Privacy Protection and Information
If you have questions, please contact
stumme@cs.uni-kassel.de
Responsible for the website and service are:
University of Kassel (public corporation)
Wilhelmshöher Allee 73
34121 Kassel
Tel.: +49 561 804 – 6250
Fax: +49 561 804 – 6259
stumme@cs.uni-kassel.de
Authorized representative for the Knowledge and Data Engineering team is Prof. Dr. Gerd Stumme
Contact information of the appointed Data Protection Officer (Universität Kassel):
Universität Kassel
Behördliche Datenschutzbeauftragte der Universität Kassel
Mönchebergstraße 19
34109 Kassel
Tel.: +49 561 804-2756
datenschutz@uni-kassel.de
Purposes of processing
www.kde.cs.uni-kassel.de is run by the Knowledge and Data Engineering team of the University of Kassel as a research project.
In order to carry out the research, www.kde.cs.uni-kassel.de collects more data of its users and analyzes it in a greater extend than commercial web applications would do. The information is being used to provide and improve recommendation services, spam detection or ranking functions and also for the design of privacy aspects in bookmarking systems. Results can later be applied to other web 2.0 applications. Since science is an open process the options for the data’s usage can not be finalized or completed. For www.kde.cs.uni-kassel.de, however, there is no interest in the real person behind the userprofile. The information will not be used for advertising. www.kde.cs.uni-kassel.de will not give information about the user to third parties. The only exception to this rule are other research groups, which can achieve a part of the data set, and use it for their own research and to revise the findings of the www.kde.cs.uni-kassel.de project.
This data is made pseudonymous though.
Legal basis of processing
Consent, Art. 6 Abs. 1 a) GDPR Task performance, Art. 6 Abs. 1 e) CDPR i.V.m. Art. 2 Abs. 4 S. 1 BayHSchG; Art. 7 BayHSchG (+ other laws on higher education) Art. 11 Abs. 1 BayEGovG § 13 Abs. 7 TMG
Unregistered and anonymous users
In line with the usage of www.kde.cs.uni-kassel.de the following data is gathered and processed to provide the system’s services and to collect statistical information: the name of the requested site, the time of the request, the size of transfered data, the protocol message, if the request was successful, the referrer url and the cookie with its session id. Additionally, the ip adress of the calling computer is stored for research purposes, eg. for developing spam detection algorithms. In order to analyse the user behaviour, which is being explored to create new algorithms and to evaluate them, www.kde.cs.uni-kassel.de uses a click-log functionality, which stores every user click on a link within www.kde.cs.uni-kassel.de. Indeed, www.kde.cs.uni-kassel.de does neither have the resource nor the intent to relate this data with the person behind the user.
Advertisment
www.kde.cs.uni-kassel.de is free of advertisment. No personal information will be processed for assigning personalized advertisments and will be circulated to third parties for purposes of advertising.
Recipients or categories of recipients of personal data
- IT Service Center, University of Kassel
- IT-service providers
- Research institutions
Duration of storage of personal data
The criteria for the duration of storage are defined in the purposes of processing. The personal data has to be offered to university archives before deletion. If the data is of archival value, it will be moved to the archive for archiving purposes, otherwise the personal data will be deleted.
Rights of the individuals affected
You can assert these rights against each of those responsible, and also against the mentioned contact point within the framework of our shared responibility. If personal data will be processed, you have the right to obtain information about the data that will be saved about you (Art. 15 GDPR). If the processed personal data is inaccurate, you have the right of rectification (Art. 16 GDPR). If the legal requirements are met, you can demand the erasure or restriction of the processing as well as oppose the data processing (Art. 17, 18 und 21 GDPR). If you have agreed to the data processing or a data processing contract exists and the data processing is performed using automated processes, you potentially have a right to data portability (Art. 20 GDPR).
If you should exercise the rights mentioned above, the public entity will consider whether the legal requirements for this are met.
Furthermore, you have a right of appeal to the competent supervisory authorities:
Hessische Datenschutzbeauftragte
You can exercise your right of appeal against each of this supervisory authorities.
Right of revocation with given consent
If you have agreed to the processing through the University Kassel with a corresponding consent, you can at any time revoke the consent for the future. The legality of the data processed in the timespan from consent to revocation will not be affected.
Right to data portability
The data subject shall have the right to receive the personal data concerning him or her (Art. 20 GDPR), which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided. This applies if the basis for data processing is based on consent or a contract and the data processing is carried out by automated means. You can export all your data using our API.
Obligation to data provision
We require your data, to conclude a contract of use with the user and to carry out our research projects. If you do not provide the required data, the contract of use can not be concluded and the research projects can not be carried out.
Area of application
This privacy protection policy applies only for the collection of personal data by www.kde.cs.uni-kassel.de, but not for the service providers which are referenced within the entries of www.kde.cs.uni-kassel.de or other external web sites.