Name and address of the controller

Technical University of Darmstadt
Karolinenplatz 5
64289 Darmstadt

Tel. +49 06151 / 16-01
Internet: www.tu-darmstadt.de

In case of questions or complaints regarding data protection, please contact the data protection officers of Technical University of Darmstadt.

Contact details of the data protection officers

Technical University of Darmstadt

The Data Protection Officers
Karolinenplatz 5
64289 Darmstadt

www.tu-darmstadt.de/datenschutz

Rights and options for lodging complaints

You have the right to lodge a complaint with the respective supervisory authority in case of data protection issues.

Contact address of supervisory authority responsible for Technical University of Darmstadt:

Der Hessische Beauftragte für Datenschutz und Informationsfreiheit (Hessian Commissioner for Data Protection and Freedom of Information)
Postfach 3163
65021 Wiesbaden

E-Mail to HDSB (Link to contact form of the Hessian data protection commissioner)

Tel.: +49 611 1408 – 0
Fax: +49 611 1408 – 611

You have the following rights against Technical University of Darmstadt regarding your stored personal data:

• Right of access,
• Right to rectification or erasure,
• Right to restriction of processing,
• Right to withdraw your consent,
• Right to object to processing,
• Right to data portability in a structured, commonly used and machine-readable format (as of 25 May 2018).

Nature of the personal data collected, purpose and legal basis for the processing, deletion periods

Handling personal data

Personal data means any information relating to a natural person with which it can be identified directly or indirectly. In particular, this refers to a person’s name, email address, employee and staff registration code, student registration number or telephone number. However, personal data also refers to data such as interests, hobbies, memberships or information regarding websites visited.

We will only collect, use and transfer personal data if this is permitted by law or if the website users have agreed to the collection of their data.

For more information about how personal data of students and doctoral candidates is used, follow this link:
www.tu-darmstadt.de/datenschutz

Data of employees and staff at Technical University of Darmstadt is collected and processed for purposes regarding personnel management, teaching, research and examination tasks based on the HHG [Universities and Higher Education Act of the State of Hesse], the HImmaVO [Hessian provision regarding university registration], regulations regarding civil servants and public employees.

Handling application data for employment

Personal data of applicants are collected and processed to properly conduct and complete an application procedure based on finding the most suitable applicant and the possibly ensuing employment. Processing this data is based on the General Data Protection Regulation (GDPR) and the Hessisches Datenschutz- und Informationsfreiheitsgesetz (HDSIG [Hessian Data Protection and Freedom of Information Act]).

The collected application data will be saved for as long as necessary subject to relevant retention periods for completing certain tasks and, if necessary, also for meeting documentation duties. Every six months at the latest any transferred / provided data will be deleted if the application does not result in employment.

Recipients of personal data (Art. 4 no. 9 GDPR)

Application data is transferred to:

- The department, the directorate, the services or unit where the applicant has applied for employment,

- The Directorate of Human Resources and Legal Affairs (Dir. VII),

- The staff council, the gender equality officer and as necessary the representative body for severely disabled persons and/or the representative body for youth and trainees to observe respective participation rights.

Access data / server log files

When accessing pages of this webserver, the following data will generally be saved in server log files:

• IP address
• Date and time
• Type of client browser
• URL of accessed webpage
• Possibly an error message referring to a present error
• Possibly the enquiring provider

This data is only used to ensure functionality, security and error rectification. This use is based on Art. 6 Sec. 1 c) EU GDPR.

All log files will be automatically deleted 10 days later at the very latest or will be anonymised.

Contacting

In order to contact members of Technische Universität Darmstadt (for example, by contact form or e-mail), your details will be stored for the purpose of processing the request and in case of follow-up questions. After processing your request or after fulfilling the legal obligation or the service used, the data will be erased, unless the storage of the data is required for the purpose of realising legitimate interests of the Technische Universität Darmstadt or on the basis of a statutory provision (for example, a law, a regulation, the bylaws of the Technische Universität, etc.).

Cookies are small files which make it possible to save specific, device-related information on your access device (PC, smartphone etc.). They make websites more user-friendly (by saving login data etc.). You can influence how cookies will be used on your device. In most browsers, you can opt for restricting the cookies to be saved or you can completely prevent their saving. However, the range of use and the comfort of use of webpages may be limited if cookies are not enabled. To use webpages that are secured by a login, cookies are imperative. They determine access authorisation and will be deleted when the session is closed.

Access-protected websites and user-based services

In addition to the data mentioned above, the user name or an identifier for controlling the authorisation of data access will be collected. This data will either be deleted or anonymised 10 days later at the latest, unless retaining this data is required to realise legitimate interests of Technical University of Darmstadt or to meet a legal provision (such as a law, a statutory provision, the statutes of Technical University of Darmstadt etc.).

For all services not falling under these requirements, declarations of consent will be requested explicitly. Deletion takes place according to the requirement of the service used. The time limits for erasure is clearly defined in the records of processing activities. The legal basis is Art. 6 Sec. 1a) EU GDPR.

Integration of third-party services

On some of the webpages of our web presence, third-party contents (such as videos on YouTube, external maps, RSS feeds, graphics etc.) from other websites are made available. This always assumes that the content providers (in the following referred to as “Third-party Provider”) recognise your IP address. Without IP address, these Third-party Providers would not be able to send contents to your browser. The IP address is consequently required for content presentation. We endeavour to use only such contents from providers who just use the IP address to deliver their contents. However, we have no influence on the further use of your data (in case Third-party Providers safe contents for statistical purposes).

Analytics services

For analytics purposes, TU Darmstadt uses Matomo (formerly Piwik), an open-source statistical software. How you use this website is only analysed in an anonymised form to compile reports regarding website activities for the website owner and to offer and render additional services connected to using the website and the Internet as well as to improve the web content.

The data collected by Piwik/Matomo is saved on servers of Technical University of Darmstadt and will not be passed on to third parties under any circumstances. The IP address is being anonymised immediately after processing and prior to saving it with the last two tuples of the IP address not being saved at all. Piwik/Matomo use so-called “cookies”, i.e. text files that are saved on your computer for analysing how you use the websites.

You can prevent the saving of these cookies by modifying the respective settings in your browser software. If your browser supports do-not-track technology and you activated it, your visit will be automatically ignored.

Only on webpages indicating the “website analytics: more information” link in the footer, data on how you use it will be gathered by Piwik/Matomo. There you can deactivate data analysis by enabling the respective deactivation cookie.

Events

When registering for events at TU Darmstadt, your title, name, postal address, email address and possibly company name will be collected. When the event is chargeable, your payment data will be collected also. This data needs to be provided by you explicitly for processing and is required according to Art. 6 Sec. 1 cl. 1 lit. b GDPR to carry out the event (and for invoicing, if necessary). Once the above-mentioned purpose has been satisfied, your data will be deleted, unless retaining this data is required to realise legitimate interests of Technical University of Darmstadt or to meet a legal provision (such as a law, a statutory provision, the statutes of Technical University of Darmstadt etc.).

Newsletter

Provided you have explicitly subscribed to an email mailing list according to Art. 6 Sec. 1 cl. 1 lit. a GDPR, we will use your email address to regularly send you our newsletter. To this end, we will collect your name, your email address and, if necessary, your preferred fields of interest.

You can unsubscribe from this mailing list at any time.

Once you have unsubscribed, your data will be deleted, unless retaining this data is required to realise legitimate interests of Technical University of Darmstadt or to meet a legal provision (such as a law, a statutory provision, the statutes of Technical University of Darmstadt etc.).

Additional information

You will find additional information for students and applicants on the webpage of our data protection officer.