Data privacy

Data privacy is an important issue for TUM. We want to make sure that you know when and what type of data is being stored and for what purposes. Personal data stored on the university web server (www.events.tum.de) is accessed only when required for technical reasons. Processing of the data is subject to the provisions of the applicable data privacy laws, in particular, the State of Bavaria Data Protection Act (BayDSG) and the German Telemedia Act (TMG).

Conditions of participation

In some cases, the participation in an event/conference assumes a registration. The registration takes place on a voluntary base. Please note, by preforming the registration process, you are accepting the acquisition, handling and use of personal data from section 4.

Subsequent we give you information about type, extent and purpose of elevation and use of personal data. This information can be looked up any time on our webpage.

1. Technical implementation

Our web server (www.events.tum.de) and the “Software to manage events/conferences - Converia” are hosted and serviced by the Leibniz-Rechenzentrum (LRZ):

Leibniz-Rechenzentrum (LRZ) der Bayerischen Akademie der Wissenschaften
Boltzmannstr. 1
85748 Garching b. München

2. Log

By calling the page “www.events.tum.de” or one of its sub-pages, your web browser transmits the following data to our web server and our web server logs it temporarily in a log file:

  • IP-Address of the requesting computer
  • Date and time of access
  • Name, URL and transferred data of the retrieved file
  • Status (requested file transferred, not found, …)
  • Information about the used web browser and operating System (only when the requesting web browser transmits this information)
  • Webpage, from which the access occurs (only when the requesting web browser transmits this information)

Data processing in our log file:

  • Automatic evaluation of entries to discover attacks and respond to attacks on our web server
  • In particular cases, for example announced security incidents, a manual analysis is preformed
  • Log entries older than seven days are anonymized by reducing the IP-Address
  • Anonymized logs are used for access statistics
    IP-Addresses, contained in log entries, are not merged with other stored data. For this reason there’s no possibility for conclusion on single people.

3. Purpose of the acquisition, handling and use of data

3.1 Participant registration

If you want to take part in an event/conference, a registration is necessary. Some events/conferences include participation options liable for costs. Within the scope of this process, reservation documents (confirmation, bill, letter of confirmation as e-mail) are created with participant data from section 4.

Participants are able to look up their data (participant data, reservation data) in the frontend. In addition to participants, the TUM-User from section 8.1 is able to see and as needed able to change participant data and reservation data in the backend.

3.2 Abstract handling

As an author of scientific contributions, you are able to submit your abstracts to an event/conference. The submitted abstracts can be valued in the system and be published with acceptance on the event/conference pages. Secondary, TUM-Users from section 8.1 often publish some print media on basis of the information contained in "Converia". In addition to authors of scientific contributions, the TUM-User from section 8.1 is able to see and as needed able to change author’s information in the backend.

3.3 Legal foundation

The legal foundation is based on the valid approval of all people, who take part in an event/conference (students of the Technical University of Munich, employees of the Technical University of Munich, people beyond the sphere of the Technical University of Munich). (Art. 15. Abs. 1 Nr. 2 BayDSG).

4. Variety of stored data

1 Username
2 Password
3 Degree (voluntary information)
4 First name
5 Family name
6 Company/Facility
7 Street
8 Postal code
9 City
10 Country
11 Mail address
12 Abstracts and documents
13 Billing data and documents
14 Reservation data
15 Payment information
16 Survey results
17 Review information
18 Phone number (voluntary information)
19 Fax number (voluntary information)

5. Data transmission within the Technical University of Munich

The organizing institution of the Technical University of Munich stores uniquely contact data no. 1 – no. 11 from section 4 for the purpose of documentation, financial account and participation in an event/conference by creating a user-account.

With the registration for an event/conference, the contact data no. 4, no. 5, no. 6 and no. 10 from section 4 are indicated with an existing account for other announced participants in form of a list of participants in their password-protected account.

6. Data transmission to a third party

With selected payment method "credit card" you leave the web page of the Technical University of Munich. For the purpose of financial account, you are routed directly to the service provider “Sparkasse-S-Internetkasse” who is instructed with the realization of your credit card payment for each reservation process.

With the registration for an event/conference, the contact data no. 4, no. 5, no. 6 and no. 10 from section 4 are indicated with an existing account for other announced participants in form of a list of participants in their password-protected account.

In accordance with the valid laws, the Technical University of Munich is also entitled to pass on data to legally certain places (for example government agencies, courts of law).

7. Deadline for the deletion of data

„Converia“ includes an active module for data protection.

7.1 Deletion of conference data / event data

At the end of an event/conference, a typical term for data deletion of nine months is valid for all data from section 4, which were raised within the scope of an event/conference and which are linked with personal information.

Irrespective of the typical term for data deletion of nine months, the TUM-User from section 8.1 is able to define an individual term for data deletion at will, without upper limit for each event/conference.

If the term of deletion is reached, the TUM-User from section 8.1 initiates the deletion process manually. Afterwards, all files and all data sets concerning the event/conference are completely erased both in “Converia” and in the database.

7.2 Deletion of personal accounts / personal data

Without account activity, a typical term for data deletion of thirty-six months is valid for all data from section 4, which are stored in a user account.

Irrespective of the typical term for data deletion of thirty-six months, the TUM-User from section 8.1 is able to define an individual term for data deletion at will, without upper limit for each event/conference.

If the term of deletion is reached and the user owns no data referred to section 7.1 relating to an event/conference, the TUM-User from section 8.1 initiates the deletion process manually. Afterwards, all files and all data sets concerning the event/conference are completely erased both in “Converia” and in the database.

7.3 Deadline

Irrespective of the typical terms for data deletion, the TUM-User from section 8.1 is able to define individual terms for data deletion in months for each event/conference.

7.4 Deletion process

For an event/conference in „Converia“, all data sets from section 7.1 and/or section 7.2, for which the term of deletion (typical term of deletion or individual defined term of deletion) is reached, are suggested to the TUM-User from section 8.1 for deletion.

If the term of deletion is reached, the TUM-User from section 8.1 initiates the deletion process manually.

Beside the responsible TUM-User from section 8.1, the TUM-Super-Administrator from section 8.3 verifies annually, whether there are forgotten, suggested data sets from section 7.1 and/or section 7.2 for deletion. In arrangement with the responsible TUM-User from section 8.1, the TUM-Super-Administrator from section 8.3 initiates the deletion process manually.

8. Personal groups for administration

8.1 TUM-User

The center for it services (ITSZ) establishes this personal group (:= responsible persons for an event/conference who get access to the backend of “Converia” to handle their event/conference). For their event/conference, this personal group gets access to all reservation data, contribution data and even jointed personal accounts. This personal group is allowed to store, change, transmit or delete data. Furthermore this personal group is able to create and publish content in the integrated “Content Management System (CMS)”.

8.2 Frontend-User

This personal group (participants, authors of scientific contributions, consultants) generate data by registration or by submitting contributions. This data is stored in the system for further usage (for example reservation data).

This personal group is only able to store or change their own personal data. For deletion, the organizer of the event/conference must be contacted.

This personal group is not able to delete or change reservation data. Cancellations must be addressed in writing to the organizer of the event/conference.

During the deadline of contribution, the author is able to change or delete contribution data. If the term of contribution is reached, the author is only able to review contribution data.

8.3 TUM-Super-Administrator

The TUM-Super-Administrator (:= responsible person for the final deletion of data in the backend of „Converia“) is member in the “IT-Support-Team”. The TUM-Super-Administrator is the only person, who is able to see into all events/conferences. The TUM-Super-Administrator verifies annually, whether there are forgotten, suggested data sets from section 7.1 and/or section 7.2 for deletion. In arrangement with the responsible TUM-Users from section 8.1, the TUM-Super-Administrator initiates the final deletion process manually.

9. Personal groups for normal use

Where required, “Frontend-User” from section 8.2 are able to look up lists of participants or access published program data (for example online via web browser or via mobile application).
In their own personal account, participants of an event/conference are able to define, which personal data may be published on public or internal lists of participants.
According to the contribution of an abstract, authors agree with the publication of their contribution data in the scope of an event/conference.

10. For Event puplication authors

By agreeing to the privacy policy, authors agree to allow us to check their work for plagiarism on the Turnitin platform. Assessed papers and user registration data may be processed and stored outside the European Union. Therefore, compliance with European data protection standards cannot be guaranteed.

Authors also agree that their submitted and revised manuscripts may be forwarded to Springer Nature. The authors hereby grant Springer Nature an exclusive right of use in accordance with Section 31 (3) sentence 1 of the German Copyright Act (UrhG).

In addition to the manuscript, the name, institution, address and e-mail address of the authors will be forwarded to Springer Nature.

11. e-Mail security

By sending an e-mail, your mail address is only used for the correspondence with you. Please note, data transmission may hold security gaps. Because of that fact, a complete protection of data, especially protection against the access by a third party, is not possible.

12. Cookies

To extend the functional range of our web presence and to form its utilization more comfortable, so-called “cookies” are used to store data on your computer.

You are able to deactivate “cookies“ in your web browser or you are able to configure your web browser in the way, to store “cookies” only for the duration of the respective connection with the internet.

Please note, with deactivation of „cookies“, the functional range of our web offers could only be available in a restricted extent.

13. Encryption

To protect your data against unrequested access, an encoding procedure is used on some pages. Here your data is transmitted via 256 bit encoding (Secure Socket Layer (SSL)) between your computer and our web server. The identifying feature is here “https:” instead of “http:”.

14. Modification of our data privacy statement

We reserve the right to adapt our data privacy statement once in a while, so that it corresponds to the current juridical demands. Furthermore, we reserve the right to adapt our data privacy statement currently to realize modifications of our services in the data privacy statement. To be up to date, we recommend you to read regularly our data privacy statement

15. Declaration of consent

With your permission, your data will be collected, processed, and used for the following purposes as shown in the sections above.

Your personal data will be collected, processed, and used in the context of the aforementioned objectives in accordance with the Bavarian Data Protection Act (BayDSG).

The collection, processing, and use of your data takes place on a voluntary basis.

Furthermore, you can revoke your consent at any time with consequences shown below:

  • By rejecting the registration process, you are not able to take part in an event/conference.
  • In some cases, there might be some fees (for example cancellation or reservation) to pay after finishing the registration process.

Please send any notice of cancellation to:

Technische Universität München; Arcisstr. 21; 80333 München; it-support@tum.de

In the event of cancellation, your data will be deleted upon receipt of your notice.