Privacy policy
In the course of using our website, your personal data (hereinafter only »data«) will be processed. The data may include, for example, your name, address, e‑mail address, and other personal information. In this context, processing is basically any way of handling this data.
In the following you will find information about the processing of your data by the
TUDAG TU Dresden Aktiengesellschaft
on the basis of the provisions of the General Data Protection Regulation (GDPR) and the applicable federal and state data protection laws.
- General information
- Information on data processing on this website
- Information on data processing during communication
- Information on data processing in connection with applications
A) General information
Responsible entity
Responsible for data processing in the sense of data protection law is:
TUDAG TU Dresden Aktiengesellschaft
Freiberger Str. 37
01067 Dresden | Germany
T +49 351 40470–170
F +49 351 40470–310
Data Protection Officer
If you have any questions regarding data protection, please also feel free to contact our data protection officer at:
DID DRESDNER INSTITUT FÜR DATENSCHUTZ
Stiftung bürgerlichen Rechts | Stiftungsregister LD Dresden
Represented by the the member of the board Prof. Dr. Ralph Wagner
Hospitalstraße 4 | 01097 Dresden | Germany
Phone: +49 351 – 655 772 – 0
Telefax: +49 351 – 655 772 – 22
E‑mail: datenschutz@tudag.de | Internet: www.dids.de
Your rights as a data subject
As a data subject, you have the following rights regarding your personal data.
You have:
- A right to information about, among other things, the categories of data processed, the processing purposes, the storage period and any recipients, in accordance with Art. 15 DSGVO and §34 BDSG.
- A right to correction or deletion of incorrect or incomplete data, in accordance with Art. 16 and 17 DSGVO and §35 BDSG.
- Under the conditions of Art. 18 DSGVO or §35 para. 1 p. 2 BDSG a right to restriction of processing.
- A right to object to processing pursuant to Art. 21 para. 1 DSGVO, insofar as the data processing was based on a legitimate interest.
- A right to revoke a given consent with effect for the future pursuant to Art. 7 para. 3 GDPR.
- A right to data portability in a common format in accordance with Art. 20 DSGVO.
- In accordance with Article 22 of the GDPR, you have the right not to be subject to a decision based solely on automated processing which produces legal effects concerning you or similarly significantly affects you. This also includes profiling within the meaning of Art. 4 No. 4 DSGVO.
- You also have the right to lodge a complaint about the processing of your personal data by us with a data protection supervisory authority, in particular in the Member State of your habitual residence, your place of work or the place of the alleged infringement, in accordance with Article 77 DSGVO.
Procedure for asserting data subject rights
If you wish to exercise your rights under the GDPR and the BDSG, the data you provide will be processed in order to fulfill your claim. Subsequently, the data transmitted by you and the data transmitted to you in return will be stored for the purpose of documentation until the expiry of the limitation period (3 years). The legal basis for the storage of the data is Art. 6 para. 1 p. 1 letter f) DSGVO (legitimate interest in data processing). The legitimate interest arises from our obligation to comply with your request and the need to be able to exonerate ourselves in possible fine proceedings by proving that we have properly complied with your request.
Data transfer to third countries outside the EU
All information we receive from you or about you is generally processed on servers within the European Union. Your data will only be transferred to or processed in third countries without your express consent if this is provided for or permitted by law and an appropriate level of data protection is ensured in the third country.
Disclosure of data, order processing
Your personal data will not be disclosed to third parties without authorization. Data may be disclosed if disclosure is necessary to fulfill legal obligations or if disclosure is required by law or by official or court orders. This may involve, in particular, the provision of information for law enforcement purposes, for the prevention of danger or for the enforcement of intellectual property rights.
Under certain circumstances, your data may also be transferred to external service providers who process data on our behalf and according to our instructions (processors) in order to simplify or relieve our own data processing. Each processor is bound by a contract in accordance with Article 28 of the GDPR. This means, in particular, that the processor must provide sufficient guarantees that appropriate technical and organizational measures are implemented by the processor in such a way that the processing is carried out in accordance with the requirements of the GDPR and the protection of your rights as a data subject is ensured. Despite the commissioning of processors, we remain the responsible party for the processing of your personal data within the meaning of the data protection laws.
Information on the specific processors used can be found below under the relevant data processing.
B) Information on data processing on this website
E Mail contact
At various points on the website, it is possible to contact us via the e‑mail address provided. The personal data transmitted, in particular the e‑mail address itself, is stored. This data is not passed on to third parties. The data will be used exclusively for the processing of the request. The legal basis for the processing of the data is Art. 6 (1) sentence 1 f DSGVO. The legitimate interest in processing the data lies in the implementation of the contact. The data will be deleted after the purpose ceases to exist or the communication is terminated. If a contractual process takes place in the course of the communication, the processed data will be deleted after expiry of the retention periods provided for this purpose.
IT Security/Log Files
Every time this website is called up and every time data is retrieved from a server, general information is automatically transmitted to the server providing the data. This data transfer is automatic and is a fundamental part of communication between devices on the Internet.
The data transmitted by default includes the following information: Your IP address, product and version information about the browser and operating system used (so-called user agent), the website from which your access took place (so-called referer), date and time of the request (so-called timestamp). In addition, the http status and the amount of data transferred are recorded as part of this request.
This information is logged by the server, stored in a table and saved there for a short time (so-called server log files). By analyzing these log files, we can detect and subsequently eliminate website errors, determine the website’s load at certain times and make adjustments or improvements based on this, and ensure the server’s security by being able to track from which IP address attacks were carried out on our server.
Your IP address is only stored for the time of your use of the website and is then immediately deleted or made partially unrecognizable by shortening it. The remaining data is stored for a limited period of time (usually 7 days).
The legal basis for the use of server log files is Art. 6 para. 1 p. 1 letter f) DSGVO (legitimate interest in data processing). The legitimate interest arises from the need for the operation and maintenance of our website, as we have explained above.
Web fonts
Graphical symbols and icons on our website are provided by the FontAwesome web service (FontAwesome, Inc.; 307 S Main St, Bentonville, Arkansas 72712, US). The reason for this is our legitimate interest in the technically feasible, barrier-free and device-independent display of icons and symbols on this website. For this purpose, when you access this website, your IP address is transmitted to the web interface of the service for the purpose of delivering the graphical elements. You can find FontAwesome’s privacy information here. We are currently working on converting this functionality so that integration via FontAwesome’s web service is no longer necessary.
Processor
In order to run and develop our website we have contracted a hosting provider and a design company.
C) Information on data processing during communication
If you wish to communicate with us by e‑mail, we will process these e‑mails and any personal data contained therein on the server of our mail hosting provider.
Depending on the content of the communication, the purposes and legal bases of the data processing may be
- the initiation or fulfillment of a contract (Art. 6 para. 1 b) DSGVO)
- the fulfillment of legal storage obligations (Art. 6 para. 1 c) DSGVO)
- the protection of our legitimate interests (Art. 6 para. 1 f) DSGVO) or
- a consent (Art. 6 para. 1 a) DSGVO)
be
Processor
We have contracted a hosting provider to provide a receiving and sending server for e‑mails.