Information in accordance with articles 13 and 14 GDPR (DS-GVO) for the screening of new staff and guests at the University of Tübingen in respect of foreign trade law.

1. Name and contact data of responsible parties

The responsible party under article 4 (7) GDPR is the
University of Tübingen
Geschwister-Scholl-Platz
72074 Tübingen, Germany

The University of Tübingen is a corporation under public law and simultaneously a state-run institution (§ 8 LHG).
Its legal representative is the president, Professor Dr. Karla Pollmann.
rektorinspam prevention@uni-tuebingen.de

2. Data protection officer’s contact details

The data protection officer (art. 37 GDPR) may be contacted at:
University of Tübingen
Geschwister-Scholl-Platz
72074 Tübingen, Germany
Mr Siegmar Ruff
Phone +49 7071 29-74680
datenschutzspam prevention@uni-tuebingen.de

3. Purpose and legal basis of data processing

We process your data as a (future) staff member or future guest of the University in order to contact you and to be able to assess whether restrictions under foreign trade law need to be taken into account for a collaboration. For the University of Tübingen, the legal requirements for the foreign trade screening of personnel, applicants and guests arise in particular from the Foreign Trade and Payments Act, the Foreign Trade and Payments Regulation, the EU Dual-Use Regulation and various other EU regulations on country-specific embargo measures as well as sanctions independent of country. The legal basis for data processing as part of a selection procedure to justify employment as a civil servant with “Beamte” status or as a regular employee is article 6 para. 1 lit. e in conjunction with (3) GDPR (the EU’s General Data Protection Regulation) in conjunction with § 15 LDSG (state data privacy law) in conjunction with §§ 83 to 85 a LBG (state law on “Beamte” civil servants); and as part of an admittance procedure as a guest article 6 (1) lit. c GDPR in conjunction with (3) i n conjunction with the respective EU regulation.

4. Recipients of personal data

The recipients of the personal data are the hiring or host institution, the local IT-supported sanctions list manager, the Welcome Center if applicable, Human Resources and the Exports Control Office (Section I.4 University Development and Compliance).

5. Duration of storage

Your personal data / documents will be deleted / destroyed after the retention periods have expired. The retention period for guests is 10 years, for staff for the full time the personnel file is kept.

6. Rights of affected persons

You have a right of access to your data (Art. 15 GDPR) and a right to correction, completion (Art. 16 GDPR) and/or erasure (Art. 17 GDPR), to restriction of processing (Art. 18 GDPR), as well as a right of objection to the processing (Art. 21 GDPR) of your data.
Furthermore you have the right to lodge a complaint with the data protection supervisory authority, the Landesbeauftragter für Datenschutz und Informationsfreiheit Baden-Württemberg.

7. Duty to provide data

Personal data must be provided for a legally binding selection or admittance procedure (as applicable). The absence of relevant personal data or the identification of a relevant restriction under foreign trade law may mean that employment as staff or admittance as a guest is not possible.