II. Processing of personal data

1. Data processing / purpose and recipients

The processing of personal data is carried out exclusively for the purpose of enabling ERG Universitätsservice GmbH to provide services in response to

  • expressions of interest or for pre-contractual activities, or
  • which are based on a contract or
  • legal obligations.

Your data may be transmitted to the following recipients:

  • 'Processors' according to Article 28 EU GDPR (e.g. a data processing centre) as part of processing an order.
  • Other third parties as part of delegating functions.
  • Public authorities due to legal provisions.

Your data is not transmitted outside the European Union or the European Economic Area. Further information can be found in Chapter II.2

1.1 Visiting the ERG Universitätsservice GmbH website

In connection with your access to the ERG Universitätsservice GmbH website, general information, so-called server log files, are automatically saved: This includes the browser type and version, the operating system, the names of the pages visited and how long they were accessed for, date and time of access, search engines used, names of downloaded files as well as the referrer URL and your IP (Internet Protocol) address.

These data are statistically analysed only in anonymised form. Any further analyses serve to optimise the ERG Universitätsservice GmbH website technical systems. These data will not be combined with other data sources.

However, ERG Universitätsservice GmbH reserves the right to subsequently review log file data if there is a reasonable suspicion of unlawful use.

1.2 Contracts

For admission as a member or for the execution of a contract, we require information including your name, address (postal address), phone numbers and email addresses and, if applicable, date of birth. You will receive a customer / membership number upon conclusion of the contract.

Contributions are calculated on the basis of your customer or membership status, and your bank details (SEPA mandate) are required for billing purposes.

1.3 Services

For the provision of services (e.g. data migrations) further (particular) personal data may be transmitted to ERG Universitätsservice GmbH. If there is no contractual relationship yet and you hand over personal data to ERG Universitätsservice GmbH, ERG Universitätsservice GmbH undertakes in writing to keep them confidential.

1.4 Email

We use the Unix email system. The Mail.ZEDAT.FU-Berlin.DE computer receives all email and immediately initiates a virus scan. If you contact us by email, we need information that enables us to communicate with you. This information includes at a minimum your name, email address and the reason for your enquiry. We delete all information when the reason for contacting us no longer exists and unless legal requirements preclude deletion.

1.5 Newsletters

On the above-named sites and subdomains, there are opportunities to subscribe to free newsletters or other free information available via email. If you sign up for such information, data from the registration form will be forwarded to the person responsible for the content. When you sign up, you will be requested to give your consent for forwarding the information.

The legal basis for processing the data after registering for a newsletter is, in the case of consent, Article 6 (1) of the General Data Protection Regulation (GDPR).

Your email address is required to deliver a newsletter. The email address of the user is stored as long as the subscription to the newsletter is active.

Subscriptions to newsletters or other information can be terminated at any time by the recipient. As a rule, you will usually find a link for this purpose in each newsletter. If you have further questions, feel free to contact the Central Online Editorial Department via email to datenschutz[at]erggmbh.de.

1.6 Services via TeamViewer

If you allow us access to your data via TeamViewer, your content is subject to confidentiality. Our employees are trained on a regular basis and have signed a confidentiality agreement that remains in force even after their employment ends. We store the contents of TeamViewer sessions that are subject to billing until the legal basis for this no longer exists.

1.7 Telephone contact

When you contact us by phone, it is necessary for us to be able to identify you as an authorised contact person. Please have your membership number ready. Notifications of changes to a data entry can only be made by stating your membership number. We store the names of callers and the reason for your call until this reason no longer exists and no legal requirements preclude deletion.

1.8 Chat / job interviews

ERG Universitätsservice GmbH uses components of skype.com for chat communication. In addition to the data provided, the IP address and the time of the chat will also be recorded. As soon as the reason for your request no longer exists, we will delete the chat data.

By submitting an online application, you as the applicant agree that your data will be processed and stored electronically. Please note that in case of unprotected transmission of your application by electronic means, ERG Universitätsservice GmbH can not guarantee the security of the personal data transmitted.

2. Profiling / advertising

We do not use your data to create personality profiles or forward them to third parties for advertising purposes or for sale.

Should ERG Universitätsservice GmbH be required to do so by law or by court order, we will forward your data to entities authorised to receive the information.

3. Storing personal data

Data that you send to ERG Universitätsservice GmbH for processing will be encrypted during transmission to our own servers or the servers of external German data processing centres. ERG Universitätsservice GmbH uses the commonly used SSL code (Secure Socket Layer Protocol) for encryption. All instances of access and access attempts are logged. Please ensure your browser versions are up to date.

If personal data is forwarded to service providers by ERG Universitätsservice GmbH as part of processing an order, such service providers are bound by the applicable legal provisions.

4. Retention and deletion periods 4.1 Periods

IP addresses are stored for reasons of data security and to ensure the stability and reliability of the system. The storage period depends on the applicable legal provisions. Your personal data will be deleted after expiry of the applicable statutory retention periods.

4.2 Your data in case of termination of contract

You are and will remain the sole owner of your data. In case of a termination of your contract, please note that you must secure those data beyond the contract period to which a statutory retention period applies.