mobile menu

Privacy Policy

Die Technische Universität München nimmt den Schutz von personenbezogenen Daten sehr ernst. Wir verarbeiten personenbezogene Daten, die beim Besuch unserer Webseiten erhoben werden, unter Beachtung der geltenden datenschutzrechtlichen Bestimmungen, insbesondere dem Bayrischen Datenschutz (BayDSG) und dem Telemediengesetz (TMG). Nachfolgend informieren wir Sie über Art, Umfang und Zweck der Erhebung und Verwendung personenbezogener Daten.

Name and contact details of the responsible person

Dr. Heinz G. Daake
Walther-Meißner-Straße 1
85748 Garching
heinz.daake(at)tum.de
Telefon +49.89.289.14688

Contact details of the data protection officer

Der/Die Datenschutzbeauftragte der Technischen Universität München
Postal address: Arcisstr. 21
80333 München
beauftragter@datenschutz.tum.de

Purposes and legal bases for the processing of personal data

The purpose of the processing is to fulfill the tasks assigned to us by law and our statutory accident insurance provider in the areas of occupational health and safety, radiation protection and the safe operation of genetic engineering facilities. In addition, we collect personal data as part of the organization of courses and training offers.

The legal basis for the processing of your data is generally derived from Art. 4 para. 1 of the Bavarian Data Protection Act (BayDSG) in conjunction with Art. 6 para. 1 subpara. 1 letters a, c or e of the General Data Protection Regulation (GDPR). Accordingly, we are permitted to process the data required to fulfill a task for which we are responsible. In all forms, only the personal data that is absolutely necessary is collected. In particular, they are not used to monitor performance and behavior.Recipients of the personal data

The technical operation of our data processing systems is carried out by:

Leibniz-Rechenzentrum (LRZ) der Bayerischen Akademie der Wissenschaften
Boltzmannstraße 1
D-85748 Garching bei München
Telefon: (089) 35831 8000
E-Mail: lrzpost(at)lrz.de
www.lrz.de

Duration of the storage of personal data

The storage of personal data is based on the longest statutory retention period that applies to a person:

  • Data collected as part of courses or training that is not linked to a function (see below) is deleted at the end of the respective calendar year of the training course
  • For function holders who have no operational responsibility (first aiders, safety officers), the deletion period is 1 year after the end of the activity in the respective function
  • For function holders in the field of radiation protection, the planned deletion period is 30 years after the end of the activity
  • For function holders in the field of genetic engineering, the planned deletion period is 30 years

Rights of data subjects

According to the General Data Protection Regulation, you have the following rights:

If we process your personal data, you have the following rights as a data subject:

  • You have the right to be informed about the personal data stored about you (Art. 15 GDPR).
  • If incorrect personal data is processed, you have the right to rectification (Art. 16 GDPR).
  • If the legal requirements are met, you can request the erasure or restriction of processing (Art. 17 and 18 GDPR).
  • If you have consented to the processing or a contract for data processing exists and the data processing is carried out using automated procedures, you may have a right to data portability (Art. 20 GDPR).
  • If you have consented to the processing and the processing is based on this consent, you can revoke your consent at any time for the future. This does not affect the lawfulness of the data processing carried out on the basis of the consent until revocation.

You have the right to object to the processing of your data at any time for reasons arising from your particular situation if the processing is carried out exclusively on the basis of Art. 6 para. 1 letter e or f GDPR (Art. 21 para. 1 sentence 1 GDPR).

Logging

When you visit this or other Internet pages, you transmit data to our web server via your Internet browser. The following data is temporarily recorded in a log file during an ongoing connection for communication between your Internet browser and our web server:

  • IP address of the requesting computer
  • Date and time of access
  • Name, URL and transferred data volume of the retrieved file
  • Access status (requested file transferred, not found, etc.)
  • Identification data of the browser and operating system used (if transmitted by the requesting web browser)
  • Website from which the access was made (if transmitted by the requesting web browser)

The data in this log file is processed as follows:

  • The log files are stored for 14 days and then deleted
  • In the event of reported faults, errors and security incidents, the log data is analyzed manually.

The IP addresses contained in the log entries are not merged with other data by the LRZ or HR6, so that no conclusions can be drawn about individual persons.

When you log in as a user, changes to the database are also recorded in a log file (entry of data in forms, registrations for events, etc.). These log entries are also subject to standard deletion after 7 days.

If you as a user trigger an error message in the system - whether due to incorrect operation (e.g. saving a form after logout or timeout), a software error or a manipulation attempt (such as unauthorized attempts to access protected areas) - this error is also logged. Non-critical errors are deleted after 7 days, (potentially) critical errors and manipulation attempts are recorded separately with a deletion period of 6 months.

The data in these log files is evaluated both automatically and manually in individual cases in order to detect attacks on the web servers and respond accordingly. For logged-in users, the IP addresses contained in the log entries are inherently linked to the user. In this case, it is possible to draw manual conclusions about individual persons during the analysis (e.g. when analyzing manipulation attempts). However, we do not use any kind of user tracking or other forms of automated analysis of user behavior.

Active components

Active components such as JavaScript or Active-X-Controls are used on this website. You can disable this function by changing the settings in your Internet browser. In some cases, however, the functionality of the system is considerably restricted by this deactivation.

Cookies

When you access this website, we store a cookie (small file) on your device that is valid for the duration of your visit to the website (session cookies). This is a technically necessary cookie that we only use during your visit to our website. Most browsers are set to accept the use of cookies; if the storage of cookies is prevented, only publicly accessible content can be used; it is then no longer possible to log in or register for an event. At the end of your visit, your browser will automatically delete this cookie.

Registration and data integrity

When you log in to the system, your personal data is verified against the directory service of the Technical University of Munich.

Data entered as part of the above-mentioned processing activities is also checked against the directory service of the Technical University of Munich.

Further information

We hereby expressly prohibit the use of contact data published within the scope of the imprint obligation by third parties for sending unsolicited advertising and information material. The operators of the website expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, such as spam e-mails.

List of processing activities

The system is listed in the directory of processing activities of the Technical University of Munich under the identifier VT-672.

Legal Notice