Privacy policy

In the course of using our web­site, your per­so­nal data (her­ein­af­ter only »data«) will be pro­ces­sed. The data may include, for exam­ple, your name, address, e‑mail address, and other per­so­nal infor­ma­tion. In this con­text, pro­ces­sing is basi­cally any way of hand­ling this data.

In the fol­lo­wing you will find infor­ma­tion about the pro­ces­sing of your data by the 
TUDAG TU Dres­den Aktiengesellschaft
 on the basis of the pro­vi­si­ons of the Gene­ral Data Pro­tec­tion Regu­la­tion (GDPR) and the appli­ca­ble fede­ral and state data pro­tec­tion laws.

  1. Gene­ral information
  2. Infor­ma­tion on data pro­ces­sing on this website
  3. Infor­ma­tion on data pro­ces­sing during communication
  4. Infor­ma­tion on data pro­ces­sing in con­nec­tion with applications

A) General information

Responsible entity

Respon­si­ble for data pro­ces­sing in the sense of data pro­tec­tion law is:

TUDAG TU Dres­den Aktiengesellschaft
Frei­ber­ger Str. 37
01067 Dres­den | Germany

T +49 351 40470–170
F +49 351 40470–310

@ info@tudag.de

Data Protection Officer

If you have any ques­ti­ons regar­ding data pro­tec­tion, please also feel free to cont­act our data pro­tec­tion offi­cer at:

DID DRESDNER INSTITUT FÜR DATENSCHUTZ
Stif­tung bür­ger­li­chen Rechts | Stif­tungs­re­gis­ter LD Dresden
Repre­sen­ted by the the mem­ber of the board Prof. Dr. Ralph Wagner

Hos­pi­tal­straße 4 | 01097 Dres­den | Germany
Phone: +49 351 – 655 772 – 0
Tele­fax: +49 351 – 655 772 – 22
E‑mail: datenschutz@tudag.de | Inter­net: www.dids.de

Your rights as a data subject

As a data sub­ject, you have the fol­lo­wing rights regar­ding your per­so­nal data.
You have:

  • A right to infor­ma­tion about, among other things, the cate­go­ries of data pro­ces­sed, the pro­ces­sing pur­po­ses, the sto­rage period and any reci­pi­ents, in accordance with Art. 15 DSGVO and §34 BDSG.
  • A right to cor­rec­tion or dele­tion of incor­rect or incom­plete data, in accordance with Art. 16 and 17 DSGVO and §35 BDSG.
  • Under the con­di­ti­ons of Art. 18 DSGVO or §35 para. 1 p. 2 BDSG a right to rest­ric­tion of processing.
  • A right to object to pro­ces­sing pur­su­ant to Art. 21 para. 1 DSGVO, inso­far as the data pro­ces­sing was based on a legi­ti­mate interest.
  • A right to revoke a given con­sent with effect for the future pur­su­ant to Art. 7 para. 3 GDPR.
  • A right to data por­ta­bi­lity in a com­mon for­mat in accordance with Art. 20 DSGVO.
  • In accordance with Article 22 of the GDPR, you have the right not to be sub­ject to a decis­ion based solely on auto­ma­ted pro­ces­sing which pro­du­ces legal effects con­cer­ning you or simi­larly signi­fi­cantly affects you. This also includes pro­fil­ing within the mea­ning of Art. 4 No. 4 DSGVO.
  • You also have the right to lodge a com­plaint about the pro­ces­sing of your per­so­nal data by us with a data pro­tec­tion super­vi­sory aut­ho­rity, in par­ti­cu­lar in the Mem­ber State of your habi­tual resi­dence, your place of work or the place of the alle­ged inf­rin­ge­ment, in accordance with Article 77 DSGVO.

Procedure for asserting data subject rights

If you wish to exer­cise your rights under the GDPR and the BDSG, the data you pro­vide will be pro­ces­sed in order to ful­fill your claim. Sub­se­quently, the data trans­mit­ted by you and the data trans­mit­ted to you in return will be stored for the pur­pose of docu­men­ta­tion until the expiry of the limi­ta­tion period (3 years). The legal basis for the sto­rage of the data is Art. 6 para. 1 p. 1 let­ter f) DSGVO (legi­ti­mate inte­rest in data pro­ces­sing). The legi­ti­mate inte­rest ari­ses from our obli­ga­tion to com­ply with your request and the need to be able to exo­ne­rate our­sel­ves in pos­si­ble fine pro­cee­dings by pro­ving that we have pro­perly com­plied with your request.

Data transfer to third countries outside the EU

All infor­ma­tion we receive from you or about you is gene­rally pro­ces­sed on ser­vers within the Euro­pean Union. Your data will only be trans­fer­red to or pro­ces­sed in third count­ries wit­hout your express con­sent if this is pro­vi­ded for or per­mit­ted by law and an appro­priate level of data pro­tec­tion is ensu­red in the third country.

Disclosure of data, order processing

Your per­so­nal data will not be dis­c­lo­sed to third par­ties wit­hout aut­ho­riza­tion. Data may be dis­c­lo­sed if dis­clo­sure is neces­sary to ful­fill legal obli­ga­ti­ons or if dis­clo­sure is requi­red by law or by offi­cial or court orders. This may involve, in par­ti­cu­lar, the pro­vi­sion of infor­ma­tion for law enforce­ment pur­po­ses, for the pre­ven­tion of dan­ger or for the enforce­ment of intellec­tual pro­perty rights.

Under cer­tain cir­cum­s­tances, your data may also be trans­fer­red to exter­nal ser­vice pro­vi­ders who pro­cess data on our behalf and accor­ding to our ins­truc­tions (pro­ces­sors) in order to sim­plify or reli­eve our own data pro­ces­sing. Each pro­ces­sor is bound by a con­tract in accordance with Article 28 of the GDPR. This means, in par­ti­cu­lar, that the pro­ces­sor must pro­vide suf­fi­ci­ent gua­ran­tees that appro­priate tech­ni­cal and orga­niza­tio­nal mea­su­res are imple­men­ted by the pro­ces­sor in such a way that the pro­ces­sing is car­ried out in accordance with the requi­re­ments of the GDPR and the pro­tec­tion of your rights as a data sub­ject is ensu­red. Despite the com­mis­sio­ning of pro­ces­sors, we remain the respon­si­ble party for the pro­ces­sing of your per­so­nal data within the mea­ning of the data pro­tec­tion laws.

Infor­ma­tion on the spe­ci­fic pro­ces­sors used can be found below under the rele­vant data processing.

B) Information on data processing on this website

E Mail contact

At various points on the web­site, it is pos­si­ble to cont­act us via the e‑mail address pro­vi­ded. The per­so­nal data trans­mit­ted, in par­ti­cu­lar the e‑mail address its­elf, is stored. This data is not pas­sed on to third par­ties. The data will be used exclu­si­vely for the pro­ces­sing of the request. The legal basis for the pro­ces­sing of the data is Art. 6 (1) sen­tence 1 f DSGVO. The legi­ti­mate inte­rest in pro­ces­sing the data lies in the imple­men­ta­tion of the cont­act. The data will be dele­ted after the pur­pose cea­ses to exist or the com­mu­ni­ca­tion is ter­mi­na­ted. If a con­trac­tual pro­cess takes place in the course of the com­mu­ni­ca­tion, the pro­ces­sed data will be dele­ted after expiry of the reten­tion peri­ods pro­vi­ded for this purpose.

IT Security/​Log Files

Every time this web­site is cal­led up and every time data is retrie­ved from a ser­ver, gene­ral infor­ma­tion is auto­ma­ti­cally trans­mit­ted to the ser­ver pro­vi­ding the data. This data trans­fer is auto­ma­tic and is a fun­da­men­tal part of com­mu­ni­ca­tion bet­ween devices on the Internet.
The data trans­mit­ted by default includes the fol­lo­wing infor­ma­tion: Your IP address, pro­duct and ver­sion infor­ma­tion about the brow­ser and ope­ra­ting sys­tem used (so-cal­led user agent), the web­site from which your access took place (so-cal­led refe­rer), date and time of the request (so-cal­led timestamp). In addi­tion, the http sta­tus and the amount of data trans­fer­red are recor­ded as part of this request.

This infor­ma­tion is log­ged by the ser­ver, stored in a table and saved there for a short time (so-cal­led ser­ver log files). By ana­ly­zing these log files, we can detect and sub­se­quently eli­mi­nate web­site errors, deter­mine the web­site’s load at cer­tain times and make adjus­t­ments or impro­ve­ments based on this, and ensure the ser­ver’s secu­rity by being able to track from which IP address attacks were car­ried out on our server.

Your IP address is only stored for the time of your use of the web­site and is then imme­dia­tely dele­ted or made par­ti­ally unre­co­gnizable by shor­tening it. The remai­ning data is stored for a limi­ted period of time (usually 7 days).
The legal basis for the use of ser­ver log files is Art. 6 para. 1 p. 1 let­ter f) DSGVO (legi­ti­mate inte­rest in data pro­ces­sing). The legi­ti­mate inte­rest ari­ses from the need for the ope­ra­tion and main­ten­ance of our web­site, as we have explai­ned above.

Web fonts

Gra­phi­cal sym­bols and icons on our web­site are pro­vi­ded by the Fon­tA­we­some web ser­vice (Fon­tA­we­some, Inc.; 307 S Main St, Ben­ton­ville, Arkan­sas 72712, US). The reason for this is our legi­ti­mate inte­rest in the tech­ni­cally fea­si­ble, bar­rier-free and device-inde­pen­dent dis­play of icons and sym­bols on this web­site. For this pur­pose, when you access this web­site, your IP address is trans­mit­ted to the web inter­face of the ser­vice for the pur­pose of deli­ve­ring the gra­phi­cal ele­ments. You can find Fon­tA­we­so­me’s pri­vacy infor­ma­tion here. We are curr­ently working on con­ver­ting this func­tion­a­lity so that inte­gra­tion via Fon­tA­we­so­me’s web ser­vice is no lon­ger necessary.

Processor

In order to run and deve­lop our web­site we have con­trac­ted a hos­ting pro­vi­der and a design company.

C) Information on data processing during communication

If you wish to com­mu­ni­cate with us by e‑mail, we will pro­cess these e‑mails and any per­so­nal data con­tai­ned the­r­ein on the ser­ver of our mail hos­ting provider.

Depen­ding on the con­tent of the com­mu­ni­ca­tion, the pur­po­ses and legal bases of the data pro­ces­sing may be

  • the initia­tion or ful­fill­ment of a con­tract (Art. 6 para. 1 b) DSGVO)
  • the ful­fill­ment of legal sto­rage obli­ga­ti­ons (Art. 6 para. 1 c) DSGVO)
  • the pro­tec­tion of our legi­ti­mate inte­rests (Art. 6 para. 1 f) DSGVO) or
  • a con­sent (Art. 6 para. 1 a) DSGVO)

be

Processor

We have con­trac­ted a hos­ting pro­vi­der to pro­vide a recei­ving and sen­ding ser­ver for e‑mails.