Data Privacy
Updated 09.12.2019
Information on the Collection of Personal Data

The operators of these websites take the protection of your personal data very seriously.
Personal data are all data that can be related to you personally, such as name, address, email addresses, and user behavior (information referring to an identifiable natural person (Art. 4, No. 1 of the EU General Data Protection Regulation (GDPR))).

Controller according to Art. 4, par. 7 GDPR is the President of KIT, Professor Dr.-Ing. Holger Hanselka, Kaiserstrasse 12, 76131 Karlsruhe, Germany, (see Legals). Our Data Protection Commissioner can be contacted at or by ordinary mail with “Die Datenschutzbeauftragte” (the data protection commissioner) being indicated on the envelope.

When you contact us by electronic mail or via a contact form, the data given by you (your email address and, if applicable, your name and your phone number) will be stored by us to answer your questions. The data arising in this connection will be erased as soon as storage will no longer be required or processing will be restricted, if legal obligations to retain the data exist.

We would like you to note that internet-based data transmission (e.g. when communicating by electronic mail) may have security gaps. Absolute protection of data against access by third parties may not be guaranteed.

Collection of Personal Data
a) When visiting the website

When using the website for information purposes only, i.e. when you do not register or transmit other information, we will only collect the personal data that are transmitted by your browser to our server according to the settings made by you (server log files). For viewing our website, we collect the data required for this purpose and needed for ensuring stability and security according to Art. 6, par. 1, clause 1, (f) GDPR:

  • Anonymized IP address
  • Date and time of access
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the access (concrete site)
  • Status of access/HTTP status code
  • Data volume transmitted
  • Website from which an accessing system reaches our website
  • Browser

These data cannot be referred to certain persons. These data will not be combined with other data sources. We reserve the right to check these data later on, if concrete indications of unlawful use become known to us.

This data is processed for the following purposes
  1. enabling the use of the website (establishing a connection)
  2. administration of the network infrastructure
  3. appropriate technical and organisational measures for IT system and information security, taking into account the state of the art
  4. error analysis and hazard prevention
  5. guarantee the user-friendliness of the use
  6. optimization of the Internet offer
The legal bases for the above processing operations are as follows
  1. for the processing for the visit of the web pages according to the numbers 1-2 Art. 6 Para. 1 s.1 letter b (necessary for the fulfilment of the web page usage contract relationship),
  2. for processing operations pursuant to No. 3 Art. 6 Para. 1 s.1 letter c GDPR (legal obligation to implement technical and organisational measures to safeguard data processing pursuant to Art. 32 GDPR) and Art. 6 Para. 1 s.1 letter f GDPR (legitimate interests in data processing for network and information security) as well as for processing operations pursuant to No. 3 Art. 6 Para. 1 s.1 letter c GDPR (legal obligation to implement technical and organisational measures to safeguard data processing pursuant to Art. 32 GDPR).
  3. processing operations pursuant to paragraphs 4-5 of Art. 6 (1) sentence 1 letter f GDPR (legitimate interests). The legitimate interests of our data processing consist in designing and optimising our offer in a user-friendly manner. We can also deliver direct advertising within the scope of the legitimate interests.
  4. The aforementioned data will be automatically deleted by the web server after a defined period of time, which is 30 days. If data is processed for longer periods for purposes according to numbers 2-5, it is anonymised or deleted if storage is no longer necessary for the respective purpose.
b) when creating an account

You can register on our website with a user account, for example to receive newsletters or to access certain content. You can also register for events with a user account.

When registering for a user account, some mandatory information must be provided. This includes

  • First name and surname
  • email address

Any other mandatory information is marked as such (e.g. by *). In addition, further information can often be provided voluntarily.

The processing of the mandatory data is undertaken in order to identify you as a registered user of the website. The provision of voluntary data enables us to implement your experience on the website in an interest-oriented manner.

Data processing takes place at the request of interested users and is required pursuant to Art. 6 Para. 1 s. 1 letter b GDPR.

The data collected as described above will not be passed on without your consent. We use the so-called double opt-in procedure for registration, i.e. your registration is not completed until you have previously confirmed your registration by clicking on the link contained in a confirmation e-mail sent to you for this purpose. If your confirmation is not received within 48 hours, your registration will automatically be deleted from our database.

You can always make changes to this data within your user profile. You can also delete your user profile there. The existing personal data will then automatically be removed from our database. It is also possible to unsubscribe from the newsletter in the user profile area. In addition, you can always request a complete deletion of your existing personal data by sending an e-mail to

c) When registering for events

We regularly offer a wide range of events via our website, some of which you can register for online. When registering for an event, certain mandatory information must be provided. This includes

  • Name of the organization
  • contact details

In addition, further, voluntary information can often be

The processing of the compulsory data is carried out in order to identify you as a participant of the event and to respond to your personal needs, to reserve the participation place, to justify or implement the contract of participation with you and to provide you with information on the event before, during and after the event, which should enable you to participate optimally and enable us to plan and guarantee a smooth course. The provision of voluntary data enables us to plan and carry out the event appropriately and to improve your participation experience.

Data processing is carried out at the request of interested participants and is required for the purposes specified in Art. 6 Para. 1 s. 1 letter b GDPR for the fulfilment of the participant contract and the pre-contractual measures.

The personal data collected by us during an event will be stored by us for up to 6 months unless you have consented to further storage in accordance with Art. 6 para. 1 sentence 1 letter a GDPR.

Personal data will be transferred to third parties as follows:

When registering for an event, personal data, including name, e-mail address, organisation and other details will be transmitted to the organiser within the framework of the registration of participants, so that the organiser can contact the participants for the purpose of providing information about the event (e.g. place, time, contents). In addition, the organizer requires the data for the appropriate planning of the event. The information as to who will host the event will always be provided within the framework of the registration. In this case, the organizer's data protection guidelines apply to the further processing of the data.

SSL Encryption

For reasons of security and for the protection of the transmission of confidential contents, such as inquiries sent to us as website operator, this website uses SSL encryption. In case of an encrypted connection, the address line of the browser changes from http:// to https:// and the lock symbol is indicated in your browser line.
When SSL encryption is activated, third parties can typically not read the data you transmit.

Your Rights

As far as your personal data stored by us are concerned, you have the following rights:

  • Right of access
  • Right to rectification or erasure
  • Right to restriction of processing
  • Right to object to data processing
  • Right to data portability

The person subject to the data has the right to obtain information about his/her own stored personal data and the right to correct, block or delete inaccurate data. The following person may be contacted for information on personal data, to have inaccurate data corrected, blocked or deleted and for further questions on the use of personal data:

Dr. Joerg Schaarschmidt, KIT
Tel: +49 (0)721 608-26715

(2) In addition, you have the right to complain about the processing of your personal data by us with a supervisory authority.
(3) In the case of manifestly unfounded or excessive requests, we can charge a reasonable fee. Otherwise, information will be provided free of charge (Article 12, par. 5 GDPR).
(4) In the case of reasonable doubts concerning the identity of the natural person asserting the above rights, we may request the provision of additional information necessary to confirm the identity of the data subject (Article 12, par. 6 GDPR).


In addition to the data mentioned above, cookies are stored on your personal computer when using our website. Cookies are small text files stored in your computer system by the browser used by you, through which we (the server of our website) obtain certain information. Cookies cannot execute any programs or transmit viruses to your computer. They serve to make internet offers more user-friendly, more effective, and quicker. It is distinguished between session cookies (transient cookies) and permanent (persistent) cookies.

Transient cookies are deleted automatically when you close the browser. They include in particular the session cookies. These store a so-called session ID, through which queries of your browser can be allocated to the joint session. They allow us to identify your computer when you return to our website. Session cookies are deleted when you log out or close the browser.

We use session cookies exclusively. We do not use any persistent cookies or flash cookies.

You can set your browser such that you will be informed about the setting of cookies and you can permit cookies in individual cases only, exclude the acceptance of cookies in certain cases or in general, and activate automatic deletion of cookies when closing your browser. When deactivating cookies, functionality of this website may be limited.

Validity of the data protection declaration

This privacy policy is currently valid and dated 09.12.2019. It can be downloaded and accessed at any time on the website.

This document is based on the KIT Privacy Policy.