EACN

Privacy Policy

General Preliminary Remarks

We take the protection of personal data very seriously. We process personal data which are collected when visiting our websites in compliance with the applicable data protection regulations. In particular, the North-Rhine Westphalia Data Protection Act (DSG NRW), the General Data Protection Regulation (GDPR) and the German Teleservices Act (TMG) apply.

Contact details ...
... of responsible person for organizational unit

... of the Data Protection Officer for TU

1. Scope of Processing of Personal Data

We only process personal data of our users if this is necessary to provide a functional website and if this is required to make our contents and services available. The processing of personal data of our users takes place as a rule only after consent of the user. An exception applies in those cases where prior consent cannot be obtained for factual reasons and the processing of the data is permitted under statutory regulations.

2. Data Erasure and Duration of Storage

The personal data of the data subject will be erased or made unavailable as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this has been provided for by the European or national legislator in EU regulations, laws or other ordinances to which the responsible person is subject. The data will also be made unavailable or erased if a storage period prescribed by the named norms expires, unless the continued storage of the data is necessary for the conclusion or fulfillment of a contract.

3. Provision of the Website and Creation of Log Files
3.1. Description and scope of data processing

Each time our website is accessed, our system automatically collects data and information from the computer system of the accessing computer. The following data are collected here:

Visited website
Amount of data sent in bytes
Source/referral from which you accessed the page
Information about the browser type and version used
Operating system of the user
IP address of the user
Date and time of access

If you create an account, the following data are collected:

Name
E-Mail address

If you book a workplace through our website with your account, these data will be sent to the respective space.

The data are also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.

3.2.Purpose and legal basis for data processing

The temporary storage of the IP address by the system is necessary to allow delivery of the website to the computer of the user. For this purpose, the user's IP address must be stored for the duration of the session. (Necessity for the fulfillment of the task of the university Art. 6 (1) (e) GDPR)

Storage in log files is done to ensure the functionality of the website. In addition, the data are used to optimize the website and to ensure the security of our information technology systems. An evaluation of the data for marketing purposes does not take place in this context. (Necessity for the fulfillment of the task of the university Art. 6 (1) (e) GDPR).

3.3. Duration of storage

Processing will take place during use until the end of each session. If the data are stored in log files, this is the case for a maximum of 14 days. Where technically feasible and reasonable, we anonymize IP addresses after 24 hours.

4. Cookies

We do not use any third-party cookies on this website and do not share any user data with third-party partners other than the spaces you actively book. All cookies are implemented for the sole purpose of ensuring a seamless and secure user experience. By continuing to use this website, you agree to the use of these necessary cookies. If you have any concerns or questions regarding our cookie policy, please contact us.
Cookies used:

Session cookie eacn_session - Essential for maintaining user login sessions.
Session cookie XSRF-TOKEN - Used for protection against Cross-Site Request Forgery (CSRF).
Session cookie (persistent if "Remember Me" is selected during login) user_data - storing basic user data like name and role for local display.
Persistent cookie remember_token - Allows users to stay logged in for an extended period if "Remember Me" is selected during login.

5. Contact/Suggestion Forms and E-mail Contact

5.1. Description and scope of data processing

On this website, there are contact/suggestion forms that can be used for electronic contact. If a user makes use of this option, the data entered in the input mask are transmitted to us and stored. After sending the form, the following data will also be stored:

Date and time
URL from which the contact form was sent

For the processing of data, your consent is obtained during the submission process and reference is made to this privacy policy.

Alternatively, it is possible to contact us via the provided e-mail addresses. In this case, the user's personal data that are transmitted with the e-mail will be stored.

In this context, the data will not be passed on to third parties. The data are used exclusively for processing the conversation.

5.2. Purpose of data processing and legal basis

The processing of personal data from the input mask serves us solely to process the contact. In the case of contact by e-mail, this also constitutes the necessary legitimate interest in processing the data. The legal basis for the processing of the data is Art. 6 (1) (a) GDPR if the user has given his consent. The legal basis for the processing of data transmitted in the course of sending an e-mail is Art. 6 (1) (e) GDPR.

5.3. Duration of storage

The data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data from the input mask of the contact form and those sent by e-mail, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively clarified.

6. Rights of the person concerned

If your personal data are processed, you are affected within the meaning of the GDPR, and you have the following rights vis-à-vis the responsible person. If you want to exercise your rights, please contact the Data Protection Officer of TU Dortmund University.

6.1. Right of access by the data subject (Art. 15 GDPR)

You have the right to information about personal data concerning you that is collected, processed or, if relevant, transferred to third parties.

6.2. Right to object (Art. 21 GDPR)

You have the right to object to the processing of your personal data if the processing is based on Art. 6 (1) e or f GDPR.

6.3. Right to erasure (Art. 17 GDPR)

In particular, after the legally prescribed retention periods have expired, you have the right to have your data erased.

6.4. Right to restriction of processing (Art. 18 GDPR)

In special cases, you have the right to restrict processing. This is the case if the data processing is unlawful, if you dispute the accuracy of the data collected or if you have filed an objection to the processing. You can also request a restriction of the processing if the data are subject to an erasure obligation because the purpose of the processing has been achieved, but you need these data to assert legal claims. You must request a processing restriction.

6.5. Right to rectification (Art. 16 GDPR)

You have the right to have incorrect personal data rectified.

6.6. Right to revoke the data protection consent declaration (Art. 7 GDPR)

You have the right to revoke your data protection declaration of consent at any time. The revocation of consent does not affect the legality of the processing carried out on the basis of the consent until revocation.

6.7. Right to complain to a supervisory authority

If you have any complaints regarding data protection, you can always contact a data protection supervisory authority. In our case, the State Commissioner for Data Protection and Freedom of Information in North Rhine-Westphalia is responsible.