FAUST is a university group from the Friedrich-Alexander Universität Erlangen-Nürnberg (FAU). To operate this website, we may collect personal data from your visit. This privacy notice informs you about the details of these data and how they are processed.

All data processing happens in compliance with the EU General Data Protection Regulation (EU-GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). Please refer to Art. 4 EU-GDPR for definitions of the terms used throughout this text.

As a university gruop, FAUST is entirely run by volunteers. People involved in the data processing include members of the university group as well as other volunteers with or without a legal agreement to the controller named below. Nevertheless, everybody involved will respect the legal requirements and this privacy notice.

Except otherwise noted, we will not share personal data with third parties.

Responsibility

The controller of the data processing is:

Fachschaft der Technischen Fakultät Erlangen e.V.
For contact details, refer to our “Legal” page

The data protection officer is:
Mr. Jonny Schäfer
Email: datenschutz@techfak-verein.de
Phone: +49 151 54856688

Processing Operations

The following paragraphs give details on the different data processing operations.

Website

When using our website, your IP address is used by our web server to provide the requested contents. This is technologically necessary and inherent to every website. We generally do not store personally identifiable information in logs, except for data about your browser and operating system (HTTP User Agent). In case of errors (HTTP status codes 4XX and 5XX), more information, including your IP address, gets stored in logs together with the requested page and time of the request. This supports our error analysis, which is our legitimate interest within the meaning of Art. 6 Par. 1 Point (f) EU-GDPR.

Contact

Should you contact us as specified on our “Contact” page or using any other means, your message will be handled by members of the university group in order to fulfill your request. Besides the message text, this may e.g. involve your name, email address, and message metadata. The legal basis for this are Art. 6 Par. 1 Points (b) and (f) EU-GDPR in combination with our interest to be approachable by participants and the general public.

When contacting us via third-party platforms such as Twitter, what is stated under “Social Media” will apply additionally.

Social Media

We maintain presences on social media platforms to provide updates on the competition, as well as to stay in contact with participants and the general public. That is our legitimate interest within the meaning of Art. 6 Par. 1 Point (f) EU-GDPR.

Social media platforms are run by third parties. This means we do neither have control over what data they process, nor how they process it. Data may be processed outside of the European Economic Area and the scope of EU-GDPR. That may involve processing for advertising, market research, and profiling.

For details, including opt-out options, refer to the privacy notice of the respective platform. The best way to exercise your legal rights is in direct correspondence with the platform.

Twitter

We run the Twitter profile @fausecteam.

Twitter is run by: Twitter, Inc. 1355 Market Street, Suite 900 San Francisco, CA 94103 United States

Twitter’s privacy policy can be found at https://twitter.com/en/privacy.

Retention Period and Deletion

In general, data are stored as long as necessary for the specified purposes. After that, they get deleted.

In some cases, we are legally required to preserve some data. In those cases, the relevant data will only be deleted after that preservation period has expired. However, data processing will be restricted to the legal requirements.

Rights

Except otherwise noted, you are entitled to the following rights concerning the processing of your personal data:

  • Right of access according to Art. 15 EU-GDPR: You may request information on whether we process your personal data. If that is the case, you have the right to receive information about these data, a copy of the data, as well as further information related to the processing.
  • Right to rectification according to Art. 16 EU-GDPR: If personal data about you are not accurate (anymore) or incomplete, you may request them to be corrected or completed.
  • Right to erasure (Art. 17 EU-GDPR) and right to restriction of processing (Art. 18 EU-GDPR): If the legal requirements are met, you may demand that your personal data get deleted or that the processing of the data gets restricted.
  • Right to data portability according to Art. 20 EU-GDPR: You may request personal data you provided to us in a structured, commonly used and machine-readable format or demand the transmission to another controller, if the legal requirements are met.
  • Right to object according to Art. 21 EU-GDPR: You may object to the processing of your personal data based on Art. 6 Par. 1 Points (e) and (f) at any time on grounds relating to your particular situation. In case of processing for direct marketing purposes, you may object unconditionally and without giving reasons.
  • Withdrawal of consent according to Art. 7 Par. 3 EU-GDPR: If you have given your consent to data processing, you may withdraw it at any time. In this case, we will not continue the processing which was based on the consent.
  • Right to lodge a complaint with a supervisory authority according to Art. 77 EU-GDPR: You have the right to complain to a supervisory authority if you think our data processing infringes EU-GDPR or other legal regulations. In particular, you may contact the authority at your place of residence, place of work, or the place of the alleged infringement.