Data Privacy Statement

 

Data Privacy Policy

“Webinars and Video Conferences”

 

Deutscher Akademischer Austauschdienst e.V. (DAAD) considers your privacy to be important. For this reason, we would like to inform you below about the processing of your personal data and your rights as a data subject within the context of participation in webinars and video conferences. Processing of your personal data takes place exclusively within the framework of the applicable statutory provisions of data privacy law, in particular the EU General Data Protection Regulation (“GDPR”).

I. Who is responsible for the data-processing and who is the Data Protection Officer?

 

1. Party responsible for data processing

The body responsible for the data-processing in the sense of data protection legislation is:

Deutscher Akademischer Austauschdienst e.V. (DAAD)

Kennedyallee 50

53175 Bonn (Germany)

Tel.: (+49) 0228-882 0

datenschutz@daad.de

https://www.daad.de

 

2. Our data protection officer is available at:

Dr. Gregor Scheja

Scheja & Partners GmbH & Co. KG

Adenauerallee 136

53113 Bonn

Germany

Tel.: (+49) 0228-227 226 0

Encrypted contact form: https://www.scheja-partner.de/kontakt/kontakt.html

www.scheja-partner.de

 

II. Subject-matter of data privacy protection

The subject-matter of data privacy protection is personal data. Personal data means any information relating to an identified or identifiable natural person (the so-called data subject). This includes, for example, information such as your name, postal address, e-mail address and telephone number.

 

III. What personal data about me will be processed?

Within the context of conducting and participating in the webinar or video conference, we only process personal data about you that relates to the webinar or video conference. This can include:

 

  • Registration data (first name, surname)
  • Duration of participation
  • Text, audio and video contributions where the chat room is used
  • Audio and/or video contents where participation involves use of an active microphone or camera
  • Screen-sharing contents (text, audio and video data where screen or individual windows are shared)

 

IV. What purposes are pursued by the processing of my personal data and on what legal basis does the processing take place?

 

Within the framework of our event „Meet Your Future You“ – Women in Science, we process video material in order to make it accessible within DAAD and towards third parties. The picture and/or sound material on which you can be recognisably seen and/or heard will be processed for the following purposes:

 

  • Coverage of our event
  • Live streaming of the event
  • Dissemination of video material to DAAD sponsors/cooperation partners for their public relations work

 

If the aforementioned purposes require publication of the video material, this may take place in the following media if there is a corresponding legal basis:

 

  • DAAD website (www.daad.de)
  • DWIH website (www.dwih-netzwerk.de)
  • DAAD Intranet
  • DAAD LinkedIn website (www.linkedin.com/showcase/internationales-forschungsmarketing/)
  • DAAD print media (e.g. DAAD Annual Report)

 

Where the webinar or video conference is recorded, we process your data on the basis of the contract concluded with you (Art. 6(1)(b) GDPR) or, if necessary, on the basis of your consent (Art. 6(1)(a) GDPR).  Should the picture and sound materials contain special categories of personal data in relation to you in accordance with [1]Article 9 GDPR (for example information relating to your health status, such as the wearing of a hearing aid or glasses), you also agree to such use, by activating the microphone or camera, which is voluntary, you explicitly agree to their use for the abovementioned purposes.

 

We erase the data when we no longer require it for the purposes we pursue, and if no other legal basis exists.

 

*Special categories of personal data include such data which contains information relating to ethnic origin, political viewpoints, religious affiliation or world view or trade union membership, as well as genetic data, biometric data in order to clearly identify a natural person, health data or data relating to sex life or sexual orientation of a natural person.

V.  Is my personal data also collected by third parties?

We predominantly process the personal data that we receive directly from you within the context of your registration for and participation in the relevant webinar or video conference. In some constellations we also receive your personal data from third parties, for example from our contractual or cooperation partners, or from your employer.

 

VI. Does automated decision-making or profiling take place?

We do not use automated decision-making or profiling in the sense of Art. 22, EU General Data Protection Regulation.

 

VII.  Who has access to my personal data and who are the recipients?

Within DAAD, only those departments and their employees have access to your personal data who require such access in order to perform their functions or responsibilities.

 

We only forward your personal data to external recipients if statutory justification exists or if you have granted your consent accordingly. Potential external recipients are:

 

  • Processors: Service providers that we entrust with the maintenance and support of our IT systems, especially the service providers who make available the platform for conducting webinars or video conferences. These external service providers are carefully selected by us and vetted regularly to ensure that your personal data is in good hands. Such external service providers may process your personal data solely for the purposes we stipulate.
  • Public offices: Authorities and state institutions, e.g., offices of public prosecution, courts and tax authorities to which we might be obliged to communicate personal data in individual cases.

 

VIII.  Are there plans to transfer my personal data to third countries?

Within the context of the data-processing presently at issue, it is possible that your personal data will be transferred to offices the headquarters or data-processing location of which is not situated within an EU Member State or an EEA Contracting State. In this respect, before such a transfer we ensure that, save to exceptions allowed by law, there is either an appropriate level of protection at the recipient (e.g. by way of an adequacy decision of the European Commission, suitable guarantees such as the agreement on so-called EU standard contractual clauses of the European Commission with the recipient), and/or your express consent has been granted.

 

Depending on the video conference service used, your personal data will be transferred to the following providers:

 

  • “Teams” – Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399, USA

 

A list of the recipients in third countries and a copy of the specifically agreed provisions in order to ensure an appropriate level of data protection can be obtained from us. To this end, please use the information in Clause I.

 

IX. How long will my personal data be stored?

The storage duration of your personal data is displayed in the relevant chapter on data-processing in Clause IV. The following general provision also applies: We only store your personal data for as long as it is required for the fulfillment of the purposes and provided there are no statutory provisions preventing its deletion.

 

X. What are my rights as a data subject?

You have the following rights as regards the processing of your personal data:

 

  1. Right to Information

You are entitled to receive confirmation from us as to whether or not we are processing your personal data. If we are, you are entitled to receive information about your personal data and further information about the processing.

 

  1. Right of Correction

You are entitled to require the correction of inaccurate personal data about you and to require the completion of incomplete personal data about you.

 

  1. Right to Erasure (“Right to be Forgotten”)

In certain circumstances you are entitled to require us to erase your personal data. This right arises, for example, if the personal data is no longer required for the purposes for which it was collected or otherwise processed, or if the personal data was unlawfully processed.

 

  1. Restriction of Processing

In certain circumstances you are entitled to require us to restrict the processing of your personal data. In that case we will only store the personal data for which you granted your consent, or which may be legitimately processed under the EU General Data Protection Regulation. For example, you might be entitled to require restricted processing if you have disputed the accuracy of the personal data about you.

 

  1. Data Portability

If you have provided personal data to us on the basis of a contract or your consent, if the statutory prerequisites are met, you may obtain the data you provided, in a structured, common and machine-readable format, or may require that we transfer such data to another responsible person or body for processing.

 

  1. Revocation of Consent

Insofar as you have granted your consent to us for the processing of your personal data, such consent may be revoked at any time with future effect. This will not affect the lawful nature of the processing of your personal data up to the time your consent is revoked.

 

  1. Right to object to processing based on “legitimate interest”

You are entitled to object at any time, on grounds relating to your particular situation, to the processing of personal data about you which is based on Art. 6(1)(f) GDPR (data-processing based on a balancing of interests). If you raise an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or where the processing serves to establish, exercise or defend legal claims.

 

  1. Right to Complain to a Supervisory Authority

You are also entitled to submit a complaint to the competent supervisory authority if you believe that the processing of your personal data is in breach of the law in force. To this end, you may contact the data protection authority responsible for your place of residence, place of work or the place of a suspected breach, or the data protection authority responsible for us. The supervisory authority in the federal state in which you live or work, or in which a suspected breach constituting the subject-matter of the complaint took place, is responsible.

 

XI. Who can I turn to with questions about or in order to assert my rights as a data subject?

Do not hesitate to contact us free of charge with questions about the processing of your personal data or in order to assert your rights as a data subject according to Clause X Nos. 1-7. Please use the contact information provided in Clause I. No. 1. In order to revoke consent, you can also choose the communication channel you used when issuing the declaration of consent.

In case of questions concerning this informational document, you may also contact us at:

Deutscher Akademischer Austauschdienst e.V. (DAAD)

Kennedyallee 50

53175 Bonn (Germany)

Tel.: (+49) 0228-882 0

datenschutz@daad.de

https://www.daad.de

…………..