Privacy Policy Moodle TU Berlin English Version

I hereby consent to the transmission of the data (meta data) listed below to DATEV eG. The data will be transmitted exclusively for the purpose of providing the service to the person giving consent. The meta-data are required for secure communication between the participating entities HWR Berlin (Identity Provider) and the below-mentioned service (Service Provider). Without their transmission, no service can be provided. Consent is given voluntarily and can be revoked at any time with effect for the future. After receiving of the declaration of revocation by the HWR, my data may not be transmitted further. The data is to be deleted immediately. Revocation of my consent does not affect the legality of the transmission that has taken place up to that point. The revocation can be done over the Link[1] or by activating the delete box at the registration page.

Data privacy statement in accordance with GDPR

 

1     Name and address of the controller

The controller as defined by the General Data Protection Regulation, other national data protection legislation of the EU Member States and other data protection provisions is:

 

Hochschule für Wirtschaft und Recht Berlin

Badensche Str. 52 10825 Berlin (Deutschland) praesident@hwr-berlin.de

Represented by: Prof. Dr. Andreas Zaby

 

2      Name and address of the data protection officer

HWR Berlin

Vitali Dick (HiSolutions)

Badensche Str. 52 10825 Berlin

datenschutz@hwr-berlin.de

 

3     Information regarding data processing for TU Berlin Moodle via Shibboleth (single sign on)

3.1     The purpose of data processing

Personal data is processed for the following purposes:

 

  • Authentication of the User vis-à-vis the provider of Moodle TU Berlin, as an authorised member of HWR Berlin. Only members of the HWR are authorised to use Moodle TU

Berlin.

  • Provision of the TU Berlin service to the User
  • Ensuring secure communication between the participating entities HWR Berlin (Identity Provider) and TU Berlin (Service Provider)

 

3.2     The legal foundation of data processing

Data is processed for the purposes specified in 3.1 on the basis of the consent provided by the user to processing of their personal data (art. 6 section 1 a GDPR). There is no contractual or legal requirement to provide the data. The provision of consent is entirely voluntarily. The consent for the transmission can be revoked at any time. However, the service can then no longer be used via Shibboleth, as a transmission of the meta data is necessary.

 

3.3     Types and categories of personal data

We process the following categories and type of the users data for the purposes named in 3.1:

Category Metadaten
Given Name = Last name
Sn = First Name
Mail = HWR-Emailadress
eduPersonScopedAffiliation = Type of affiliation to the HWR (student / administration / lecturer / other members of the HWR)
Personal ID

3.4     Recipients or categories of recipients of the personal data

The data is being processed exclusively in Germany or the EU by HWR Berlin. The data is transmitted to TU Berlin each time Moodle is accessed via Shibboleth. More information will be shown in TU Berlin data protection conditions.

 

4 General information about data processing at the HWR Berlin

4.1     Scope of application

This data privacy statement applies to the processing of personal data gathered in accordance with GDPR.

4.2     The scope of personal data processing

We only process the personal data of our users if this is required for the provision of a functional service and is required by our contents and services. The regular processing of the personal data of our users is performed only after they have issued us with their consent. An exception is made in cases in which actual reasons mean that it is not possible to obtain previous consent and that the law permits processing of the data.

4.3     Deleting data and the duration of data storage

The personal data of the person affected will be deleted and access to them blocked as soon as the person affected have objected to this. Data can also be saved if this is intended by European or national legislation, EU directives or other regulations to which the controller is subject.

4.4     The rights of the person affected by the processing

The person affected by the data processing has rights which they can assert against the HWR Berlin in accordance with art. 13 – 23 GDPR. The following section provides an overview of the most important rights.

 

  • The right to information following the collection of personal data in accordance with art. 13 GDPR
  • The right to information if the personal data was not collected from the person affected in accordance with art. 14 GDPR
  • The right to information about the data saved by the controller (HWR Berlin) in accordance with art. 15 GDPR
  • The right to rectification of the data saved by the controller (HWR Berlin) in accordance with art. 16 GDPR
  • The right to erasure of the data saved by the controller (HWR Berlin) in accordance with art. 17 GDPR
  • The right to restriction of processing of the data saved by the controller (HWR Berlin) in accordance with art. 18 GDPR
  • The right to notification in conjunction with the correction or deletion of personal data or restriction of its processing in accordance with art. 19 GDPR.
  • The right to data portability in accordance with art. 20 GDPR – the person affected has the right to receive itemization of the personal data held pertaining to them in a structured, conventional and machine-readable format.
  • The right to object to the processing of personal data which has been processed on the basis of article 6 section 1 or in accordance with art. 21 GDPR.
  • The right to information about the infringement of the protection of personal data of the person affected in accordance with art. 34 GDPR

4.5     Exercise of rights

If you wish to exercise your rights, please contact the data protection officer named above or submit the request using the Link[2].

4.6     Right to complain

The data subject also has the right to complain to a supervisory authority about the HWR Berlin. The competent supervisory authority in the state of Berlin is:

Berlin Commissioner for Data Protection and Freedom of Information

Friedrichstr. 219 10969 Berlin mailbox@datenschutz-berlin.de

4.7     Data security

We deploy suitable technical and organizational measures to guarantee the comprehensive safety of your personal data during processing and especially during transmission, as far as is required and in accordance with the current state of the technology. As far as a service provider is involved in processing the data, we will select them carefully and check compliance with the provisions of art. 28 GDPR.

 

 

5 The edition of, changes to and validity of the HWR Berlin general data protection statement

This data protection statement was last altered in 03/2022. We reserve the right to update this data privacy statement regularly so as to take into account current legal requirements and technical alterations and in order to perform our services and provisions in a manner compliant with the data protection regulations. We will inform you of any significant changes to the legal framework. Should any changes be made to the points listed under section 4, we will send an updated consent form to you.

 

 

[1] https://dsgvo2.dsmanager.net/jd8g73mg9/anfrage_meldung.html?key=5oZEoda8bochZmO9  

[2] https://dsgvo2.dsmanager.net/jd8g73mg9/anfrage_meldung.html?key=5oZEoda8bochZmO9  

Diese Webseite verwendet ausschließlich technisch notwendige Cookies. Eine Einwilligung des Nutzers ist demnach nicht erforderlich. This website only uses technically necessary cookies. The consent of the user is therefore not required .