IU – Internationale Hochschule

Privacy Policy

– Study Access Alliance Program –

This Privacy Notice explains how your personal data is processed in connection with the use of this website and the provided functionalities, such as the menu for ordering information, a blog and search functions (hereinafter collectively referred to as the „Website“).

This Website uses SSL or TLS encryption for security and to protect the transmission of personal data and other confidential content (e.g. orders or inquiries submitted to the data controller). You can recognize an encrypted connection by the string “https://” and the lock symbol in your browser line.

1 Data controller

​​This Website is operated by Study Access Alliance gGmbH, Ridlerstraße 57, DE-80339 Munich („Access Alliance“). Study Access Alliance is the data controller for the processing of your personal data.


Study Access Alliance processes your personal data on a subject-related basis in joint controllership with other companies belonging to the same group of companies, the IU Group, as explained below (all with their registered office at Mülheimer Straße 38, 53604 Bad Honnef, Germany, unless otherwise stated; IU group companies are referred to as “IU Group”)). Activities in connection with the operation of the IU International University are carried out in joint controllership with IU Internationale Hochschule GmbH, Juri-Gagarin-Ring 152, 99084 Erfurt (“IU”). For central services within the Group, such as controlling, accounting and personnel administration, office, process and quality management, purchasing and sales, as well as other services, the aforementioned companies receive support of IU Corporate Services GmbH, which is jointly responsible for data processing; IU IT Services GmbH, Ridlerstr. 57, c/o IU Group NV, 80339 Munich, with regard to the provision of the operational IT infrastructure including hardware and software, telecommunication and electronic communication; IU Examination Service GmbH for services in the field of examination supervision; IU Marketing Service GmbH as well as IU Sales Services GmbH, Ridlerstr. 57, c/o IU Group NV, 80339 Munich, for services in the area of marketing and sales (this also includes marketing via this website and the operation of the applicant portal for students); IU Commercial 1 GmbH for the management of the online campus and IU Commercial 2 GmbH for the management of the campus locations and with regard to the campus programs; IU Student Services GmbH together with the respective GmbH that exists for the respective location and is named after its city name, e.g. IU Dortmund GmbH or IU Bonn GmbH, for the support of prospective students and students, in particular student advising.

IU Group has appointed Dr. Annette Demmel, SPB DPO Services GmbH, An der Buche 4, 13465 Berlin, annette.demmel@spb-dpo-services.com, as the data protection officer for the aforementioned IU companies; Study Access Alliance excluded.

You can contact Study Access Alliance and IU Group either in writing or per email at datenschutz@iu.org.

2 Data collection when visiting the website

​When using our Website for informational purposes only, i.e. if you do not register or otherwise transmit information to us, we only collect data that your browser transmits to our server (so-called „Server Log Files“). When you access our Website, we collect the following data, which is technically necessary in order to display the Website for you:

The processing takes place in accordance with Art.6(1)(b) of the General Data Protection Regulation (“GDPR”) on the basis of your use of our Website and our interest in improving the stability and functionality of our Website in accordance with Art.6(1)(f) GDPR.

We process your data in order to provide you with a functional website, retain the data for the duration specified by us for this purpose and delete your data thereafter.

Only employees of Study Access Alliance and IU Group who are responsible for maintaining the Website receive access to your personal data.

We use third-party services on our Website. Further information about these services and the related data processing is found in this Privacy Policy or the cookie settings.

3 Cookies

​Depending on your browser settings and whether you have given us your consent, cookies may be used when you visit this Website in order to extend the functionality of the Website and make it more convenient for you to use. Cookies are small text files that are stored on your computer. Most of the cookies used are deleted from your hard drive at the end of the browser session („Session Cookies”). In addition, we use so-called permanent cookies („Persistent Cookies”), which remain on your device in order to recognize you the next time you visit the Website. If cookies are used, they collect and process to an individual extent certain user information such as browser and location data, IP address values and as described in the Server Log Files. Persistent cookies are automatically deleted after a specified period of time, which may differ depending on the cookie.

An overview of the cookies used and the duration of the respective cookie storage can be found in the cookie settings in our Cookie Consent Tool.

If personal data is also processed through individual cookies used by us, the processing takes place in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in improving the stability and functionality of our Website (so-called „Necessary Cookies”) or in accordance with Art. 6(1)(a) GDPR on the basis of your consent for all other cookies (marketing and analysis cookies).

Please note that you can configure your browser in such a way that you are informed about the use of cookies and can decide individually whether to accept or to refuse to accept them in certain cases or in general. Each browser differs in the way it manages cookie settings. Cookie settings are described in the help menu of each browser, which explains how you can change your cookie settings.

Please note that if you do not accept cookies, the functionality of our Website may be limited.

4 Cookie Consent Tool

​​This website uses a so-called cookie consent tool of Usercentrics GmbH, Rosental 4, 80331 Munich, Germany (the „Cookie Consent Tool“) to obtain consent to the use of cookies and cookie-based applications that require consent.

By integrating a corresponding JavaScript code, users are shown a banner when they access our Website, in which consent for certain cookies and/or cookie-based applications can be given by ticking the appropriate box.

The Cookie Consent Tool blocks the use of all cookies requiring consent until the respective user grants the corresponding consent by ticking the appropriate box. This ensures that cookies of this type are only placed on the user’s device if consent has been granted.

In order for the Cookie Consent Tool to be able to clearly assign page views to individual users and to individually record, log and store the consent settings chosen by the user for a session duration, certain user information, as described in the Server Log Files and including the IP address, is collected by the Cookie Consent Tool when our Website is accessed, transmitted to servers of the Cookie Consent Tool and stored there. For further details, please refer to the information provided in each case in the Cookie Consent Tool.

The data processing carried out by the Cookie Consent Tool takes place in accordance with Art. 6(1)(f) GDPR on the basis of our legitimate interest in a legally compliant, user-specific and user-friendly consent management for cookies and thus our legitimate interest in our Website being lawfully designed.

We have concluded a data processing agreement with Usercentrics GmbH, which obligates Usercentrics GmbH to protect the data of visitors to our Website and to refrain from disclosing such data to third parties.

We process your data for this purpose for the duration of your session and delete your data thereafter, unless you have given your consent to the use of cookies, in which case we process your data for the duration specified for each cookie.

For further information on the use of data by Usercentrics GmbH, please refer to Usercentrics’ Privacy Policy at https://usercentrics.com/privacy-policy/.

5 Contact (e.g. by email)

​​If you contact us by e-mail, we process the information necessary to answer your contact requrest, e.g. your e-mail address, the information you provide and the date and time of the contact. If you also provide us with your name and other personal data, we also process these.

If you conduct an online meeting with us, we additionally process your name displayed, if applicable your profile picture, preferred language, date, time, meeting ID, if applicable your phone number, as well as exchanged texts, audio and video data. To handle our communications, we use Microsoft 365, Microsoft Teams, both services are provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA (“Microsoft”) and Zoom Video Communications, Inc., 55 Almaden Boulevard, Suite 600, San Jose, CA 95113, USA („Zoom“).


The legal basis for this processing is Art. 6 (1)(b) GDPR. We process your data in order to respond to your inquiry. Your personal data will be retained in each case for the period determined by us in order to perform the task and will be deleted thereafter. This is based on the retention periods under commercial and tax law.  Only employees of Access Alliance and IU Group who are responsible for responding to contact requests will receive access to your personal data.


We have concluded data processing agreements with Microsoft and Zoom based on the EU Standard Contractual Clauses. You can access the EU Standard Contractual Clauses at https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX:32021D0914&locale=en. For more information on data processing by Microsoft, please visit https://privacy.microsoft.com/de-de/privacystatement and for Zoom https://explore.zoom.us/en/privacy/.

6 Web Analysis Services

​Our website uses analysis services in order to collect information about our website, provided you have consented to the setting of the corresponding cookies. The data obtained with the help of these analysis services, such as the location of the visitors or their length of stay on our website, gives us information about visitor behaviour on our website. With the help of this data, we can not only eliminate website issues, but also improve the efficiency of our website. Further information on the analysis services used on our website can be found below. For information on the processing of personal data by the cookies set for this purpose, such as the storage duration of the cookies, please refer to our cookie settings.

6.1 Google Analytics and Google Signals

​We use Google Analytics to get an overview of the behaviour of website visitors, and gain insights regarding our digital marketing efforts. Google Analytics allows us to collect and evaluate the data specifically relevant to us, for example how far down a webpage was scrolled, which button was clicked, etc. Google Analytics also helps us, for example, understand user demographic characteristics such as age, gender and interests, geographic characteristics such as language and location, as well as technical characteristics such as device type, browser and operating system. With the help of this data we can not only optimise our website, but can also recognise how the respective user sessions ended (e.g. simple website visit, request for information material, application for studies). Google Analytics also helps us recognise which webpage a user is accessing and via which channel the users come to our website from (e.g. via a paid or unpaid ad, a Google search, a Facebook post or direct access to the website). With the help of this information, we can identify which marketing channels are working and which are not. Google Analytics also allows us to recognise user paths, i.e. where users are moving on our website, whether they are going back to the start page and how many users access our website. With the help of this information, we can, for example, recognise whether the jumping off of a large number of users is due to a technical defect in the website. The above data gives us a good overview of our website and how it is used. Even if we collect user data, we cannot draw any conclusions about your identity from this data, as we receive reports from Google Analytics that are based on aggregated data sets.

Since we have also activated the Google Signals service offered by Google, i.e. so-called cross-device tracking, your data is analyzed across devices. Google can thus recognize whether you visit our website first via a smartphone and later via a laptop. We ourselves only receive reports with anonymous data from which we can recognize patterns in user behavior. Google Signals is active if you have a Google account and are logged into it when you visit our website. Furthermore, you must have agreed to “personalized advertising” with Google. If you do not want cross-device tracking, you must deactivate “personalized advertising” in your Google account. Google Signals allows us to launch cross-device remarketing campaigns. This means that we also show you our advertising on third-party websites.


Information on the provider, the cookies set, the legal basis for cookie collection, international data transfers and storage times of the cookies can be found in our cookie settings.

7 Google Tag Manager

​​This website uses Google Tag Manager („GTM”), a service provided by Google Ireland Ltd. („Google”), with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland. Through the use of GTM, tags such as code snippets or pixels are used on our own Website by means of a so-called container, which inserts a kind of placeholder into the source code and in which the tools that are to be used are stored without us having to interfere with the source code of our Website. Using GTM, tools can be used on our own Website without having to include each of them in the source code. Instead, only the code of GTM has to be included, and then GTM can be used as a central place to launch or disable the desired tools.

GTM works on the Website when a defined user behavior triggers a tag (i.e. a pixel tag, web beacon, or html code) for the tool. GTM collects the relevant data for the built-in tool and forwards it to the tool. Information about the tools used on our Website that are loaded via GTM can be found here. In this context, not only are the data categories described for the respective tools transferred to the respective tool providers; Google Ireland Ltd. also receives information about your usage behavior on our Website. Since a large number of the tool providers are located in countries outside the EU, please refer to the description of the respective tools if you would like to receive information on the transfer mechanisms agreed with us. We have also entered into a data processing agreement with Google Ireland Ltd., which incorporates the EU standard contractual clauses. The main content of this agreement is available for review here: https://policies.google.com/privacy/frameworks?hl=en.

We us GTM to deploy not only statistical tools but also marketing tools. Accordingly, GTM is a statistics and marketing tool, and the use of GTM is based on your consent in accordance with Art. 6(1)(a) GDPR, which you may withdraw at any time with effect for the future by sending an email to datenschutz@iu.org.

8 Rights of data subject

​You can contact us in writing or per email at datenschutz@iu.org in order to exercise the following rights:

You also have the right to lodge a complaint with a supervisory authority with regard to the processing of your personal data. To exercise this right, you can contact the authority responsible for your place of residence or for the location of the IU Group in Thuringia:

Der Thüringer Landesbeauftragte für den Datenschutz, Häßlerstraße 8, 99096 Erfurt.

9 Automated decision-making and profiling

​Except for the services described in the context of Google Analytics and Google Signals, your personal data will not be used by us for automated decision-making.

When visiting our Website, we place cookies from various providers, provided you have given your consent in this regard. By means of the cookies that you have allowed in each case, data is generated as described in the Server Log Files. This data is consolidated and combined with the help of a Google solution. For this purpose, we have concluded a data processing agreement with Google, with its registered office at Gordon House, Barrow Street, Dublin 4, Ireland, which incorporates the EU standard contractual clauses. If we receive information about you through our Website, for example, because you ask us to send you informational materials or contact us, then we store your data and combine it with the data generated by cookies. In addition, we receive reports from Google Analytics with data that we also combine with your data. For further information, please refer to the section on Google Analytics.

With the help of your consent regarding the data generated via our website, we store it in a CRM solution. We analyze the data to determine whether you are only interested in a course of study offered by us or whether you have also applied, and we add the relevant information to your data record. We store this profile created about you in a salesforce solution provided by Salesforce, with its registered office at Floor 26 Salesforce Tower, 110 Bishopsgate EC2N 4AY London, England.

The legal basis for this data processing is your consent in accordance with Art. 6(1)(a) GDPR, which you can withdraw at any time with effect for the future by contacting datenschutz@iu.org.

10 Why do we collect your personal data? ​​You may choose not to provide us with your personal data or choose to provide incomplete data. In such a case, for example, if you prevent the storage of a cookie, you may not be able to use all the functionalities of the Website.

Status: June 2023