Data Controller and Data Protection Officer; Contact
Responsible for data processing in terms of data protection laws is:
Deutscher Akademischer Austauschdienst e.V. (DAAD)
Fon.: +49 228 882-0
If you have any questions or comments about privacy, please feel free to contact us.
2. Object of data protection
The subject of data protection is personal data. These are all information that relates to an identified or identifiable natural person (so-called affected person). These include e.g. Information such as name, postal address, email address or phone number, but also information that are necessarily incurred during the use of our website, such as information on the beginning, end and extent of usage.
3. Type, scope, purpose and legal basis of data processing
Below you will find an overview of the type, scope, purpose and legal basis of the data processing of our website.
3.1 Providing our website
When accessing our website through your device, we process the following data:
- Date and time of access,
- duration of visit,
- operating system used,
- amount of data sent,
- type of event,
- IP address,
- domain name.
These data are processed on the basis of Article 6 (1) (f) of the GDPR to provide the service, to ensure the technical operation and to detect and eliminate interference. We are interested in making the use of our website and its technical functionality possible. When you visit our website, this data will be processed automatically. Without this provision, you will not be able to use our services. We typically delete this data after 7 days, unless we exceptionally need it for the purposes mentioned above. In such case, we will delete the data immediately after the purpose has expired.
This website uses Matomo, an open-source software for the statistical analysis of visitor accesses. Matomo uses so-called "cookies", text files which are stored on your computer and which allow an analysis of the use of the website by you. The information generated by the cookie about your use of this website is stored on the server of DZHW GmbH in Germany. The IP address is anonymized immediately after processing and before its storage. You can prevent the installation of cookies by setting your browser software accordingly; however, we would point out that in this case you may not be able to fully utilize all the functions of this website
Legal basis for the use of Matomo is Art. 6 (1) sentence 1 (a) GDPR, namely your consent.
3.3 Links to offers from third parties
Websites and services of other providers to which this website is linked have been designed and provided by third parties. We have no influence on the design, content and function of these third party services. We expressly dissociate ourselves from all contents of all linked offers of third parties. Please note that the offers of third parties linked by this website may install own personal cookies on your device or collect personal data. We have no influence on this. If necessary, please inform yourself directly to the providers of these linked third-party offers.
4. Recipient of personal data
Internal recipients: Within the DAAD, only those persons have access, who can do this for the under no. 3 purposes mentioned.
External recipients: We only pass on your personal data to external recipients outside the DAAD if this is necessary for processing or processing your request, if another legal authorization exists or if we have your consent.
External recipients may be:
External service providers that we use to provide services, for example in the areas of technical infrastructure and maintenance for the offer of the DAAD or the provision of content. These processors are carefully selected and regularly reviewed by us to ensure your privacy is maintained. The service providers may only use the data for the purposes specified by us.
b) Public offices
Public authorities and public institutions, such as Prosecutors, courts or tax authorities to whom we must transfer personal data for legally binding reasons.
c) Private bodies
Cooperation partners or auxiliary persons to whom data are transmitted on the basis of a consent or a mandatory necessity.
5. Data processing in third countries
If a data transmission takes place in locations whose seat or place of data processing is not located in a Member State of the European Union or in another Contracting State to the Agreement on the European Economic Area, we ensure before the transfer, except in the case of exceptionally permitted by law, to the recipient either an adequate level of data protection exists (eg through a European Commission adequacy decision, through appropriate safeguards such as self-certification of the EU-US Privacy Shield beneficiary or agreement of so-called EU standard contractual clauses with the beneficiary) or your sufficient consent is present. You can obtain from us an overview of the recipients in third countries and a copy of the specific arrangements agreed to ensure the appropriate level of data protection. Please use the information in section 1.
6. Storage time
The storage period for personal data can be found in the respective chapter on data processing. In addition, we generally store your personal data only as long as it is necessary for the fulfillment of the purpose or - in the case of consent - as long as you have not revoked your consent. In the event of an objection, we will delete your personal data, unless its further processing is permitted in accordance with the relevant statutory provisions. We delete your personal data even if we are obliged to do so for legal reasons.
7. Affected rights
As a data-processing person, you have many rights. In detail:
Right to information: You have the right to obtain information about the data we have stored about you.
Right of rectification and cancellation: You may demand the correction of incorrect data and - insofar as the legal requirements are met - the deletion of your data.
Restriction of processing: As far as the legal requirements are met, you can demand that we restrict the processing of your data.
Data portability: If you have provided us with data based on a contract or consent, you may, subject to the legal requirements, require that you receive the data you provide in a structured, common and machine-readable format, or that we transfer it to another person in charge to transfer.
Opposition to data processing in case of legal basis "legitimate interest" acc. Article 6 (1) (f) GDPR: You have the right, for reasons arising from your particular situation, to object at any time to the processing of data by us, to the extent that this is based on the legitimate interest of the legal basis. If you make use of your right of objection, we will stop the processing of your data, unless we can - in accordance with the legal requirements - prove compelling legitimate reasons for further processing that outweigh your rights.
In order to exercise your right of objection, please contact the contact details mentioned under point 1.
Revocation of consent: If you have given us consent to the processing of your data, you can withdraw them at any time with effect for the future. The lawfulness of the processing of your data until the revocation remains unaffected.
Complaints to the supervisory authority: You can also file a complaint with the competent supervisory authority if you believe that the processing of your data violates applicable law. You can contact the data protection authority, which is responsible for your place of residence or your country, or the data protection authority responsible for us.
Your contact to us: Furthermore, if you have any questions about the processing of your personal data, your data subject rights and any consent given, you can contact us free of charge. To exercise all of your aforementioned rights, please contact or by post to the address indicated in section 1 above. Please make sure that we can clearly identify you.
8. Data protection officer
Contact details of our data protection officer:
Dr. Gregor Scheja
Scheja und Partner Rechtsanwälte mbB
Fon: +49 228 227226-0
Fax: +49 228 227226-26