Privacy Policy

DATA PROTECTION DECLARATION

I.NAME AND ADDRESS OF THE COMPANY RESPONSIBLE

The legal entity responsible in the sense of the General Data Protection Regulation and other national data protection laws in member states as well as further data protection regulations is:
Karlsruhe Institute of Technology
Kaiserstraße 12
76131 Karlsruhe
Germany
Phone: +49 721 608-0
Fax: +49 721 608-44290
E-mail: info@kit.edu

II. DATA PROTECTION OFFICE

Controller according to Art. 4, par. 7 GDPR is the President of KIT, Prof. Dr. Oliver Kraft (Acting President of KIT), Kaiserstrasse 12, 76131 Karlsruhe, Germany, info@kit.edu (see Legals).

Our Data Protection Commissioner can be contacted at datenschutzbeauftragter@kit.edu or by ordinary mail with “Die Datenschutzbeauftragte” (the data protection commissioner) being indicated on the envelope.

SIII. MANDATORY INFORMATION

1. Revocation of your consent to the processing of your data

Many data processing operations are only possible with your express consent. You may revoke your consent at any time with future effect. An informal email making this request is sufficient. The data processed before we receive your request may still be legally processed.

2. Right to file complaints with regulatory authorities

If there has been a breach of data protection legislation, the person affected may file a complaint with the competent regulatory authorities. The competent regulatory authority for matters related to data protection legislation is the data protection officer of the German state in which our company is headquartered. A list of data protectionofficers and their contact details can be found at the following link: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

3. Right to data portability

You have the right to have data which we process based on your consent or in fulfillment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

4. SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as the inquiries you send to us as the site operator. You can recognize an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.

If SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.

5. Information, blocking, deletion

As permitted by law, you have the right to be provided at any time with information free of charge about any of your personal data that is stored as well as its origin, the recipient and the purpose for which it has been processed. You also have the right to have this data corrected, blocked or deleted. You can contact us at any time using the address given in our legal notice if you have further questions on the topic of personal data.

6. Opposition to promotional emails

We hereby expressly prohibit the use of contact data published in the context of website legal notice requirements with regard to sending promotional and informational materials not expressly requested. The website operator reserves the right to take specific legal action if unsolicited advertising material, such as email spam, is received.

IV. GENERAL INFORMATION ABOUT DATA PROCESSING

I. EXTENT OF PERSONAL DATA PROCESSING

In general, we collect and process personal data concerning our users only insofar as it is necessary to provide a functioning website for our contents and service. The collection and use of the personal data concerning our users is reviewed regularly but only with the consent of the user concerned. There is one exception in those cases where it is not possible to obtain prior consent for practical reasons and the processing of the data is allowed by legal regulations.

II. LEGAL BASIS FOR PROCESSING PERSONAL DATA

Art. 6 §1 a) of the EU-Data Protection Basic Regulations (DSGVO) serves as the legal basis for processing personal data insofar as we obtain prior consent from the person concerned for processing personal data concerning them.
Art. 6 §1 b) DSGVO serves as the legal basis when processing personal data necessary to comply with a contract to which the data subject is party. This is also true for the processing necessary for the implementation of pre-contractual measures.
Art. 6 §1 c) DSGVO serves as the legal basis should it be necessary to process person-related data to comply with legal obligations to which our company is subject.
Art. 6 §1 d) DSGVO serves as the legal basis should vital interests of the person concerned or another natural person make person-related processing necessary.
Art. 6 §1 f) DSGVO is to serve as the legal basis for the processing should the processing be necessary for the protection of a legitimate interest of our company or a third party and should the interests, civil rights and fundamental freedoms of the person concerned not outweigh the first mentioned interest.

III. DATA DELETION AND DATA STORAGE

The personal data of the person concerned will be deleted or blocked as soon as the original purpose for storing the data no longer exists. Further storage of the data may be permitted beyond that if provision has been made for this by the European Commission or national legislation in European Union regulations, laws or other requirements to which the responsible service provider is subject. The blocking or erasure of the data also occurs if the retention period covered by one of the standards already mentioned has expired unless necessity for further data storage for concluding or fulfilling a contract exists.

IV. COOKIES

Some of our web pages use cookies. Cookies do not harm your computer and do not contain any viruses. Cookies help make our website more user-friendly, efficient, and secure. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called “session cookies.” They are automatically deleted after your visit. Other cookies remain in your device’s memory until you delete them. These cookies make it possible to recognize your browser when you next visit the site.
You can configure your browser to inform you about the use of cookies so that you can decide on a case-by-case basis whether to accept or reject a cookie. Alternatively, your browser can be configured to automatically accept cookies under certain conditions or to always reject them, or to automatically delete cookies when closing your browser. Disabling cookies may limit the functionality of this website.
Cookies which are necessary to allow electronic communications or to provide certain functions you wish to use (such as the shopping cart) are stored pursuant to Art. 6 paragraph 1, letter f of DSGVO. The website operator has a legitimate interest in the storage of cookies to ensure an optimized service provided free of technical errors. If other cookies (such as those used to analyze your surfing behavior) are also stored, they will be treated separately in this privacy policy.

V. AVAILABILITY OF THE WEBSITE AND CREATION OF LOG FILES

1.DESCRIPTION AND SCOPE OF THE DATA PROCESSING

Every time our internet website is contacted, our system registers the automated data and information of the computer system of the visiting computer.

The following data will be collected on this occasion:
– Information about the type of browser and the version used
– The user’s operating system
– The user’s IP address
– The date and time of access
The data is also stored in the log files of our system. This data is not stored in connection with any other personal data of the user.

2. LEGAL BASIS FOR DATA PROCESSING

The legal basis for temporarily storing the data and the log files is Art. 6 §1 f) DSGVO

3. PURPOSE OF DATA PROCESSING

The temporary storage of the IP address by the system is necessary to allow the website to be delivered to the user’s computer. To do this, the user’s IP address has to be stored for the duration of the session.
The log file storage is to ensure the website functions properly. In addition, the data serves to optimise the website and to ensure the safety of our information technology systems. The data is not evaluated for marketing purposes in this connection.
For these purposes, our interest in processing the data is justified according to Art. 6 §1 f) DSGVO.

4. DURATION OF STORAGE

The data is erased as soon as the purpose for its collection has been achieved and it is no longer needed. As far as collecting the data in order to deliver the website is concerned, this is as soon as the individual session is over.
In the case of data storage in log files, this is the case after 180 days at the latest. Storing the data over and above this period is possible. In this case, the user’s IP addresses are deleted or distorted so that it is no longer possible to assign them to the client visiting the website.

5. POSSIBILITY FOR OBJECTION AND REMOVAL

The collection of data to provide access to the website and the storage of data in log files is mandatory for operating the website. Consequently, the user is not able to appeal against it.

VI. MATOMO

This website uses the open source web analytics service Matomo. Matomo uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before it is stored.

Matomo cookies remain on your device until you delete them.

The storage of Matomo cookies is based on Art. 6 (1) (f) DSGVO. The website operator has a legitimate interest in analyzing user behavior to optimise both its website and its advertising.

The information generated by the cookies about your use of this website will not be disclosed to third parties. You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website.

If you do not agree with the storage and use of your data, you can disable this feature here. In this case, an opt-out cookie will be stored in your browser to prevent Matomo from storing your usage data. If you delete your cookies, this will mean that the opt-out cookie will also be deleted. You will then need to reactivate it when you return to our site if you wish your activity not to be tracked.

Matomo Privacy Policy

VII. E-MAIL CONTACT

  1. DESCRIPTION AND SCOPE OF THE DATA PROCESSING

There is a contact email address on our website which can be used for contacting us electronically, namely rf20@for.kit.edu. If a user takes advantage of this contact email, the entered information will be transmitted to us and stored. In addition the following data is stored when the message is transmitted: the date and time it was sent.
In this context, no data will be passed on to a third party. The data will be only used for the further processing of the mail contact.

2. LEGAL BASIS FOR THE DATA PROCESSING

The legal basis for processing data arising when a message is transmitted to us is Art. 6 §1 f) DSGVO as well as Art. 6 §1 b) DSGVO.

3. REASON FOR THE DATA PROCESSING

Processing personal data concerning you in the e-mail serves solely to contact you and process your enquiry.
The other personal data processed when the e-mail is transmitted only serves to prevent abuse of the contact email and to ensure the safety of our information technology system and this provides the necessary justified interest for the processing of the data.

4.DURATION OF DATA STORAGE

The data is erased as soon as it is no longer needed to achieve the purpose for which it was collected. This is the case for personal data transmitted by e-mail when the contact or e-mail conversation with the user is over.

5.OPTION TO OBJECT AND REMOVE

The user can at any time revoke his consent to processing personal data. If the user contacts us by e-mail, he may at any time object to the storage of personal data concerning him. In such a case it is not possible to continue the e-mail conversation.
Both in this connection as well as for other questions dealing with personal data concerning them, users may contact us at any time under the address given in Paragraph 1 of this declaration or, preferably, they can send a direct message to rf20@for.kit.edu. In this case, all personal data stored during this contact will be erased

VIII. SOCIAL MEDIA

Via our social media pages (Twitter, LinkedIn), we also provide you with extensive personal support and the ability to stay in contact with us. These social media services also collect their own personal data, for example via the profile you created there or via so-called social plug-ins which are implemented in websites of third parties.
If you send us an enquiry using one of these social media, it will be treated confidentially. The data will only be used for answering your question.
To be able to contact us via social media, you have to register yourself with these services. When you do this, the company responsible for the service in question will also collect, store and use personal data. We have no influence on the kind of data, the scope and the processing of this data. The same is also true for pictures/videos uploaded into social media. Please note that the rights for these where applicable are also transferred to the social media services. The details are to be found in the terms of the privacy policy and terms of use of the respective provider.

1. Twitter plugin

Functions of the Twitter service have been integrated into our website and app. These features are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the “Retweet” function, the websites you visit are connected to your Twitter account and made known to other users. In doing so, data will also be transferred to Twitter. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by Twitter. For more information on Twitter’s privacy policy, please go to https://twitter.com/privacy.
Your privacy preferences with Twitter can be modified in your account settings at https://twitter.com/account/settings.

2. LinkedIn plugin

Functions of the LinkedIn service have been integrated into our website and app. These features are offered by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. When you use LinkedIn and its functions, the websites you visit are connected to your LinkedIn account and may be made known to other users. In doing so, data will also be transferred to LinkedIn. We would like to point out that, as the provider of these pages, we have no knowledge of the content of the data transmitted or how it will be used by LinkedIn. For more information on LinkedIn’s privacy policy, please go to https://linkedin.com/privacy-policy.
Your privacy preferences with LinkedIn can be modified in your account settings at https://www.linkedin.com/psettings/.

X. Plugins and Tools: YouTube

Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.
If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.
If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behaviour directly with your personal profile. You can prevent this by logging out of your YouTube account.
YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.
Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.