Information on the Collection of Personal Data
The operators of these websites take the protection of your personal data very seriously.
Personal data are all data that can be related to you personally, such as name, address, email addresses, and user behavior (information referring to an identifiable natural person (Art. 4, No. 1 of the EU General Data Protection Regulation (GDPR))).
Controller according to Art. 4, par. 7 GDPR is the President of KIT, Professor Dr.-Ing. Holger Hanselka, Kaiserstrasse 12, 76131 Karlsruhe, Germany, info (see Legals). Our Data Protection Commissioner can be contacted at ∂kit edudatenschutzbeauftragter or by ordinary mail with “Die Datenschutzbeauftragte” (the data protection commissioner) being indicated on the envelope. ∂kit edu
When you contact us by electronic mail or via a contact form, the data given by you (your email address and, if applicable, your name and your phone number) will be stored by us to answer your questions. The data arising in this connection will be erased as soon as storage will no longer be required or processing will be restricted, if legal obligations to retain the data exist.
We would like you to note that internet-based data transmission (e.g. when communicating by electronic mail) may have security gaps. Absolute protection of data against access by third parties may not be guaranteed.
Collection of Personal Data
When using the website for information purposes only, i.e. when you do not register or transmit other information, we will only collect the personal data that are transmitted by your browser to our server according to the settings made by you (server log files). For viewing our website, we collect the data required for this purpose and needed for ensuring stability and security according to Art. 6, par. 1, clause 1, (f) GDPR:
- Anonymized IP address
- Date and time of access
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the access (concrete site)
- Status of access/HTTP status code
- Data volume transmitted
- Website from which an accessing system reaches our website
These data cannot be referred to certain persons. These data will not be combined with other data sources. We reserve the right to check these data later on, if concrete indications of unlawful use become known to us.
In case you complete a form to receive press releases or our newsletter, for instance, your data entered in the form, inclusive of your contact data indicated there, will be stored by us to send you the information required and to answer additional questions, if necessary. We will not transfer these data to third parties without your approval. For registration, we use the so-called double-opt-in method, which means that your registration will be completed only, if you have confirmed it by clicking the link contained in the confirmation email sent to you for this purpose. If you do not confirm your registration within 48 hours, your registration will be deleted automatically from our database.
For reasons of security and for the protection of the transmission of confidential contents, such as inquiries sent to us as website operator, this website uses SSL encryption. In case of an encrypted connection, the address line of the browser changes from http:// to https:// and the lock symbol is indicated in your browser line.
When SSL encryption is activated, third parties cannot read the data you transmit to us as a rule.
As far as your personal data stored by us are concerned, you have the following rights:
- Right of access
- Right to rectification or erasure
- Right to restriction of processing
- Right to object to data processing
- Right to data portability
(2) In addition, you have the right to complain about the processing of your personal data by us with a supervisory authority.
(3) In the case of manifestly unfounded or excessive requests, we can charge a reasonable fee. Otherwise, information will be provided free of charge (Article 12, par. 5 GDPR).
(4) In the case of reasonable doubts concerning the identity of the natural person asserting the above rights, we may request the provision of additional information necessary to confirm the identity of the data subject (Article 12, par. 6 GDPR).
In addition to the data mentioned above, cookies are stored on your personal computer when using our website. Cookies are small text files stored in your computer system by the browser used by you, through which we (the server of our website) obtain certain information. Cookies cannot execute any programs or transmit viruses to your computer. They serve to make internet offers more user-friendly, more effective, and quicker. It is distinguished between session cookies (transient cookies) and permanent (persistent) cookies.
Transient cookies are deleted automatically when you close the browser. They include in particular the session cookies. These store a so-called session ID, through which queries of your browser can be allocated to the joint session. They allow us to identify your computer when you return to our website. Session cookies are deleted when you log out or close the browser.
We use session cookies exclusively. We do not use any persistent cookies or flash cookies.
You can set your browser such that you will be informed about the setting of cookies and you can permit cookies in individual cases only, exclude the acceptance of cookies in certain cases or in general, and activate automatic deletion of cookies when closing your browser. When deactivating cookies, functionality of this website may be limited.
The protection of personal data is a central concern for the university sport of the Karlsruhe Institute of Technology. With these data protection regulations, we provide information on how personal data is processed by us and to whom it is made available.
These data protection regulations supplement the conditions of participation.
1. Basic principles governing the processing of personal data
Personal data is processed within the framework of the State Data Protection Act of Baden-Württemberg.
University sport uses personal data exclusively to enable participation in the sports programme and to administer sports courses. Participation in university sport is not possible without providing the data explained below (see section 3).
Stored data is only accessible to the employees of the university sports department. University sports instructors have limited access to the stored data for course organisation purposes. Data concerning the payment of course fees by direct debit will be made available to the cash desk of the Karlsruhe Institute of Technology for this purpose. Other persons or third parties cannot view any of the stored data.
2. Terms of these data protection regulations
"Personal data" according to §3 paragraph 1 LDSG are all individual details about personal or factual circumstances of an identifiable person.
The personal data that must be entered when registering for the sports offers (mandatory fields) are referred to as "registration data" (see 3.2).
Some of the information provided during registration is optional. These are referred to as "voluntary data" (see 3.3).
When registering for a fee-based sports course, "payment details" are recorded (see 3.4)
2.2 Persons and facilities
University sport is an institution of the Karlsruhe Institute of Technology and is open to members and associates of the Karlsruhe Institute of Technology and its cooperation institutions; it is referred to as "university sport" in its entirety.
The full-time and student employees of university sport who are responsible for the organisation of the sports programme are called "employees".
The heads of the sports courses, who are responsible for the professional and sports-related supervision, are called "exercise leaders"; they are named on the University Sports Homepage or can be obtained from the University Sports Office.
Users who have registered for a sports course on the university sports homepage are called "participants".
The direct debit for the payment of course fees is handled by the cash desk of the Karlsruhe Institute of Technology; this is hereinafter referred to as "cash desk".
2.3 Other Terms
The website on which university sports offers sports activities is called the "University Sports Homepage" and can be reached at http://www.sport.kit.edu/hochschulsport.
Registration for sports courses is possible in person in the office of the University Sports Department. This is called the "Hochschulsport Office".
The program offered by the University Sports Office is referred to in its entirety as "Sports Offer".
Individual services and benefits of the sports programme are called "sports course".
3 Which data are processed?
3.1 Personal data
The personal data that are processed automatically in the context of the organisation of the sports offer consist, in particular, of the data explained under 3.2, 3.3 and 3.4.
Participants have the right to obtain information about the data stored about them by the Karlsruhe Institute of Technology and, if necessary, to have it corrected. On request, the data can only be viewed and processed in person at the University Sports Office.
All collected data will only be stored for a limited period of time. Data that can be associated with the registration for a sports course or the payment of a sports course will be made anonymous at the latest one year after the end of the semester of the respective sports course in such a way that it is no longer possible to assign the participant. If the participant does not register for another sports course within this period, all stored data of this participant will be deleted.
3.2 Registration details
When registering on the university sports homepage, registration details are recorded. These are:
- Salutation (Mr. / Mrs.) or gender
- First name
- Last name
- Place of residence
- Status (in the sense of: Status of university membership. Student, employee, guest)
- Matriculation number (only for students)
- Telephone number of the workplace (only for staff members)
3.3 Voluntary information
When registering on the university sports homepage, the following information is voluntary:
- email address
- Phone number
3.4 Payment data
For fee-paying sports courses, payment can only be made by direct debit when registering on the university sports homepage. If payment is made by direct debit, the following information must be provided by the participant:
- Account number
- Bank code
- Account holder
4. Who can view the stored data?
Employees of university sport can view all personal data provided; they use this data exclusively for university sport purposes.
In order to enable trainers to contact participants directly, the trainers will make previously collected personal data (if specified) of the registered participants available. The instructors can only view the following data until the end of the semester of the respective sports course:
- Last name
- E-mail address
- Phone number
4.3 Cash desk
Payment by direct debit is handled by the cash desk. In order to make the payment by direct debit, the following previously collected data of the participants will be transmitted to the cash desk:
- First name
- Account number
- Bank code
- Date of application
- Payment amount
- booked service (sports course)
If a return debit note occurs for which the participant is responsible (i.e. the direct debit could not be processed due to an obviously incorrect information provided by the participant, e.g. non-existent account number), the University Sports Department will contact the participant directly.
5. Changes to the data protection regulations
The University Sport reserves the right to amend these data protection regulations if changes become necessary due to technical innovations, subsequently identified regulatory gaps or with regard to new services provided by the University Sport. The University Sport will publish the current version of these data protection regulations on the University Sport homepage.