Information on the Collection of Personal Data
The operators of these websites take the protection of your personal data very seriously.
Personal data are all data that can be related to you personally, such as name, address, email addresses, and user behavior (information referring to an identifiable natural person (Art. 4, No. 1 of the EU General Data Protection Regulation (GDPR))).
Controller according to Art. 4, par. 7 GDPR is the President of KIT, Professor Dr.-Ing. Holger Hanselka, Kaiserstrasse 12, 76131 Karlsruhe, Germany, info (see Legals). Our Data Protection Commissioner can be contacted at ∂ kit edudatenschutzbeauftragter or by ordinary mail with “Die Datenschutzbeauftragte” (the data protection commissioner) being indicated on the envelope. ∂ kit edu
When you contact us by electronic mail or via a contact form, the data given by you (your email address and, if applicable, your name and your phone number) will be stored by us to answer your questions. The data arising in this connection will be erased as soon as storage will no longer be required or processing will be restricted, if legal obligations to retain the data exist.
We would like you to note that internet-based data transmission (e.g. when communicating by electronic mail) may have security gaps. Absolute protection of data against access by third parties may not be guaranteed.
Collection of Personal Data
When using the website for information purposes only, i.e. when you do not register or transmit other information, we will only collect the personal data that are transmitted by your browser to our server according to the settings made by you (server log files). For viewing our website, we collect the data required for this purpose and needed for ensuring stability and security according to Art. 6, par. 1, clause 1, (f) GDPR:
- Anonymized IP address
- Date and time of access
- Time zone difference to Greenwich Mean Time (GMT)
- Content of the access (concrete site)
- Status of access/HTTP status code
- Data volume transmitted
- Website from which an accessing system reaches our website
These data cannot be referred to certain persons. These data will not be combined with other data sources. We reserve the right to check these data later on, if concrete indications of unlawful use become known to us.
In case you complete a form to receive press releases or our newsletter, for instance, your data entered in the form, inclusive of your contact data indicated there, will be stored by us to send you the information required and to answer additional questions, if necessary. We will not transfer these data to third parties without your approval. For registration, we use the so-called double-opt-in method, which means that your registration will be completed only, if you have confirmed it by clicking the link contained in the confirmation email sent to you for this purpose. If you do not confirm your registration within 48 hours, your registration will be deleted automatically from our database.
For reasons of security and for the protection of the transmission of confidential contents, such as inquiries sent to us as website operator, this website uses SSL encryption. In case of an encrypted connection, the address line of the browser changes from http:// to https:// and the lock symbol is indicated in your browser line.
When SSL encryption is activated, third parties cannot read the data you transmit to us as a rule.
As far as your personal data stored by us are concerned, you have the following rights:
- Right of access
- Right to rectification or erasure
- Right to restriction of processing
- Right to object to data processing
- Right to data portability
(2) In addition, you have the right to complain about the processing of your personal data by us with a supervisory authority.
(3) In the case of manifestly unfounded or excessive requests, we can charge a reasonable fee. Otherwise, information will be provided free of charge (Article 12, par. 5 GDPR).
(4) In the case of reasonable doubts concerning the identity of the natural person asserting the above rights, we may request the provision of additional information necessary to confirm the identity of the data subject (Article 12, par. 6 GDPR).
In addition to the data mentioned above, cookies are stored on your personal computer when using our website. Cookies are small text files stored in your computer system by the browser used by you, through which we (the server of our website) obtain certain information. Cookies cannot execute any programs or transmit viruses to your computer. They serve to make internet offers more user-friendly, more effective, and quicker. It is distinguished between session cookies (transient cookies) and permanent (persistent) cookies.
Transient cookies are deleted automatically when you close the browser. They include in particular the session cookies. These store a so-called session ID, through which queries of your browser can be allocated to the joint session. They allow us to identify your computer when you return to our website. Session cookies are deleted when you log out or close the browser.
We use session cookies exclusively. We do not use any persistent cookies or flash cookies.
You can set your browser such that you will be informed about the setting of cookies and you can permit cookies in individual cases only, exclude the acceptance of cookies in certain cases or in general, and activate automatic deletion of cookies when closing your browser. When deactivating cookies, functionality of this website may be limited.
For reasons of better readability, the masculine spelling has generally been used for function designations such as "participant", "employee", etc.. We expressly point out at this point that both the male and female spelling is meant.
The protection of personal data is a central concern for the University Sports Department of the Karlsruhe Institute of Technology. With these data protection regulations, we provide information on how personal data is processed by us and to which persons it is made accessible.
These data protection provisions supplement the conditions of participation
1. basic principles for the processing of personal data
- The processing of personal data is carried out within the framework of the State Data Protection Act of Baden-Württemberg.
- University Sports uses personal data exclusively to enable participation in the sports program and to administer sports courses. Without providing the data explained below (see section 3), participation in university sports is not possible.
- Stored data is only accessible to the staff of the Hochschulsport. Exercise instructors of the Hochschulsport have limited access to the stored data for course organization. Data concerning the payment of course fees by direct debit will be made available to the cash office of the Karlsruhe Institute of Technology for this purpose. Other persons or third parties cannot view any of the stored data.
- "Personal data" are, according to §3 para. 1 LDSG, all individual details about personal or factual circumstances of an identifiable person.
- The personal data that must be entered when registering for the sports offers (mandatory fields) are referred to as "registration details" (see 3.2).
- Some information provided during registration is optional. These are referred to as"Voluntary information" (see 3.3).
- When registering for a fee-based sports course,"payment details" are recorded (see 3.4).
2.2 Persons and facilities
- University Sports is an institution of the Karlsruhe Institute of Technology and is open to members and affiliates of the Karlsruhe Institute of Technology and its cooperating institutions; it is referred to as "University Sports" in its entirety.
- The full-time and student employees of the Hochschulsport who are responsible for organizing the sports program are called "employees".
- Leaders of the sports courses, who are responsible for the professional and athletic supervision, are called "Exercise Leaders"; they are named on the University Sports homepage or can be inquired at the University Sports Office.
- Users who have registered for a sports course on the university sports homepage are called "participants".
- Direct debit for payment of course fees is handled by the cash office of the Karlsruhe Institute of Technology; this will be referred to as the "cash office" in the following.
2.3 Other Terms
- The website on which the Hochschulsport offers sports courses is called "Hochschulsport-Homepage" and can be accessed at https://www.ifss.kit.edu/hochschulsport/index.php.
- In exceptional cases, registration for sports courses is possible in person at the Hochschulsport office. This is called the "Hochschulsport-Office".
- The program offered by the University Sports Office is called "Sports Offer" in its entirety.
- Individual services and performances of the sports program are called "sports course".
3. which data are processed?
3.1 Personal data
The personal data that is processed automatically within the scope of the organization of the sports offer consists in detail of the data explained under 3.2, 3.3 and 3.4.
Participants have the right to obtain information about the data stored about them by the Karlsruhe Institute of Technology and, if necessary, to have this data corrected. Upon request, data can only be viewed and processed in person at the University Sports Office.
All data collected will only be stored for a limited period of time. Data that can be associated with the registration for a sports course or the payment of a sports course will be anonymized at the latest one year after the end of the semester of the respective sports course in such a way that an assignment of the participant is no longer possible. If the participant does not register for another sports course within this period, all stored data of this participant will be deleted.
3.2 Registration data
When registering on the university sports homepage, registration details are recorded. These are:
- Salutation (Mr./Mrs.) or gender
- First name
- Last name
- Postal code
- Place of residence
- Status (in the sense of: University affiliation status. Student, employee, guest)
- Matriculation number (only for students)
- Telephone number of place of work (only for staff members)
3.3 Voluntary information
When registering on the university sports homepage, the following information is voluntary:
- Email address
- Telephone number
3.4 Payment data
For fee-based sports courses, payment can only be made by direct debit when registering on the Hochschulsport-Homepage. If payment is made by direct debit, the participant is required to provide the following information:
- Account number
- Bank code
- Account holder
4 Who can view the stored data?
Employees of the Hochschulsport can view all personal data made; they use these data exclusively for the purposes of the Hochschulsport.
4.2 Exercise instructor
In order to enable exercise instructors to contact participants directly, the exercise instructors are given access to previously collected personal data (if specified) of the registered participants. The exercise instructors can only view the following data until the end of the semester of the respective sports course:
- First name
- Last name
- E-mail address
- Phone number
4.3 Cash desk
Payment by direct debit is processed by the cash office. In order to carry out the payment by direct debit, the following previously collected data of the participants will be transmitted to the cash office:
- First name
- Account number
- Bank code
- Registration date
- Payment amount
- booked service (sports course)
In the event of a return debit note for which the participant is responsible (i.e. the direct debit could not be processed due to obviously incorrect information provided by the participant, e.g. non-existent account number), the University Sports Office will contact the participant directly.
5. changes to the data protection regulations