Skip to main content

Declaration of consent and privacy policy

The German Aerospace Center (in the following "DLR"), takes the protection of your personal data, which you provide us in your capacity as a participant (m/f/d) of "TAC 2022", very seriously.

Before you start filling out the registration form, we would like to inform you about the personal data we process in the context of this event, for how long and for what purposes we do this and provide you with further information required by data protection law.

In accordance with the GDPR and the BDSG, we use the terms defined in the GDPR and the BDSG. The definitions can be viewed on the Internet, for the GDPR at https://eur-lex.europa.eu/legal-content/DE/TXT/?uri=OJ:L:2016:119:TOC  and for the BDSG at http://www.gesetze-im-internet.de/bdsg_2018/__2.html .

  1. Name and address of the person responsible
    Responsible in the sense of the GDPR is: Deutsches Zentrum für Luft- und Raumfahrt e. V. (DLR)
    Linder Höhe, 51147 Cologne, Germany, Phone: +49 2203 601-0, Internet: https://www.dlr.de

  2. Name and address of the data protection officer (DPO)
    Data protection officer Uwe Gorschütz, Linder Höhe, 51147 Cologne, Germany, e-mail: datenschutz@dlr.de

  3. Purpose for data processing
    Purpose of the data processing is the organization, administration and implementation and billing of the above-mentioned event and the associated processing of the e-mail addresses of the participants.

  4. Receiver/third party
    We transfer data based on the procedures listed in point 4 below to the following external subcontractors/service providers:

    1. For the purpose of managing the DLR event participant management including
      a registration website, participant registration, invoicing and the collection of participation fees:
      BESL Eventagentur GmbH & Co KG, represented by the CEO, Mr. Christian Pellenz,
      Köthener Str. 38, 10963 Berlin.

    2. Certain employees of our IT service provider also have access to the data as part of the administration of our IT systems. The company ComputaCenter as DLR's central IT service provider. If the data is deleted from DLR's systems, our IT service provider also no longer has access.
      Computacenter AG & Co. oHG
      Computacenter Park 1
      50170 Kerpen

    3. In the case of DLR on-site appointments and events that take place at a DLR site in Germany, we transmit the personal data: Last name, first name and nationality to the external DLR site protection

      DLR has signed contracts for commissioned data processing in accordance with the statutory provisions with the service providers specified in No. 4 a) to c) above to ensure that they also comply with the requirements of data protection law and data security. As prescribed, DLR monitors compliance with these requirements.

  5. Retention
    The personal data is stored on an DLR internal secure project drive of the which is maintained by ComputaCenter as the central  certified IT service provider of the DLR and the IT managers of the DLR/institute.

  6. Termination
    The personal data of the person concerned will be deleted or blocked as soon as the purpose of the processing no longer applies. Storage may also take place if this has been provided for by the European or national legislator in EU ordinances, laws or other regulations to which the person responsible is subject.

  7. Rights in relation to your personal data
    If your personal data is processed, you are a data subject within the meaning of the GDPR and you are entitled to the following rights vis-à-vis the person responsible in accordance with the regulations mentioned below:

    1. In accordance with Art. 15 GDPR, you can request information about the personal data processed by us. In particular, you can request information on the purposes of processing, the category of personal data, the categories of recipients to whom your personal data have been or will be disclosed, the planned storage period and the existence of the rights explained in this section 4 and 6.

    2. In accordance with Art. 16 GDPR, you may request the immediate correction of incorrect or incomplete personal data held by us.

    3. Pursuant to Art. 17 GDPR, you may request the deletion of your personal data stored with us, unless processing is necessary for reasons stated by law, in particular to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or even potentially defend legal claims.

    4. In accordance with Art. 18 GDPR, you may request the restriction of the processing of your personal data if you dispute its accuracy, if the processing is unlawful but you refuse to delete it and we no longer need the personal data, but you need it for the assertion, exercise or defence of legal claims or if you have lodged an objection to the processing in accordance with Art. 21 GDPR.

    5. In accordance with Art. 20 GDPR, you may receive your personal data that you have provided to us in a structured, common and machine-readable format or request that it be transferred to another responsible party.

    6. In accordance with Art. 7 Para. 3 GDPR, you can revoke any consent you have given us in terms of data protection at any time. As a result, we may no longer continue to process the data which was based on this consent in the future.

    7. According to Art. 21 GDPR right of objection
      If personal data are processed on the basis of legitimate interests in accordance with Article 6 paragraph 1 letter f) of the GDPA, you have the right to object, in accordance with Article 21 of the GDPA, to the processing of your personal data for reasons arising from your particular situation or if the objection is directed against direct marketing. In the latter case you have a general right of objection, which we will implement without specifying a specific situation, unless the processing is necessary for the performance of a task carried out in the public interest, Art. 21, paragraph 6 of the GDPR.
      In order to exercise these rights, please contact the office indicated in section 1 or 2

    8. Pursuant to Art. 77 GDPR, you may complain to a supervisory authority. As a rule, the supervisory authority of your usual place of residence or workplace or the seat of the person responsible is available for this purpose. The Federal Commissioner for Data Protection and Freedom of Information (BfDI), Graurheindorfer Str. 153 in 53117 Bonn is responsible for DLR.

  1. Legal basis for data processing by data category

    • Participation in the event
      The legal basis for the processing is Art. 6 para. 1 letter b) GDPR. In this context, the following data are collected: Last name, first name, title, gender (m/f/d), company name, company address (street, postcode, town, country), telephone number, e-mail address, date of birth, 1st citizenship and 2nd citizenship (if existing).

    • Export Control
      The legal basis for the processing is Art. 6 para. 1 letter c) GDPR.
      For all DLR events where DLR acts as organiser or event supporter, the list of participants of
      non-EU citizens with the personal data: e.g. Last name, first name and 1st citizenship and 2nd citizenship
      (if existing), (if applicable, further data date/place) is transmitted to the internal DLR export officer/legal department for further processing and stored for a period of stored for a period of 5 years after the event date.
    • Participation in the event; participation fees and payment transactions.
      The legal basis for the processing is Art. 6 para. 1 letter a) and b) GDPR.
      Last name, first name, title, gender (m/f/d), company name, company address (street, postcode, town), telephone number, e-mail address, if applicable also date of birth, 1st citizenship and 2nd citizenship (if existing) of the invoice recipient, method of payment, IBAN, BIC, amount in euros.