IV. Data security

1. Certification

Our software service (VereinsMANAGER, VerbandsMANAGER and officeMANAGER) has been certified with the 'Trusted Cloud' quality seal initiated by the Federal Ministry for Economic Affairs and Energy and overseen by 'Kompetenznetzwerk Trusted Cloud Inc.' The seal awards certification to cloud services on the basis of a comprehensive catalogue of quality criteria, which document, among others, the transparency of company services as well as data protection and IT security services.

ZEDAT is the Freie Universität Berlin's (FU) central data processing centre. With its employees, ZEDAT develops and manages the IT infrastructure of the FU and provides services in the field of information and communication technology for university members and university institutions in research, teaching and administration. With the use of modern technology and through in-house development of innovative software, ZEDAT ensures IT use at a high level in the field of science.

1.1 Subcontracting

ERG Universitätsservice GmbH commits its subcontractors (e.g. data processing centres) to comply with all technical and organisational requirements necessary to protect your data against unauthorised access or manipulation as part of subcontracting arrangements.

1.2 Data protection and IT security plan besser Contingency plan

An IT security and data protection besser The contingency plan documents all measures used to check that the security of your data is up to date and to adapt it to emerging challenges.

2. Data Protection Officer

The efficient team of an external data protection officer, led by Heike Lenz, monitors the data protection compliant processing of personal data by ERG Universitätsservice GmbH at regular intervals and provides advice regarding innovations and necessary changes.

You can reach our Data Protection Officer at datenschutz [at] erggmbh.de or http://www.erggmbh.de/datenschutz/index.html. You can also contact our Data Protection Coordinator Daniela Dutschke by calling 030 838 59 804. We will forward your request immediately.

3. Employees 3.1 Data protection audit

In order to not only guarantee our customers the strongest protection of their data that is technically possible, all ERG University Service GmbH employees participate in regular and practice-oriented data protection training.

Our employees are required to keep confidentiality and to comply with all relevant legal provisions, a duty which continues even after their employment ends.

3.2 Access rules

Only trained and legitimate employees of ERG Universitätsservice GmbH are permitted to access your data. In case of special personal data, ERG Universitätsservice GmbH management only grants access rights to employees who specialise in this type of data processing and who are familiar with the corresponding guidelines.

When accessing your data, ERG Universitätsservice GmbH employees are obliged to limit themselves to the data they need to complete their service task. Data can only be accessed by authorised employees via the IP number of ERG Universitätsservice GmbH company headquarters and is documented in the global logs.