A A

Privacy policy

Privacy policy

Klaus Tschira Foundation gGmbH
Management: Lilian Knobel, Prof. Dr. Rafael Lang
Schloss-Wolfsbrunnenweg 33 69118 Heidelberg/Germany
Phone: +49 (6221) 533-100
E-Mail: Office
E-mail: Webmaster
VAT ID No.: DE219547389
Register court: HRB 335381, Mannheim Local Court

Responsible for content according to § 18 Abs. 2 Medienstaatsvertrag (MSTV): Anja Heinzelmann (Schloss-Wolfsbrunnenweg 33, 69118 Heidelberg) Data protection information With this data protection information, we would like to inform you about how we process personal data and inform you about your rights. We are aware of the importance of processing personal data for you as the affected user and therefore comply with all relevant legal requirements. The protection of your privacy is of the utmost importance to us. We process your personal data in compliance with the General Data Protection Regulation and other data protection regulations.
Responsible for data processing Klaus Tschira Stiftung gGmbH Schloss-Wolfsbrunnenweg 33 69118 Heidelberg E-Mail: geschaeftsstelle [at]klaus-tschira-stiftung.de Contact details of the data protection officer: eprivacy[at]klaus-tschira-foundation.com

1. Definitions

This data protection notice uses the terminology of the General Data Protection Regulation (GDPR): “Personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. “Restriction of processing” is the marking of stored personal data with the aim of restricting its future processing. “Pseudonymization” means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person. “filing system” means any structured set of personal data which are accessible according to specific criteria, whether centralized, decentralized or dispersed on a functional or geographical basis “Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller. “Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing. “Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data. “Consent” means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

2. Processing operations

We collect and process the following personal data about you:

  • Contact, event, API, key and master data information, if you have provided us with your contact information or registered on our site,
  • online identifiers (e.g. your IP address, browser type and version, the operating system used, the referrer URL, the file name, the access status, the amount of data transferred, the date and time of the server request),
  • for the contact you have requested,
  • for information about our activities and offers,
  • Contract data (e.g. subject matter of the contract, contract term, contract category),
  • Application (by post, via e-mail),
  • Organization of events,
  • Video conferences, sound and image recordings,
  • Social media identifiers.

3. Purposes of data processing

We process your data for the following purposes:

  • for the contact you have requested,
  • for information about our offer,
  • for contract processing
  • Organization of events,
  • Video conferencing,
  • Management of the alumni network,
  • for advertising purposes,
  • to send you the e-mail newsletter if you have registered for it,
  • for quality assurance and
  • for our statistics.

4. Legal basis for data processing

Your data is processed on the following legal bases:

  • your consent in accordance with Art. 6 (1) (a) GDPR,
  • for the performance of a contract with you pursuant to Art. 6 para. 1 lit. b) GDPR,
  • for the fulfillment of legal obligations pursuant to Art. 6 para. 1 lit. c) GDPR or
  • on the basis of a legitimate interest pursuant to Art. 6 para. 1 lit. f) GDPR.

If we base the processing of your personal data on legitimate interests within the meaning of. Art. 6 para. 1 lit. f) GDPR are such:

  • the improvement of our offering,
  • protection from abuse and
  • the management of our statistics.

5. Data sources

We receive the data from you (including via the devices you use). If we do not collect the personal data directly from you, we will also inform you of the source of the personal data and, if applicable, whether it originates from publicly accessible sources.

6. Transmission / data recipient

When processing your data, we work together with the following service providers who have access to your data:

  • Provider of web analysis tools,
  • Web hosting provider,
  • Service provider consent management platform,
  • Management service provider,
  • Event service provider,
  • Video conferencing service provider,
  • Cooperation partner alumni network,
  • Social media.

Data is transferred to third countries outside the European Union. This takes place on the basis of contractual regulations provided for by law, which are intended to ensure adequate protection of your data and which you can view on request.

7. Duration of processing

We only store your personal data for as long as is necessary to achieve the purpose of processing or for as long as the storage is subject to a statutory retention period. We store your data,

  • if you have consented to the processing, at most until you withdraw your consent,
  • if we require the data for the performance of a contract, at most for as long as the contractual relationship with you exists or statutory retention periods apply,
  • if we use the data on the basis of a legitimate interest, at most as long as your interest in deletion or anonymization does not prevail.

8. Your rights

You have the right – in some cases under certain conditions,

  • to request information free of charge about the processing of your data and to receive a copy of your personal data. Among other things, you can request information about the purposes of the processing, the categories of personal data that are processed, the recipients of the data (if a transfer takes place), the duration of the storage or the criteria for determining the duration;
  • If your personal data is incomplete, you have the right to have it completed, taking into account the purposes of the processing;
  • to have your data erased or blocked. Reasons for the existence of a right to erasure/blocking may include: withdrawal of consent on which the processing is based, the data subject objects to the processing, the personal data has been processed unlawfully;
  • to have the processing restricted;
  • to object to the processing of your data;
  • to revoke your consent to the processing of your data for the future and
  • complain to the competent supervisory authority about unauthorized data processing.

9. Further information on data protection

E-mail newsletter If you subscribe to our newsletter, we will use the data required for this or separately provided by you to send you our e-mail newsletter on a regular basis. You can unsubscribe from the newsletter at any time with effect for the future, either by sending a message to the contact option described above or via the unsubscribe link provided for this purpose in the newsletter. This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co KG, Schafjückenweg 2, 26180 Rastede, Germany. CleverReach is a service with which the newsletter dispatch can be organized and analyzed. The data you enter for the purpose of receiving the newsletter (e.g. e-mail address) is stored on CleverReach’s servers in Germany and Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior (conversion tracking) of newsletter recipients. Among other things, we can analyze how many recipients have opened the newsletter message and how often which link in the newsletter was clicked on. The data processing takes place on the basis of your consent (Art. 6 para. 1 lit. a) GDPR). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want CleverReach to analyze your data, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message or you can also unsubscribe from the newsletter directly on the website. The data you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and deleted from both our servers and CleverReach’s servers after you unsubscribe from the newsletter. Further information on this can be found in CleverReach’s privacy policy at: https://www.cleverreach.com/de/datenschutz/.

10. Data backup

We have taken extensive technical and organizational measures to protect your data against possible dangers, such as unauthorized access or access, unauthorized knowledge, modification or distribution, as well as against loss, destruction or misuse. In order to protect your personal data from unauthorized access by third parties during transmission, we secure data transmissions using TLS encryption where necessary. This is a standardized encryption method for online services, especially for the web.

11. Log files

Each time our website is accessed, usage data is transmitted by the respective Internet browser and stored in log files, the so-called server log files. The stored data records contain the following data:

  • Domain from which the user accesses the website,
  • Date and time of access IP address of the accessing computer,
  • Website(s) that the user visits as part of the offer,
  • amount of data transferred,
  • Browser type and version,
  • operating system used,
  • Message indicating whether the retrieval was successful.

These log file data records are evaluated in anonymized form in order to improve the offer and make it more user-friendly, to find and rectify errors and to control the utilization of servers.

12. Cookies

This website uses so-called cookies. A cookie is a text file with an identification number that is transmitted to the user’s computer together with the other data actually requested when the website is used and stored there. The file is stored there for later access and serves to authenticate the user. As cookies are only simple files and not executable programs, they do not pose any danger to the computer. Depending on the settings selected by the user, the Internet browser automatically accepts cookies. However, this setting can be changed and the storage of cookies deactivated or set in such a way that the user is notified as soon as a cookie is set. However, if the use of cookies is deactivated, some functions of the website may not be available or may only be available to a limited extent. You can prevent the setting of cookies by our website at any time by means of a corresponding setting of the Internet browser used and thus permanently object to the setting of cookies. Cookies that are already active can be deleted at any time via an Internet browser or other software programs. We may work together with advertising partners who help us to make our website more interesting for you. For this purpose, cookies from partner companies are also stored on your hard disk when you visit our website (third-party cookies). If we work together with the aforementioned advertising partners, you will be informed individually and separately about the use of such cookies and the scope of the information collected in each case in the following paragraphs. A distinction is made between the following types of cookies: First-party cookies: First-party cookies are transmitted by the platform you have just visited. Third-party cookies (so-called third-party cookies): Third-party cookies are cookies that are transmitted by a provider other than the platform visited by the user. If a user accesses a platform and another entity transmits a cookie through this platform, this is a third-party cookie. Strictly necessary cookies: These cookies are necessary for you to navigate through the Platform and use its features, such as accessing secure areas of the Platform. Without them, certain services cannot be provided, such as displaying content customized for your computer or device. Performance cookies: These cookies collect information about how visitors use the Platform, e.g. which pages are accessed most frequently and whether they receive error messages from websites. However, these cookies do not collect any information about the visitor’s identity. All information these cookies collect is aggregated and therefore anonymous. They are only used to optimize the platform. Functionality cookies: These cookies allow the platform to remember choices you make (such as language preferences and your region) and provide you with enhanced, more personal features. They can also be used to save your settings regarding text size, font and other customizable parts of the website. They may also be used to provide services you have asked for, such as watching a video or commenting on a blog. The information that these cookies collect can be anonymized. Your browsing activity cannot be tracked on other platforms. Social media cookies: These cookies are used when you click a button on the platform to share information on social media. The social network records this action and may use it for marketing or advertising purposes.
Matomo We use “Matomo” (formerly “PIWIK”) on this website for statistical analysis. It is an open source tool for web analysis. The information generated by Matomo about the use of this website is only transmitted to our server. Matomo is generally deactivated when you visit our website. Your usage behavior is only recorded anonymously if you actively consent to this. Matomo uses so-called cookies. These are text files that are stored on your computer and enable us to analyze the use of our website. For this purpose, the usage information obtained by the cookie is transmitted to our server and stored so that usage behavior can be evaluated. Your IP address is immediately anonymized, so that you remain anonymous as a user. The information generated by the cookie about your use of this website is not passed on to third parties. The analysis is part of our Internet service. We would like to use it to further improve the website.
Twitter We have included a link to the short message network of Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA on our website. If you access this page and use the services of this provider, it is possible that usage data may be collected and, if necessary, stored in server logs. By using Twitter and the “Re-Tweet” function, the websites you visit can be linked to your Twitter account and made known to other users. You can recognize the Twitter plugins (tweet button) by the Twitter logo on our site. You can find an overview of tweet buttons here (https://about.twitter.com/resources/buttons). Twitter receives the information that you have visited our site with your IP address. If you click on the Twitter “tweet button” while you are logged into your Twitter account, you can link the content of our pages to your Twitter profile. This allows Twitter to associate your visit to our website with your user account. We would like to point out that, as the provider of the pages, we have no knowledge of the content of the transmitted data or its use by Twitter. If you do not want Twitter to be able to assign your visit to our pages, please log out of your Twitter user account. You can find more information on this in Twitter’s privacy policy at https://twitter.com/privacy. You can change your data protection settings on Twitter in the account settings at https://twitter.com/account/settings.
YouTube Our website uses the provider YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, for the integration of videos. Normally, when you access a page with embedded videos, your IP address is sent to YouTube and cookies are installed on your computer. However, we have integrated our YouTube videos with the extended data protection mode (in this case, YouTube still contacts Google’s Double Click service, but according to Google’s data protection information, personal data is not evaluated). As a result, YouTube no longer stores any information about visitors unless they watch the video. If you click on the video, your IP address is transmitted to YouTube and YouTube learns that you have watched the video. If you are logged in to YouTube, this information will also be assigned to your user account (you can prevent this by logging out of YouTube before watching the video). We have no knowledge of and no influence on the possible collection and use of your data by YouTube. Further information can be found in YouTube’s privacy policy at www.google.de/intl/de/policies/privacy/. We also refer you to our general presentation in this privacy policy for the general handling and deactivation of cookies.
LinkedIn In addition, we have also included a link (social media icon from LinkedIn) to our LinkedIn offering on our website. When you visit this page and use the services of this provider, usage data may be collected and, if necessary, stored in server logs. We have no influence on the type and scope of the data transmitted or stored. Further information on the data collected by LinkedIn, its storage and use can be found in the provider’s privacy policy at https://de.linkedin.com/legal/privacy-policy
Mastodon We operate an account on Mastodon under the name [ktstiftung@mastodon .social]. Mastodon is a microblogging service provided by Mastodon gGmbH, Mühlenstraße 8a, 14167 Berlin. The service enables us to carry out public relations work and inform you about our work or upcoming events, for example. Unlike Twitter, for example, Mastodon is a decentralized service. This means that the service consists of a large number of servers (“Mastodon instances”), which are operated by private individuals or organizations, for example. Our account is located on the Mastodon instance “mastodon.social”, which is operated by Mastodon gGmbH. The data protection provisions of this instance apply, which you can view at https://mastodon.social/privacy-policy.

13. Processing of your personal data in different contexts

Podigee podcast hosting We use the podcast hosting service Podigee from the provider Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany. The podcasts are loaded by Podigee or transmitted via Podigee. The use is based on our legitimate interests, i.e. interest in the secure and efficient provision, analysis and optimization of our podcast offer in accordance with Art. 6 para. 1 lit. f. GDPR. Podigee processes IP addresses and device information to enable podcast downloads/playbacks and to determine statistical data, such as the number of downloads. This data is anonymized or pseudonymized before being stored in Podigee’s database, unless it is required for the provision of the podcasts. Further information and objection options can be found in Podigee’s privacy policy: https://www.podigee.com/de/about/privacy/.
Blogs We use blogs and publications (hereinafter “publication medium”). Readers’ data is only processed for the purposes of the publication medium to the extent necessary for its presentation and communication between authors and readers or for security reasons. In addition, we refer to the information on the processing of visitors to our publication medium in the context of this data protection notice (https://www.spektrumverlag.de/datenschutzerklaerung-scilogs/). Comments and contributions: If users leave comments or other contributions, their IP addresses may be stored on the basis of our legitimate interests. This is done for our security in the event that someone leaves illegal content in comments and posts (e.g. insults, prohibited political propaganda). In this case, we ourselves may be prosecuted for the comment or post and are therefore interested in the identity of the author. Furthermore, we reserve the right to process user data for the purpose of spam detection on the basis of our legitimate interests. The personal information provided in the context of comments and contributions, any contact and website information as well as the content information will be stored by us until the user objects.
Google Fonts We integrate the fonts (“Google Fonts”) of the provider Google locally in order to be able to guarantee the display of the font in the user’s browser. Google Fonts is loaded directly from our own server and no longer via the Fonts application programming interface (API). In this way, no user data is sent to providers outside the EU, as the server location of our website is within the EU. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Website: https://fonts.google.com. Details on data processing can be found in the privacy policy: https://policies.google.com/privacy.
Video conferencing We use Zoom. The provider of this service is Zoom Communications Inc, San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. Details on data processing can be found in Zoom’s privacy policy: https://zoom.us/de-de/privacy.html. Data transfer to the USA is based on the standard contractual clauses of the EU Commission. You can find details here: https://zoom.us/de-de/privacy.html. We have concluded an order processing contract and standard contractual clauses with the provider of Zoom and implement the requirements of the data protection authorities when using Zoom.

14. Applications

We are pleased that you wish to apply for a job with us. In the following, we would like to explain how we process the personal data that you submit to us as part of the application process.
Definitions Personal data means any information relating to an identified or identifiable natural person (hereinafter referred to as the data subject). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. The controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. The data subject is the applicant.

What data do we process? As part of the application process, we collect and process the personal data you provide to us, namely contact and address information, your application photo, information about your previous career, your education and professional training.

Purpose of processing The purpose of processing is to carry out the application process and select the applicant.

On what legal basis do we process your data? The legal basis is Art. 6 para. 1 lit. b) GDPR, namely the implementation of pre-contractual measures. We receive the data from you. If we do not collect the personal data directly from you, we will also inform you of the source from which the personal data originates and, if applicable, whether it originates from publicly accessible sources. Will your data be transferred to third parties? As part of the application process, data may be transferred to service providers, companies in the Klaus Tschira Group, the controller and affiliated companies. Data will only ever be passed on to third parties to the extent permitted by law and to the extent necessary for the application process.

Storage period We only store your personal data for as long as is necessary to achieve the purpose of processing or for as long as storage is subject to a statutory retention period. In the event that we are unable to offer you a position as a result of the application process, we will return your submitted documents to you and delete the data collected in our systems six months after the end of the application process.

Your rights You have the right to a) request information about the processing of your data, b) request to receive a copy of your personal data, c) have your data corrected. If your personal data is incomplete, you have the right to complete the data, have your data deleted or blocked, have the processing restricted, object to the processing of your data, revoke your consent to the processing of your data for the future and complain to the competent supervisory authority about unauthorized data processing, taking into account the purposes of the processing. If you wish to exercise your rights as a data subject or have any other questions about this notice, please contact bewerbung@heidelberg-laureate-forum.org or the Heidelberg Laureate Forum Foundation’s Data Protection Officer, who can be reached at eprivacy@heidelberg-laureate-forum.org. Unless expressly stated at the time of collection, the provision of data is not required or mandatory. Such an obligation may arise from legal or contractual regulations.

15. Status of this data protection notice

April 2023 We reserve the right to change this privacy policy at any time with effect for the future.

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.