Datenschutz
Data protection at ASH Berlin
The "Alice-Salomon" - Hochschule für Sozialarbeit und Sozialpädagogik Berlin (ASH Berlin) is a public corporation and at the same time a state institution. The main purpose of data collection, processing or use is the study and further education in the fields of social work, health and education as well as the realization of research projects. The collection, processing and use of personal data is always carried out in accordance with the General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG) and in accordance with the country-specific data protection regulations applicable to ASH Berlin.
Personal data about members of the university, applicants and third parties are collected and processed at ASH Berlin exclusively for the purpose of its social mission in accordance with §§ 6, 6a of the Berlin Higher Education Act (BerlHG) and deleted after expiry of the legally prescribed retention obligations and periods.
What is data protection?
Data protection is the protection of all information that is not freely available to the general public. The focus is on information that is directly related to a specific person: personal and private information as well as contact details. However, data about objects or certain circumstances/relationships can also be worthy of protection. Data protection law examines and assesses the handling of data. In principle, it is necessary to examine which data is worthy of protection and how this protection is guaranteed and complied with.
Data protection law and the German Basic Law - right to informational self-determination
The right to informational self-determination is understood as the right of the individual to decide for themselves on the disclosure and use of their personal data. The right to informational self-determination is not explicitly regulated in the Basic Law. The right to informational self-determination is a manifestation of the general right of personality and was recognized as a fundamental right by the Federal Constitutional Court in the so-called census ruling 1983. This is derived from Article 2 of the Basic Law - the right to free development of the personality.
As a manifestation of the general right of personality, it protects the right of each individual to determine their own personal data and its use.
Data protection today
Due to the progressive development of information technology and digital technology, the importance of data protection has changed and increased. Modern IT, such as the Internet, e-mail, mobile telephony, video surveillance and electronic payment methods, make it increasingly easy to collect, analyze and store more and more data. The data collected can be used to analyze personal data and derive behavioral patterns that can be used for various purposes.
In order to create a uniform approach to data protection and data security throughout Europe, the European Union's General Data Protection Regulation (GDPR) was adopted. It came into force in 2018 and ensures the protection of personal data on the one hand and the free movement of data within Europe on the other.
Data protection and science
Scientific data collections are also subject to data protection. A conflict can arise here between freedom of research and data protection. From a data protection perspective, the use of pseudonymized or anonymized data is unproblematic. In many cases, however, personal data is also used in science. In these cases, consistent application of data protection regulations would sometimes result in a ban on scientific research. To avoid this, there are special regulations for scientific research.
Contact
If you have any questions, please contact the data protection officer at ASH Berlin: datenschutz@ ash-berlin.eu
For data protection complaints, you can contact the responsible supervisory authority:Berliner Beauftragte für Datenschutz und InformationsfreiheitFriedrichstr. 21910969 Berlin
The GDPR establishes the prohibition with reservation of consent as the basic principle for data processing. This means that the processing of personal data is only permitted if a legal provision allows it or if the data subject has consented to the data processing
List of the permissions in accordance with Art. 6 para. 1 GDPR:
Processing is only lawful if at least one of the following conditions is met
a. The data subject has given consent to the processing of personal data concerning him or her for one or more specific purposes;b. Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;c. Processing is necessary for compliance with a legal obligation to which the controller is subject;d. Processing is necessary in order to protect the vital interests of the data subject or of another natural person;e. processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller (this does not apply to processing carried out by public authorities in the performance of their duties);f. processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Personal data must
The duty to provide information when collecting and processing data is an integral part of data protection law. The data subjects must be informed by the data controller about the data processing operations relating to their specified data at the time of collection. The information must be provided to the data subjects in a precise, transparent, comprehensible and easily accessible form. It may be provided to the data subject in writing or in electronic form.
The notification must contain the following information:
Data subjects have the following rights under the GDPR: