1. Subject matter of data protection
- private address,
- e-mail address,
- telephone number, or
- usage data, for example your IP address.
2. Scope and area of application
4. Person responsible
5. Processing purposes and legal grounds
- To provide this website (legal basis: legitimate interest to publish the purpose of the foundation),
- to identify malfunctions and for security reasons (legal basis: fulfilment of our legal obligations in the area of data security and legitimate interest in the elimination of malfunctions and the security of our offerings),
- to provide the newsletter.
What do we use your data for?
6. Processing of personal data when using the service
How do we collect your data?
- IP (Internet Protocol) address of the end device used to access the website,
- internet address of the website from which the website was accessed (so-called origin or referrer URL),
- name of the service provider used to access the website,
- name of the files or information retrieved,
- date, time and duration of the retrieval,
- operating system and information on the internet browser used,
- HTTP status code (e.g. “request successful” or “requested file not found”).
Inquiry by e-mail and telephone
Duration of storage; retention periods
Note on data transfer to the USA and other third countries
Switching off and deleting cookies
Overview of the cookies we use
In this section you will find an overview of the cookies we use.
a) Essential cookies.
Certain cookies are necessary for us to provide our online services securely (session cookies). This category includes:
– Cookies that serve to identify or authenticate our users,
– Cookies that store certain user preferences (e.g. search or language settings).
b) The website contains the following external integrations:
– Borlabs Cookies => data collection consent tool,
– Sendinblue => newsletter tool,
– Matomo => analysis of website access,
– Wordfence => firewall for website protection.
Cookie consent with Borlabs Cookies
Our website uses Borlabs Cookie Consent technology to obtain your consent to the storage of certain cookies in your browser or to the use of certain technologies and to document this consent in accordance with data protection law. The provider of this technology is Borlabs – Benjamin A. Bornschein, Rübenkamp 32, 22305 Hamburg (hereinafter referred to as Borlabs). When you enter our website, a Borlabs cookie is stored in your browser, in which the consents you have given or the revocation of these consents are stored. This data is not shared with the Borlabs cookie provider. The collected data will be stored until you request us to delete it, or until you delete the Borlabs cookie yourself, or until the purpose for storing the data no longer applies. Mandatory legal retention periods remain unaffected. Details on the data processing of Borlabs Cookie can be found at https://de.borlabs.io/kb/welche-daten-speichert-borlabs-cookie/.
7. Integration of external services
This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated via a website.
The hoster is used for the purpose of fulfilling contracts with our potential and existing customers (Art. 6 (1) (b) GDPR) and in the interest of a secure, fast and efficient provision of our website by a professional provider (Art. 6 (1) (f) GDPR).
Our hoster will process your data only to the extent necessary to fulfil its service obligations and to follow our instructions regarding this data. We use the following hoster:
Gautinger Straße 10
Via our e-mail newsletter, we will share news regarding our project. For this purpose, we use the service Sendinblue provided by Sendinblue GmbH, Köpenicker Straße 126, 10179 Berlin. The provider is based in Germany and is therefore subject to the data protection regulations applicable in Germany. The data is not shared with third parties (https://de.sendinblue.com/datenschutz-uebersicht/).
If you would like to receive the newsletter offered on the website, we require your e-mail address as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter.
We use the so-called double opt-in procedure to ensure that the newsletter is sent with your consent. In the course of this, the potential recipient gives permission to be included in a distribution list. Subsequently, the user is given the opportunity to confirm the registration in a legally secure manner by means of a confirmation e-mail. Only if the confirmation is received will the address be actively included in the distribution list.
We use this data exclusively for sending the requested information and content.
The newsletter software we use is Sendinblue. Your data will be passed on to Sendinblue GmbH. Sendinblue is prohibited from selling your data and using it for purposes other than sending newsletters. Sendinblue is a certified German provider, selected according to the requirements of the General Data Protection Regulation and the Federal Data Protection Act.
You can find more information here: https://de.sendinblue.com/informationen-newsletter-empfaenger/
You can revoke your consent to the storage of data, e-mail address and their use for sending the newsletter at any time, for example via the “unsubscribe” link in the newsletter.
8. Data transfer
Transfer of data to other responsible parties
As a matter of principle, we will only transfer your personal data to other responsible parties if this is necessary for the performance of the contract, if we or the third party have a legitimate interest in the transfer, or if we have your consent to do so. Details on the legal grounds can be found in the section on processing purposes and legal grounds. If data is transferred to third parties on the basis of a legitimate interest, this is explained in this data protection notice. In addition, data may be transferred to other data controllers if we are required to do so by law or by enforceable official or court order.
Analytics tools and third-party tools
When visiting this website, your browsing behaviour may be statistically analysed. This is done primarily with so-called analytics programs.
This website uses the open source web analytics service Matomo. Matomo uses technologies that enable the cross-page recognition of the user for the analysis of user behaviour (e.g. cookies or device fingerprinting). The information collected by Matomo about the use of this website is stored on our server. The IP address is anonymised before storage.
With the help of Matomo, we are able to collect and analyse data about the use of our website by website visitors. This allows us to find out, among other things, which page views were made when, and from which region they come. We also collect various log files (e.g. IP address, referrer, browsers and operating systems used) and can measure whether our website visitors perform certain actions (e.g. clicks, purchases, etc.).
The use of this analysis tool is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in analysing user behaviour in order to optimise both its website and its advertising. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR and § 25 (1) of the Telecommunications Telemedia Data Protection Act (TTDSG), insofar as the consent includes the storage of cookies or access to information in the user’s end device (e.g. device fingerprinting) as defined by the TTDSG. The consent can be revoked at any time.
We use IP anonymisation for the analysis with Matomo. In this case, your IP address is shortened before analysis so that it can no longer be clearly assigned to you.
We host Matomo exclusively on our own servers, so that all analysis data remains with us and is not passed on.
Matomo tracking opt-out
We have integrated Wordfence on this website. The provider is Defiant Inc, 800 5th Ave, Ste 4100, Seattle, WA 98104, USA (hereinafter Wordfence).
Wordfence is used to protect our website from unwanted access or malicious cyberattacks. For this purpose, our website establishes a permanent connection to Wordfence’s servers so that Wordfence can match its databases with the accesses made to our website and block them if necessary.
The use of Wordfence is based on Art. 6 (1) (f) GDPR. The website operator has a legitimate interest in protecting its website as effectively as possible against cyberattacks. Insofar as a corresponding consent has been requested, the processing is carried out exclusively on the basis of Art. 6 (1) (a) GDPR; the consent can be revoked at any time.
Data transfer to the USA is based on the standard contractual clauses of the EU Commission. Details can be found here: https://www.wordfence.com/help/general-data-protection-regulation/.
Google Web Fonts (local hosting)
This site uses so-called web fonts provided by Google for the uniform display of fonts. Google Web Fonts are installed locally. There is no connection to Google servers.
9. User rights
You have the right to receive information, free of charge and at any time, about the origin, recipient and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent to data processing, you can revoke this consent at any time for the future. You also have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority. For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time.
Please use the information in the contact form section to assert your rights. In doing so, please ensure that we are able to clearly identify you.
Right to information and disclosure
You have the right to receive information from us about the processing of your data. To this end, you may assert a right of access in relation to the personal information we process about you.
Withdrawal of consent
If you have given us consent to process your data, you may revoke this consent at any time with effect for the future. The lawfulness of the processing of your data until the revocation remains unaffected.
You still have the right to receive data that you have provided to us in a structured, common and machine-readable format or – if technically feasible – to request that the data be transferred to a third party.
Right of complaint
You have the right to file a complaint with the Data Protection Officer at TU Berlin or the supervisory authority.
10. Data protection officer
Data Protection Team at TU Berlin:
Dr Mattis Neiling
Straße des 17. Juni 135
Raum H 1038
Tel.: +49 30 314 21784
Fax: +49 30 314 28033
11. Supervisory authority
Berlin Commissioner for Data Protection and Freedom of Information
Friedrichstr. 219 / Visitor entrance via Puttkamerstr. 16–18
Tel.: +49 30 13889-0
Fax: +49 30 2155050