Privacy
We are committed to protecting your privacy and ensuring that your personal data is handled with the utmost care and confidentiality. This Privacy Policy outlines how we collect, use, store, and protect your personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679.
To fulfill our mission, we engage in various activities that involve the processing of personal data.
In this section, we inform you about:
- the contact details of the data controllers,
- the terminology used,
- your rights as a data subject, including the right to lodge a complaint,
- the data categories referenced in this privacy policy,
- the third-party website technologies and apps we use to process your personal data (processors).
Which of your personal data we process and for which purposes depends on the nature of your relationship or relationships with us. To ensure the highest level of transparency, we have structured the information based on these relationships into categories of data subjects (e.g. website visitor, project participant, etc.). Using the navigation menu on the right side, you can access the information relevant to you specifically:
- the purposes for processing personal data,
- the categories of personal data processed for these purposes,
- the legal bases for each processing activity, and
- the apps used to process personal data.
Detailed information about the apps, their providers, and potential data transfers to third countries can be found on this page under the section "Processors".
Internal recipients include the project team and employees of the partner institutions.
All personal data are stored and archived in compliance with the legal requirements set forth by German law.
Data Controller
- EduNet Europe gGmbH, Germany
Maria Steger
Maria Steger(at)edunet.eu
Terminology
This privacy policy uses the terms as defined in Art. 4 GDPR.
Cookies
Cookies are small text files stored on your device by websites you visit. They help enhance your browsing experience by remembering your preferences, enabling wesite functionality like online forms, and tracking user behavior for analytics and statistical purposes.
Plugins
lugins are software components that add specific features to a website. They can enhance functionality, such as social media sharing, video playback, or interactive content, and often rely on cookies to operate effectively.
Server Log Files
Server log files are records maintained by web servers that document all requests made to the server. They include information such as IP addresses, browser types, and access times. These logs help monitor website performance, troubleshoot issues, and ensure security.
Data Collection
Personal data is generally collected from the data subject, i.e., from you.
In cases where we have a legitimate interest, it may also happen that we collect and process personal data from publicly accessible sources for the purpose of contacting individuals and/or expanding the SciLMi Hub.
In some cases, we will not disclose personal data to the apps we use in project-related activities. However, if the data subject, i.e., you, engages in these activities, the apps may collect meta-data. Other personal data you share explicitly (e.g., your name) will be stored in our app accounts and be disclosed to us. In the section "Processors," we list whether or not we disclose personal data to an app.
Third-party web techologies (cookies, plugins, server log files) collect data when you visit our website. Go to the "Third-Party Technologies on the Website" to learn more about how you can manage your consent.
Your Rights
Participants may exercise the following rights at any time:
- Art. 7(3) GDPR: Right to withdraw consent
Participants have the right to withdraw their consent in any or all respects at any time with future effect. - Art. 15 GDPR: Right of access
Participants have the right to obtain information about which personal data is processed. - Art. 16 GDPR: Right to rectification
If the stored personal data is inaccurate or incomplete, participants have the right to demand rectification or completion thereof. - Art. 17 GDPR: Right to erasure
Participants have the right to demand erasure of their personal data at any time. - Art. 18 GDPR: Right to restriction of processing
Participants have the right to demand the restriction of the processing of their personal data at any time. - Art. 21 GDPR: Right of objection
Participants have the right to object to the processing of their personal data. - Art. 77 GDPR: Right to lodge complaint with a supervisory authority
If participants consider that the processing of their personal data infringes data protection and privacy law, they have the right to lodge a complaint with the competent supervisory authority.
Data Categories
-
Communication Data Calls (Content of the Communciations and History)Communication Data
Emails (Content of the Communications and Log Data) -
Demographic Information AgeDemographic Information
Date of Birth
Gender -
Education Information SchoolsEducation Information
Degrees & Qualifications
Graduation & Qualification Years -
Employment Information Job titleEmployment Information
Affiliation
Expertise -
Financial Information Bank Account NumberFinancial Information
Transaction Details
Credit Card Number -
Identifiers Name (First Names, Middle Names, Last Name)Identifiers
-
Multimedia Data Images (Photographs and Profile Pictures)Multimedia Data
Audio Recordings (Voice Recordings)
Video Recordings (Vdeo Calls) -
Online Identifiers IP AddressesOnline Identifiers
Cookie Identifiers
Device Identifiers -
Private Contact Details Home Address (Street, House Number, Postal Code, City, Country)Private Contact Details
Personal Email Addresses
Phone Numbers
Fax Numbers
Social Media Handles (LinkedIn, X, Instagram, Facebook) -
Professional and Behavioural Data Teaching ExperienceProfessional and Behavioural Data
Pedagogical-Didactic Competencies
Opinions on Teaching Practices, Educational Policies, Pedagogical Theories, etc.
Pedagogical Attitudes
Personal Self-Reflections on Teaching Practices, Professional Development, etc. -
Professional Contact Details Work Address (Street, House Number, Postal Code, City, Country)Professional Contact Details
Work Email Address
Work Phone and Fax Numbers
Professional Social Media Handles
Third-Party Technologies on the Website (Cookies / Plugins / Server Log Files)
When you visit our website, a consent banner will appear. This banner allows you to control your website experience, decide how you are tracked, and determine how your data is used. It informs you about the web technologies, including cookies, used on the website to ensure its proper functioning.
Once you have selected your consent preferences in the cookie banner, they are saved by our website's Consent Management Platform.
At any time, you can manage your privacy settings and access detailed information about the processing of your data by third-party technologies used on this website. Simply click on the fingerprint icon in the lower left corner to do so.
Data Processors / External Recipients (Apps)
-
Cal.com The open-source app is packaged by Cloudron and hosted on a Contabo Virtual Private Server. Please go to "Data Storage and IT Security" to find their privacy policies.Cal.com
→ The app services themselves are provided by the data controller EduNet Europe gGmbH.
EduNet Europe gGmbH
Ferdinand-Maria-Straße 16
83670 Bad Heilbrunn
Germany
We do not disclose personal data to this app. However, if you engage in one of our activities that uses the app, meta-data may be collected by the processor. Other personal data you share explicitly (e.g. your name) will be stored in our account. -
CleverReach CleverReach GmbH & Co. KGCleverReach
Schafjückenweg 2
26180 Rastede
Germany
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
Cloudron Cloudron UGCloudron
Ziegelstraße 6
84061 Ergoldsbach
Germany
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We do not disclose personal data to this app. However, if you engage in one of our activities that uses the app, the app may collect meta-data (online identifiers). For more details, please consult the app's privacy policy. Other personal data you share explicitly (e.g. your name) will be stored in our app accounts and disclosed to us. -
duda Duda, Inc.duda
577 College Avenue Palo Alto
CA 94306
United States of America
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app services are provided by a processor from a third country not covered by an adequacy decision pursuant to Art. 45(3) GDPR.
→ The company implements measures to comply with the GDPR framework. Personal data are transferred solely on the basis of explicit consent by the data subject (Art. 49 (1) lit. a GDPR). -
EasyRetro EasyRetroEasyRetro
Porto Alegre
Rio grande do sul
Brazil
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app services are provided by a processor from a third country not covered by an adequacy decision pursuant to Art. 45(3) GDPR.
→ The company uses the EU standard contractual clauses of 2016 to ensure an adequate level of data protection at the data importer.
We do not disclose personal data to this app. However, if you engage in one of our activities that uses the app, the app may collect meta-data (online identifiers). For more details, please consult the app's privacy policy. Other personal data you share explicitly (e.g. your name) will be stored in our app accounts and disclosed to us. -
Google Workspace Google Ireland LimitedGoogle Workspace
Gordon House
Barrow Street
Dubline 4
Ireland
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app services are provided by a processor from a third country not covered by an adequacy decision pursuant to Art. 45(3) GDPR.
→ The company is self-certified and listed as an active participant in the Data Privacy Framework Program.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
Hive Hive Technology, Inc.Hive
285 Fulton Street
One World Trade Center
Suite 46l
New York City
United States of America
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app services are provided by a processor from a third country not covered by an adequacy decision pursuant to Art. 45(3) GDPR.
→ The company is self-certified and listed as an active participant in the Data Privacy Framework Program.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
Hiver Grexit Inc.Hiver
Suite 203, 2880 Zanker Rd
San Jose, CA 95134
United States of America
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app services are provided by a processor from a third country not covered by an adequacy decision pursuant to Art. 45(3) GDPR.
→ The company is self-certified and listed as an active participant in the Data Privacy Framework Program.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
Homepage Baukasten CheckDomain checkdomain GmbHHomepage Baukasten CheckDomain
a dogado group company
Große Burgstraße 27/29
Germany
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
Homepage Baukasten WebGo webgo GmbHHomepage Baukasten WebGo
Heidenkampsweg 81
20097 Hamburg
Germany
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
Kimai The open-source app is packaged by Cloudron and hosted on a Contabo Virtual Private Server. Please go to "Data Storage and IT Security" to find their privacy policies.Kimai
→ The app services themselves are provided by the data controller EduNet Europe gGmbH.
EduNet Europe gGmbH
Ferdinand-Maria-Straße 16
83670 Bad Heilbrunn
Germany
We do not disclose personal data to this app. However, if you engage in one of our activities that uses the app, meta-data may be collected by the processor. Other personal data you share explicitly (e.g. your name) will be stored in our account. -
LimeSurvey The open-source app is packaged by Cloudron and hosted on a Contabo Virtual Private Server. Please go to "Data Storage and IT Security" to find their privacy policies.LimeSurvey
→ The app services themselves are provided by the data controller EduNet Europe gGmbH.
EduNet Europe gGmbH
Ferdinand-Maria-Straße 16
83670 Bad Heilbrunn
Germany
We do not disclose personal data to this app. However, if you engage in one of our activities that uses the app, meta-data may be collected by the processor. Other personal data you share explicitly (e.g. your name) will be stored in our account. -
Microsoft Office 365 Microsoft CorporationMicrosoft Office 365
One Microsoft Way
Redmond, WA 98052-6399
United States of America
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app services are provided by a processor from a third country not covered by an adequacy decision pursuant to Art. 45(3) GDPR.
→ The company is self-certified and listed as an active participant in the Data Privacy Framework Program.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
Miro RealtimeBoard, Inc.Miro
201 Spear Street,
Suite 1100
San Francisco, CA 94105
United States of America
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app services are provided by a processor from a third country not covered by an adequacy decision pursuant to Art. 45(3) GDPR.
→ The company uses the EU standard contractual clauses of 2016 to ensure an adequate level of data protection at the data importer.
We do not disclose personal data to this app. However, if you engage in one of our activities that uses the app, the app may collect meta-data (online identifiers). For more details, please consult the app's privacy policy. Other personal data you share explicitly (e.g. your name) will be stored in our app accounts and disclosed to us. -
Poll Everywhere Poll Everywhere, Inc.Poll Everywhere
548 Market St Ste 17358
San Francisco, CA 94105
United States of America
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app services are provided by a processor from a third country not covered by an adequacy decision pursuant to Art. 45(3) GDPR.
→ The company is self-certified and listed as an active participant in the Data Privacy Framework Program.
We do not disclose personal data to this app. However, if you engage in one of our activities that uses the app, the app may collect meta-data (online identifiers). For more details, please consult the app's privacy policy. Other personal data you share explicitly (e.g. your name) will be stored in our app accounts and disclosed to us. -
QuestionPro QuestionPro GmbHQuestionPro
Friedrichstraße 171
10117
Germany
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
Scoocs Scoocs, Unipessoal, LDAScoocs
Rua Direita N 188 1
Chaves 5400-220
Portugal
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission. -
SignatureSatori AppSatori s.r.oSignatureSatori
Winstona Churchilla 1800/2
13000 Prague
Czechia
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
SurveyHero enuvo GmbHSurveyHero
Huobstrasse 10
8808 Pfäffikon SZ
Switzerland
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
TeamUp Teamup Solutions AGTeamUp
Kreuzstraße
Kreuzstraße 42
8008 Zürich
Switzerland
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission. -
tucan Tucan.ai GmbHtucan
Ohmstraße 7
10179 Berlin
Germany
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
UserCentrics Usercentrics GmbHUserCentrics
Sendlinger Straße 7
80331 Munich
Germany
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We do not disclose personal data to this app. However, if you engage in one of our activities that uses the app, the app may collect meta-data (online identifiers). For more details, please consult the app's privacy policy. Other personal data you share explicitly (e.g. your name) will be stored in our app accounts and disclosed to us. -
Virtual Private Server Contabo GmbHVirtual Private Server
Aschauer Straße 32a
81549 München
Germany
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app provider / data processor is based in the European Union or in a third country for which an adequacy decision has been issued by the European Commission.
We have concluded a data processing agreement (DPA) with the processor. This is a contract mandated by data privacy laws that guarantees that the processor processes personal data only based on our instructions and in compliance with the GDPR. -
Zoom Zoom Video Communications, Inc.Zoom
55 Almaden Boulevard
Suite 600
San Jose, CA 95113
United States of America
The data is stored on the processor's cloud servers. Cloud providers typically do not have any direct access to the data, except in exceptional cases to provide helpdesk and troubleshooting services.
The app services are provided by a processor from a third country not covered by an adequacy decision pursuant to Art. 45(3) GDPR.
→ The company is self-certified and listed as an active participant in the Data Privacy Framework Program.
We do not disclose personal data to this app. However, if you engage in one of our activities that uses the app, the app may collect meta-data (online identifiers). For more details, please consult the app's privacy policy. Other personal data you share explicitly (e.g. your name) will be stored in our app accounts and disclosed to us.
Data Processing Purposes and Activities
Personnel
-
Communication Processing ActivitiesCommunication
• Processing user-generated content sent in emails or other modes of communication.
Data Categories
• Communication Data
• Private Contact Details
• Professional Contact Details
Legal Basis for Data Processing
• Art. 6 (1) lit. d GDPR
• Art. 6 (1) lit. f GDPR
External Recipients / Processors (Apps)
• Google Workspace
• Hive
• Hiver
• Microsoft Office 365
• SignatureSatori
• tucan
• Zoom -
Human Resources Management Processing ActivitiesHuman Resources Management
• Maintaining employee records.
• Managing payroll and benefits.
• Tracking attendance and leave.
Data Categories
• Communication Data
• Demographic Information
• Education Information
• Employment Information
• Financial Information
• Identifiers
• Multimedia Data
• Private Contact Details
• Professional and Behavioural Data
• Professional Contact Details
Legal Basis for Data Processing
• Art. 6 (1) lit. b GDPR
• Art. 6 (1) lit. c GDPR
External Recipients / Processors (Apps)
• Cloudron
• Google Workspace
• Hive
• Hiver
• Homepage Baukasten CheckDomain
• Homepage Baukasten WebGo
• Kimai
• Microsoft Office 365
• SignatureSatori
• TeamUp
• Zoom -
Project Management Processing ActivitiesProject Management
• Sharing project plans, timelines, and responsibilities.
• Coordinating communications among collaborators (emails, meetings, reports).
• Providing meeting summaries.
• Collecting and storing project-related documents and deliverables.
• Publishing team webpages.
Data Categories
• Communication Data
• Demographic Information
• Education Information
• Employment Information
• Identifiers
• Multimedia Data
• Private Contact Details
• Professional and Behavioural Data
• Professional Contact Details
Legal Basis for Data Processing
• Art. 49 (1) lit. a GDPR
• Art. 6 (1) lit. a GDPR
• Art. 6 (1) lit. b GDPR
• Art. 6 (1) lit. c GDPR
External Recipients / Processors (Apps)
• Microsoft Office 365
• duda
• EasyRetro
• Google Workspace
• Homepage Baukasten CheckDomain
• Kimai
• Miro
• QuestionPro
• TeamUp
• tucan
• Zoom
• SignatureSatori -
Scheduling Processing ActivitiesScheduling
• Using calendar and scheduling tools to organise and manage meetings.
Data Categories
• Identifiers
• Private Contact Details
• Professional Contact Details
Legal Basis for Data Processing
• Art. 6 (1) lit. a GDPR
External Recipients / Processors (Apps)
• Cal.com
• Google Workspace