DATA PROTECTION
In the context of the use of this website, personal data of you will be processed by us as the data controller and stored for the period necessary to fulfill the specified purposes and legal obligations. In the following, we will inform you about what data is involved, how it is processed and what rights you have in this regard.
Personal data is, according to Art. 4 No. 1 of the General Data Protection Regulation (DSGVO), any information relating to an identified or identifiable natural person.
Name and contact details of the controller
University of Passau
Bavarian research association ForDaySec
c/o Chair Katzenbeisser
Inn road 43
94032 Passau
E-mail: fordaysec@uni-passau.de
Phone: +49 851-509-6043
Hosting
Leibniz Computing Center (LRZ)
of the Bavarian Academy of Sciences and Humanities
Boltzmannstraße 1
D-85748 Garching near Munich
Data Protection Officer of the University of Passau
Johannes Nehlsen
datenschutz@uni-passau.de
Further information on the data protection officer and data protection at the University of Passau can be found here: https://www.uni-passau.de/datenschutzerklaerung/
Data subject rights according to Art. 15 f. DSGVO
Insofar as we process personal data from you, you as the data subject are entitled to the following rights pursuant to Art. 15 et seq. DSGVO:
- You have the right to information about the data stored about you and related information (Art. 15 DSGVO). This right to information may be restricted or excluded in certain cases (compare in particular Art. 10 BayDSG)
- If personal data is processed incorrectly or incompletely, you have the right to have it corrected and, if necessary, completed (Art. 16 DSGVO).
- If the legal requirements are met, you may request the deletion of your personal data (Art. 17 DSGVO) or restriction of the processing of such data (Art. 18 DSGVO). The right to deletion according to Art. 17 para. 1 and 2 GDPR does not exist, however, if the processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority (Article 17(3)(b) GDPR).
- If you have consented to the processing or if there is a contract for data processing and the data processing is carried out with the help of automated procedures, you may have a right to data portability (Art. 20 DSGVO).
- You have the right to complain about the processing of your personal data to a supervisory authority within the meaning of Art. 51 DSGVO. The competent supervisory authority for Bavarian public bodies is the Bavarian State Commissioner for Data Protection, Wagmüllerstraße 18, 80538 Munich. Telephone: 089 212672-0; fax: 089 212672-50; e-mail: poststelle@datenschutz-bayern.de; Internet: https: //www.datenschutz-bayern.de/. In addition to the right of appeal, they may also seek a judicial remedy.
Right of withdrawal
If you have consented to the processing and the processing is based on this consent, you can revoke the consent at any time for the future. The legality of the data processing carried out on the basis of the consent up to the revocation is not affected by this.
Right of objection
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you (Art. 21 DSGVO).”
1. details of the data processed
a) When visiting the website
The use of our website is usually possible without providing personal data. No data concerning your identity (for example, name, address or e-mail address) is collected on our pages. The browser used on your terminal device only automatically sends information to the server of our website (e.g. browser type and version, date and time of access) to enable the website to establish a connection. This also includes the IP address of your requesting terminal device. This is temporarily stored in a so-called log file and automatically deleted after 4 days.
The IP address is processed for technical and administrative purposes of connection establishment and stability, to ensure the security and functionality of our website and to be able to pursue any illegal attacks on it if necessary.
The legal basis for the processing of the IP address is Art. 6 para. 1 p. 1 lit. e GDPR. Our legitimate interest follows from the aforementioned security interest and the necessity of a trouble-free provision of our website. We cannot draw any direct conclusions about your identity from the processing of the IP address and other information in the log file. In addition, we use cookies and analysis services when you visit our website. For more detailed explanations, please refer to sections 4 and 5 of this privacy policy.
The website is hosted at the Leibnitz Computing Center in Munich.
b) When registering for events
We regularly offer events of various kinds through our website, for which you can register online. As part of the registration for an event, some mandatory information must be provided. This includes, for example, first and last name and e-mail address. Any additional mandatory information is marked as such (e.g. by *). In addition, further information can often be provided voluntarily. The processing of the mandatory data takes place in order to be able to identify the interested parties as participants in the event, as well as to process the contract for participation and to provide the participants with information about the event before, during and after the event. Providing the voluntary data allows us to plan and conduct the event in a way that is appropriate to your interests and age. The data processing is carried out at the request of the interested participants and is in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO for the aforementioned purposes for the fulfillment of the participant contract and the pre-contractual measures required.
2. data transmission
We would like to point out that data transmission on the Internet (e.g. when using a link to an external blog or Twitter page) can have security gaps. Complete protection of the data against access by third parties is not possible. The use of contact data published within the framework of the imprint obligation by third parties for the purpose of sending unsolicited advertising and information materials is hereby expressly prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.
3. use of cookies
We use so-called cookies on our site to recognize multiple use of our offer by the same user/Internet connection owner. Cookies are small text files that your Internet browser places and stores on your computer. They serve to optimize our Internet presence and our offers. These are mostly so-called “session cookies”, which are deleted after the end of your visit. However, in some cases, these cookies provide information to automatically recognize you. This recognition is based on the IP address stored in the cookies. The information obtained in this way is used to optimize our offers and to provide you with easier access to our site. You can prevent the storage of cookies by selecting the appropriate settings on your browser software. However, we would like to point out that in this case you may not be able to use all functions of this website to their full extent.
4. obligation to delete
You may request us to delete the personal data concerning you without delay. We are obliged to delete this data immediately if one of the following reasons applies:
The personal data concerning you are no longer necessary for the purposes for which they were collected or otherwise processed. You revoke your consent on which the processing is based according to. Art. 6 par. 1 lit. a or Art. 9 para. 2 lit. a GDPR and there is no other legal basis for the processing.
They lay out acc. Art. 21 par. 1 DSGVO and there are no overriding legitimate grounds for the processing or you object to the processing pursuant to Art. Art. 21 par. 2 DSGVO to object to the processing.
The personal data concerning you have been processed unlawfully.
The deletion of the personal data concerning you is necessary for compliance with a legal obligation under Union or Member State law to which the controller is subject.