Privacy Policy

I. Name and Address of the Controller

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the EU Member States, as well as other data protection regulations, is:

Institute for the History and Theory of Architecture and the City (GTAS)
Technische Universität Braunschweig
Universitätsplatz 2
38106 Braunschweig
Germany
Phone: +49 (531) 391 - 2347
Email: gtas[at]tu-braunschweig.de

Represented by Prof. Dr. Tatjana Schneider

II. Data Protection Officer of TU Braunschweig

The Data Protection Officer of Technische Universität Braunschweig is:

PO Box 3329, D-38023 Braunschweig
Bienroder Weg 80
38106 Braunschweig
Germany
Phone: +49 (531) 391 - 7654
Email: datenschutz[at]tu-braunschweig.de

III. General Information on Data Processing

1. Scope of Processing of Personal Data
The Institute GTAS does not collect or process any personal data.

2. Rights of the Data Subject

2.1 Right of Access
You have the right to request confirmation from the controller as to whether personal data concerning you are being processed. Where this is the case, you may request access to the following information:

a) the purposes of the processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipients to whom the personal data have been or will be disclosed;
d) the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) the existence of the right to rectification or erasure of personal data or restriction of processing or the right to object;
f) the right to lodge a complaint with a supervisory authority.

2.2 Right to Rectification
You have the right to obtain from the controller the rectification or completion of inaccurate or incomplete personal data concerning you, without undue delay.

2.3 Right to Restriction of Processing
You have the right to request the restriction of processing where one of the following applies:

a) you contest the accuracy of the personal data, for a period enabling the controller to verify the accuracy;
b) the processing is unlawful, and you oppose the erasure and request restriction instead;
c) the controller no longer needs the data, but you require them for the establishment, exercise or defence of legal claims;
d) you have objected to processing pending the verification whether the legitimate grounds of the controller override yours.

Where processing has been restricted, such personal data shall – with the exception of storage – only be processed with your consent or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest.

You will be informed before any restriction is lifted.

2.4 Right to Erasure

A) Obligation to Erase
You have the right to request the immediate erasure of personal data concerning you, and the controller is obliged to erase them without undue delay where one of the following grounds applies:

a) the data are no longer necessary for the purposes for which they were collected;
b) you withdraw consent and there is no other legal basis for processing;
c) you object to the processing and there are no overriding legitimate grounds;
d) the personal data have been unlawfully processed;
e) erasure is required by a legal obligation under Union or Member State law;
f) the data were collected in relation to information society services offered to a child.

B) Exceptions
The right to erasure does not apply to the extent that processing is necessary:

a) for exercising the right of freedom of expression and information;
b) for compliance with a legal obligation or for the performance of a task carried out in the public interest;
c) for public interest in the area of public health;
d) for archiving, research or statistical purposes where erasure would seriously impair the objectives;
e) for the establishment, exercise or defence of legal claims.

2.5 Right to Notification
If you have exercised your right to rectification, erasure, or restriction, the controller must notify all recipients to whom the personal data have been disclosed, unless this proves impossible or involves disproportionate effort. You have the right to be informed about those recipients.

2.6 Right to Data Portability
You have the right to receive the personal data concerning you, which you have provided to a controller, in a structured, commonly used, and machine-readable format. You also have the right to transmit those data to another controller without hindrance, where:

a) the processing is based on consent or a contract, and
b) the processing is carried out by automated means.

You may also request that the personal data be transmitted directly from one controller to another, where technically feasible. This must not adversely affect the rights and freedoms of others.

This right does not apply where processing is necessary for a task carried out in the public interest or in the exercise of official authority vested in the controller.

2.7 Right to Object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you that is based on Article 6(1)(e) or (f) GDPR.

The controller shall no longer process the personal data unless they demonstrate compelling legitimate grounds for the processing that override your interests, or for the establishment, exercise or defence of legal claims.

You have the right to withdraw consent at any time. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

2.8 Right to Lodge a Complaint with a Supervisory Authority
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or the place of the alleged infringement, if you consider that the processing of personal data relating to you infringes the GDPR.

The supervisory authority shall inform you about the progress and outcome of your complaint, including the possibility of a judicial remedy under Article 78 GDPR.

IV. Server Hosting and Log Files

When visiting this website, log files are stored on the server. These may include your IP address, browser type, time and date of access, and the operating system used.

Log files are deleted after 2 months.

This website is hosted on servers of Hetzner Online GmbH. Therefore, data processing takes place in Germany.

The legal basis for processing this data is Art. 6(1)(f) GDPR.
The processing is carried out for the purpose of logging errors and improving website security, including the detection of potential attacks.

V. Use of Cookies

The website of the Institute for the History and Theory of Architecture and the City (TU Braunschweig)uses cookies to enhance user-friendliness. Some elements of the website require the browser to be recognized after a page change.

Cookies store a randomly generated unique session ID for the duration of your visit.

The legal basis for the use of technically necessary cookies is Art. 6(1)(f) GDPR.
Their purpose is to simplify website use. Some functions cannot be offered without cookies, as they require the browser to be recognized after navigation between pages. This constitutes a legitimate interest under Art. 6(1)(f) GDPR.

Cookies are used for:

a) Providing the website.

Data collected through technically necessary cookies are not used to create user profiles.

Cookies are stored on your device and transmitted to us. Therefore, you have full control over their use. You can disable or restrict the transmission of cookies by changing your browser settings. Stored cookies can be deleted at any time – either manually or automatically.

Please note: disabling cookies may limit the functionality of this website.