Data Privacy Statement

Table of Contents

• Introduction
• Responsible body
• Data protection officer
• Access to our website
  • Usage data (log files)
  • Cookies
  • TLS encryption
• Social media platforms
  • Social media presence
• Links to other websites
• Data collected for contact purposes
  • Contact via email
  • Online appointment booking
• Storage concept
  • Storage duration
• Data subject rights
  • Right of access
  • Right to rectification, erasure and blocking of data
  • Notification obligation regarding the rectification or erasure of personal data or the restriction of processing
  • Right to data portability
  • Right to object
• Last updated

Introduction

In the following, we will inform you, pursuant to Article 13 of the European General Data Protection Regulation (EU-DSGVO), about the nature, scope and purpose of the collection and use of personal data on our websites astatu.berlin, asta.tu-berlin.de and astatu.de, i.e. within our online offering and the associated websites, functions and content as well as external online presences, such as our social media profiles.

We will also inform you about the relevant legal bases and your rights with regard to this data processing.

Responsible body

TU Berlin General Students’ Committee (AStA)

Straße des 17. Juni 135

10623 Berlin

Data protection officer

reachable at:

datenschutz [at] asta.tu-berlin.de

Access to our website

This website is hosted on our own server, which is located in Germany, i.e. within the European Union. No data is processed outside of the European Union (as per the GDPR).

Usage data (log files)

When you visit this website, the following usage data is collected:

• requested domain/port
• IP address
• Time stamp
• requested resource
• HTTP referrer URL
• HTTP status code
• Byte size of the response
• User-agent string (depending on settings: browser, operating system and versions)

These logs and data are automatically deleted after 14 days. There may be temporary exceptions to prevent attacks and for troubleshooting.

Cookies

We use cookies to collect and store data. However, we only use cookies that are necessary on a technical level.

Name	Purpose	Domain	Duration
PHPSESSID	To remember access to protected pages, but is currently not actively used (part of WordPress)	asta.tu-berlin.de	SESSION
pll_language	To remember/recognize language settings	asta.tu-berlin.de	1 year

TLS encryption

Data on our website is transmitted using the TLS encryption protocol. This transport encryption means that the content of your inquiries cannot be read by third parties. You can recognize TLS-encrypted data transmission by the prefix “https://” in the URL and a closed and/or green padlock symbol in the URL line.

Social media platforms

On this website, we link to our accounts on the social media platforms Facebook, Twitter, Instagram, YouTube and Friendica. However, since we do not have any social plugins yet, no personal data is collected by these websites unless you click on the associated links.

Social media presence

The content is under the CC BY-NC 4.0 license and may only be used free of charge for non-commercial purposes and must always include a link to https://www.asta.tu-berlin.de. The commercial use (online and/or in print) of the content (text, images, etc.) requires a separate written agreement.

Below you will find a list of our social media profiles and a link to the respective third-party providers’ data privacy statements:

Facebook

https://facebook.com/astatuberlin

Facebook Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, a subsidiary of Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA.
Data privacy policy: https://en-us.facebook.com/policy.php

Twitter

https://twitter.com/astatu

Twitter Inc., 795 Folsom St., Suite 600, San Francisco, CA 94107, USA Privacy Policy: https://twitter.com/en/privacy

YouTube

https://youtube.com/astatuberlin

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 USA
Privacy Policy: https://policies.google.com/privacy?hl=en

Instagram

https://instagram.com/astatuberlin

Instagram LLC, now Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland
Privacy Policy: https://www.instagram.com/legal/privacy/

Friendica

runs on our own server

Links to other websites

In addition to the social media platforms, we also link to other websites. Similarly, once you click on these external links, we can no longer control the collection of personal data and can therefore not assume any responsibility for them.

Data collected for contact purposes

Contact via email

The easiest way to get in touch with us is by sending an email to the relevant collective or department. By writing the email, you voluntarily transmit your personal data to us and thus consent to it being processed. The data is stored on our server. You are welcome to write to us using PGP encryption (many of our collectives and departments have PGP keys).

The data will only be used to process the correspondence and handle your inquiry. In addition, we regularly delete email contacts, especially once the inquiry has been dealt with.

Online appointment booking

If you book an appointment with us online, the specified (nick) name, the selected appointment and, if desired or necessary, an email address will be stored. The email address will be used to receive an appointment confirmation after registration and a reminder during the week of the selected appointment.
All data will be deleted at 23:00 on the day of an appointment.
This applies to the (nick) name, the selected appointment and the (optional) specified email address.
The data is stored in an encrypted form in a database and is protected from unauthorized access by third parties.

Appointment type	Storage period	Email address required
Finance plenum	14 days	No
BAföG and social counseling	7 days	Yes
Billing consultation hour	7 days	No
“Semesterticket” video consultation	21 days	Yes
In-person university consultation	14 days	Yes

Storage concept

Storage duration (GDPR Art. 5 (1) b))

In general, your personal data will be deleted when we no longer need it to fulfill the purpose of processing (i.e. your inquiry) or if you ask us to delete it. The only data excluded from this deletion is the data that we need to process outstanding tasks or to enforce our rights and claims, as well as data that we are legally required to keep.

Data subject rights

Right of access (GDPR Art. 15)

You have the right to ask us whether we are processing your personal data. If this is the case, you are also entitled to information about the processed data.

Right to rectification, erasure, restriction and blocking of data (GDPR Art. 16, 17, 18)

You have the option of having your personal data corrected, deleted, restricted or blocked. To do so, contact the relevant collective or department to which you sent the data, or send an email to datenschutz [at] asta.tu-berlin.de.

Notification obligation regarding the rectification or erasure of personal data or the restriction of processing (GDPR Art. 19)

We will inform you if we correct, delete or restrict your data, unless this is not possible or disproportionately costly.

Right to data portability (GDPR Art. 20)

We will provide you with the data we have stored in a written format if you request it and we will transfer the data if you so choose.

Right to object (GDPR Art. 21)

You have the right to object to the lawful processing of data. If you do so, we will delete your data. In this case, you can also contact the relevant collective or department or send an email to datenschutz [at] asta.tu-berlin.de.

Last updated

August 2022

Translated by TU Berlin Translation Services