XLAB, central department of Georg-August-Universität Göttingen, Wilhelmsplatz 1, 37073 Göttingen collects and processes your personal data in accordance with the applicable law
- for handling inquiries from interested parties,
- for the purpose of cooperation with clients, partners, contractors and authorities and
- in case you use our website www.xlab-goettingen.de
So called “interested parties” contact us by phone, by email, via our contact form or in writing. This includes job applicants and applicants for an internship.
You are a “client” from the time you request a written offer, regardless of whether the contract is actually concluded or not.
You are a “partner” as a member of the XLAB Alumni Association or in your capacity as a current or former member of one of our committees, (e.g. Scientific Advisory Board, Administrative Advisory Board), a cooperation partner (e.g. in Göttingen Campus or for the purpose of public relations), a donor, a (former) permanent or freelance employee, a former student or trainee and a former member of XLAB e.V.
XLAB collects and processes personal data for the following PURPOSES:
- Communication on courses, services and projects, e.g. by responding to inquiries or to provide information about courses and events;
- Planning, performing and managing of the (contractual) relationship with clients and partners e.g. by handling the booking of courses or other services (such as hotels, visa matters, insurance), issuing certificates, maintaining the XLAB Alumni Association forum, deciding on discounts and scholarships, collecting payments, bookkeeping, billing and for debt collection purposes;
- Sending the newsletter as well as administrating and performing marketing campaigns, customer surveys, acquisition of grants, statistical analysis, press releases or other promotional activities or events;
- Ensuring compliance with legal obligations (such as tax and commercial retention requirements, occupational safety and health, youth welfare) and Georg-August-Universität Göttingen policies or standards;
- Maintaining and protecting the security of our courses, events and services and of our website, preventing and detecting security threats, fraud or other criminal or malicious activities;
- Solving disputes, enforcing our contractual agreements and asserting, exercising and defending legal claims.
In case it is intended to process the personal data for purposes other than those for which it was collected XLAB will provide you with information about these other purposes.
For the aforementioned purposes, XLAB may process the following CATEGORIES of personal data:
- Contact information, such as full name, address, email address, IP addresses, Website, ICQ Number, AIM Handle, Yahoo! Messenger Handle, Skype Handle and Google Talk Handle;
- Payment data, such as information required to process payment or cancellation transactions or fraud prevention;
- Further information required for the processing of a (contractual) relationship, project or XLAB Alumni Association membership (if applicable, gender, date of birth, identity card number, academic degree and affiliation) or which may be provided voluntarily, e.g. in the context of inquiries, bookings or projects;
- Information collected from publicly available resources, integrity data bases and credit agencies.
Unless indicated otherwise, the legal basis for the processing of personal data is Article 6 (1) (b) and (f) of the DSVO or the consent (Article 6 (1) (a) DSVO).
The provision of data by you may be mandatory. We will inform you in this case.
XLAB may transfer your personal data to third parties but only if and to the extent such transfer is required for the purposes mentioned above:
- Data collected through contracting and application procedures are typically processed by internal organizational units of the university (e.g. finance, human resources).
- Subscriber lists of courses or events may be distributed to the participants (e.g. for carpooling), provided that all participants previously have given their consent;
- IT service providers that process data as part of their service delivery (such as IT maintenance service providers) or
- Authorities, Courts, Arbitration Courts or Legal Advisers, if necessary for the purpose of fulfilling or complying with applicable law, or for asserting, pursuing or defending legal claims.
Unless explicitly indicated otherwise (e.g. within a consent form), we erase personal data in case its retention is no longer necessary for the purposes for which they were collected or processed. This applies where there is no other legal ground for data retention (such as tax or commercial law).
In case you have declared your consent to the processing of your personal data, you have the right to withdraw your consent at any time with future effect. The withdrawal does not affect the lawfulness of processing based on the consent before its withdrawal. In case consent is withdrawn, XLAB may only further process the personal data where there is another legal ground for the processing.
You have the following rights regarding our use of your personal data:
- Right of access
- Right to correction or erasure
- Right to restriction of processing
- Right to object to the processing
The right to data portability does not exist in the public-law sector.
Responsible for the collection and processing of personal data is Georg-August-Universität Göttingen Foundation (without university medicine), Wilhelmsplatz 1, 37073 Göttingen.
The responsible Chief Data Privacy Officer of Georg-August-Universität Göttingen is:
Prof. Andreas Wiebe, LL.M. (Virginia)
Platz der Göttinger Sieben 6
XLAB within the Georg-August-Universität Göttingen will always use best efforts to address and settle any requests or complaints brought to its attention. In addition, there is always the possibility to approach the competent data protection authority with requests or complaints:
Der Landesbeauftragte für den Datenschutz Niedersachsen
The use of our website is usually possible without providing personal information. As far as personal data e.g. name, address, email address or user behavior) are collected, part. 2 of this policy applies.
Please note that data transmission over the Internet (for example, when communicating via e-mail) may have security vulnerabilities. A complete protection of the data from access by third parties is not possible.
2.1 Server log files
The provider of the pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type / browser version
- Operating system
- Referrer URL
- Host name of the accessing computer
- Time of the server request
These data can not be assigned to specific persons. A merge of this data with other data sources will not be done. We reserve the right to check this data retrospectively, if we become aware of specific indications for illegal use.
2.2 Contradiction advertising emails
The use of our contact information for sending unsolicited advertising and information materials is prohibited. The operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example through spam emails.