Data Privacy Statement

Table of Contents


In the following, we will inform you, pursuant to Article 13 of the European General Data Protection Regulation (EU-DSGVO), about the nature, scope and purpose of the collection and use of personal data on our websites, and, i.e. within our online offering and the associated websites, functions and content as well as external online presences, such as our social media profiles.

We will also inform you about the relevant legal bases and your rights with regard to this data processing.

Responsible body

TU Berlin General Students’ Committee (AStA)

Straße des 17. Juni 135

10623 Berlin

Data protection officer

reachable at:

datenschutz [at]

Access to our website

This website is hosted on our own server, which is located in Germany, i.e. within the European Union. No data is processed outside of the European Union (as per the GDPR).

Usage data (log files)

When you visit this website, the following usage data is collected:

  • requested domain/port
  • IP address
  • Time stamp
  • requested resource
  • HTTP referrer URL
  • HTTP status code
  • Byte size of the response
  • User-agent string (depending on settings: browser, operating system and versions)

These logs and data are automatically deleted after 14 days. There may be temporary exceptions to prevent attacks and for troubleshooting.


We use cookies to collect and store data. However, we only use cookies that are necessary on a technical level.

PHPSESSIDTo remember access to protected pages, but is currently not actively used (part of WordPress)asta.tu-berlin.deSESSION
To remember/recognize language settings
asta.tu-berlin.de1 year

TLS encryption

Data on our website is transmitted using the TLS encryption protocol. This transport encryption means that the content of your inquiries cannot be read by third parties. You can recognize TLS-encrypted data transmission by the prefix “https://” in the URL and a closed and/or green padlock symbol in the URL line.

Social media platforms

On this website, we link to our accounts on the social media platforms Facebook, Twitter, Instagram, YouTube and Friendica. However, since we do not have any social plugins yet, no personal data is collected by these websites unless you click on the associated links.

Social media presence

The content is under the CC BY-NC 4.0 license and may only be used free of charge for non-commercial purposes and must always include a link to The commercial use (online and/or in print) of the content (text, images, etc.) requires a separate written agreement.

Below you will find a list of our social media profiles and a link to the respective third-party providers’ data privacy statements:


Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.
Data privacy policy:


Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA Privacy Policy:


Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA
Privacy Policy:


Instagram LLC, now Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Privacy Policy:


runs on our own server

Links to other websites

In addition to the social media platforms, we also link to other websites. Similarly, once you click on these external links, we can no longer control the collection of personal data and can therefore not assume any responsibility for them.

Data collected for contact purposes

Contact via email

The easiest way to get in touch with us is by sending an email to the relevant collective or department. By writing the email, you voluntarily transmit your personal data to us and thus consent to it being processed. The data is stored on our server. You are welcome to write to us using PGP encryption (many of our collectives and departments have PGP keys).

The data will only be used to process the correspondence and handle your inquiry. In addition, we regularly delete email contacts, especially once the inquiry has been dealt with.

Online appointment booking

If you book an appointment with us online, the specified (nick) name, the selected appointment and, if desired or necessary, an email address will be stored. The email address will be used to receive an appointment confirmation after registration and a reminder during the week of the selected appointment.
All data will be deleted at 23:00 on the day of an appointment.
This applies to the (nick) name, the selected appointment and the (optional) specified email address.
The data is stored in an encrypted form in a database and is protected from unauthorized access by third parties.

Appointment typeStorage periodEmail address required
Finance plenum14 daysNo
BAföG and social counseling7 daysYes
Billing consultation hour7 daysNo
“Semesterticket” video consultation21 daysYes
In-person university consultation14 daysYes

Storage concept

Storage duration (GDPR Art. 5 (1) b))

In general, your personal data will be deleted when we no longer need it to fulfill the purpose of processing (i.e. your inquiry) or if you ask us to delete it. The only data excluded from this deletion is the data that we need to process outstanding tasks or to enforce our rights and claims, as well as data that we are legally required to keep.

Data subject rights

Right of access (GDPR Art. 15)

You have the right to ask us whether we are processing your personal data. If this is the case, you are also entitled to information about the processed data.

Right to rectification, erasure, restriction and blocking of data (GDPR Art. 16, 17, 18)

You have the option of having your personal data corrected, deleted, restricted or blocked. To do so, contact the relevant collective or department to which you sent the data, or send an email to datenschutz [at]

Notification obligation regarding the rectification or erasure of personal data or the restriction of processing (GDPR Art. 19)

We will inform you if we correct, delete or restrict your data, unless this is not possible or disproportionately costly.

Right to data portability (GDPR Art. 20)

We will provide you with the data we have stored in a written format if you request it and we will transfer the data if you so choose.

Right to object (GDPR Art. 21)

You have the right to object to the lawful processing of data. If you do so, we will delete your data. In this case, you can also contact the relevant collective or department or send an email to datenschutz [at]

Last updated

August 2022

Translated by TU Berlin Translation Services