We are happy that you are visiting our website and thank you for your interest in www.kfn.de. In the following, we will inform you about the collection of personal data while using our website. Personal data is defined as data that is personally related to you, e.g. your name, address, email address.
Person in charge of data handling
In charge of data handling according to art. 4 para. 7 General Data Protection Regulation (GDPR) is the criminological research institute, represented by Prof. Dr. Thomas Bliesener, cf. our Imprint.
The general provision and maintenance of our websites and email systems is executed with the support of IT service providers that are working on our behalf and therefore might access (receive) your data to a necessary extent.
Data protection officer
c/o Althammer & Kill GmbH & Co. KG
Telefon +49 511 330603-0
Telefax +49 511 330603-48
Collection and usage of your data
The extent and way we collect and use your personal data differs depending on whether you are using our website solely to retrieve information or whether you wish to contact us. In case we rely on additional (IT) service providers for certain functions; we are going to inform you below about the details of these respective processes (all types of data processing). We will name the legal criteria for the storage period of data and the legal basis of data processing.
For the sole informational usage of our websites, we only collect personal data that is automatically transferred to us via your browser, such as:
- IP address
- Date and time of visit
- Time difference in relation to Greenwich Mean Time (GMT)
- Content of your request (specific site)
- Volume of transferred data and access status (data file transferred, data file not found etc.)
- Website that issued the request
- Browser type/version/language
- Software and its surface
- Language and version of your browser
The storage period for this data (logs) is three days.
Legal basis of data handling
The above-mentioned data is technically necessary to show you our website and ensure the stability and safety according to art. 6 para. 1(f) GDPR.
Requests via Email, Phone or Fax
If you contact us via email, phone or fax, your request as well as the personal data contained is processed by authorised personnel in order to deal with your requests.
If necessary for the processing, the data is forwarded to contracted providers, with whom we made according contracts for the data processing.
We process and store the data until the intended purpose of processing is served and the legal requirements for storage (usually 10 years retention period) are not opposed to it or act effectively against the processing.
Legal basis of data handling
If your request is related to the execution of a contract or the execution of precontractual measures, the handling of your data takes place according to art. 6 para. 1(b) GDPR. In all other cases, the data handling is carried out according to art. 6 para. 1(f) GDPR since we have a legitimate interest in the processing of requests.
We process the data that you send us with your application in order to assess your suitability for a position (or other available positions) and to carry out the application procedure. The personnel department reviews your application first. Suitable applications are then forwarded to the person in charge of the department in question for the position. Afterwards, the further process is agreed on. Generally, only the personnel needed for the orderly execution of the application procedure can access your data.
Contracted service providers
For the execution of application procedures, we have not commissioned any service providers to support us. Hence, your data can only be accessed by contracted IT providers if necessary and only to the required extent.
The data of rejected applicants is deleted after a period of six months. In case you agreed on further storage of your personal data, we will add your data to our applicant pool. This data is deleted after a period of two years, unless you explicitly agreed to a shorter or longer storage period.
If you receive a position during the application procedure, your data is transferred to the human resources information system.
Legal basis of data handling
The handling of your data in the course of an application procedure is permissible for the decision on the rationale of an employment, according to § 26 Bundesdatenschutzgesetz (BDSG).
In case the data is needed for prosecution after the conclusion of the application procedure, data processing to safeguard interests can take place. Our interest would then be the defence or the assertion of legal claims.
Tools of analysis
For reasons of privacy, we consciously do not rely on external providers of analysis, such as Google Analytics, in order to avoid your data being transferred to an external third party. For statistical reasons, we keep count of the visitors via the Plugin WP Statistics. The IP addresses are being anonymised and we cannot identify who visited our site.
Processing of your personal data in countries outside the EU and the EEA (third countries)
No processing of your personal data takes place in countries outside the European Union and the European Economic Area, except for when you click on external links (such as Google Maps), for whose data handling we are not responsible.
You are entitled to the following rights regarding your personal data
- Right of disclosure
- Right of rectification or deletion
- Right of limitation of processing
- Right of data portability
Right of complaint at a supervisory authority
You are entitled to complain at a data protection supervisory authority about our handling of your personal data. The authority responsible for us is:
The State Representative for Data Protection Lower Saxony
Telefon: 05 11/120-45 00
Telefax: 05 11/120-45 99
Right of objection and revocation
In case you allow us to process your data, you can revoke this permission at any time. A revocation influences the admissibility of the processing of your personal data after you pronounce your revocation towards us.
As long as the handling of your personal data is grounded on the consideration of interests (legal basis in this case: art. 6 para. 1(f) GDPR), you can object to the data handling. This is the case, when the processing is not necessary to execute a contract with you, which is addressed in the explanation of the specific data processings and functions on our website further up in this privacy statement. In case you object, we ask you to explain your reasons as to why you do not wish us to handle your data in the way carried out by us. In case of your explained objection, we will examine the situation and either stop the data processing, adjust it or explain our compelling legitimate reasons as to why we will continue the processing.
Means of contact regarding your rights
To exercise your rights, you can contact us at any time. Please use the following email address: firstname.lastname@example.org
You are also welcome to use one of the other means of contact stated in our Imprint or address our data protection officer directly (contact details above).
Communication via E-Mail
Please keep in mind that the communication via email without the use of any encryption is subject to risks. Please do not send us any sensitive data that is not encrypted via email. In case of highly confidential information, we suggest sending it by mail.
In addition, we implement technical and organisational means of security to protect personal data, especially against random or intentional manipulation, loss, destruction or attacks by unauthorised people. Our means of security are continuously improved according to the technical developments.