Verantwortlich für alle hier publizierten Inhalte – mit ausdrücklicher Ausnahme vom Inhalt aller hier verlinkten Seiten – ist:
Data protection statement
Data protection statement
This statement explains how the Society (“we” and “our”) handles and uses the personal data we collect about our members and our past, current and future supporters (“you” and “your”). Developing a better understanding of our members and supporters allows us to keep in touch with you, in order to keep you apprised of our activities and developments, to provide services to you, and to identify ways in which you can support us.
We are committed to protecting your personal information and being transparent about what information we hold.
Personal data that we hold
We may hold information relating to you from a number of sources. A significant proportion of the information we hold is that which you provide to us (for example, you may give us information by filling in forms on our website, or by corresponding with us by telephone, e-mail or otherwise).
All records contain:
- your full name
- your college affiliation
- your year of matriculation
- your e-mail address
Many records also contain:
- details of your education (e.g. the courses you have completed, dates of study)
- your current professional status (e.g. your employer, your academic research)
- details of your interactions with us, including:
- your membership and achievements with us
- your attendance at our events
- other contact with us or our partners (as listed below)
- details of benefits and services provided to you
- your relationships with other members or supporters
- details about your family (e.g. your marital status, the name of your partner or spouse)
- personal data provided by you for a specific purposes (e.g. disability and dietary preferences for event management purposes)
- your communication preferences, to help us provide tailored and relevant communications
How we use your data
Your data is used by us for a number of interdependent purposes in support of alumni relations. These include:
- sending you publications (e.g. magazines and updates about our activities)
- conducting surveys
- providing services
- sending you details of volunteering opportunities
- inviting you to our events
- internal record keeping, including the management of any feedback or complaints
- administrative purposes (e.g. in order to administer an event you have registered for or attended)
If you have concerns or queries about any of these purposes, or how we communicate with you, please contact us using the details listed below.
We will always respect a request by you to stop processing your personal data, and in addition your statutory rights are set out below.
When we share your data with others (our partners)
We share the above categories of data with the Universities and Colleges. Any transmission of data to or from the Universities and Colleges is managed through agreed processes that comply with relevant data protection legislation. The Universities and each College has its own data protection statement and procedures.
Additionally, we share data on a considered and confidential basis, where appropriate, with the providers of services for Society events to which you have signed up.
How we protect your data
We ensure we have appropriate data sharing arrangements in place before sharing your personal data.
We do not sell your personal data to third parties under any circumstances, or permit third parties to sell on the data we have shared with them.
We also facilitate communication between individual members, but in doing so we do not release personal contact details without prior permission.
Any transfers of your data overseas (outside of the European Economic Area), as set out above, are protected either by an ‚adequacy decision‘ by the European Commission (declaring the recipient country as a ’safe‘ territory for personal data) or by standard contractual clauses adopted by the European Commission (which give obligations for the recipient to safeguard the data) or, before 25th May 2018, based on our self-assessment of the risks involved with the transfer and its determination that the data will be adequately protected during and after the transfer. Further information about the measures we use to protect data when being transferred internationally is available from us (via the contact details are set out below).
You have the right to:
- ask us for access to, or rectification or erasure of your data
- restrict processing (pending correction or deletion)
- object to communications or direct marketing
- ask for the transfer of your data electronically to a third party (data portability)
You have the right to lodge a complaint with the Federal Commissioner for Data Protection and Freedom of Information (in German: Bundesbeauftragter für den Datenschutz und die Informationsfreiheit) at https://www.bfdi.bund.de/DE/Home/home_node.html
The legal basis for processing your personal data for the interdependent purposes set out above is that it is necessary for the pursuit of our legitimate interests. We always handle your personal data securely and minimise its use, and there is no overriding prejudice to you by using your personal information for these purposes. In addition, there is no statutory or contractual requirement for you to provide us with any personal data.
The controller for your personal data is the Society and we can be contacted at firstname.lastname@example.org.
Please contact us if you have any concerns or questions about the above information or you wish to ask us not to process your personal data for particular purposes. Where you have specific requests relating to how we manage your data, we will endeavour to resolve these, but please note that there may be circumstances where we cannot comply with specific requests.
We will retain your data indefinitely or until you request us to do otherwise. We will publish any changes we make to this data protection statement and notify you by other communication channels where appropriate.
Where you exercise your right to erasure, we will continue to maintain a core set of personal data (name, membership details, unique identification number and date of birth) to ensure we do not contact you inadvertently in future.