We, CAMPUS 02 University of Applied Sciences (abbr. CAMPUS 02), Körblergasse 126, 8010 Graz, Austria, process the following data categories by automated means: Personal data you provide while registering for an event; and personal data that might be added during the event (e.g. image and video recordings).
We process your data to manage your registration and to run the event. The pre-contractual and contractual measures stipulated in Art. 6 para. 1 cl. b of the EU General Data Protection Regulation (GDPR) serve as the legal basis.
You have no legal obligation to provide us with your data. Without this information, however, we cannot manage your registration and consequently, we cannot let you participate in the event, unfortunately.
In the context of events, photo/video recordings may be made for documentation purposes and reporting on the event. By registering for the event, you acknowledge that photo/video recordings in which you are depicted may also be published for press coverage and in various (social) media, publications, and on the websites of FH CAMPUS 02. If you do not wish to be depicted in the photo/video recordings, please inform the photographer on site. These data processing activities are based on the overriding legitimate interest in a contemporary external representation of the academic environment, activities, and events of FH CAMPUS 02, as well as in maintaining competitiveness in the free market in accordance with Art. 6 para. 1 cl. f GDPR.
If you have given us permission to inform you about our degree programmes and other events by e-mail or newsletter, your contact data will be processed for this purpose in accordance with Art. 6 para.1 cl. a GDPR. You may revoke this consent at any time.
Retention periods may vary between each type of event. The retention period for funded events (e.g. as part of R&D projects) is based on contractual obligations towards the funding body regarding data retention and record-keeping. For events with entrance fees, data relevant for accounting purposes is saved for 10 years. All other data and personal data collected during other events are deleted after 3 years at the latest, calculated from the end of the calendar year in which the event took place.
The data we collect to fulfill a task in the public interest and for a professional external appearance (such as photos) will be processed for as long as necessary for the data processing purposes. This particularly depends on the nature, content, and context of the recordings and whether they are suitable for inclusion in reports/publications - e.g., to illustrate moments in the history of the university—and for external presentation on the web/social media. You have the option to submit an explicit objection at datenschutz@campus02.at.
Your personal data is treated as confidential and is generally processed only by CAMPUS 02 UAS staff members internally.
However, data processors who have been commissioned by us can also process data for the purposes mentioned if they can ensure adequate data security. For example, in cases where support is required, external IT service providers can see and process the above-mentioned data categories.
Data transfer to the USA
The processing of the collected data and the dispatch of our newsletter is carried out via the cloud service Microsoft Dynamics. Hosting is mainly provided within the European Union in accordance with European data protection law. Some services and technical support can also be provided from outside of the EU. Therefore, data transfer to the US is possible in principle.
On July 10, 2023, the European Commission adopted an adequacy decision on the Data Privacy Framework (data protection agreement between the EU and the USA). If providers in the USA certify themselves in accordance with these data protection requirements (which, among other things, restrict access to data by US authorities and provide legal protection for EU citizens), an adequate level of data protection is generally guaranteed for data transfers. You can check which providers are included in the list here: https://www.dataprivacyframework.gov/s/participant-search
Microsoft has undergone this self-certification. The data transfer can therefore be based on the adequacy decision on the Data Privacy Framework as a valid legal basis for data transfers to the USA. Furthermore, the standard contractual clauses and additional technical and organizational measures guaranteed by Microsoft also apply. Further information on data processing can be found in Microsoft's privacy policy (https://www.microsoft.com/de-de/privacy/privacystatement).
The photo and/or video recordings published in connection with the event will subsequently be processed by the respective social media services used (e.g., Facebook, Instagram, LinkedIn, YouTube) and may be transferred to countries outside the EU (particularly the USA). As of the current status, Meta (Facebook, Instagram), Google (YouTube), and LinkedIn have undergone a Data Privacy Framework self-certification.
Please note that we will update this privacy statement from time to time (e.g. due to law amendments, usage of new technology, new study opportunities). We recommend that you regularly check it for updates.
In general, you have right of access, the right to rectification, to erasure, to restrict, to data portability, to withdraw and to object.
If you do, please contact us — we will be happy to help.
Data Protection Coordination Team
at CAMPUS 02 UAS
CAMPUS 02 - University of Applied Sciences
Körblergasse 126, 8010 Graz
+43 316 6002-8909
datenschutz@campus02.at
Data Protection Officer
at CAMPUS 02 UAS
If you believe that processing your data violates data protection laws or that your data protection rights have been infringed in some other way, you can also file a complaint with the supervisory authority. In Austria, the competent supervisory authority is the Austrian Data Protection Authority in Barichgasse 40-42, 1030 Vienna, telephone no.:+43 1 52 152-0, e-mail dsb@dsb.gv.at.
