c/o German Scholars Organization
Data processing controller
German Scholars Organization
Dr. Anne Schreiter
Definitions of Terms
“Personal data” is any and all information that relates to an identified or identifiable natural entity (hereinafter “data subject”); a natural entity is regarded as identifiable if they can be identified directly or indirectly, in particular by means of an identifier such as a name, an identification number, location data, an online identifier or one or more special features that express the natural entity’s physical, physiological, genetic, psychological, economic, cultural or social identity.
“Processing” is any process carried out with or without the help of automated procedures or any series of processes in connection with personal data, such as collection, recording, organization, ordering, storage, adaptation or editing, reading, querying, use, disclosure by transmission, distribution or any other form of provision, comparison or linking, restriction, deletion or destruction.
“Restriction of processing” involves the labelling of stored personal data with the aim of restricting its future processing.
A “file system” is any structured collection of personal data that is accessible according to certain criteria, regardless of whether this collection is managed centrally, decentrally or according to functional or geographical criteria.
A “controller” is the natural or legal entity, authority, institution or other body that, alone or jointly with others, decides the purposes and means of processing personal data; if the purposes and means of this processing are specified by union law or the law of member states, the controller or the specific criteria for their appointment can be provided for in accordance with union law or member state law.
A “processor” is a natural or legal entity, authority, institution or other body that processes personal data on behalf of the controller.
A “recipient” is a natural or legal entity, authority, institution or other body to which personal data is disclosed, regardless of whether this is a third party or not. Authorities that may receive personal data as part of a specific investigation according to union law or member state law are not considered recipients; these authorities process this data in accordance with applicable data protection regulations and the purposes of the processing.
A “third party” is a natural or legal entity, authority, institution or other body, apart from the data subject, the controller, the processor and the persons authorized to process the personal data under the direct responsibility of the controller or the processor.
Informed, unequivocal “consent” is granted by the data subject voluntarily for a particular case upon presentation of a declaration or any other unequivocal action with which the data subject states their agreement to the processing of their personal data.
We collect and process the following personal data about you:
Contact details and address insofar as you have provided us with your contact information or registered on our site,
Online identifiers (e.g. your IP address, browser type and version, the operating system used, referrer URL, IP address, file name, access status, the amount of data transferred, and the date and time of the server request),
Social media identifiers.
IP addresses are assigned to every device (e.g. smartphone, tablet, PC) that is connected to the internet. Which IP address this is depends on how your device is currently connected to the internet.
Application (by post, email or the application portal),
Carrying out of events,
Management of the alumni platform
Purposes of data processing
For contact requested by you,
For information about our services,
To process contracts,
For advertising purposes,
For press and communication purposes,
To send our email newsletter if you have subscribed,
For quality assurance purposes,
For our statistics and
The preparation and carrying out of virtual and face-to-face events, recordings, especially live streams, and the publication of images, video and sound recordings on social media channels, our website and print media.
When you register as a member of AlumNode, we collect data that is generated when you interact with our system. We save contact data and images that you enter or upload onto the system. We save messages that you send to other members, comments that you leave on the platform, groups that you subscribe to, your tags and your participation in events. In order to regularly improve the relevance of our emails, we record whether you have opened and clicked on the email newsletter.
The purpose of data collection is networking among platform members, article 6 paragraph 1 sentence 1 b) of the GDPR. In order to fulfill our obligations, we need your name and an email address. Without the provision of this data, membership of our network is not possible. We may require additional mandatory information to authenticate members.
All other data can be provided voluntarily; this makes it easier for us and other members to get in touch. You can see the data stored about you in the settings area of your profile; this allows you to find out about stored data. You also have the option of deleting your data in the settings area.
Your data can be viewed by employees of the German Scholars Organization e.V. , the associated Heidelberg Laureate Forum Foundation and the Klaus Tschira group, Schloss-Wolfsbrunnenweg 33, 69118 Heidelberg, in order to ensure the administration and fulfillment of our purpose. Your data will be shared with other members for the purpose of networking (address book). Your profile settings let you control what data can be viewed by other members.
From time to time, we will contact you by email to inform you about career opportunities, news, and events on the platform. A newsletter is also sent out regularly. We also use your address, your status or your program affiliation to this end. You have the option to object to receiving the corresponding newsletter in your profile settings
When members apply for “alumni funding”, their name, occupation and required application documents are made available to a jury. In addition, we use your bank account / PayPal data to transfer the funds in the event of a grant. Even if you have objected to receiving newsletters in general, we reserve the right to send you emails for the purpose of forwarding information regarding relevant events for members.
Legal Basis for Data Processing
Your data is processed on the following legal basis:
Your consent according to article 6 paragraph 1 a) of the GDPR,
To execute a contract with you in accordance with article 6 paragraph 1 b) of the GDPR,
To fulfill legal obligations in accordance with article 6 paragraph 1 c) of the GDPR or
Based on a legitimate interest in accordance with article 6 paragraph 1 f) of the GDPR.
If we process your personal data for legitimate interests within the meaning of article 6 paragraph 1 f) of the GDPR, this may encompass
Improving our services
Preventing misuse or
Keeping internal statistics.
We receive data from you (including about the devices you use). If we do not collect the personal data directly from you, we will also inform you of the source from which the personal data originates and, if applicable, whether this originates from publicly accessible sources.
Transmission / Data Recipient
When processing your data, we work with the following service providers who have access to your data:
Our cooperation partner, the Heidelberg Laureate Forum Foundation, Schloss-Wolfsbrunnenweg 33, 69118 Heidelberg, provider of web analysis tools,
Web hosting providers,
Administrative service providers,
Video conferencing service providers,
Payment service providers,
Print service providers,
Data is transferred to third countries outside the European Union. This is done on the basis of statutory contractual provisions that are intended to ensure the adequate protection of your data. You can view these on request.
Duration of Processing
We only store your personal data for as long as is necessary to achieve the processing purpose or for the duration of the statutory retention period if the data is subject to one. We store your data
Until you revoke your consent at the latest, if you have granted your consent,
Until the statutory retention period ends or for as long as we have a contractual relation-
ship with you at the latest, if we need the data for the execution of a contract,
For as long as your interest in deletion or anonymization does not outweigh our interests, if we use the data based on a legitimate interest.
You have the right - although certain conditions apply in some cases -
To request information about the processing of your data free of charge and to receive a copy of your personal data. You can request information regarding the purposes of processing, the categories of personal data being processed, the recipients of your data (if it is passed on), the duration of storage or the criteria for determining such duration;
To correct your data. If your personal data is incomplete, you have the right to complete the data, taking into account the purposes of processing;
To have your data deleted or blocked. Reasons for the existence of a right to deletion / blocking may include the revocation of the consent on which the processing is based, the data subject’s objection to the processing or the unlawful nature of the processing of the personal data;
To have processing restricted;
To object to the processing of your data;
To revoke your consent for the processing of your data for the future and
To complain to the responsible supervisory authority about unlawful data processing.
Further Data Protection Information
The contact form on our website provides you with an easy way to get in touch with us quickly. Some fields are marked as required as these facilitate contact. If you fill out the fields and select “Send Contact Request”, you agree that your data will be sent to us by email along with your message. Data is not saved on the web server.
When you subscribe to our newsletter, we use the data required for this or separately provided by you in order to regularly send you our email newsletter. You can unsubscribe from the newsletter at any time either by sending a message via the contact method described above or via the unsubscribe link provided in the newsletter.
We have taken extensive technical and organizational measures to protect your data from possible dangers such as unauthorized access, unauthorized disclosure, modification and distribution, as well as loss, destruction and misuse.
In order to protect your personal data from unauthorized third party access during transfer, we secure data transmissions using SSL encryption where necessary. This is a standardized encryption method for online services, especially for the web.
Every time our website is accessed, use data is transmitted by the respective internet browser and stored in server log files. The data records saved in this process contain the following data: domain from which the user accessed the website, date and time of retrieval, IP address of the accessing computer, website(s) that the user visited as part of the service, amount of data transferred, browser type and version, operating system used, name of internet service provider, notification as to whether the request was successful. These log file data records are evaluated in an anonymized form in order to improve our service and make it more user-friendly, to find and correct errors, and to control the load on servers.
All personal data is automatically deleted after 24 months at the latest.
See https://gsonet.org/cookie-politik-eu/Cookie Settings
We charge a participation fee for some events. Further information can be found on the relevant event page. As part of this contractual relationship, we offer data subjects an efficient and secure payment option via payment service providers. The data processed by the payment service provider includes data such as name and address, bank details, in particular account numbers or credit card numbers, as well as contract and calculation information. This information is required to carry out the respective transactions. However, the data entered will only be processed and stored by the payment service provider. If you use the PayPal payment service, we do not receive any information related to your account or credit card, just information confirming that the payment has been approved or rejected. These transactions are subject to the relevant provider’s contractual and data protection provisions. The payment service provider is used on the basis of article 6 paragraph 1 b) of the GDPR (contract processing) as well as in the interest of a smooth, comfortable and secure payment process (article 6 paragraph 1 f) of the GDPR). Insofar as your consent is required for further data processing and this has been granted, the legal basis for processing is article 6 paragraph 1 a) of the GDPR; consent can be revoked at any time for the future.
You also have the option of paying the participation fee by bank transfer. The payment information you enter with your payment service provider, in particular your account data, is processed and stored there. We receive your account-related information and the amount of the payment from your payment service provider
Our website alumnode.org uses OpenStreetMap (OSM), provided by Open-Street-Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom. OpenStreetMap is a web service for displaying interactive maps in order to visually display geographical information. When you use this service, the location of other users is shown to you and your location is shown to other users. When you call up the subpages in which the OSM map is integrated, information about your use of the website (such as your IP address) is transmitted to and stored by OSMF. OSMF might save Cookies in your browser and might save text files on your computer that allow an analysis of the use of the website. If you do not wish that Cookies are saved in your browser, you might block that in your browser settings, however, this might interfere with the full scope of functions of the website. Your location can also be recorded if you have this in your device settings - e.g., on your mobile phone. The provider of this site has no influence on this data transfer.
The use of OSM takes place in particular in accordance with article 6 paragraph 1 f) of the GDPR on the basis of OSMF legitimate interests in displaying their services and/or ensuring the needs-based design of its website.
Information on how OpenStreetMap stores your data can be found at: https://wiki.openstreetmap.org/wiki/Privacy_Policy
Audio and Video Conferencing
Among other things, we use online conference tools to communicate with our target group. The individual tools we use are listed below. If you communicate with us online via video or audio conference, your personal data will be recorded and processed by us as well as the provider of the relevant conference tool. These conference tools collect all data that you provide/employ to use the tools (e.g. email address). The conference tools also process the duration of the conference, start and end (time) of participation in the conference, number of participants and other “contextual information” in connection with the communication process (metadata).
We use the following conference tools:
We use Zoom. The provider of this service is Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. The data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://zoom.us/de-de/privacy.html
More Online Tools and Providers