We attach high importance to data protection. Collection and processing of your personal data are in accordance with the valid data protection regulations, in particular with the EU General Data Protection Regulation (GDPR).
1 Controller and Legal Representatives
Controller of the collection, processing, and use of your personal data according to Art. 4, No. 7, GDPR is:
KIT Campus Transfer GmbH
76131 Karlsruhe, Germany
More contact data: see Imprint
Legal representatives are the managing directors:
Dr.-Ing. Hanns-Günther Mayer
Prof. Dr.-Ing. Albert Albers
2 General Purposes of Processing
We use personal data for operating the website and for answering inquiries.
3 Which Data Are Used and Why
Our hosting services are rendered by the company of Mittwald CM Service GmbH & Co. KG, Königsberger Straße 4-6, 32339 Espelkamp, Germany.
3.2 Access Data
When accessing our website www.kit-campus-transfer.de, the browser used on your end device automatically transmits information to the server of our website. This information is stored temporarily in a so-called log file. The following information is acquired without your intervention and stored until automatic erasure:
IP address of the accessing computer
Date and time of access
Name and URL of the file accessed
Website from where the access is made (referrer URL)
Browser used and, if applicable, the operation system of your computer and the name of your access provider
The above data are processed by us for the following purposes:
Ensuring a successful setup of a connection of the website
Ensuring comfortable use of our website
Evaluation of system security and stability
Other administrative purposes
The legal basis of data processing is Art. 6, par. 1, clause 1 (f) GDPR. Our justified interest results from the purposes of data collection listed above. In no case do we use the data collected for the purpose of referring to your person.
We use so-called session cookies to optimize the user friendliness of our website. A session cookie is a small text file sent by the respective servers when accessing a website. It is stored temporarily on your hard disk. This file contains a so-called session ID, through which queries of your browser can be allocated to the joint session. They allow to identify your computer when you return to our website. These cookies are deleted when you close the browser.
To a small extent, we also use persistent cookies (also small text files stored on your end device) that remain on your end device and enable us to identify your browser when it accesses the website again. These cookies are stored on your hard disk and erase themselves automatically after a given time. Their lifetime ranges from one month to ten years. They help us present our website in a more user-friendly, effective, and safer way and to display information that is specially adapted to your interests.
The following data are stored in the cookies:
Entered search terms
Information on the number of accesses of our website and use of individual functions of our website
When activating the cookie, an identification number is assigned to it, but your personal data are not allocated to this identification number. Your name, your IP address or similar data allowing for an allocation of the cookie are not contained in the cookie. By cookie technology, we only obtain pseudonymized information.
You can set your browser such that you are informed in advance about the setting of the cookies and are free to decide in each individual case whether you want to exclude the acceptance of cookies for certain cases or in general or whether cookies are prevented completely. This, however, may limit the functionality of our website.
3.4 Email Contact
If you contact us, e.g. via a contact form or electronic mail, we process your data to deal with your inquiry and potential follow-up questions.
If data are processed for making pre-contractual arrangements as a result of your inquiry or, if you already are our client, for the execution of the contract, this data processing is based on Art. 6, par. 1, clause 1 (b) GDPR.
Further personal data will only be processed, if you agree (Art. 6, par. 1, clause 1 (a) GDPR) or if we have a justified interest in the processing of your data (Art 6, par. 1, clause 1 (f) GDPR). A justified interest, for example, may be to reply to your electronic mail.
4 Storage Period
If not specifically indicated, we will store your personal data as long as this is needed for fulfilling the required purposes.
In some cases, the legislator requires storage of personal data, for instance according to tax or trade law. In these cases, the data will be further stored for these legal purposes only, but they will not be processed in any other way and will be deleted upon the expiry of the legal storage period.
5 Your Rights as a Data Subject
According to the valid legislation, you have a number of rights in your personal data. If you want to assert these rights, address your request by electronic mail or by ordinary mail to the address given in Section 1, with your person being indicated clearly.
An overview of your rights is given below.
5.1 Right of Confirmation and Access
You have the right of being informed clearly about the processing of your personal data.
You are entitled any time to obtaining a confirmation as to whether personal data about you are processed. If this is the case, you have the right to request cost-free information about the personal data stored about you and a copy of these data. In addition, you have the right to obtain the following information:
Purposes of processing,
the categories of personal data processed,
the recipients or categories of recipients to which the personal data have been disclosed or will be disclosed,
if possible, the planned duration for which the personal data are stored or, if this is not possible, the criteria for the specification of this duration,
the existence of a right to rectification or erasure of your personal data or to restriction of processing by the controller or the existence of a right to object to this processing,
the existence of a right to complain about the processing of your personal data with a supervisory authority,
if the personal data are not collected from you, all available information about the origin of the data,
the existence of an automated decision-making, including profiling according to Art. 22, par. 1 and 4 GDPR and – in these cases at least – clear information about the logics involved and the implications and desired consequences of such a processing for you.
Personal data will not be transmitted to third countries.
5.2 Right to Rectification
You have the right to request immediate rectification of inaccurate personal data about you. Taking into account the purposes of processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
5.3 Right to Erasure (Right to Be Forgotten)
In a number of cases, we are obliged to erase personal data concerning you.
According to Art. 17, par. 1 GDPR, you have the right to obtain from us the erasure of personal data concerning you without undue delay and we are obliged to erase personal data immediately, when one of the following grounds applies:
The personal data are no longer necessary for the purposes for which they were collected or otherwise processed.
You withdraw your consent on which the processing is based according to Art. 6, par. 1, clause 1 (a) GDPR or Art. 9, par. 2 (a) GDPR, and there is no other legal basis for processing.
You object to the processing pursuant to Art. 21, par. 1 GDPR and there are no other overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21, par. 2 GDPR.
The personal data were processed unlawfully.
The personal data have to be erased for compliance with a legal obligation in union or member state laws to which we are subject.
The personal data have been collected in relation to the offers of information society services referred to in Art. 8, par. 1 GDPR.
Where we have made the personal data public and are obliged pursuant to Art. 17, par. 1 GDPR to erase the personal data, we, taking into account the available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers who are processing the personal data that you have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.
5.4 Right to Restriction of Processing
In a number of cases, you have the right to obtain from us a restriction of processing of your personal data.
You have the right to obtain from us the restriction of processing, if one of the following conditions applies:
The correctness of the personal data is contested by you for a period enabling us to verify the accuracy of the personal data,
the processing is unlawful and you opposed the erasure of the personal data and requested a restriction of their use instead,
we no longer need the personal data for the purposes of processing, but they are required by you for the establishment, exercise or defense of legal claims, or
you have objected to processing pursuant to Art. 21, par. 1 GDPR pending the verification whether the legitimate grounds of our company override those of you.
5.5 Your Right to Data Portability
You have the right to receive the personal data concerning you in machine-readable format, to transmit those data, or to have these data transmitted by us.
You have the right to receive the personal data concerning you, which you have provided to us, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance by us, if:
The processing is based on a consent pursuant to Art. 6, par. 1, clause 1 (a) GDPR or Art. 9, par. 2 (a) GDPR or on a contract according to Art. 6, par. 1, clause 1 (b) GDPR, and
the processing is carried out by automated means.
In exercising your right to data portability pursuant to par. 1, you have the right to have the personal data transmitted directly from us to another controller, where technically feasible.
5.6 The Right to Object
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you by us, provided that our interests in processing do not have priority.
You have the right to object, on grounds relating to your particular situation, at any time to the processing of personal data concerning you according to Art. 6, par. 1, clause 1 (e) or (f) GDPR, including profiling based on those provisions. We will then no longer process the personal data, unless we can prove compelling legitimate grounds for the processing which override the interests, rights, and freedoms of you or for the establishment, exercise, or defense of legal claims.
5.7 Automated Decision-making, Including Profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you in a similar way.
Automated decision-making based on the personal data collected does not take place.
5.8 Right to Withdraw a Consent to the Processing of Data
You have the right to withdraw your consent to the processing of your personal data anytime.
5.9 Right to Lodge a Complaint with the Supervisory Authority
You have the right to lodge a complaint with the supervisory authority, in particular in the member state of your residence, place of work, or place of the alleged infringement, if you consider the processing of personal data about you to be unlawful.
6 Data Security
We take maximum efforts to ensure with the technical means available the security of your data according to the valid data protection legislation.
We transmit your personal data in an encrypted manner. We use the SSL (Secure Socket Layer) encryption system, but would like you to know that data transmission on the Internet, e.g. when communicating by electronic mail, may be subject to security gaps. Absolute protection of data against access by third parties is not possible.
To secure your data, we take technical and organizational security measures according to Art. 32 GDPR, which are continuously adapted to the state of the art.
We do not guarantee that our offer is available at all times. Disturbances, interruptions or failures cannot be excluded. The servers used by us are secured regularly and carefully.
7 Transfer of Data to Third Parties, No Data Transmission to Non-EU Member States
In principle, we use your personal data within our company only.
If and to the extent to which we include third parties in the execution of contracts (such as logistics service providers), the latter will receive these personal data only to the extent to which they are required for the execution of the respective service.
In case we outsource certain parts of data processing (contractual data processing), we will oblige the contractors to use personal data in accordance with the data protection regulations only and to ensure the protection of rights of the data subject.
Data transmission to offices or persons outside of the EU does not take place and is not planned.