Privacy Policy

  1. Name and address of the responsible person

 

The responsible party within the meaning of the General Data Protection Regulation and other national data protection laws of the member states as well as other data protection regulations is the:

 

Verfasste Studierendenschaft (VS) of the University of Mannheim.

 

Parkring 39

 

68159 Mannheim

 

Germany

 

Phone: 0621 – 181 3373

 

Fax: 0621 – 181 3371

 

E-Mail: asta[at]uni-mannheim.de

 

  1. Name and address of the data protection officer

 

The data protection officer of the data controller is:

 

Data Protection Officer of the Constituted Student Body of the University of Mannheim.

 

Parkring 39

 

68159 Mannheim

 

Germany

 

E-mail: datenschutz[at]vs-uni-mannheim.de

 

III General Information on Data Processing

 

  1. scope of the processing of personal data

 

As a matter of principle, we process personal data of our users only to the extent that this is necessary for the provision of a functional website as well as our content and services. The processing of personal data of our users is regularly carried out only with the consent of the user. An exception applies in those cases where it is not possible to obtain prior consent for factual reasons and the processing of the data is permitted by legal regulations.

 

  1. legal basis for the processing of personal data

 

Insofar as we obtain consent from the data subject for processing operations involving personal data, Article 6 (1) (a) of the EU General Data Protection Regulation (GDPR) serves as the legal basis.

 

When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) lit. b DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

 

Insofar as processing of personal data is necessary for the fulfillment of a legal obligation to which our company is subject, Art. 6 (1) lit. c DSGVO serves as the legal basis.

 

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) lit. d DSGVO serves as the legal basis.

 

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not override the former interest, Art. 6 (1) lit. f DSGVO serves as the legal basis for the processing.

 

3 Data deletion and storage period

 

The personal data of the data subject will be deleted or blocked as soon as the purpose of storage ceases to apply. Storage may take place beyond this if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the controller is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or performance of a contract.

 

  1. Provision of the website and creation of log files

 

  1. description and scope of data processing

 

Each time our website is called up, our system automatically collects data and information from the computer system of the calling computer.

 

The following data is collected in this process:

 

(1) Information about the browser type and version used.

 

(2) The operating system of the user

 

(3) The user’s Internet service provider

 

(4) The IP address of the user

 

(5)Date and time of access

 

(6)Websites from which the user’s system accesses our website

 

(7)Websites that are accessed by the user’s system via our website

 

This website is hosted on servers of netcup GmbH.  This means that netcup GmbH automatically collects and stores data and information from computer systems of the calling computer each time our website is called up. The data processing is based on a concluded contract for commissioned data processing (ADV contract).

 

The following data is collected:

 

(1) Information about the browser type and version used.

 

(2) The operating system of the user

 

(3) The user’s Internet service provider

 

(4) The IP address of the user

 

(5) Date and time of access

 

(6) Websites from which the user’s system accesses our website

 

(7) Websites that are accessed by the user’s system via our website

 

The privacy policy of netcup GmbH can be viewed here: https://www.netcup.de/kontakt/datenschutzerklaerung.php.

 

 

  1. legal basis for data processing

 

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. GDPR.

 

 

 

  1. purpose of data processing

 

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user’s computer. For this purpose, the user’s IP address must remain stored for the duration of the session.

 

The storage in log files is done to ensure the functionality of the website. In addition, we use the data to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context.

 

These purposes are also our legitimate interest in data processing according to Art. 6 para. 1 lit. f GDPR.

Daten-schutz-hinweise

All data protection information for General Students’ Committee events can be found here.