DATA PROTECTION STATEMENT FOR EVENTS REGISTRATIONS ON ALUMNIPORTAL DEUTSCHLAND

We are delighted about your interest in the events of Alumniportal Deutschland and/or its partners. Since we are also very concerned with your privacy, in the following paragraphs we would like to inform you about the way we process your personal data and your data protection rights in the context of your attendance of events. This is required according to the applicable legal regulations of German data protection law, particularly the General Data Protection Regulation (GDPR).

1. Data Processor and Data Protection Officer

We are jointly responsible for the processing of your personal data in connection with the “Alumniportal Deutschland” platform. We have concluded an arrangement in which we determine, in a transparent manner, which controller shall fulfil which obligation under the General Data Protection Regulation (GDPR).

The essence of this arrangement is as follows: The Deutscher Akademischer Austauschdienst e.V. [German Academic Exchange Service] shall fulfil the obligation of responding to requests of data subjects exercising their rights pursuant to Chapter 3 of the GDPR as well as the duties to provide information pursuant to Articles 13 and 14 of the GDPR.

These are the controllers responsible for the data processing:

German Academic Exchange Service (DAAD)
Kennedyallee 50 53175 Bonn Germany
Point of contact: datenschutz(at)alumniportal-deutschland.org

Alexander von Humboldt Stiftung [Alexander von Humboldt Foundation]:
Jean-Paul-Straße 53173 Bonn Germany
Point of contact: DanielaEleonore.Becker(at)avh.de

Goethe Institut e.V.
Oskar-von-Miller-Ring 18 80333 Munich, Germany
Point of contact: Anna.Schwellensattl(at)goethe.de

You can reach our Data Protection Officer at:

Data protection officer of the DAAD:
Dr. Gregor Scheja
Scheja und Partner Rechtsanwälte mbB
Adenauerallee 136
53113 Bonn
Germany
Phone: 0228/2272260
Point of contact: www.scheja-partner.de/kontakt/kontakt.html

Data protection officer of the Alexander von Humboldt Stiftung:
Alexander von Humboldt-Stiftung
Jean-Paul-Str. 12
53173 Bonn
Germany
Data protection officer
Point of contact: Ansgar.Schuldenzucker(at)avh.de

Data protection officer of the Goethe Institut e.V.:
Goethe-Institut e.V.
Oskar-von-Miller-Ring 18
80333 München
Germany
Point of contact: datenschutz(at)goethe.de

2. Purposes and legal basis for data processing

2.1 Preparation, execution and monitoring of the events of Alumniportal Deutschland and its partners.

We process personal data whenever this is necessary for the preparation, execution and monitoring/evaluation of our events. Without this data, we would be unable to respond to your registration or to any expectations of the events, and neither could we continue developing our range of events in a way that meets your needs. The purposes depend on the specific contract and encompass in particular

  • Registration for the event
  • Participant management
  • Online participation in the event
  • Recording of the event for post-reporting purposes

Certain information is required to register for our event. These fields are marked with a "*" and mainly contain the following data: first name, last name, e-mail address, or address of current residence.

If an event is co-organised with other partner organisations or Alumniportal Deutschland is supporting the event management of these organisations, the contact details are provided to these to framework agreement partners and event-specific partners and contractors of Alumniportal Deutschland involved in preparing, organising, and executing the events.

Data is processed based on Article 6 Par. 1 b) of the GDPR. You will need to provide the personal data that is required to prepare, execute, and monitor/evaluate the relevant event of Alumniportal Deutschland and its partners. Without that data, we will not be able to process your requests or fulfil our contract.

We delete the data when it is no longer needed for our purposes of preparation and execution of a contract and no other legal basis applies. In the latter case, we delete the data after that legal basis is no longer applicable.

3. Recipients of personal data

Internal recipients: Within the Alumniportal Deutschland, access is limited to persons requiring it for the purposes specified under clause 2. Where this is necessary to prepare, execute and monitor/assess the relevant event of the Alumniportal Deutschland, your data will be transmitted to the responsible work units of the cooperation partners.

External recipients: We only share your personal data with external recipients outside the Alumniportal Deutschland, if this is required for the purposes listed in clause 2. If we are otherwise legally permitted to do so, or if you have given us your consent for this purpose.

External recipients may be:
a) Processors
External service providers we use for the provision of services, for instance, in the technical infrastructure and maintenance of the Alumniportal Deutschland’s own services or for the provision of contract-relevant content. We carefully select such processors and regularly check them to ensure the safeguarding of your privacy. Service providers may only use data for the purposes we specify.

b) Public bodies
Public authorities and state institutions, such as public prosecutors, courts of law and fiscal authorities, to which we need to send personal data for mandatory legal reasons.

c) Private bodies
Dealers, cooperation partners or assisting persons to whom we send data based on the purposes listed under clause 2 or based on a declaration of consent or on a legal basis, for instance partner institutions of Alumniportal Deutschland organizing or co-organizing the event.

4. Data processing in third countries

If data is transmitted to bodies that have their head offices or data-processing locations outside EU member states and outside states forming part of the EEA, we ensure before disclosure that – except for certain legally permitted exceptions – those bodies either have your adequate consent or they provide an adequate level of data protection (for instance, through an adequacy decision taken by the European Commission, through suitable guarantees such as the recipient’s self-certification for the EU-US Privacy Shield or the agreement of so-called standard EU contractual clauses with the recipient).

You can request from us a list of recipients in third countries and a copy of the provisions that have been agreed in each case to ensure an adequate level of data protection. To do so, please use the contact details given in clause 1.

5. Automated case-by-case decisions including profiling

Automated decisions on a case-by-case basis including profiling as defined by Article 22 of the GDPR do not take place.

6. Retention period

For the retention period of personal data, please refer to clause 2.
In addition, the following applies: We only save your personal data for as long as it is necessary for fulfilling the stated purposes or – if you have given your consent – until you revoke your consent. If you revoke your consent, we erase your personal data, unless further processing is permitted under the relevant applicable statutory provisions.
We also erase your personal data if we are under an obligation to do so on legal grounds.

7. Rights of data subjects

As a person affected by data processing, you are entitled to specific rights. These are in detail:

Right to information: You have a right to access the data we have stored about you as a person.

Right to rectification and erasure: You can require us to correct inaccurate data or – provided that the legal grounds are in place – to erase your data.

Restriction of processing: Provided that the legal grounds are in place, you can require us to restrict the processing of your data.

Data portability: If you have provided us with data based on a contract or your consent, and as long as there are legal grounds, you can require us to send you the data you gave us in a structured, commonly used and machine-readable format, or you can require us to send your data to a different controller.

Objection to data processing for reason of “justified interest” as a legal basis:

If there are reasons arising from your specific situation, you are entitled to object to our processing of your data at any time, provided that such an objection has its legal basis in a “legitimate interest”. If you make use of your right to object, we shall discontinue the processing of your data, unless we can – within the parameters of the law – demonstrate compelling legitimate grounds for further processing, outweighing your own rights.

Revocation of consent: If you have given us your consent to the processing of your data, you can revoke this at any time with future effect. This, however, does not affect the legitimacy of processing your data until the date of revocation.

Right to lodge a complaint with the supervisory authority: You can also lodge a complaint with the competent supervisory authority if you believe that the processing of your data has breached the latest applicable law. To do so, you can contact the data protection authority responsible for your place of residence or country or the data protection authority responsible for ourselves.

Your options for contacting us and for exercising your rights: If you have any questions about the processing of your personal data, your rights as a data subject or any consent you may have given, please feel free to contact us free of charge. To exercise any of the afore mentioned rights, please contact datenschutz@daad.de or write to the address specified in clause 1. When you do so, please make sure that we can clearly identify you.

Januar 2022