Datenschutzbeauftragter FAU
Klaus Hoogestraat

Postal address
Datenschutzbeauftragter FAU
c/o ITM Gesellschaft für IT-Management mbH
Bürgerstraße 81
01127 Dresden

Phone: +49 9131 85-25860
EMail: datenschutzbeauftragter@fau.de

We only process our users' personal data to the extent necessary to provide services, content and a functional website. As a rule, personal data are only processed after the user gives their consent. An exception applies in those cases where it is impractical to obtain the user's prior consent and the processing of such data is permitted by law.

Art. 6 (1) (a) of the EU General Data Protection Regulation (GDPR) forms the legal basis for us to obtain the consent of a data subject for their personal data to be processed.

When processing personal data required for the performance of a contract in which the contractual party is the data subject, Art. 6 (1) (b) GDPR forms the legal basis. This also applies if data has to be processed in order to carry out pre-contractual activities.

Art. 6 (1) (c) GDPR forms the legal basis if personal data has to be processed in order to fulfil a legal obligation on the part of our organisation.

Art. 6 (1) (d) GDPR forms the legal basis in the case that vital interests of the data subject or another natural person make the processing of personal data necessary.

If data processing is necessary in order to protect the legitimate interests of our organisation or of a third party and if the interests, basic rights and fundamental freedoms of the data subject do not outweigh the interests mentioned above, Art. 6 (1) (f) GDPR forms the legal basis for such data processing.

The personal data of the data subject are deleted or blocked as soon as the reason for storing them ceases to exist. Storage beyond this time period may occur if provided for by European or national legislators in directives under Union legislation, laws or other regulations to which the data controller is subject. Such data are also blocked or deleted if a storage period prescribed by one of the above-named rules expires, unless further storage of the data is necessary for entering into or performing a contract.

Each time our website is accessed, our system automatically collects data and information from the user's computer system. In this context, the following data are collected:

• Address (URL) of the website from which the file was requested
• Name of the retrieved file
• Date and time of the request
• Data volume transmitted
• Access status (file transferred, file not found, etc.)
• Description of the type of web browser and/or operating system used
• Anonymised IP address of the requesting computer

The data stored are required exclusively for technical or statistical purposes; no comparison with other data or disclosure to third parties occurs, not even in part. The data are stored in our system's log files.

The legal basis for the temporary storage of data and logfiles is Art. 6 Abs. lit. f DSGVO. Storage in log files takes place in order to ensure the website's functionality, optimize the website and ensure the security of our IT systems.

Data are deleted as soon as they are no longer necessary for fulfilling the purpose for which they were collected. For log files, this is at the latest after seven days. The collection of data for the purpose of providing the website is essential to the website's operation; as a consequence, the user has no possibility to object.

Our website uses cookies. These are text files that are saved in the user's web browser. We use cookies to make our website more user-friendly. The following data are stored and transmitted:

• Log-in information (only for protected information for FAU members)
• Search preferences

Technical measures are taken to pseudonymise user data collected in this way.

The legal basis for the processing of personal data using cookies is Art. 6 Abs. lit. f DSGVO. Analysis cookies are used for the purpose of improving the quality of our website and its content.

Cookies are stored on the user's computer. You can disable or restrict the transmission of cookies by changing the settings in your web browser. Cookies that are already stored can be deleted at any time.

Contact forms are available on our website that can be used to contact us electronically. If a user makes use of this possibility, the data they enter in the input form are transmitted to us and stored. The contact forms list and explain which data is required. The contact forms indicate if there are any deviations from or additions to the principles, purpose and duration of storage as presented here.

The legal basis for the processing of the data transmitted in the course of sending an email is Article 6 (1) lit. e DSGVO i.V.m. Art. 4 and 5 BayDSG for the fulfilment of the tasks of § 5 TMG, Art. 3 para. 1 BayEGovG and § 2 BayBITV

If the email contact aims to conclude a contract, then additional legal basis for the processing is Art. 6 para. 1 lit. b DSGVO.

The personal data from the input form are processed solely for the purpose of contacting the user. If the user contacts us by email, this also constitutes our legitimate interests in processing the data.

All other personal data processed during the dispatch of an email serve to prevent misuse of the contact form and to ensure that our IT systems are secure.

Data are deleted as soon as they are no longer necessary for fulfilling the purpose for which they were collected. This is the case for the personal data from the input template of the contact form and those data sent by email when the respective conversation with the user has ended. The conversation is regarded to have ended when it can be seen from the circumstances that the subject matter in question has been conclusively settled.

For reasons that arise from your particular situation, you may also object to the processing of personal data relating to us by us at any time (Art. 21 GDPR). If the legal requirements are met, we will no longer process your personal data in the following.

Insofar as the personal data required for the performance of the contract is not specified, this is not possible for us.

You can register for seminars, events and courses via the forms available on our website. When you register, the data from the input form are transmitted to us.

In the course of the registration process, we request your consent for the processing of your personal data and draw your attention to this data protection policy.

No data are disclosed to third parties in connection with the data processing required for this purpose. Data are used exclusively for administration purposes related to seminars, courses and events.

Once the user has issued their consent, the legal basis for data processing following the user’s registration for a seminar, course or event is Art. 6 (1) (a) GDPR.

The processing of personal data from the input form is solely for the purpose of allowing us to process the user’s registration for a seminar, course or event. If the user contacts us by email, this also constitutes our legitimate interests in processing the data.

All other personal data processed during the dispatch of an email serve to prevent misuse of the contact form and to ensure that our IT systems are secure.

Data are deleted as soon as they are no longer necessary for fulfilling the purpose for which they were collected.

The user can withdraw their consent for the processing of their personal data at any time. If the user contacts us by email, they may withdraw their consent for the storage of their personal data at any time. In such cases, the conversation cannot continue and all personal data which were stored when contact was made are deleted.

Our website uses SSL encryption for security reasons and to protect the transmission of confidential information, for example enquiries you send to us as operators of the website. You can recognise an encrypted connection when the browser's address line changes from http:// to https:// and a padlock appears in your web browser.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

With regard to the processing of your personal data, you as a data subject are entitled to the following rights pursuant to Art. 15 et seq. GDPR:

You can request information as to whether we process your personal data. If this is the case, you have the right to information about this personal data as well as further information in connection with the processing (Art. 15 GDPR). Please note that this right of access may be restricted or excluded in certain cases (cf. in particular Art. 10 BayDSG).

In the event that personal data about you is (no longer) accurate or incomplete, you may request that this data be corrected and, if necessary, completed (Art. 16 GDPR).

If the legal requirements are met, you can demand that your personal data be erased (Art. 17 GDPR) or that the processing of this data be restricted (Art. 18 DSGVO). However, the right to erasure pursuant to Art. 17 (1) and (2) GDPR does not apply, inter alia, if the processing of personal data is necessary for the performance of a task carried out in the public interest or in the exercise of official authority or in the exercise of official authority vested (Art. 17 para. 3 letter b GDPR).

If you have given your consent to the processing, you have the right to withdrawal it at any time. The withdrawal will only take effect in the future; this means that the withdrawal does not affect the lawfulness of the processing operations carried out on the basis of the consent up to the withdrawal.

For reasons arising from your particular situation, you may also object to the processing of your personal data by us at any time (Art. 21 GDPR). If the legal requirements are met, we will subsequently no longer process your personal data.

Insofar as you have consented to the processing of your personal data or have agreed to the performance of the contract and the data processing is carried out automated , you may be entitled to data portability (Art. 20 GDPR).

You have the right to lodge a complaint to a supervisory authority within the meaning of Art. 51 GDPR about the processing of your personal data. The responsible supervisory authority for Bavarian public authorities is the Bavarian Data Protection Commissioner, Wagmüllerstraße 18, 80538 Munich.