University

Data Protection

 

Large quantities of personal and other sensitive data are collected and processed at FH JOANNEUM. The Management are committed to ensuring that this data is properly protected. In order to safeguard the personal data of employees, academic staff, students and research partners, FH JOANNEUM has established the position of a Data Protection Officer (DPO).

Data Protection Information

This statement issued by FH JOANNEUM Gesellschaft mbH (FHJ) in accordance with the provisions of the applicable data protection law provides information about what personal data is collected, processed and used in the context of using the website, registering interest in a degree programme, submitting an application (both students and staff), alumni registration, as well as photos and video recordings at FH events.

Data Protection Officer

Please contact FH JOANNEUM Gesellschaft mbH at datenschutz@fh-joanneum.at or the Data Protection Officer at dsb@fh-joanneum.at for more information on these matters.

Rights of data subjects

You have the following rights towards FH JOANNEUM in its capacity as controller:

  • Right of access to personal data concerning you,
  • Right of withdrawal of consent already granted,
  • Right to rectification or erasure or to restriction of processing,
  • Right to data portability,
  • Right to object under certain circumstances,

which can be asserted against FH JOANNEUM, Alte Poststrasse 149, 8020 Graz, datenschutz@fh-joanneum.at, as the controller, or its Data Protection Officer at dsb@fh-joanneum.at.

You also have the right to lodge a complaint with the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, T: +43 1 52 152-0, email: dsb@dsb.gv.at, as the competent supervisory authority.

1. Application for employment
1.1 Controller and data categories

FH JOANNEUM Gesellschaft mbH, Alte Poststrasse 149, 8020 Graz, in its capacity as controller, processes (including by electronic means) the personal data that you provide in your application and in the course of the recruitment process. This includes, in particular, your name, academic degree, gender, date of birth, nationality, residence permit, address, telephone number, email address, photo, CV, certificates and other documentary evidence, data on education (institution, duration...) and professional experience (company, duration of employment, position, ...), data from a covering letter, if any.

1.2 Purpose

The data you provide will be processed for the purpose of handling your application and carrying out the recruitment process in place at FH JOANNEUM. The processing of applicant data is necessary in order to be able to decide on the conclusion of a contract.

1.3 Legal basis

The processing of your data for the above purpose is based on Art. 6 (1) (b) GDPR for the implementation of pre-contractual measures. You are under no statutory or other obligation to provide your personal data. It must be pointed out, however, that failure to provide the information described will prevent your application from being processed and rule out any consideration in the recruitment process or the possible conclusion of a contract. If a contract is concluded, the processing will be carried out in accordance with the information provided on "contract management" at www.fh-joanneum.at/en/university/organisation/service-departments/personnel-and-legal-services/.

1.4 Recipients

The data is processed by the FHJ Division of Personnel and Legal Services for the stated purpose. In addition, persons involved in the recruitment process will also have access. These include, in particular, the head of the organisational unit advertising a position and the Head of the Division of Personnel and Legal Services, and for positions in the field of teaching and research the relevant members of the FH JOANNEUM Board as well as other members of hearing commissions and the FHJ Management.

Your data may be transferred to external (recruitment) consultants/consulting companies, recruitment agencies and external members of hearing commissions for the aforementioned purpose.

If a legal dispute arises during or after the recruitment process, the data necessary for appropriate legal action will be transmitted to legal representatives, authorities, and other public bodies such as the Equal Treatment Commission or courts.

1.5 Retention period

Following completion of the application process, the documents of the successful applicant will be filed in the FHJ personnel administration system once the contract has been concluded. See information on processing in the context of "contract management” at www.fh-joanneum.at/en/university/organisation/service-departments/personnel-and-legal-services/.

If no contract is concluded with FHJ, the data will be deleted when the position has been filled or FHJ has decided not to fill the position, but no later than 6 months after the end of the respective recruitment process in accordance with the deadlines specified in the Equal Treatment Act (GlBG) and the Equal Opportunities for People with Disabilities Act (BGStG).

In the event of legal disputes, your data will continue to be processed in accordance with Art. 6 (1) (f) GDPR in our interest for the establishment, exercise or defence of legal claims until the relevant purpose has been achieved.

2. Prospective students
2.1 Controller and data categories

FH JOANNEUM Gesellschaft mbH, Alte Poststrasse 149, 8020 Graz, in its capacity as controller, processes (including by electronic means) the personal data that you provide when registering interest in a degree programme in writing, by email or via a web form. This includes, in particular, your name, title, email address, interest in field(s) of study, first contact (trade fair, registration on a web platform, etc.) and possible start of studies.

2.2 Purpose

The data you provide will be processed for the purpose of sending you general information material about studying at FHJ, the application procedure and information about your desired field(s) of study.

2.3 Legal basis

Your data is processed on the basis of Art. 6 (1) (a) GDPR, for the purpose of transmitting information (see above). You are under no statutory or other obligation to provide your personal data. It must be pointed out, however, that failure to provide the information described will prevent data processing for the purpose of sending information.

2.4 Recipients

The data will only be processed by FHJ staff for the stated purpose and will not be passed on to third parties.

2.5 Retention period

The data will be deleted as soon as you submit a request for erasure. The data will be automatically erased once the basis of your enquiry about a specific degree programme no longer applies, e.g. at the beginning of the relevant academic year.

3. Application for studies
3.1 Controller and data categories

FH JOANNEUM Gesellschaft mbH, Alte Poststrasse 149, 8020 Graz, in its capacity as controller, processes (including by electronic means) the personal data that you provide in your online application. This includes: your name/s, academic degree (if applicable), gender, address, telephone number, email address, date of birth, place of birth, social security number (substitute code, if applicable), nationality, university entrance qualification/previous education (= proof of university entrance qualification, school leaving certificates, proof of Bachelor's degree or equivalent, if applicable), desired field of study, letter of application, CV, proof of citizenship, proof of proficiency in the languages of instruction, professional experience (if applicable), further proof of suitability for studying (if applicable, e.g. portfolios with samples of work, exposé, etc.), temporary residence permit card (if applicable), registration certificate (if applicable).

In order to be able to rank the applicants, an application ID will be added to your master data, and the results of the admission test, the results of the admission interview as well as the other admission procedure criteria (as defined in the degree programme applications) will be stored and processed.

3.2 Purpose

The data you provide is processed for the purpose of handling your application and carrying out the application, acceptance and admission procedure for a place at FH JOANNEUM. The processing of applicant data is necessary in order to be able to decide on the conclusion of a student agreement.

3.3 Legal basis

The processing of your data for the above purpose is based on Art. 6 (1) (b) GDPR for the implementation of pre-contractual measures. You are under no statutory or other obligation to provide your personal data. It must be pointed out, however, that failure to provide the information described will prevent your application from being processed and rule out any consideration in the application procedure or the possible conclusion of a student agreement. If a contract is concluded, the processing will be carried out in accordance with the information provided on "study law matters" at www.fh-joanneum.at/en/university/organisation/service-departments/continuing-education-and-student-administration/.

3.4 Recipients

The data will be processed for the stated purpose by FHJ employees who are involved in the application, acceptance and admission procedure and the allocation of study places. Your test data will be transferred to a service provider tasked with the automated evaluation of the admission tests. The data required for returning your test results (feedback letter) will also be transferred to this service provider.

3.5 Retention period

If you are admitted to the programme, your data will be transferred to your student file. You can find the relevant data protection information at www.fh-joanneum.at/en/university/organisation/service-departments/continuing-education-and-student-administration/.

If no student agreement is concluded with FHJ, the data will be deleted (and applications submitted by post will be disposed of) after three years. In the event of legal disputes, your data will continue to be processed in accordance with Art. 6 (1) (f) GDPR in our interest for the establishment, exercise or defence of legal claims until the relevant purpose has been achieved.

4. FH JOANNEUM alumni
4.1 Controller and data categories

FH JOANNEUM Gesellschaft mbH, Alte Poststrasse 149, 8020 Graz, in its capacity as controller, electronically processes the personal data that you provide when giving your consent to the storage and processing of your data in the FHJ alumni database. This includes your name, address, telephone number, email address (FH JOANNEUM and private), degree programme(s), personal identifier or matriculation number, consent to receive information about FHJ activities and alumni events.

4.2 Purpose

The data you provide will be processed for the purpose of sending you information material on FH JOANNEUM activities and alumni events.

4.3 Legal basis

Your data is processed on the basis of Art. 6 (1) (a) GDPR for the purpose of sending information (see above). You are under no statutory or other obligation to provide your personal data. It must be pointed out, however, that failure to provide the information described will prevent data processing for the purpose of sending information.

4.4 Recipients

The data will only be processed by FHJ staff for the stated purpose and will not be passed on to third parties.

4.5 Deletion period

The data in the alumni database will be deleted as soon as you submit a request for erasure.

5. Cookies and plugins
5.1 Cookies

Cookies are small text files that are placed on a visitor's device by a website.

There are three categories of cookies:

  • Strictly necessary cookies to ensure basic functions of the website
  • Functional cookies to ensure the performance of the website
  • Targeted cookies to improve the user experience.
5.1.1 Study Finder cookies

The fh-joanneum.at website uses cookies in connection with the Study Finder, for example, to track whether a user has already entered relevant data into the Study Finder. This data is used to display targeted content in various places on the fh-joanneum.at website.

5.1.2 Language setting

The fh-joanneum.at website uses cookies in connection with languages, for example, to save the language chosen by the user to be able to display the correct language on future visits.

5.1.3 Statistical evaluation (tracking)

A targeted cookie is used for the statistical evaluation of the use of our website. The data is passed on to our statistics service provider, Google Analytics.

5.1.4 What data is collected?

When visiting the website, the following data is collected by a pixel embedded on every page:

  • Request (file name of the requested file)
  • Browser type/version (e.g. Internet Explorer 11)
  • Browser language (e.g. German)
  • Operating system used (e.g. Windows 10)
  • Resolution of the browser window
  • Screen resolution
  • JavaScript activation
  • Java On / Off
  • Cookies On / Off
  • Colour depth
  • Referrer URL (the previously visited page)
  • Anonymised IP addresses
  • Time of access
  • Clicks
  • Form contents, if applicable
5.1.5 Opt-out

If you do not want to be tracked on fh-joanneum.at, you have the option of opting out. The fh-joanneum.at domain will then set a cookie named ‘viewed-cookie-policy’. The opt-out applies as long as you do not delete the cookie.

5.2 Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer, to help analyse your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there. If IP anonymisation is activated on this website, however, your IP address will first be truncated by Google within member states of the European Union or in other contracting states to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transmitted to a Google server in the USA and truncated there. Google will use this information on behalf of the operator of this website for the purpose of evaluating your use of the website, compiling reports on website activity and providing the operator with other services relating to website and internet usage.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent Google from collecting and processing data generated by the cookie on your use of the website (including your IP address) by downloading and installing the browser plugin available at https://tools.google.com/dlpage/gaoptout?hl=en. You can find more information on this at https://www.google.com/intl/de/analytics/privacyoverview.html.

5.3 Facebook plugins

This website uses so-called "social plugins" of the social network facebook.com ("Facebook"). Facebook is operated by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. Detailed information on what the individual plugins look like and how they work can be found at https://developers.facebook.com/docs/plugins/

When you open pages of this website that contain Facebook social plugins, your browser will establish a direct connection with the Facebook servers. Facebook will receive the information that you have accessed the page of our website containing the social plugin.

If you are logged into Facebook at that time, your visit to these pages and all your interactions with the social plugins (e.g. clicking the "Like" button, posting a comment, etc.) can be assigned to your Facebook profile and stored by Facebook. Even if you do not have a Facebook profile, it cannot be ruled out that Facebook will store your IP address.

With regard to the purpose and scope of data collection as well as processing and use of the data by Facebook, please refer to the [Facebook privacy policy]((https://www.facebook.com/policy.php). There you will also find an overview of the settings options in your personal Facebook profile to protect your privacy and your associated rights.

To prevent Facebook from collecting the above-mentioned data when you visit our website, you should log out of Facebook before visiting our site. To prevent Facebook generally from accessing your data on this and other websites, you can block Facebook social plugins by using an add-on for your browser (e.g. "Facebook Blocker", webgraph.com/resources/facebookblocker).

5.4 Facebook Pixel

FH JOANNEUM uses Facebook Pixel on its website. The Facebook Pixel is a piece of JavaScript code that is integrated into websites and can link the behaviour of people on the website to Facebook user profiles. It collects data that helps track user behaviour, optimise ads and create audiences. The link between a website visitor and their Facebook account (if the user has one) allows highly targeted ads to be served based on actions people have taken on the website.

By placing Facebook Pixel on our website, FH JOANNEUM can tailor its advertising measures to target groups and thus ensure efficient and cost-effective advertising. Furthermore, Facebook uses the collected data for analysis purposes and its own advertisements.

The following cookies are set by Facebook Pixel:

Name: Facebook Pixel

Provider: Facebook Ireland Limited

Purpose: Facebook cookie used for website analytics, ad targeting and ad measurement.

Privacy info: https://www.facebook.com/policies/cookies

Cookie name:

  • _fbp, act,
  • c_user, datr, fr,
  • m_pixel _ration, pl,
  • presence, sb,
  • spin, wd, xs

Cookie duration: Session / 1 year

Facebook also processes the collected data in the USA. Please note that according to the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may involve risks with regard to the lawfulness and security of data processing in this context.

Facebook uses standard contractual clauses (SCC, pursuant to Article 46 (2) and (3) GDPR) as the basis for data transfers to recipients in third countries (outside the EEA). These SCC are model clauses provided by the EU Commission to ensure that your data are subject to European data protection laws when processed in third countries. By using SCC, Facebook undertakes to comply with the European level of protection when processing the relevant data, even if the personal data is processed in a third country (in this case the USA). Facebook's data processing policies, which are in compliance with these SCCs, can be found at https://www.facebook.com/help/566994660333381 More information about Facebook's data protection policy is available at https://www.facebook.com/legal/terms/dataprocessing

6. Photo and video recordings at FH JOANNEUM events
6.1 Purpose

In the following, FH JOANNEUM Gesellschaft mbH, Alte Poststrasse 149, 8020 Graz, info@fh-joanneum.at, in its capacity as data controller, provides you with information about the processing of videos and photos taken in the course of its events.

FH JOANNEUM is one of Austria's leading universities of applied sciences. FH JOANNEUM's public relations work is designed to provide transparent information about its activities financed from public funds. Personal photos and videos electronically recorded during FH JOANNEUM events serve this purpose of reporting and documentation.

6.2 Controller contact

The data controller is FH JOANNEUM Gesellschaft mbH, Alte Poststrasse 149, 8020 Graz. You can contact FH JOANNEUM Gesellschaft mbH at datenschutz@fh-joanneum.at or its Data Protection Officer at dsb@fh-joanneum.at for more information on data protection matters.

6.3 Right to object

You are entitled to object to this data processing for personal reasons. You can exercise this right by sending your justified objection to datenschutz@fh-joanneum.at or to the FH JOANNEUM Data Protection Officer at dsb@fh-joanneum.at.

6.4 Legal basis

Photo and video material is processed for the purposes of the legitimate interests (acc. to Art. 6 (1) (f) GDPR) pursued by FH JOANNEUM to document and report on its activities in a transparent manner. There is no legal or contractual obligation for this data processing and there will be no consequences if the data are not provided. FH JOANNEUM is committed to ensuring that its interest in producing photos and videos does not unduly infringe the rights and freedoms of natural persons. Your wish not to be photographed or filmed will be respected, especially in the case of individual recordings.

6.5 Recipients

After careful selection, the image and video material will be shared with the following categories of recipients or published in the following media: FH JOANNEUM website, FH JOANNEUM print media, data processors such as hosting provider, agency, printing house of FH JOANNEUM, social media companies such as Facebook, Instagram, YouTube, LinkedIn, Xing, Vimeo, Snapchat, Twitter as well as local and national media.

6.6 Retention period

The retention period is limited to its purpose. Photo and video material will, as a principle, be retained for a period of seven years and will then be deleted. Erasure in print media that have already been published is not possible. Images and videos on websites or social media platforms will be deleted to the extent technically possible.

6.7 Rights of data subjects

You also have the following rights:

  • Right of access to the personal data concerned,
  • Right to rectification or erasure or to restriction of processing
  • Right to data portability,

which can be asserted against FH JOANNEUM, Alte Poststrasse 149, 8020 Graz, datenschutz@fh-joanneum.at, as the controller, or its Data Protection Officer at dsb@fh-joanneum.at.

You also have

  • the right to lodge a complaint

with the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Vienna, telephone: +43 1 52 152-0, email: dsb@dsb.gv.at, as the competent supervisory authority.

7. Internal whistleblowing system
7.1 Data controller and categories of data

The User and Controller of this internal whistleblowing system is FH JOANNEUM GmbH, Alte Poststrasse 149, 8020 Graz, Austria.

7.2 Purpose

The whistleblowing system is a digital application or software-based platform that can be accessed via a web browser and enables the User to establish a confidential communication channel to staff members and/or other persons entitled to report relevant information. This enables them to anonymously provide the User with information about breaches (“reports”) in accordance with the provisions of § 3 of the Whistleblower Protection Act (HSchG). The User can use the functions of the whistleblowing system to process, manage and/or follow up on reports submitted to it.

The internal whistleblowing system in accordance with §§ 11 et seq. of the Whistleblower Protection Act (HSchG) has been established and is maintained by ACOmarket GmbH, Wollzeile 11/2, 1010 Vienna, Austria, using the online-based whistleblowing system of Vispato GmbH, Hansaallee 299, 40549, Düsseldorf, Germany.

7.3 Legal basis

The legal basis for the related data processing is Art. 6 (1) (c) of the General Data Protection Regulation (GDPR) in conjunction with the Whistleblower Protection Act (HSchG).

7.4 Recipients

Pursuant to § 13 (4) HSchG, third parties may be authorised to receive and process information to fulfil the tasks of an internal reporting office.

Based on this authorisation, FH JOANNEUM GmbH has engaged E+H Rechtsanwälte GmbH, Wienerbergstrasse 11, 1100 Vienna, Austria, to receive and process all reports submitted via the internal whistleblowing system.

7.5. Retention period

Personal data will be kept for a period of five years from the date at which they were last processed or transmitted, or longer where they are needed to complete proceedings already initiated. Once the retention obligation has ceased to apply, personal data will be automatically deleted.

All processing steps (e.g., changes, queries and transfers) conducted must be recorded in accordance with the existing regulations. The related data will be kept from the date of their last processing or transfer for up to three years after the retention obligation has ceased to apply (see above), and will be automatically deleted after expiry of the specified retention periods.