Privacy policy

Art. 12ff GDPR

Processing activity

Data processing that takes place in the execution of university law (see in particular Annex 3 of the Education Documentation Act: § 2 Abs. 3 Bildungsdokumentationsgesetz).

Responsible person

The person responsible within the meaning of the GDPR is Prof. Silvia Kopp-Sixt (Hasnerplatz 12, A-8010 Graz)


Legal basis and purposes of data processing at Austrian schools and university colleges of teacher education (Art. 6 GDPR)

  1. All obligations under study law that are necessary for the performance of tasks that are in the public interest or that are necessary to fulfil a legal obligation in the course of the administration of studies. (see in particular Annex 3 of the Education Documentation Act). Students are legally obliged under higher education law to provide the necessary personal data.
  2. Services at the request of students (e.g. photocopying system, library system, etc.) and public relations work. Insofar as data processing is based on consent, there is a right of revocation at any time in accordance with Art. 7 GDPR.


    Data categories

    The list of data categories to be processed for the implementation of higher education law is regulated by law in §§ 3ff in conjunction with the annexes to the Education Documentation Act.

    Transmission and recipient
    Legal regulations:

    • Federal Minister responsible for keeping the overall statistics (via the Federal Statistical Office of Austria) and the records on the personnel, operating and maintenance costs of the educational institution;
    • Federal Statistical Office of Austria
    • Master Data Register Authority within the scope of its powers under the E-Government Act.
    • Institutions according to § 7a of the Education Documentation Act

    Transmission to third countries or international organisations
    In the course of university administration at Austrian university colleges of teacher education, no data is transferred to countries outside the EU. Data transfers in the course of the international mobility programme (e.g. Erasmus) are generally based on consent.

    Storage period
    Specified by the respective legal provisions (see Higher Education Act 2005 as amended)

    Rights of the data subject
    The rights of the data subject must be asserted against the controller. This is Prof. Silvia Kopp-Sixt, BEd MA

    Contact responsible:

    Insofar as data processing is based on consent, there is a right of revocation at any time in accordance with Art. 7 GDPR.

    A data subject has the right to request information about whether their personal data is being processed. (Art. 15 GDPR)

    Further rights of data subjects (Art. 16-21 GDPR)

    • A data subject has the right to obtain without undue delay the rectification of inaccurate personal data or to have incomplete personal data completed.
    • A data subject has the right to request that personal data be erased immediately, provided that the reasons stated in Art. 17 para. 1 GDPR are fulfilled.
    • A data subject has the right to request that the processing of personal data be restricted, provided that the reasons stated in Art. 18 para. 1 GDPR are fulfilled.
    • A data subject has the right to receive their personal data in a structured, commonly used and machine-readable format, provided that the data processing is based on consent or a contract and is carried out using automated procedures.
    • A data subject has the right to object at any time to the processing of their personal data, unless the controller demonstrates compelling legitimate grounds for the processing (e.g. law enforcement) which override the interests, rights and freedoms of the data subject.

    Supervisory authority

    Austrian Data Protection Authority, T + 43 1 52 152-0,

    Right to lodge a complaint (Art. 77 GDPR)

    A data subject has the right to lodge a complaint with the supervisory authority if he or she considers that the processing of personal data relating to him or her infringes this Regulation.


    Data security

    We use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments. All data is transmitted using SSL encryption.

    Usage of Cookies

    We would like to point out that cookies are used when you visit our website. By definition, cookies are data records that are stored by a web server on the user’s computer. They are sent back to the cookie-setting web server when a new connection is made with the aim of recognising the user and their settings.

    The cookies used when visiting our website serve the purpose of enabling the use of certain functions of our website. The cookies we use are usually deleted from your hard drive after you close your browser (session cookies).

    We also use cookies to statistically analyse the use of our website as part of the web analysis service Matomo (formerly PIWIK). Matomo is hosted on our own server so that the analysis data collected is not passed on to third parties. For this purpose, cookies are created that enable the use of the website to be analysed. This data is collected on the basis of Article 6(1)(f) GDPR.

    Logging of the web server

    The following data, which your Internet browser transmits to us, is automatically recorded on our server and stored in the so-called log files:

    • Browser type and version
    • Operating system used
    • Website from which you visit us (referrer URL)
    • Website that you access on our server
    • Date and time of your access
    • Your IP address

    This data is stored separately from any personal data you may have provided and therefore does not allow any conclusions to be drawn about a specific person. They are evaluated for statistical purposes in order to optimise our website and our offers, or to obtain additional information in the event of specific indications of possible illegal use. These log files are automatically rotated and overwritten when they reach a certain size.

    Contact option by e-mail or form

    On our website, we offer you the opportunity to contact us by e-mail or via various contact and enquiry forms. If you use a form, the information you provide will be forwarded to us by e-mail for the purpose of answering or processing your enquiry.

    Your data will not be passed on to third parties. The data collected in this way will also not be compared with data that may be collected by other components of our website.

    SSL or TLS encryption

    The website operators use SSL encryption (https protocol) to protect your transmitted data in the best possible way. You can recognise such encrypted connections by the prefix “https://” in the page link in the address bar of your browser. Unencrypted pages are identified by “http://”.

    All data that you transmit to this website – such as using the contact form – cannot be read by third parties thanks to SSL encryption.

    Skip to content