The person responsible for data protection is
University of Cologne
Corporation under public law, represented by the Rector,
Albertus-Magnus-Platz
50923 Cologne
The person responsible is:
Prof. Dr Maximilian A. Müller
Treuhandseminar / Chair of Financial Accounting at the University of Cologne
Homepage: https://treuhand.uni-koeln.de/de/
Email: maximilian.mueller@wiso.uni-koeln.de
Phone: +49 221-470-2322
The contact person for this survey is
Maximilian Terboven, Research Assistant
Email: terboven@wiso.uni-koeln.de
Phone: +49 221-470-76505
The contact details of the data protection officer of the University of Cologne are
Data Protection Officer of the University of Cologne
Albertus-Magnus-Platz
50923 Cologne
E-mail: dsb@verw.uni-koeln.de
Telephone: +49 0221-470-6370
Purpose, type and legal basis of processing:
Personal data in the survey is collected, analysed and stored for the purpose of conducting a scientific research project on CO2-adjusted EBIT. No information is requested from which you could be directly identified and we ask you not to leave any identifiable information in free text fields. We therefore assume that completely anonymous data will be collected as soon as several people have taken part in the survey.
The legal basis for the collection of any personal data in the context of participation in the online survey is the consent of the data subjects in accordance with Art. 6 para. 1 lit. a. GDPR. You have the right to withdraw your consent at any time with effect for the future. Your data will only be saved after you have completed the survey, so that cancelling and closing your browser window will act as a revocation. Only if it is possible to identify you from your details can you also declare your cancellation by email to the contact person named above.
The survey is carried out using the "Limesurvey" tool. Limesurvey is a free survey software installed on servers in the area of responsibility of the University of Cologne (Regional Computing Centre (RRZK)). It can be used to create, publish and conduct web-based surveys. The survey results are recorded in a database and, if necessary, effectively anonymised by the responsible survey creator before being exported. All data collected from the survey participants will be permanently deleted from the RRZK's Limesurvey server 6 months after the end of the survey.
In addition to the survey form, log data is also processed by the Limesurvey survey system. When you access the Limesurvey survey system, your browser transmits data from your accessing device to the system, as it does every time you access a website. The following data is stored by the University of Cologne for the purpose of technical operation, analysis of malfunctions and to prevent unauthorised access (log files):
- Website/address accessed
- Date and time of access
- IP address of the user
- HTTP status code
- Amount of data retrieved
- Browser type and version / operating system used
Only the system administrators at the RRZK have access to this log data. The log data is not compared with other data sets or passed on to third parties. The log data is stored for a maximum period of 7 days and then deleted. Data whose further storage is required for evidence purposes is excluded from deletion until the respective incident has been finally clarified. The legal basis for the processing of log files for the technical operation and security of the systems is Art. 6 para. 1 lit. e. GDPR in conjunction with. §§ Sections 3 para. 1 and 29 para. 1 HG NRW.
Automated decision-making (e.g. profiling) does not take place.
Recipients of personal data:
Personal data from the survey will not be transmitted to other bodies. They are processed exclusively on RRZK servers for the purpose of effective anonymisation. Personal data that is processed as part of technical operations is only transmitted to third parties on the basis of a legal authorisation or obligation, for example for the purpose of investigating criminal offences within the framework of the provisions of the German Code of Criminal Procedure (StPO) or for the purpose of asserting claims for damages in the event of copyright infringements. If technical service providers are given access to personal data, this is done on the basis of a contract in accordance with Art. 28 GDPR.
As a data subject, you have the right to
- Information from the controller about your data
- Revocation of your consent
- Correction of your data
- cancellation of your data
- Restriction of the processing of your data
- Data portability
You also have the right to object to the processing of your data.
These rights may be restricted in accordance with the GDPR. This applies in particular if it is not possible to identify you personally because the data was originally collected or further processing is anonymised. The described processing of log files is absolutely necessary for operation. Consequently, there is no possibility of objection on the part of the user.
Although IP addresses are considered to be personal data, the University of Cologne does not assign them to individuals so that they cannot be assigned to users who request information.
If there is no effective anonymity, you can assert the aforementioned rights preferably with the contact person named above.
You also have the right to lodge a complaint with a supervisory authority. The supervisory authority for the controller is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia (www.ldi.nrw.de).
