitted to our website over the Internet. However, we secure our website and other systems through technical and organizational measures against loss, destruction, access, modification or distribution of your data by unauthorized persons. In particular, your personal data will be encrypted before being transmitted to us. We use the coding system for this.


Status and update of this data protection declaration

We reserve the right to change this privacy policy at any time with effect for the future. A current version is available on the website. Please visit our website regularly and inform yourself about the applicable data protection regulations.

Status: June 2022


Email Disclaimer

The privacy policy for sending emails

In a nutshell:

We process your data because we have reasons to do so. These reasons are manifold. You can rely on us to treat that data the same way we expect our data to be treated. For example, we do not allow it to be passed on to third parties!

We stand for the informational self-determination of every person in Europe!

And here is the official version:

Mandatory information according to Article 13 GDPR In the case of initial contact, we are obliged according to Articles 12, 13 GDPR to provide you with the following mandatory information under data protection law:

If you contact us by e-mail, we only process your personal data if there is a legitimate interest in the processing (Art. 6 Para. 1 lit. f GDPR), you have consented to the data processing (Art. 6 Para. 1 lit. a GDPR), the processing is required for the initiation, justification, content design or change of a legal relationship between you and us (Art. 6 Para. 1 lit. b GDPR) or another legal norm permits the processing.

Your personal data will remain with us until you ask us to delete it, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed).

Mandatory legal provisions – in particular tax and commercial retention periods – remain unaffected.

You have the right to receive information about the origin, recipient and purpose of your stored personal data free of charge at any time. You also have the right to object, to data portability and to lodge a complaint with the competent supervisory authority.

You can also request the correction, deletion and, under certain circumstances, the restriction of the processing of your personal data. Details can be found in our privacy policy (https://aurea.university/privacy-policy/).

We have appointed a data protection officer. You can view the contact details at https://aurea.university/privacy-policy/ and get in touch with us if you have any questions, suggestions or other data protection concerns.