List of active policies
Data protection declaration
Data protection declaration for this online offering and further information about the duty to provide information according to Art. 13 GDPR on the collection of personal data from the data subject.
This data protection declaration (Version: GDPR 1.0 dated 20.09.2019) was produced by:
Datenschutz-Office Munich – www.deutsche-datenschutzkanzlei.de
We, Munich Aerospace – Fakultät für Luft- und Raumfahrt e. V, are responsible for this online offering and, as the provider of a teleservice, must inform you at the beginning of your visit to our website, about the type, scope and purpose of the collection and use of personal data in a precise, transparent, understandable and easily accessible way in clear and simple language. The contents of the information must be retrievable for you at all times. We are therefore obliged to inform you of which personal data will be collected or used. Any information relating to an identified or identifiable natural person is described as personal data.
We place great value on the security of your data and compliance with the data protection regulations. The collection, processing and use of personal data is subject to the regulations of the European and national laws currently in force.
In the following data protection declaration, we would like to show you how we handle your personal data and how you can make contact with us:
Munich Aerospace – Fakultät für Luft- und Raumfahrt e. V.
Register of associations number: VR 203205
Represented by the board of directors: Prof. Dr. Günter Hein, Prof. Mirko Hornung, Prof. Horst Baier, Prof. Klaus Drechsler, Dr. Johann Bals
Telephone: +49 89 307484913
If you have questions about data protection or other matters relating to the data protection regulations, please contact us at the following e-mail address: firstname.lastname@example.org
For the sake of easier reading, no gender-specific distinction is made in our data protection declaration. The terms used apply, in the context of equal treatment, to both genders.
The meaning of the terminology used, for example ‘personal data’ or its ‘processing’ can be taken from Article 4 of the EU-General Data Protection Regulation (GDPR).
The users’ personal data processed in the context of this online offering, includes inventory data (e.g. client’s name and address), contract data (e.g. services used, name of person responsible, payment information), usage data (e.g. Websites of our online offering visited, interest in our products) and content data (e.g. input into the contact form).
‘User’ includes all categories of persons affected by the data processing. These include, for example, our business partners, customers, interested parties and other visitors to our online offering.
Data protection declaration
We guarantee that we only collect, process, store and use your incoming data in connection with the processing of your request, as well as for internal purposes and providing the services that you have requested or to make content available.
Basis of data processing
We process the user’s personal data only in compliance with the relevant data protection regulations. The user’s data are only processed when the following statutory permission exists:
- your consent is given
- on the basis of our legitimate interests (i.e. interest in the optimization and economic operation and security of our online offering, in particular the collection of access data and the use of services from third party providers)
We would like to show you where the main legal grounds are regulated in the GDPR:
Art. 6 para. 1 lit. a. and Art. 7 GDPR
Processing to safeguard our legitimate interests
Art. 6 para. 1 lit. f. GDPR
Data transfer to third parties
A transfer of data only takes place in accordance with the legal regulations. We only give users’ data to third parties when this is necessary e.g. for contractual reasons, or on the basis of a legitimate interest in the economic and effective operation of our business operation.
If we use subcontractors to provide our services, we take appropriate legal precautions as well as suitable technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal regulations.
We advise you that the software used for making educational content available and processing learning activities and learning progress, including maintenance and support, are secured by an external provider. We have entered into a processing contract with this provider in accordance with Art. 28 GDPR.
Data transfers to a third country or an international organization
Third countries are countries in which the GDPR is not a directly applicable law. This basically includes all countries outside the EU, respectively, the European Economic Area.
No transfer of data to a third country or an international organization takes place without your consent or without a legal foundation.
Length of storage of your personal data
We adhere to the principles of data economy and data avoidance. This means that we only store the data made available to us for as long as it is needed to fulfil the previously named purposes or as laid down by the manifold storage periods provided for by the legislator. If the relevant purpose no longer exists, respectively after expiry of the appropriate period, your data is routinely blocked, respectively erased, in accordance with the statutory provisions
We have developed a company-internal concept to guarantee this procedure.
If you make contact with us by email, telephone, fax etc., you consent to electronic communication. The information you provide will be stored exclusively for the purpose of processing your inquiry and for possible follow-up questions.
We would like to tell you the legal grounds:
Processing to perform our services and carry out contractual measures
Art. 6 para. 1 lit. b. GDPR
We would like to advise you that emails can be read or changed, unnoticed and without authorization, during transmission. We would also like to bring to your attention that we use software to filter unwanted emails (spam filter). Emails can be rejected by the spam filter if they are wrongly identified as spam due to the presence of certain characteristics.
What rights do you have?
a) Right to information
have the right to obtain information about your stored data without charge.
Upon request, we will tell you in writing, in accordance with current law, what
personal data about you we have stored. This also includes the origin and
recipients of your data, as well as the purpose of the data processing.
b) Right to rectification
You have the right to have your data which is stored by us, corrected, if it is incorrect. You can demand a limitation of the processing of your personal data, e.g. if the accuracy of your personal data is contested
c) Right to blocking
Furthermore, you can have your
data blocked. So that a blocking of your data can be taken into account at any
time, the data must be held in a lock file for control purposes.
d) Right to erasure
can also demand the erasure of your personal data, so long as no legal storage
obligation exists. If such an obligation exists, we will block your data on
request. If appropriate statutory requirements are present, we will also erase
your personal data without a request from yourself.
e) Right to data transferability
are entitled to demand that the personal data transferred to us is made
available in a format which enables it to be transferred to another location.
f) Right to complain to a supervisory authority
You have the option of contacting a data protection supervisory authority with a complaint:
Bavarian State Office for Supervision of Data Protection (BayLDA)
Promenade 27, 91522 Ansbach, Deutschland
Telephone: +49 981 53-1300
Fax: +49 981 53-981300
The Bavarian State Office for Supervision of Data
Protection’s complaint form can be accessed over the following link: https://www.lda.bayern.de/de/beschwerde.html
g) Right to object
You have the right to object at any time to the use of your data for internal purposes with future
effect. For this, it is sufficient to send an appropriate email to email@example.com.
However, such an objection does not affect the legality of processing procedures which we have
already carried out. This does not affect data processing in respect of other legal bases, for
example, such as contract initiation (see above)
Protection of your personal data
We take state of the art contractual, organizational and technical security measures to ensure compliance with the provisions of the data protection laws and therefore, to protect the data which we process against accidental or deliberate manipulation, loss, destruction or access by unauthorized persons.
In particular, our security measures include the encrypted transfer of data between your browser and our server. 256-bit-SSL (AES 256) encryption technology is used for this.
Thereby your personal data is protected in the context of the following points (extract):
a) Ensuring the confidentiality of your personal data
ensure the confidentiality of the personal data which we store, we have taken
various measures to control access.
b) Ensure the integrity of your personal data
To ensure the integrity of the personal data which we store, we have taken various measures to control transfer and input.
c) Ensure availability of your personal data
To ensure the availability of the personal data which we store, we have taken various measures to control orders and availability.
security measures employed are continually improved in accordance with
technical development. Despite these precautions, because of the insecure
nature of the internet, we are unable to guarantee the security of your data
transfers to our online offering. For this reason, all data transfers from you
to our online offering are made at your own risk.
Protection of minors
Persons who are under 16, are not allowed to provide us with their personal information without the express consent of the person having parental responsibility. These data will be processed in accordance with our data protection declaration
Server Log Files
The provider of the pages automatically collects and stores information in so-called server log files, which are automatically transmitted to us by your browser. These are:
· Browser type and browser version
· Operating system used
· Referrer URL
· time of the server request
· IP address
· HTML code and protocol type
These data are not combined with other data sources.
The basis of the data processing is Art. 6 para, 1 lit. f. GDPR, which permits data processing to safeguard our legitimate interests.
internet offering uses: Browser cookies
Control of cookies by the user
All browsers can be set so that cookies are only accepted upon request. Also, per settings, cookies can be accepted only for sites which are currently being visited. All browsers offer functions which make the selective deletion of cookies possible. The acceptance of cookies can also be deactivated generally, however in this case, limitations in the online offering’s user friendliness must be accepted.
Lifespan of the cookies employed
Cookies are managed by our internet offering’s website. The internet offering uses:
Transient cookies /Session cookies (single use)
Life span: Until the online offering is closed
Deactivate or remove cookies (Opt-Out)
Every browser offers options for limiting and deleting cookies. Further information about this can be obtained from the following websites:
- Internet Explorer:
- Google Chrome:
Use of FileZilla FTP Client (FTP = File Transfer Protocol)
We use the FileZilla FTP client in our online offering, in order to make carrying out eLearning possible. This is free server and client software for data transfer. The product, FileZilla, is produced by Tim Kosse, Lukasstraße 10, 50823 Köln, Germany (“FileZilla”) Specifically, we use the client software.
On the basis of FileZilla’s legitimate interest, in accordance with Art. 6 para. 1 lit. f) GDPR, data processing can occur, in order to provide information about the latest version of the client software. For example, this concerns the following data:
· Software version
· Operating system
· Processor architecture
Data can be processed by FileZilla in an anonymized form, for statistical purposes, in accordance with their legitimate interest (Art. 6 para. 1 lit. f) GDPR). This does not create a personal connection.
There is no transfer of data to third parties.
Further information about FileZilla’s data protection guidelines can be found under the following link: https://filezilla-project.org/privacy.php
Video streaming over Video Stream Hosting (Steinmann GbR)
Video livestreams from Video-Stream-Hosting, a product from Linda and Sören Steinmann GbR, Am Sennehügel 20, 32052 Herford, Deutschland (“VSH”), are integrated into our online offering.
When you watch the streaming videos in our online offering, which are transmitted by VSH, a direct connection is made between your browser and the VSH server. This transmits your IP address in order to make the requested video available. VSH processes your IP address and stores it briefly for the transmission and for the technical and security-related provision of the service. If your IP address is stored for a longer period, this is done in an anonymized form. Because of this, no conclusion can be drawn about your identity.
Processing of the following data is, for example, also possible:
· Date and time of the request
· Content of the request
· Browser type
· Language and version of the browser software
· Operating system
· Access status/http status code
The use of VSH, as well as the processing of the above data, occurs in the context of our legitimate interest in the uninterrupted provision and optimization of our eLearning offering (Art. 6 para. 1 lit. f) GDPR).
Furthermore, VSH deposits a so-called session cookie in your browser. These cookies enable VSH to recognize your browser on your next visit and serves VSH’s technical and security-related services. This applies above all to the recognition of attacks and illegitimate access.
You can obtain further information about VSH’s data protection under the following link: https://www.video-stream-hosting.com/j/privacy
Amendments to our data protection policy
We reserve the right to adapt our data protection declaration on occasions, so that it always meets the current legal requirements or to implement changes in our services in the data protection declaration. This could apply e.g. to the introduction of new services. The new data protection declaration would then apply to your return visit.
Each firm or trademark named here is the property of the respective firm. The naming of brands and names is purely for informative purposes.
The following applies to users who are residents of the Russian Federation:
The services of our online offer listed above, are not intended for citizens of the Russian Federation who are resident in Russia.
If you are a Russian citizen resident in Russia, you are expressly informed that all personal data that you make available to us over our internet offering, is exclusively at your own risk and on your own responsibility. You further agree that you will not hold us responsible for a possible breach of Russian Federation law.