teaser

Data policy

Disclaimer

Data privacy statement

KoWi takes data protection and data security very seriously. Therefore we have taken proper organisational and technical measures to ensure compliance with the EU General Data Protection Regulation (GDPR) as well as all further relevant legislation.

The following statement will give you a complete overview of how KoWi guarantees the protection of your data and what kind of data is collected for which purpose.

1. Controller

Kooperationsstelle EU der Wissenschaftsorganisationen (KoWi)
Genscherallee 2
D – 53113 Bonn

Tel.: +49-228-95997-0
Email: Bonn(at)kowi.de
Website: www.kowi.de

2. Data protection officer

Anita Bindhammer
Genscherallee 2
D – 53113 Bonn

Tel.: +49-228-95997-0
Email: dsb(at)kowi.de
Website: www.kowi.de

3. Processing personal data on our website

Each visit to the KoWi website is registered and stored in a log file for a limited time. The following data are being logged:  

  • Date and time of retrieval
  • Enquiry details and destination address
  • Name of the retrieved file and transferred data volume
  • Message as to whether the retrieval was successful

Your data are collected and stored in order to analyse website usage. This allows us to optimise our services and content. Data will be used for statistical purposes only and will be stored anonymously. IP addresses or other data that may allow identification of users will not be stored.

This website uses the web analysis service etracker. There is a contract for order data processing between etracker GmbH from Hamburg, Germany, and KoWi.

etracker's data protection logo indicates extended data protection compliance.

etracker

The data generated by etracker are processed and stored by etracker exclusively in Germany on behalf of KoWi. Thus, all data are subject to the strict German and European data protection laws and standards. etracker has been independently audited, certified and awarded the ePrivacyseal data protection seal of approval. Further information on data protection at etracker can be found here.

The collection and storage of data in log files is necessary for the operating ability of the website. Consequently, there is no possibility of objection.

The legal basis for the temporary storage of data is Art. 6 para. 1 point f GDPR (legitimate interest). Collection and storage is necessary to enable the website to be delivered to the user’s end device.

Cookies

Our website uses cookies when you register for our services (AiD and events). We do not use permanent cookies that are stored as text files on your computer's hard drive.

Rather, a so-called session cookie with a randomly generated session ID will be written into your computer's memory. As soon as you close the window or open another page, the session is considered terminated and the session cookie will be deleted.

Session cookies are only used in our registration procedures when the registration form comprises more than one page where the data already entered must be stored temporarily.

You can deactivate or restrict the transmission of cookies by changing the settings of your browser. If cookies are deactivated for our website, it may no longer be possible to fully use all functions.

etracker also uses cookies for its statistical analysis of the use of this website. These cookies are small text files that are stored on the user's device. etracker cookies do not contain any information that would allow identification of users.

You can object to processing of personal data by etracker at any time without experiencing any negative effects.

The legal basis for processing personal data by using cookies is Art. 6 para. 1 point f GDPR (legitimate interest). Without the use of these cookies, several functions could not be offered on our website.

4. Personal data

We will collect and store personal data from our website only when you register for a personalised service (AiD newsletter or event registration). Complying with the principle of data avoidance and data minimisation, personal data will be collected only to the extent necessary for the provision of our services within the meaning of our statutes.

AiD Newsletter

If you register for our free newsletter AiD, we will store your data in a database. Your data will not be passed on to any third party and we will not use your data for any other purpose.

Our terms of use for the AiD describe the target groups and persons entitled to subscribe. Our terms of use are based on our statutes.
In order to successfully register for this service, you must agree to our terms of use.

We use the double opt-in procedure to register for our newsletter. This means that after your registration we will send you an e-mail to the given e-mail address in which we will ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within 2 days, your data will be deleted automatically.

When subscribing to the AiD, you will have to provide the following personal data:

  • email address
  • name and surname
  • information about your organization

Your e-mail address is required for sending the newsletter. As we reserve the right to check your eligibility in accordance with our terms of use, name and organization details are mandatory.

In addition, date and time of your subscription will be registered. The purpose of this procedure is to prove your subscription and, if necessary, to clarify any possible misuse of your personal data.

Furthermore, information on content preferences (areas of interest) can be stored as voluntary information.

You may unsubscribe from the AiD at any time via a link at the end of each newsletter. After having verified your e-mail address, all data will be deleted without undue delay.

The legal basis for the processing is Art. 6 para. 1 point b GDPR (contractual basis) and Art. 6 para. 1 point a GDPR (user's consent) for all voluntary information.

Events

You may register for our regular events via our website. To process the registration we will ask you to provide personal data via an online form. The data will be transmitted to us and stored. The following data will be collected:

  • name and surname
  • organisation (necessary with regard to our statutes)
  • email address

These data are required for the purpose of organising and carrying out the event; in addition, the date and time are collected during registration. You can provide additional data (title, department, and additional contact data) on a voluntary basis.

If you submit data to us in order to register for an event, we will use these data exclusively for the purpose of the organisation of the event. All data will be deleted after the respective legal deadlines. Your data will only be passed on to third parties (e.g. co-organisers, list of participants) when you give your explicit consent.

You may cancel your registration at any time or may ask us to change your data stored. Unless it conflicts with any legal or contractual provisions, your data will be deleted without undue delay.

The legal basis for processing is Art. 6 para. 1 point b GDPR (contractual basis) and Art. 6 para. 1 point a GDPR (user's consent) for all voluntary information.

Webinars

KoWi uses Citrix GoToWebinar as Software as a Service (SaaS) to hold webinars. For this purpose we cooperate with LogmeIn, Dublin. Data you submit in order to take part in a webinar will be used by LogMeIn on behalf of and according to KoWi's instructions. KoWi and LogmeIn have a contract for order data processing. To find out more about LogMeIn's privacy policy, please visit: https://www.logmeininc.com/de/legal/privacy

Your data will not be used for any other purposes.

Privacy policy for the use and application of YouTube     

Our website features embedded YouTube videos. YouTube is operated by YouTube LLC, headquarters at 901 Cherry Avenue, San Bruno, CA 94066, USA. YouTube is represented by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.

The YouTube videos are integrated with the extended data protection mode. YouTube will not store any information about the visitors to our website unless they watch the video. If you click on the video, your IP address will be transmitted to YouTube. In case you are logged in to YouTube, this information will also be connected with your user account. In order to prevent this, log out of YouTube before viewing the video.

Further information on data processing and privacy protection by YouTube (Google) can be found at www.google.de/intl/de/policies/privacy/.

5. Data protection in application processes (incl. KoWi mentoring, internships)

[Please note that our application procedures are usually processed in German. Therefore, also consult the extended German version of our privacy policy towards application processes].

For the purpose of processing application procedures we generally collect and process the personal data of applicants electronically. This includes in particular your contact details as well as relevant information about your education, work experience and motivation.

If an applicant is selected, their data will be stored in order to be able handle the employment relationship or the programme. Data will not be passed on to third parties without your explicit consent;

If you are not selected, we will store your data for up to six months for the purpose of answering questions in connection with your application. Thereafter, your data will be deleted, unless this conflicts with other legitimate interests on our part.

You can revoke your application at any time or have the personal data stored changed. As far as there are no conflicting contractual or legal obligations, your data will be deleted without undue delay.

The legal basis for processing is Art. 6 para. 1 point b GDPR (contractual basis) or Art. 6 para. 1 point a GDPR (user's consent) for additional information.

6. Rights of the data subject

As a “data subject” within the meaning of the DSGVO, you have the following rights:

a) Right of access 

You have the right to obtain confirmation from us as to whether or not personal data concerning you are being processed. Where that is the case you may obtain access to the personal data and the following information:

  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipient to whom the personal data have been or will be disclosed;
  • the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
  • the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected directly from you, any available information as to their source;
  • the existence of automated decision-making, including profiling, referred to in Art. 22(1) and (4) and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you.

Where personal data are transferred to a third country or to an international organisation, you have the right to be informed of the appropriate safeguards pursuant to Article 46 relating to the transfer.

We will provide you with a copy of the personal data undergoing processing. Unless otherwise requested from, the information will be provided in a commonly used electronic form.

b) Right to rectification  

In case the personal data concerning you is inaccurate or incomplete you have the right to obtain rectification or completion from us without undue delay .

c) Right to erasure (‘right to be forgotten’)

You have the right to obtain from us the erasure of personal data concerning you without undue delay where one of the following grounds applies and the processing is not necessary according to Art. 17 para. 3 GDPR

  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • you withdraw consent on which the processing is based according to point (a) of Art. 6(1), or point (a) and there is no other legal ground for the processing;
  • your object to the processing pursuant to Art. 21(1); there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21(2);
  • the personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which we are subject;
  • the personal data have been collected in relation to the offer of information society services referred to in Art. 8(1).

Where we have made the personal data public and are obliged pursuant to paragraph 1 to erase the personal data, we, taking account of available technology and the cost of implementation, will take reasonable steps, including technical measures, to inform other organisations which are processing the personal data that you have requested the erasure of any links to, or copy or replication of, those personal data.

d) Right to restriction of processing

 You have the right to obtain the restriction of processing from us where one of the following applies:

  • you contest the accuracy of the personal data for a period enabling us to verify the accuracy of the personal data;
  • the processing is unlawful and you oppose the erasure of the personal data; instead you request the restriction of their use;
  • we no longer need the personal data for the purposes of the processing, but you require them for the establishment, exercise or defence of legal claims;
  • you have objected to processing pursuant to Art. 21(1) pending the verification whether our legitimate override yours.

e) Notification obligation and right to be informed

We will communicate any rectification or erasure of personal data or restriction of processing to each recipient to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about those recipients upon request.

f) Right to data portability

You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where:

  • the processing is based on consent pursuant to point (a) of Art. 6(1) or on a contract pursuant to point (b) of Art. 6(1); and the processing is carried out by automated means.

In exercising your right to data portability pursuant to paragraph 1, you have the right to have the personal data transmitted directly from us to another entity (controller), where technically feasible.

The right to data portability will not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

g) Right to object

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Art. 6(1). We will no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

You may exercise your right to object, in the context of the use of information society services, and notwithstanding Directive 2002/58/EC, by automated means using technical specifications

h) Right to lodge a complaint with a supervisory authority

If you consider that the processing of personal data relating to you infringes the GDPR, you will have the right – without prejudice to any other administrative or judicial remedy – to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement.

i) Right to revoke

You have the right to revoke your consent to the processing of your personal data at any time.