Skip to main content

Data privacy

Information on data protection and data security at the ESMT European School of Management and Technology GmbH

February 18, 2020

1. Introduction

This Privacy Policy applies to the websites of ESMT European School of Management and Technology GmbH (hereinafter referred to as "ESMT Berlin"). Other privacy statements may be applicable to other third-party servers and websites.

Data privacy is of utmost importance to ESMT Berlin and we have taken the appropriate technical and organizational measures to guarantee the utmost security of your data. This enables us to ensure compliance with the legal regulations in Germany. Data protection regulations require that we handle user data properly and for a specific purpose. We will not use user data for purposes other than those stated. We would like to inform you here how we handle your personal data when using our website.

ESMT Berlin is subject to the provisions of the European General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG), and the Telemedia Act (TMG). We have taken appropriate technical and organizational measures to ensure that the regulations on data protection are followed.

2. Controller

ESMT European School of Management and Technology GmbH

Schlossplatz 1

10178 Berlin


Tel.: +49 30 212 31 0


Further details can be found in the imprint.

3. Data protection officer

You may also contact ESMT Berlin’s data protection officer with questions regarding data protection and our privacy policy:

Wolfgang Schmid

Schmid Frank Rechtsanwälte PartG mbB

Katharinengasse 11b

86150 Augsburg


4. Handling of personal data

Personal data is any information relating to an identified or identifiable person; identifiable is an individual person who can be identified directly or indirectly, in particular by assignment to an identifier such as a name, an identification number, location data, an online identification or one or more special characteristics.

5. Collected data, purposes of data processing, and legal basis

a) Visiting our website

Each time a user accesses an ESMT Berlin page and each time a file is retrieved, data about this process is temporarily stored in a log file until their automatic erasure after three months. Depending on the access protocol used, the log data record contains information with the following contents:

  • IP address of the requesting computer
  • Name of the requested file
  • Date and time of the request
  • Access methods/functions requested by the requesting computer
  • Access status of the webserver
  • URL from which the file was requested
  • Operating system and browser type or settings.

No user profiles are created, in which IP addresses and personal data are linked. Anything to the contrary shall only apply insofar as this is stated separately in this data protection declaration.

The stored log data is used exclusively for purposes of identification and tracking of unauthorized access attempts/access to the webserver, as well as for statistical evaluations such as visitor numbers and page popularity. Only authorized employees of ESMT Berlin carry out the evaluation.

The lawfulness of the data processing results from Art. 6 paragraph. 1 sentence 1 lit. f) GDPR. Our legitimate interest is explained above.

b) Registration for special services

If you have given explicit consent in accordance with Art. 6 paragraph. 1 sentence 1 lit. a) GDPR, we will store your email address and, depending on the requested service (e.g. newsletter dispatch, activation of test accesses, registration for events and programs, application for study programs), other data also and use it to provide the requested services. Additionally, we may also use your personal information for marketing purposes, such as to inquire about your interest in a particular ESMT program or to generally promote our programs or events. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f) GDPR.

The use of some of our offers, especially the online application procedure for students of the graduate programs, requires a personal password assignment. You must keep this password secret and protect it from access by unauthorized third parties.

You can withdraw your previous consent for the processing of personal data at any time or object to any processing carried out within the scope of our legitimate interests (Art. 1 para. 1 sentence 1 lit. f GDPR) (

6. Use of cookies

As part of your visit to our website, we use so-called “cookies”.

These are small text files our web application stores on your computer so that we can identify your Internet browser when you visit. 

The popular Internet browsers are set so that they automatically accept cookies. You can de-activate the setting or set your Internet browser so that it informs you if cookies are used and you will be notified as soon as cookies are to be placed.

The data retrieved by cookies is not used to identify you personally.

Permanent cookies are stored on your computer for 100 days and are used to enable you to use our website as comfortably as possible even after your current visit. We use them for displaying individual content to you.

If you do not wish to permit permanent cookies you can de-activate them in your browser. Please refer to the help function in the menu bar of your browser for details on how to proceed. The deactivation of permanent cookies has no influence on the general usability of our website.

Session cookies are stored only until you close your current browser session on your system. They serve to enable you to use our services without restriction for your current visit to our site. This data is anonymized so that you cannot be identified personally. If you do not wish to allow session cookies, you can deactivate them in your browser.

Please find further information on this process in the help function of the menu bar of your browser.

By deactivating session cookies, we cannot guarantee that you will be able to use all of our services without restriction.

Social Media Plug-ins

We use social media plug-ins from the providers listed below to customize content and advertising, to improve the services on our website, to optimize our marketing activities and to analyze traffic on our website.


- Facebook (operated by: Facebook Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland)

- Google+ (operated by: Google LLC., 1600  Amphitheatre Parkway,  Mountain  View,  CA 94043,  USA 

- Linkedin (operated by: LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Placa, Dublin 2)

- Twitter (operated by: Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA)

The plug-ins normally collect information about your use of our website by default and transmit it to the servers of the respective provider.

For more information on the scope, type and purpose of data processing and on rights and setting options for protecting your privacy, please refer to the data protection information of the respective social network provider. These are available at the following addresses:

The lawfulness of the use of Social Media Plug-ins is Art. 6 para. 1 sentence 1 lit. f) GDPR.

7. Web analysis / Google Analytics

This website uses Google Analytics, a web analytics service provided by Google LLC., Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google").

This web analysis tool helps us, within the scope of our legitimate interests, to ensure that our website functions as required and to constantly improve it. The legal basis for the processing of your data is Art. 6 para. 1 sentence 1 lit. f) GDPR).

The data about your use of this website is processed by Google on behalf of ESMT and is usually transferred to a Google server in the USA and stored there.

We would like to point out that on our website Google Analytics has been extended by the code "anonymizeIp" in order to guarantee an anonymized collection of IP addresses (so-called IP-Masking). This means Google will reduce your IP address within Member States of the European Union or in other Contracting States to the Agreement on the European Economic Area beforehand.

Full IP addresses are transmitted to a Google server in the USA and shortened there only in exceptional cases. Google will use this information on behalf of ESMT Berlin in order to evaluate visitors’ use of the website, compile reports on website activities, and provide other services related to the use of the website and the Internet to ESMT Berlin. The IP address provided by your browser in the context of Google Analytics is not combined with other data of Google. You may prevent cookies from being stored on your computer by changing the relevant setting in your browser software. You may prevent cookies from being stored on your computer by changing the relevant setting in your browser software.

According to Google's own statement, they comply with the terms of the Privacy Shield Agreement between the EU and the USA and between Switzerland and the USA.

For more information on terms of use and data protection, please see Google's terms and policies.

Google Data Studio

On the legal basis of Art. 6 paragraph. 1 f) GDPR (legitimate interest in the aggregated analysis of the use and continuous optimization of this website) we use an additional data management tool from Google Analytics - Google Data Studio - for the visual creation of user-defined reports and interactive dynamic dashboards for internal purposes. We use data from Google Analytics and no other data sources. The data is processed by Google on behalf of ESMT. The web-based tool is accessed via a browser and Google Analytics is directly connected to the Google Data Studio via an interface. Further information about Google Data Studio can be found here


This website uses Matomo, a web analysis tool for the statistical evaluation of visitor access, to ensure that our website functions as required within the framework of our legitimate interests and to constantly improve it. The legal basis for the processing of your data is art. 6 paragraph. 1 sentence 1 lit. f) GDPR.

The data collected by Matomo is processed on a server operated by ESMT Berlin. Your data will be anonymized directly upon visiting a web page. Matomo does not use cookies for tracking and instead works only on the basis of the anonymized IPs and website visits. In addition to the web pages and files accessed, it saves information about your operating system, browser, browser plugins (e.g. whether Flashplayer is available), screen resolution, your approximate location (e.g. "Berlin", but not your concrete address), and the duration of your visit.

We support “Do Not Track”

The "Do Not Track" function (abbreviated "DNT") is a privacy setting that can be set in most web browsers. Our website supports this function. If you have DNT turned on, your use of the site will not be used for usage analysis. Functional cookies, which we need for the provision of our services (e.g. registration), will continue to be set.

8. Google Maps

This website uses the "Google Maps API" of the Google Group ("Google"). Via this API, the map material of the Google Maps service is displayed together with the localization of ESMT Berlin. The display of this content in your browser requires Google to collect your IP address. We would like to point out that on this website Google Maps API has been extended by the code "anonymizeIp" in order to ensure anonymous collection of IP addresses (so-called IP-Masking).

For users who are habitually resident in the European Economic Area or Switzerland, Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, is the responsible party for providing the service and for your data, unless otherwise stated in Google's privacy policy.

The data collected by the Service may be transferred to the United States and processed on servers of Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA. Google claims to comply with the terms of the Privacy Shield Agreement between the EU and the USA and between Switzerland and the USA.

The legal basis for this data processing is our legitimate interest (Art. 6 paragraph.1 lit. f) DSGVO) in making it easier for you to contact us. Google and we process your data as independent data controllers, on the basis of the agreement which can be accessed here

The terms of use for Google Maps can be found under Terms of use for Google Maps. For more information about Google's privacy policy, please click here.

If you're signed in to a Google Account, the information collected by the service can be associated directly with your account. If you want to prevent Google from processing your information and associating it with your Google Account, please contact Google Ireland Limited.

9. Links to other websites and social networks

Hyperlinks to various offers by third-party providers, such as social networks, may be integrated in our website in order to allow our users to quickly access the latest information and communicate easily. If you follow these hyperlinks and use social networks, data may be collected by these third-party providers.

10. Data security

Personal data provided to us by you will be transmitted to us via a secure connection in encrypted form. The security procedure used (SSL - Secure Sockets Layer) adheres to current technical standards. We use encryption with a 256-bit key. SSL encryption (recognizable by https:// in the address bar of the browser and by a lock symbol in the status bar at the bottom of the browser) is a protocol for encrypting data in the transmission from the web server to the browser. During transmission, the personal data between the user's computer and our SSL server is encrypted using the SSL protocol.

11. Automated decision-making / profiling

Automated decision-making / profiling does not take place.

12. Affected rights and the right of appeal to a supervisory authority

Each user has the right to receive free information about the data stored about them by ESMT Berlin. In addition, the user has the right to:

  • Correction of incorrect data
  • Restriction of processing
  • Deletion
  • Data portability
  • Withdraw a given consent, Art. 7, paragraph. 3 GDPR.

If your personal data are processed on the legal basis of legitimate interests in accordance with Art. 6 paragraph. 1 sentence 1 letter f) GDPR, you have the right to object to the processing of your personal data in accordance with Art. 21 GDPR, if there are reasons for doing so arising from your particular situation or if the objection is directed to advertising. In the last case, you have a general right of objection which we will implement without indicating a special situation.

There is also a right of appeal to the supervisory authority responsible for ESMT Berlin. The contact details are:

Berliner Beauftragte für Datenschutz und Informationsfreiheit

Friedrichstr. 219

10969 Berlin

Tel.: +49 30 13889-0

Fax: +49 30 2155050


13. Changes

As ESMT Berlin’s internet offers may be subject to change, it may be necessary in individual cases to make changes to the privacy policy. ESMT Berlin reserves the right to change this Privacy Policy at any time.