Privacy Policy of the OeAD-GmbH

Version of 07.08.2024

The OeAD-GmbH is particularly concerned to protect and keep safe all personal data that you entrust to us or we are processing.

In this document you will learn how and for what purpose we will use and process your personal data (this English translation serves for information purpose, only the German version of the privacy policy is legally binding):

A. General provisions

1. Legal basis

We process your data exclusively in accordance with legal regulations (as amended), in particular:

EU General Data Protection Regulation (GDPR)
Regulation (EU) 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1247/2002/EC
Austrian Data Protection Act (Datenschutzgesetz - DSG)
Austrian Telecommunications Act 2021 (Telekommunikationsgesetz 2021 - TKG 2021)
Austrian Research Organisation Act (Forschungsorganisationsgesetz - FOG)
OeAD Act (OeAD-Gesetz - OeAD-G)

2. Adaptations

We ensure both technically and organisationally that the data protection regulations are observed both by us and by external service providers.

Processing of personal data is, along with all kind of organizational fields, subject to continuous change, adjustment and improvement. Therefore, adaptions will occur in this document. The up-to-date version of the Privacy Statement will be made public on this website. 

B. Responsibility for data processing

1. Data controller

Controller for data processing is the

OeAD-GmbH — Austria's Agency for Education and Internationalisation
Ebendorferstraße 7, 1010 Vienna
(hereafter referred to as "OeAD-GmbH").

2. Data protection officer

The OeAD-GmbH's data protection officer is Mag. Christian Pichler-Stainern, .

3. Further information

In a few data processings the OeAD-GmbH is not or not solely data controller according to GDPR. This is mentioned directly below in the data processings concerned. In such cases, however, we will still accept your enquiries and provide information about the controller or forward your enquiry, if you wish.

As part of our electronic data processing we commission IT service providers (data processors) who may get access to your personal data in the course of their activities provided that they require the data to fulfil their respective service. These service providers have been obliged by us to take adequate technical and organisational measures to ensure the protection of your data. These service providers are not permitted to pass on your data (except in cases where this is required by law). For further information about the service providers commissioned by us please contact us by e-mail: .

C. Your rights as data subject

1. Right of access by the data subject, right to rectification, to restriction of processing, to object, to erasure, to complain and to data portability

You have the right to get information about your processed personal data as well as the right to rectification by the responsible OeAD-GmbH at any time. Provided that there is no legal retention obligation or other legal basis for the processing of your data you have the right to have this data deleted. If the processing of your data is based on your consent, you have the right to withdraw this consent (see point 2.). If the processing is in the public interest or to protect the legitimate interests of the OeAD-GmbH or third parties, you have the right to object to the processing. You may also have the right to limit the processing, to data portability (provided that the data is processed on the basis of your consent or in the course of the execution of a contract) and to complain to the respective regulatory authority.

2. Right of withdrawal

If your consent is necessary for the processing of your data, we will only process it only after your consent has been obtained.

You can withdraw your consent - if we process your data solely on the basis of your consent - at any time by sending an e-mail to the following e-mail-address: datenschutz@oead.at. The withdrawal of your consent does not affect the legality of the processing carried out on the basis of your consent until your withdrawal. Statutory retention obligations shall also remain unaffected by a withdrawal. Cookies and tracking can be blocked by means of your browser settings or disallowed via our website in accordance with section F. point 1. (see therefore below).

In principle we do not process data of minors based on consent pursuant to Art. 6 Para. 1 letter a of the GDPR. By using our online services (website, newsletters, event registration) you confirm that you have reached at least the age of 14 or have received the consent of your legal guardian.

3. Contact details for exercising your rights

To exercise any of the above in section C. point 1. and C.l point 2. mentioned rights please contact us via e-mail: datenschutz@oead.at or write to us: OeAD-GmbH, attn. Data Protection Officer Mag. Christian Pichler-Stainern, Ebendorferstraße 7, 1010 Wien.

If you have the opinion that your data protection rights were violated please also contact us via e-mail: datenschutz@oead.at or address your complaint directly to the respective regulatory authority (in Austria this is the Austrian Data Protection Authority, Barichgasse 40-42, 1030 Wien, e-mail: dsb@dsb.gv.at).

D. General information about our online services (websites, newsletters, electronic contact, event registration)

1. Voluntary disclosure of your identity

Basically you can use our online services without disclosing your identity. If, however, you make an enquiry via our contact form or by e-mail, request information materials, subscribe to one of our newsletters or register for an event, we will ask you for your name and other personal information such as your e-mail address. We need this personal data to process and answer your enquiry, to send you information materials, to send you our newsletters and to carry out and document events. We also have to store data to prove our activities, in particular vis-à-vis those who have commissioned us (Federal Ministry of Education, Science and Research (BMBWF), European Commission, Austrian Development Agency, etc.), and to assert any claims. For more detailed information see the respective sections regarding the individual online services.

2. Data security measures

To protect your transmitted data in the best possible way we use SSL encryption (HTTPS protocol) for our online services. You will recognise encrypted connections by the lock symbol and the prefix “https://” in the address line of your browser. All data that you transmit to our website – for example enquiries, subscriptions and cancellations of subscriptions to newsletters or event registrations – cannot be read by third parties because of SSL encryption.

If you send an inquiry by e-mail, we have to warn you that the transmission by e-mail may be unsafe due to the technical structure of the Internet and that third parties may be able to read this message without authorisation. You must therefore take responsibility for the choice of this communication medium yourself. If your e-mail provider offers this option, e-mails between your e-mail provider and our e-mail server can be transmitted in an encrypted way using TLS.

Please note that e-mails, sent to personal e-mail addresses of OeAD-employees, may exceptionally be read and processed by other OeAD-employees, especially if the employee is absent for a longer period of time.

3. Commissioning of translation service providers

We would like to point out that we commission translation service providers to translate texts on our websites of for our services into other languages and that personal data is also processed and transmitted to translation service providers in this context. This involves the following categories of personal data:

  • Name,
  • origin/country,
  • function,
  • Company
  • Depending on the OeAD program, economic, cultural and social data may also be processed.

4. Freshdesk

To process legal questions, we use the email ticketing system "Freshdesk" from Freshworks, Inc, 2950 S. Delaware Street, Suite 201, San Mateo, California 94403, USA (Freshworks).

Therefore, if you ask legal questions by email or telephone, these will be stored and organised in the ticketing system to enable chronological processing and improve the service experience. For the organisation and processing of inquiries, personal data is collected, transmitted to Freshworks, stored there and read out according to the scope of its provision, but in any case first and last name as well as email address or telephone number.

The legal basis for the processing of this data is our legitimate interest in the efficient design of our customer service, the fastest possible response to your request and the optimisation of our service offer in accordance with Art. 6 para. 1 lit. f GDPR.

We have concluded a data processing agreement (DPA) with Freshworks, which ensures the protection of the data and prohibits unauthorised disclosure to third parties. For the transfer of data to the USA, Freshworks relies on standard contractual clauses of the European Commission, which are intended to ensure compliance with the European level of data protection. In addition, Freshworks is certified in accordance with the adequacy decision of the European Commission in the list of the US Department of Commerce.

E. Websites: Cookies, tracking tools and web analysis

1. General information about data collection

Cookies, web beacons and the analysis software Matomo are used on our Internet platforms. Moreover, the IP address of the device you are using to access our websites and the pages accessed will be stored along with date and time of your access for a period of three days to analyse any attacks or irregularities as well as errors that may occur.

2. Cookies

Cookies are small text files that are used to optimise the display of the website on your device, to recognise repeated visits to our website and to determine the frequency of use and the number of users of our website. By using our website you are consenting to us using cookies. You can refuse to accept cookies in your browser settings. For details of how this works please refer to your browser manufacturer's instructions and the information in section 6. If you choose not to accept cookies, the functionality of our website may be restricted. Some cookies will remain stored on your device in order to recognise a new visit to our website until you delete them.

Our cookies in use:

  • Necessary cookies - These cookies ensure basic functions of our website. This enables us to provide you with preferred settings for your next visit. They also contribute to the safe use of our website.
    cookieconsent_status_new - contains the information to what extent the user has confirmed the use of cookies.
  • Statistical cookies - With the help of these cookies we can analyse the use of our website. These help us to constantly improve the functionality of our website.
    _pk_ses.* - shows an active visitor’s session. used to store interactions with your website. (stored for 30 min)
    _pk_id.* - used to recognize visitors and hold their various properties: visitorID, cookie creation time, count of previous visits, current time and time of a last visit. (stored for 13 months)
  • Social Media (YouTube) - see I.E.4.

    Cookie pot-out option: see I.F. Cookie-settings

3. Web Beacons, tracking and web analytics

We use the software Matomo to analyse how our websites are used. This software allows us to analyse online behaviour with regard to time, geographical location, type and operating system of the device used (PC, laptop, tablet, mobile/cell phone), browser used and website usage. This enables us to optimise the information offered to our users and the display on different devices (PC, laptop, tablet, mobile/cell phone) and different browsers. This information is collected via cookies (see section E. point 2.) and web beacons. Web beacons are small graphics on websites that allow log file recording and log file analysis that is used for statistical analysis. The information generated in this way is only transferred to our server and stored there for analytical purposes. Only the first six digits of the IP address will be stored, which only allows an approximate localisation by region. This anonymised data will not be linked to other personal data. The information about your use of our websites will not be passed on to third parties.

If you do not agree with the storage and evaluation of your visitor data, you can deactivate this at any time by means of the option (see section F. point 1.). 

4. YouTube

Our website uses the provider YouTube LLC, 901 Cherry Avenue, San Bruno, CA 94066, USA, represented by Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA for the integration of videos. We have embedded our YouTube videos in the enhanced privacy mode: in this case YouTube will contact Google's DoubleClick service but according to Google's privacy policy will not process personal information. As a result YouTube will not store information about visitors unless you watch the video. If you click on the video, your IP address will be transmitted to YouTube.

If you are logged in to YouTube while accessing our website, this information will also be associated with your user account (you can prevent this by logging out before watching the video on YouTube). You can find further information in YouTube's Privacy Policy. Moreover, we would like to refer to the general information about and deactivation of cookies (see section E. point 3.) in our Privacy Policy.

5. Legal basis

Data is processed according to the legal provisions of §§ 165 ff TKG 2021, § 3 of the OeAD Act and Art. 6 of the GDPR (in particular according to para. 1 letter a - on the basis of your consent given by the disclosure of your personal data - and according to letter f - on our legitimate interest to run our website in a secure and stable manner, to track the use of our website statistically to improve it and to integrate other media which are run by us).

G. Individual processing operations

1. Extremismusprävention

1.1 General
As part of the "Preventing extremism" project, pupils from all types of schools throughout Austria are to be made aware of the topic of extremism and their resilience to radicalisation is to be strengthened. 

In a first step, relevant institutions and organisations can submit offers for project-related workshops at schools via an online form, which will be evaluated and approved. In a second step, the schools can book approved workshop offers, with the OeAD-GmbH taking care of the billing. Further information on the project can be found here.

1.2 Online formulare

1.2.1 Purpose for the collection and processing of your data

The data you provide when registering and submitting an offer via the online form or by other means will be processed by the OeAD-GmbH for the purpose of processing the submission, evaluating it, sending letters of notification or rejection regarding inclusion in the pool of approved offers, concluding the contract, transmitting information for the preparation and implementation of the workshops, for the disbursement and settlement of funds and for follow-up support. Selected data will be published in the media, on the Internet or in other publicly accessible reports in the public interest.

1.2.2 Processor

The data applications used for the processing of registration, application, conclusion of contract, payment, invoicing and aftercare are operated by IT service providers on our behalf, who may gain access to your personal data in the course of their activities if they require the data to fulfil their respective services. These IT service providers have been obliged to take sufficient technical and organisational measures to ensure the protection of your data. These IT service providers are not permitted to pass on your data (except in cases regulated by law). You can request more information about the contracted service providers at datenschutz@oead.at.

1.2.3 Collection and processing of personal data of third parties

If personal data of third parties (namely of project partners, trainers and other persons employed within the scope of the project) are transmitted to us in the course of the application or within the scope of reporting and accounting obligations, the person transmitting the data is obliged to obtain the authorisation and consent of the persons concerned for this data transmission and data use in advance.

1.2.4 Disclosure of data to third parties

Personal data will also be passed on to assessors who evaluate the submitted proposal in order to provide technical support during the selection process and to evaluate the proposals. Personal data may also be transmitted to scientific institutions or other funding and grant agencies for the assessment/review of project applications, submissions and for the review of invoices.

1.2.5 Legal basis, retention period

Data processing is carried out on the basis of Art. 6 para. 1 letter b (processing for the fulfilment of a contract and for pre-contractual measures), letter c (legal obligation of the controller), letter e (for the performance of a task carried out in the public interest) and letter f (for the protection of the legitimate interests of OeAD-GmbH and the controller) GDPR.

All personal data and all documents/receipts associated with the business case must be retained for a period of seven years. The retention period begins on 1 January following the cut-off date, namely

  • in the event that the project application or funding application is withdrawn or not pursued or a negative decision is made, from the last contact (cut-off date),
  • in the case of a positive project decision, from the end of the year of disbursement (cut-off date) of all financial support or funding provided by the OeAD-GmbH (= payment of the last instalment after our approval of the statement of account or receipt of a repayment in accordance with our reclaim after the statement of account),
  • in the case of a positive project decision, from the end of the year of the school year concerned (cut-off date) if no project-supporting financial resources are provided, and
  • in the event of a positive project decision, from the end of the year of the school year affected by the project (cut-off date) in which the fee note can be sent.

Upon request, personal data may have to be transmitted or disclosed to bodies and authorised representatives of the Austrian Court of Audit, the Federal Ministry of Finance, the Federal Ministry of Education, Science and Research and the European Union in accordance with EU law.

The data will generally be deleted automatically within the standardised deletion routine after the deadlines have expired.

If you do not complete the registration/submission/application in preparation for an online registration/submission/application, i.e. do not confirm the activation link ("Send") within the registration deadline/submission deadline/application deadline, the registration, submission or application data will be deleted.

1.3 OeAD-Website Extremismusprävention

2. School fund

The BMBWF has appointed the OeAD-GmbH as the funding processing centre for the School Fund. 

The framework for data processing is set out in the Sonderrichtlinie (PDF, 530,9 KB) in Point 7.7.

The following also applies: https://www.bmbwf.gv.at/Ministerium/Datenschutz.html

3. Digitales Lernen

3.1 General information

The OeAD-GmbH supports the Austrian federal government's "Digital Learning" initiative. This initiative is part of the 8-point plan for digital teaching and has set itself the goal of equipping the 5th and, as a one-off, the 6th school levels with digital devices from the 2021/22 school year. The purpose of the initiative is to create the pedagogical and technical conditions for IT-supported teaching and to provide pupils with access to digital education on a level playing field.

OeAD-GmbH performs coordination, monitoring and information tasks on behalf of the BMBWF within the meaning of § 7 SchDigiG and is therefore the processor of the BMBWF as the responsible party.

3.2 Digitales Lernen Hotline together with the Ticketsystem

3.2.1 Basic Information

The OeAD-GmbH operates a digital learning hotline and ticket system to answer your questions about the initiative. The data you provide during the call or by e-mail will be stored by the OeAD-GmbH for the purpose of answering your enquiries, assessing them and sending letters of communication and replies.

3.2.2 Processor

The data applications used for processing the Digital Learning Hotline are operated by IT service providers on our behalf, who may gain access to your personal data in the course of their activities if they require the data to fulfil their respective services. These IT service providers have been obliged to take sufficient technical and organisational measures to ensure the protection of your data. These IT service providers are not permitted to pass on your data (except in cases regulated by law). You can request more information about the contracted service providers at datenschutz@oead at.

3.2.3 Collection and processing of personal data of third parties

If personal data of third parties (namely of schools, pupils or other persons) are transmitted to us in the course of the question, the person transmitting the data is obliged to obtain the authorisation and consent of the persons concerned for this data transmission and data use in advance.

3.2.4 Disclosure of data to third parties

Personal data is passed on to third parties, such as the BMBWF in particular, in order to assess and answer the questions posed to us.

Upon request, personal data may have to be transferred or disclosed to bodies and authorised representatives of the Austrian Court of Audit, the Federal Ministry of Finance and the European Union in accordance with EU law.

3.2.5 Legal basis, retention period

Data processing is carried out on the basis of Art. 6 para. 1 letter a (consent), letter e (for the performance of a task carried out in the public interest) and letter f (to safeguard the legitimate interests of the OeAD-GmbH) GDPR.

All personal data as well as all documents/receipts associated with the business case are stored for a period of 5 years in principle and beyond that for as long as their storage is necessary. The retention period begins with the complete response to the enquiry. The data is always deleted automatically within the standardised deletion routine once the periods have expired.

3.3 OeAD-Website Digitales Lernen

For your rights as a data subject, see point C. 

For general information on our online services (website, newsletter, electronic contact, event registration), see point D.

For cookies, tracking tools and web analytics, see point E.

 If you do not agree with the storage and analysis of your user data, you can deactivate this at any time by objecting. A Matomo deactivation cookie is stored in your browser for this purpose.

4. Cultural Datenbases

4.1 Automatically saved data

The following data is automatically stored and processed when you visit the microsites with the OeAD databases:

4.1.1 Logfiles

The current public IP address of your computer, together with the date and time of access, which file is requested (name of the requested file and URL), the amount of data transferred to you, a message as to whether the request was successful, identification data of the browser and operating system used, as well as the website from which the access was made (if the access was made via a link) and search terms (= log file).

Log file information is stored for a period of 180 days for security reasons (e.g. to investigate misuse or fraud) and to optimise the service and for statistical purposes, after which it is deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified. This data will be passed on to the law enforcement authorities if necessary and by court order. Any further disclosure to third parties will not take place.

4.1.2 Cookies

We would like to point out that only session cookies are used (tracking cookies or Google Analytics are not used). These session cookies are transferred to your computer system and store, for example, login information or enable a secure login. These cookies are deleted at the end of the respective browser session. Your consent is not legally required for the use of these cookies and they cannot be deactivated in the cookie preferences.

4.1.3 SSL-Encryption

This website uses the industry standard SSL (Secure Sockets Layer) to encrypt your data. With SSL encryption, your data is anonymised before it is transferred to the ESECURE e.U. server so that it cannot be reconstructed by third parties. This ensures the confidentiality of your data when it is transmitted to a website.

4.2 Datenbases

4.2.1 Project database "Creative school projects"

The Creative School Projects project database offers a collection of creative, artistic and cultural school projects in all art disciplines, for all school types and school levels, as well as project examples from the various programmes and thematic focuses of the OeAD's "Cultural Education with Schools" programme and ideas for projects with different themes, in order to provide an insight into the diverse collaborations between schools, art and culture with practical examples.

Registration for this project database and the storage of data other than that mentioned in point 10.1 does not take place. Your data will be transmitted by OeAD-GmbH to Werner Trügler, registered entrepreneur of ESECURE e.U., based in Vienna, and processed exclusively in Austria for the purpose of database management.

4.2.2 "Cultural education" library

The OeAD library, located on the first floor of 1010 Vienna, Universitätsstraße 5, can be used by anyone (borrowing media is possible for a maximum of 4 weeks) and provides a good insight into the development of cultural education in museums, especially in Austria. The inventoried holdings of the library can be accessed via the online catalogue.

In the case of a loan, data processing is carried out on the basis of Article 6(1)(a) GDPR (consent). Your data will be transmitted by the OeAD to Ing. Werner Trügler, registered entrepreneur of ESECURE e.U. based in Vienna, and processed exclusively in Austria for the purpose of database management.

The data will be stored for a period of three years after expiry of the loan for documentation purposes and to answer any queries. After this period, the data will be deleted - subject to other statutory retention obligations.

4.2.3 "Offers from creative artists for schools"

The Datenbank  is a continuously growing network and contains cultural education offers from cultural professionals of all disciplines from all over Austria, which are specifically aimed at pupils of different ages. It is a free service. The entry of an offer in the database is not linked to an automatic funding commitment by the OeAD-GmbH, there is no legal claim and the OeAD-GmbH assumes no liability for the content.

By registering, you expressly acknowledge that the data you provide will be processed for the purpose of registration in this database. If your registration is not approved by the OeAD-GmbH after checking the content, your registration and personal data will be automatically and irrevocably deleted after 6 months from the date of registration.

We would like to point out that the main focus of the cultural practitioner who registers on this platform must be on high-quality artistic activity! (Art) therapists or pedagogues whose main focus of work is not artistic activity will not be activated in this database. The OeAD-GmbH will check the content of your registration and decide whether to activate it. Once your personal e-mail address has been approved and activated, you will receive a confirmation e-mail from the OeAD-GmbH containing your access data, enabling you to work in this database. E-mail correspondence with you will be sent to the e-mail address entered in this database. The telephone number to be entered by you in the back-end after approval is a mandatory field and is used exclusively by the OeAD-GmbH to contact you and will not be published.

For data protection reasons, the OeAD-GmbH offers external parties the opportunity to write a message directly to cultural professionals via this database. The e-mail address provided by the cultural professionals does not appear online, but a so-called "no-reply form" appears. The message is first sent to the OeAD-GmbH's "no-reply form" and then automatically forwarded by the OeAD-GmbH to the creative artist together with the sender's e-mail address, but is not saved. The OeAD-GmbH is therefore unable to trace enquiries sent via the form. However, artists also have the option of displaying the e-mail address they have provided themselves.

Your data will be transmitted by OeAD-GmbH to Werner Trügler, registered entrepreneur of ESECURE e.U., based in Vienna, and processed exclusively in Austria for the purpose of database management.

The deletion of the database profile (and thus of all your offers) does not mean that all data on the ESECURE e.U. server has been deleted. The data can no longer be accessed on the website and will be irretrievably deleted after 3 years for evidence purposes and to restore an erroneously deleted profile.

If personal data of third parties (i.e. another contact person) is entered in the database, we would like to draw attention to the fact that the cultural professionals as data transmitters are obliged to obtain the authorisation and consent of the data subject for this data transmission and data use in advance. These persons can assert their rights to information, rectification and restriction of processing at datenschutz@oead.at.

Data processing is carried out on the basis of Art. 6 para. 1 letter a GDPR (consent).

4.2.4 Culture+Education" calendar ("Calendar of events")

The Veranstaltungskalender of events is a nationwide, free presentation platform for cultural institutions and facilities (museums, theatres, galleries, concert halls, festivals, etc.) that offer special educational programmes for schools. The OeAD-GmbH is not liable for any errors in information. A prerequisite for inclusion in the calendar is the organisation of educational programmes and a "service track" for teachers and pupils as well as a network agreement with the OeAD-GmbH. Please note that only events with an educational programme for schools will be published on our platform. The entry of your event including the educational programme is free of charge. There is no legal entitlement to this free service.

When registering in this database, only non-personal data must be entered in the "Basic data" mask. This includes a general, non-personal e-mail address, which is used for correspondence with the cultural institution or organisation and for the transmission of access data so that you can work with this database. However, if you have provided a personal e-mail address during registration, you have expressly consented to the processing of your personal data and the transmission of access data to this e-mail address as well as the processing of e-mail correspondence with the cultural institution or organisation using this personal e-mail address.

The contact details (first name, surname, telephone number) are not mandatory fields and will - if filled in - be published in the calendar on the website.

Your data will be transmitted by OeAD-GmbH to Ing. Werner Trügler, registered entrepreneur of ESECURE e.U. based in Vienna, and processed exclusively in Austria for the purpose of database management.

If personal data of third parties (i.e. another contact person) is entered in the database, we would like to point out that the person transferring the data is obliged to obtain the authorisation and consent of the person concerned for this data transfer and data use in advance. These persons can assert their rights to information, rectification and restriction of processing at datenschutz@oead.at.

Data processing is carried out on the basis of Art. 6 para. 1 letter a GDPR (consent). Your data will be deleted immediately and irretrievably upon complete cancellation and upon request for deletion.

5. culture connected/projekteuropa

5.1 Automatically saved data

The following data, which is not directly personal, is automatically stored and processed when you visit this website:

5.1.1 Serverlog

The current public IP address of your computer, together with the date and time of access, which file is requested (name of the requested file and URL), the amount of data transferred to you, a message as to whether the request was successful, identification data of the browser and operating system used, as well as the website from which the access was made (if the access was made via a link and your browser provides this information) and search terms. Log file information is stored for security reasons (e.g. to investigate misuse or fraud) for a maximum period of 180 days and then deleted. Data whose further storage is required for evidentiary purposes is excluded from deletion until the respective incident has been finally clarified. The server logs are stored in order to be able to check system security, technically administer the website and optimise the offering, as well as for statistical purposes. This data is passed on to the law enforcement authorities if necessary and by court order. No other data will be passed on to third parties.

5.1.2 Session-Cookies (technically necessary Cookies)We would like to point out that we use session cookies when you visit our website. These store login information, for example, or enable secure login. These cookies are deleted at the end of each browser session. No consent is legally required from you for the use of these cookies and they cannot be deactivated in the cookie preferences. Some of these cookies are transferred from our server to your computer system; these are session cookies. These are automatically deleted from your hard drive at the end of the browser session.

5.1.3 Tracking Cookies
The tool "Matomo Analytics" (formerly "Piwik") is used to statistically analyse the use of the website. The tool is operated by us, the data collected is not passed on to third parties and there is no cross-site tracking. If you have activated the "Do Not Track" option in your web browser, no data will be collected at all. Otherwise, an individual tracking cookie will be set during your visit to recognise returning user sessions. You can reject this tracking cookie by clicking on the following link: Analytics-Opt-Out

5.1.4 Google Analytics

Google Analytics is not used by the website.

5.2 SSL-Descryption

The website uses the industry standard SSL (Secure Sockets Layer) to encrypt your data. With SSL encryption, your data is anonymised on the server before transmission so that it cannot be reconstructed by third parties. This ensures the confidentiality of your data when it is transmitted to a website.

5.3 Social Media
The website uses so-called social sharing links for Facebook and Twitter. Only when you actively click on the button will a direct connection to the servers of the respective provider be established and you will be informed which specific website you are currently visiting and what content you are sharing. If you are logged in as a registered user with this provider during your visit to our website, the provider can assign the visit to your profile when you click on one of these buttons. For details on the personal data subsequently collected and processed by the respective provider, please refer to the Datenschutzerklärungen von Facebook bzw. Twitter.

Social Sharing Plugins are not used by the website.

5.4 Storage location
Your personal daten will be stored basically in Austria and Germany.

6. Job applications to the OeAD-GmbH

6.1 Collection and processing of your data, purpose limitation

We accept job applications by post or by e-mail to bewerbung@oead.at. We also use the Recruitee recruiting tool. The service provider of the Recruitee recruiting tool is the Dutch company Recruitee B.V., Keizersgracht 313, 1016 EE Amtsterdam, Netherlands, with which we have concluded an order processing agreement (further information on data processing by Recruitee B.V. can be found in the privacy policy of Tellent - the parent company of Recruitee B.V.).

When you apply for a job or submit an unsolicited application, the following personal data may be processed for the application process:

  • Any personal data you provide, including but not limited to full name, date and place of birth, email address, telephone number, a picture, marital status, cover letter, CV, hobbies and interests, work experience, your degree, LinkedIn profile and which job you are applying for.
  • Status, notes and planning related to your application;
  • Data collected by persons conducting the interviews;
  • Documents required based on the applicable residence and establishment regulations;
  • Email communications;
  • Evaluation of interviews and feedback.

We process the aforementioned personal data to facilitate the entire application process for recruitment purposes. These recruitment purposes include:

  • Assessing your suitability for employment for the advertised position and for future positions that may become available;
  • Managing your application;
  • Facilitating communication with you;
  • creating employment reserves; and
  • notifying you of new vacancies.

The aforementioned data will not be passed on to third parties unless we have obtained your express consent to do so.

 

6.2 Your rights according to the GDPR

See section C. You can also contact personal@oead.at for requests for information, correction or deletion.

 

6.3 Legal basis, retention period

Data processing is carried out on the basis of Art. 6 para. 1 letter b (implementation of pre-contractual measures taken at your request) and letter f GDPR (our legitimate interest in the protection of our rights or defence against legal claims). If you voluntarily provide us with information about yourself that goes beyond what is necessary, this is done on the basis of consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR.

If an employment relationship is established on the basis of your application, the data will be stored for the duration of the employment relationship and the subsequent statutory retention obligations. If no employment relationship is established, your data will be deleted 7 months after the position has been filled (six-month period in accordance with Section 29 (1) of the Equal Treatment Act and one month to allow for a potential legal action). If you have given us further consent to keep you informed about new vacancies that may be of interest to you, we will store the data for the period of time you have consented to or until you withdraw your consent.

7. Newsletter/Infomailings

7.1 Newsletter

7.1.1 Collection and processing of your data, subscription and unsubscription, appropriation

You can register for one or more of our newsletters on our websites. Registration takes place using the double opt-in procedure: After registering, you will receive an e-mail asking you to confirm your registration. We require your name and e-mail address as well as your consent to receive the newsletter(s). It is not possible to send you our newsletter without providing this data. In order to provide you with targeted information, it is also necessary for you to choose whether you are registering as a representative of an institution or as a private individual. For members of institutions, we collect and process the name of your institution as well as voluntary information about your function and department. If you wish to receive our print products, we also need your postal address. In order to be able to invite you to events that are relevant to you, you can indicate your subject interests.

You can unsubscribe from our newsletter offers by unsubscribing yourself in our subscription service area here or by clicking on the unsubscribe link at the end of our newsletter.

7.1.2 internal marking

The OeAD-GmbH may add internal assignments to target groups (e.g. committees, institutions in the education sector) to your data record based on your institutional affiliation. This is done on the basis of our legitimate interest in being able to provide you with targeted information about the services of the OeAD-GmbH that is relevant to you within the meaning of the OeAD Act. You can also assert your rights in this regard in accordance with Section C. (incl. information, cancellation or deletion).

7.1.3 No Tracking of the newssletter-usage

To protect your personal data, we do not track opening and click behaviour.

7.1.4 Disclore of data to third parties for the E-Mail dispatch

The software we use to send the newsletter is

  • MailChimp from the company "Intuit Inc", based in the USA, or
  • rapidmail from the company "rapidmail GmbH" based in Germany (for the erinnern.at newsletter).

The data for sending our newsletter (name and email address) is therefore sent to

  • Intuit Inc. based in the USA (to the privacy policy of MailChimp and the privacy policy of Intuit Inc.) or
  • rapidmail GmbH (to the privacy policy of rapidmail)

passed on.

This data transfer to Intuit Inc. is based on the concluded standard contractual clauses or the Data Processing Addendum (DPA) and to rapidmail GmbH on an order processing contract in accordance with Art. 28 GDPR. 

7.1.5 Contact persons at the OeAD-GmbH for information, correction and deletion

You can enter or change your personal data in connection with the sending of our newsletter (including subscription and cancellation) yourself in our subscription service area at www.oead.at/newsletter. Alternatively, and for enquiries regarding processing, information, correction or deletion of your data, please send an e-mail message to adressen@oead.at.

7.1.6 Legal basis, retention period

Data processing is carried out on the basis of the legal provisions of Section 165 (3) TKG 2021 in conjunction with Section 174 (3) TKG 2021, Section 3 (2) Z 4, 7 and 10 OeAD Act and Art. 6 (1) (a) (consent) and (e) (fulfilment of our legal mandate for public relations work in our area of responsibility) GDPR. Your data will be deleted immediately if you completely unsubscribe from the newsletter service, revoke your consent or request deletion. If you do not enter your name and desired services within one week of registering your email address, your email address will be deleted.

 

7.2 Info-Mailings

7.2.1 Collection and processing of your data, subscription and unsubscription, appropriation

We use info mailings to keep you up to date on certain topics. If you no longer wish to receive our mailings, please send us an e-mail to adressen@oead.at with the subject "Unsubscribe from info mailings mailing list".

7.2.2 Internal marking

The OeAD-GmbH may add internal assignments to target groups (e.g. committees, institutions in the education sector) to your data record based on your institutional affiliation. This is done on the basis of our legitimate interest in being able to provide you with targeted information about the services of the OeAD-GmbH that is relevant to you within the meaning of the OeAD Act. You can also assert your rights in this regard in accordance with Section C. (incl. information, cancellation or deletion).

7.2.3 No tracking of the Infomailing-usage

To protect your personal data, we do not track opening and click behaviour.

7.2.4 Disclore of data to third parties for the infomailing dispatch

The software we use for sending information mailings is MailChimp from the company "Intuit Inc", based in the USA. The data for sending our info mailings (name and e-mail address) is therefore passed on to Intuit Inc. based in the USA (to the privacy policy of MailChimp and the privacy policy of Intuit Inc.). This data transfer to Intuit Inc. is based on the concluded standard contractual clauses or the Data Processing Addendum (DPA) in accordance with Art. 28 GDPR. 

7.2.5 Contact persons at the OeAD-GmbH for information, correction and deletion

For enquiries regarding the processing, information, correction or deletion of your data, please send an e-mail message to adressen@oead.at.

7.2.6 Legal basis, retention period

Data processing is carried out on the basis of the legal provisions of Section 165 (3) TKG 2021 in conjunction with Section 174 (3) TKG 2021, Section 3 (2) Z 4, 7 and 10 OeAD Act and Art. 6 (1) (e) (fulfilment of our legal mandate for public relations work in our area of responsibility) GDPR. Your data will be deleted immediately upon complete deregistration, revocation of consent and request for deletion. If you do not enter your name and desired services within one week of registering your email address, your email address will be deleted.

8. Electronic communication

8.1 Use of the contact form on our websites, enquiries by email

Your details, including personal data from our contact form, will be transmitted to us via the mail server of our IT service provider to process your enquiry, deleted there immediately after transmission, processed further on our servers and stored. Enquiries sent to us by e-mail are received by our own mail server. We do not pass on data that you provide to us in the contact form or by e-mail to third parties without your consent (except in cases prescribed by law). We will only use it to process your enquiry.

Data processing is carried out on the basis of the statutory provisions of Sections 165 ff TKG 2021, Section 3 Z 4 and 7 OeAD Act and Article 6 (1) (a) GDPR (consent). Your data will be stored for a period of three years for documentation purposes, for improvement management and for responding to follow-up enquiries.

8.2 Skype, Microsoft Teams (Office 365)

Internet communications and webinars can also be conducted via Skype, a service of Skype Communications S.à.r.l. - a wholly owned subsidiary of Microsoft Corporation, Redmond, WA, 98052-6399, USA - or via Microsoft Teams, another video conferencing tool of Microsoft Corporation.

The data generated during the preparation and execution of the communication, including data on the Skype communications (time and date of the communication, the numbers or user names that are part of the communication) are processed and stored by Microsoft Corporation in the USA on the basis of an order processing contract in accordance with Article 28 GDPR. Please refer to the corresponding Skype privacy policy: www.skype.com or the corresponding Microsoft Teams privacy policy: privacy.microsoft.com.

To participate in an online communication, you only need to enter a freely selectable name when accessing the aforementioned software. Your full name and other personal data will not be published by us during online communication unless you provide this data yourself voluntarily (e.g. via the chat function or the microphone). If you ask a question via the chat function or the microphone (audio connection) or activate your camera, this will be visible to all participants. Therefore, if you have confidential enquiries or use personal data of third parties in your enquiry, please contact your contact person at the OeAD-GmbH by telephone or e-mail.

During online communication, your user behaviour will be recorded, in particular when you enter, whether and which questions you ask via chat or audio connection, whether and how you have taken part in polls and when you turn on your camera, as well as your telephone number when you dial in by telephone.

The OeAD-GmbH has no influence on whether participants make screen captures or record the course of the Zoom meeting or save the chat history using local means, e.g. with screen recorders.

Data processing is carried out on the basis of Article 6 para. 1 lit. a (consent) and lit. e (in the public interest to fulfil our legal tasks of programme management and public relations in accordance with the OeAD Act) GDPR. Your data will be stored for a period of three years for documentation purposes, for improvement management and for responding to follow-up enquiries.

8.3 Zoom

The OeAD-GmbH also uses the video communication tool "Zoom" from Zoom Video Communications, Inc., based in San José, California in the USA, to facilitate communication via telephone and video conferences and online meetings as well as for webinars. For this purpose, OeAD-GmbH has concluded an order processing agreement with Zoom Video Communications, Inc. Further information on data processing can be found in Zoom's privacy policy (https://zoom.us/de-de/privacy.html).

When using the "Zoom" tool, this personal data is processed:

  • User details: at least one specified surname, possibly also first name, surname, email, profile picture (optional), telephone (optional), department (optional).
  • Meeting metadata: IP addresses of participants, device and hardware information, topic, description (optional).
  • Text, audio and video data: Text entries when using the chat, question or survey function, microphone and camera data of your device during the meeting in the course of audio and video playback.
  • For telephone dialling: Incoming and outgoing phone number, country name, start and end time, IP address, registered service address, host name, host email, MAC address.

If you participate in a Zoom meeting, the data you provide will be processed and stored for preparation, transmission of documents, implementation, documentation (in particular by means of lists of participants), as well as for documentation and evaluation. This data is processed on the basis of our legitimate interest in accordance with Art. 6 para. 1 lit. f GDPR. By participating in a Zoom meeting, you give your consent to the processing for the above-mentioned purpose.

If you activate the microphone or camera of your end device or allow the host to activate it, the audio and video data recorded with it will be made available to all participants from this point on. The OeAD-GmbH has no influence on whether participants make screen captures or record the course of the Zoom meeting or save the chat history using local means, e.g. with screen recorders.

Any data stored by us will be stored for a period of three years for documentation purposes, for improvement management and for responding to follow-up enquiries. "Zoom" retains the personal data for as long as is necessary for the purpose of providing its services and deletes the data at the latest at the end of the existing contract, unless a longer retention period is required by law. You can delete your own content yourself. Further information on data deletion can be found in Zoom's privacy policy (https://zoom.us/de-de/privacy.html).

9. Ordering and dispatch of printed works

9.1 Ordering printed materials

The magazine "oead.news" and other printed information material from the OeAD-GmbH can be ordered free of charge by providing the personal data required for postal dispatch. By placing an order, you consent to the processing and storage of all the data you provide in the course of sending the magazine/information. This data will only be passed on to mailing and printing service providers for the purpose of postal dispatch. If you order print products on our website and provide an e-mail address, we may use this address to send you a newsletter or information about our own similar products and services.

9.2 Cancellation of print products or revocation

You can revoke this consent at any time and without giving reasons by sending an email to adressen@oead.at. We will then no longer be able to send you any printed material.

9.3 Processors

As part of the dispatch of printed materials, we commission postal dispatch service providers who may gain access to your personal data in the course of their activities if they require the data to fulfil their respective services. These service providers have also been obliged by us to take sufficient technical and organisational measures to ensure the protection of your data. These service providers are not permitted to pass on your data (except in cases regulated by law). You can find more information on the service providers commissioned by us at datenschutz@oead.at.

9.4 Legal basis, retention period

Data processing is carried out on the basis of the legal provisions of Sections 165 ff TKG 2021, Section 3(2)(4), (7) and (10) OeAD Act and Article 6(1)(a) GDPR (consent). Your data will be deleted immediately upon complete cancellation of the subscription to the printed works, upon revocation of consent and upon request for deletion.

10. Registration for events

10.1 Collection and processing of your data, production of photos and/or videos for publication

The data you provide when registering online for events (e.g. workshops, conferences) will be processed and stored for the purposes of preparing the event, sending event and presentation documents, organising the event, documenting the event (in particular by means of lists of participants) and evaluating the event. With the exception of point 10.2, no data will be passed on to third parties.

By registering, you acknowledge that we will take photos and/or make audio/visual recordings at the event to document the event, which may be published by the OeAD-GmbH in our publications or on the Internet (including on our social media) without any claim to remuneration on your part. Further we may broadcast them (live), advertise them or report on them.

10.2 Disclosure of data to speakers, other event participants, co-operation partners and clients

In order to optimise the content preparation of the speakers and - if the meetings are for the exchange of experience or for networking - the professional exchange between the participants, the name and institution will be passed on to the speakers or other participants (closed group of persons). This information, supplemented by your signature to confirm your participation, must also be passed on to our owner (Republic of Austria) and the respective organiser of the event (e.g. Federal Ministry of Education, Science and Research; European Commission) as proof that the event was held and attended. In order to prepare and organise the event, it may also be necessary to pass on the list of participants to cooperation partners with whom the specific event is organised in accordance with the invitation.

10.3 Desire of Non-illustration

If you do not wish to be included in photos or videos taken at the event and intended for use, in particular publication, by the OeAD-GmbH, please inform the photographer or video team directly at the event or stay in areas where no photos or videos are taken.

10.4 Legal basis, retention period

Data processing is carried out on the basis of Section 3 (2)(4), (7) and (10) of the OeAD Act and Article 6 (1) (f) GDPR (our legitimate interest in documenting the events for owners and clients and for carrying out the public relations work required of us by law). The data will be stored for ten years from the end of the event for verification and control purposes vis-à-vis the bodies financing the event (e.g. Federal Ministry of Education, Science and Research; European Commission) and their supervisory bodies (e.g. Court of Auditors) and then deleted.

11. Erasmus+

11.1 Affected funding programmes

This section explains the use of data in the course of your application for and, if granted, the processing of funding from European Union funds, partly co-financed by funds from the Republic of Austria, under the programmes

  • "Erasmus+ Education",
  • "Erasmus+ Youth",
  • "Erasmus+ Sport".

This includes in particular pupil and teacher mobility, strategic partnerships in school education, school exchange partnerships, higher education mobility, strategic partnerships in higher education, mobility in vocational education and training (pupils, apprentices and teachers, vocational education and training specialists), strategic partnerships in vocational education and training as well as mobility and strategic partnerships in adult education, youth projects and extracurricular youth work as well as the European Solidarity Corps (ESK), and the performance of support activities and administrative tasks for a sports team or individual athletes.

11.2 Responsibility for the data processing

OeAD-GmbH - Austria's Agency for Education and Internationalisation, FN 320219 k (Vienna Commercial Court), Ebendorferstraße 7, 1010 Vienna, is responsible for data processing. Our data protection officer is Christian Pichler-Stainern, datenschutz@oead.at.

However, where data is processed by us (or by beneficiaries) on behalf of the European Commission in the IT tools provided by the European Commission, the Directorate-General for Education, Youth, Sport and Culture of the European Commission is the controller in accordance with Regulation (EU) No 2018/1725 of the European Parliament and of the Council of 23 October 2018 on the protection of natural persons with regard to the processing of personal data by the Union institutions, bodies, offices and agencies and on the free movement of such data, and repealing Regulation (EC) No 45/2001 and Decision No 1274/2002/EC (see section 1). Further information can be found in the following data protection statements of the European Commission:

The information in the following points 11.3 to 11.10 therefore only refers to data processing by the OeAD-GmbH.

If you have any questions about data processing and data protection at your sending or host organisation, please contact this organisation directly.

11.3 Collection and processing of your data, subscription and unsubscription, appropriation

Your data provided during online registration and online application will be processed in accordance with § 2g of the Research Organisation Act (FOG) and in accordance with "Regulation (EU) No 1288/2013 of the European Parliament and of the Council of 11 December 2013 establishing "Erasmus+", the Union programme for education, training, youth and sport, and repealing Decisions Nos. 1719/2006/EC, No. 1720/2006/EC and No. 1298/2008/EC" for the processing of your application, for the assessment by experts, for the sending of award or rejection letters, for the transmission of information for the preparation of the funded stay or project, for the conclusion of the contract, for the payment and settlement of the funding (including reports) and for follow-up support. In accordance with § 2g para. 1 no. 2 FOG and the requirements of the European Commission, selected data can or must be published on the Internet or in other publicly accessible reports. In accordance with § 10a of the OeAD Act, your mobility data will also be transferred to the mobility and cooperation database, which is also managed by the OeAD-GmbH, at the end of your stay or project.

11.4 Processor

The data applications used by us as the controller within the meaning of the GDPR for the processing of registration, application, conclusion of contract, payment, billing and aftercare are operated by IT service providers on our behalf, who may gain access to your personal data in the course of their activities if they require the data to fulfil their respective services. These service providers have been obliged by us to take sufficient technical and organisational measures to ensure the protection of your data. These service providers are not permitted to pass on your data (except in cases regulated by law). You can request further information on the service providers commissioned by the OeAD-GmbH at datenschutz@oead.at.

11.5 Collection and processing of personal data of third parties

If you transfer personal data of third parties (e.g. of project partners, employees, other persons employed in the project, other persons participating in the project such as participants in events or surveys) to us in the course of the application or as part of your reporting and accounting obligations, you are obliged to inform the persons concerned about this data transfer and the data processing by the European Commission and us. These persons can assert their rights to information, rectification and restriction of processing against us at datenschutz@oead.at (see also section 4). However, the right to erasure and the right to object is excluded where the Research Organisation Act (FOG) is applicable. Further information and contact points for data processing by the European Commission can be found in section 11.2.

11.6 Disclosure of data to third parties

Your data will be passed on to experts for the assessment of applications, interim and final reports in accordance with Section 2g FOG. Furthermore, in accordance with Art. 6 (1) (f) GDPR (our legitimate interest in verifying the information provided by applicants and preventing misuse of the funding), we may disclose your personal data, including information you have provided yourself, for the purpose of assessing whether the eligibility requirements have been met and for checking the billing, e.g. to relevant credit agencies for credit checks or to avoid double funding by making enquiries with the relevant EU and federal bodies or other legal entities that award or process relevant funding or other third parties, and to transmit this data to them and to carry out transparency portal enquiries in accordance with Section 32 (5) TDBG 2012, Federal Law Gazette I No. 99/2012, as amended.

We must also report all disbursements, reclaims and repayments to the Federal Ministry of Finance (transparency portal).

Your data may also be forwarded to bodies and authorised representatives of the Austrian Court of Audit (in particular in accordance with the Austrian Court of Audit Act 1948, Federal Law Gazette No. 144/1948, as amended), the Federal Ministry of Finance (in particular in accordance with the Federal Budget Act 2013, Federal Law Gazette I No. 139/2009, and in accordance with Sections 13 and 14 ARR 2014, both as amended), the Federal Ministry of Finance (in particular in accordance with the Federal Budget Act 2013, Federal Law Gazette I No. 139/2009, and in accordance with Sections 13 and 14 ARR 2014, both as amended) and the European Union must be passed on or disclosed in accordance with the provisions of EU law.

11.7 Transfer of data abroad

Your data may also be transferred to academic institutions, other funding and grant agencies and experts in member states of the European Union for the purpose of assessing/reviewing applications and reviewing reports and statements of account.

If you have applied for funding for a stay abroad, your data may also be passed on to the foreign institution hosting you, even if it is based outside the EU/EEA area and the level of data protection in this country does not correspond to the European level. However, this is necessary for the fulfilment of the contract.

11.8 Restriction of your rights

The right to erasure pursuant to Article 17(3)(b) GDPR and the right to object pursuant to Article 21(6) GDPR are excluded for processing pursuant to Section 2g(1)(1) (retention period for funding documents) and (2) (publication on the internet and in reports) and (4) (project details and details of persons involved in the project) from the time funding is awarded. Similarly, with regard to the mobility and cooperation database pursuant to Section 10a (3) of the OeAD Act, the right to erasure pursuant to Article 17 (3) (b) GDPR and the right to object pursuant to Article 21 (6) GDPR are excluded.

11.9 Contact persons within the OeAD-GmbH

For requests for information, correction, cancellation and deletion, please contact the National Agency Erasmus+ Education, which is part of the OeAD-GmbH, at erasmusplus@oead.at. Alternatively, you can also submit your requests to our data protection officer (see point 3.1).

11.10 Legal basis, retention period

Data processing is carried out on the basis of the Research Organisation Act, in particular Section 2g (processing by Art 89 funding and grant agencies), Regulation (EU) No. 1288/2013 of the European Parliament and of the Council of 11 December 2013 establishing "Erasmus+", the Union programme for education, training, youth and sport, and repealing Decisions No. 1719/2006/EC, No. 1720/2006/EC and No. 1220/2006/EC and No. 1220/2006/EC. December 2013 establishing "Erasmus+", the Union programme for education, training, youth and sport, and repealing Decisions No 1719/2006/EC, No 1720/2006/EC and No 1298/2008/EC", pursuant to Art 6(1)(b) GDPR (initiation and performance of a contract) and Section 10a of the OeAD Act (mobility and cooperation database). The transfer of data to third countries takes place on the basis of Art. 49(1)(b) GDPR.

The data is stored in accordance with Section 2g (1) FOG and for the purpose of providing evidence to the Republic of Austria as the co-financing body for a period of ten years, namely

a) in the event of withdrawal or non-follow-up of the application or a negative decision from the last contact and

b) in the event of a positive decision, from the end of the year of payment of the total funding (= payment of the last instalment by us after approval of the statement of account or receipt of the repayment by you in accordance with our reclaim after the statement of account)

stored. The right to erasure pursuant to Art. 17 para. 3 letter b GDPR and the right to object pursuant to Art. 21 para. 6 GDPR are excluded for processing pursuant to Art. 2g para. 1 no. 1 (retention period for funding documents) and 2 (publication on the Internet and in reports) and para. 4 FOG (project details and details of persons involved in the project) from the time funding is awarded.

The mobility data to be transmitted to the mobility and cooperation database in the event of funding being awarded in accordance with § 10a of the OeAD Act will be stored indefinitely. The right to erasure pursuant to Art. 17 para. 3 letter b GDPR and the right to object pursuant to Art. 21 para. 6 GDPR are excluded by law.

12. Funding/scholarship programmes of the BMBWF and the ADA or third-party funding programmes

12.1 Affected funding programmes

This section explains the use of data in the course of your application for and, if awarded, the processing of funding (a scholarship) from funds of the Republic of Austria.

In particular, the following funding programmes are covered:

  • Africa-UniNet,
  • Aktion Österreich-Slowakei,
  • Aktion Österreich-Tschechien,
  • Aktion Österreich-Ungarn,
  • Andrássy Postgraduate-Stipendium,
  • APPEAR,
  • ASEA Uninet,
  • Auslandspraktikum Deutsch als Fremdsprache (DaF),
  • Auslandspraktikum für Studierende des Masterstudiums "Österreichstudien – Kulturen, Literaturen, Sprachen" an der Universität Wien,
  • CEEPUS,
  • Doktoratsstipendium für das Europäisches Hochschulinstitut Florenz,
  • Doktoratsstipendium für Mitteleuropäische Geschichte an der Andrássy Universität Budapest,
  • Ernst Mach-Stipendien,
  • Eurasia-Pacific Uninet,
  • Förderprogramm zur Erstellung von digitalen Lehr- und Lernmitteln mit Citizen Science-Methoden,
  • Förderungen für Sommerkollegs,
  • Franz Werfel-Stipendium,
  • HERAS Scholarship Programme,
  • IMPULSE Iran-Austria und Austria Mundus+,
  • Japan Society for the Promotion of Science-Stipendium,
  • Landarztstipendium des Landes Niederösterreich,
  • Lektoratsprogramm,
  • Marietta-Blau-Stipendium,
  • Medizinstipendium des Wiener Gesundheitsverbundes,
  • Monbukagakusho-Stipendium (Japan),
  • ÖGK Stipendium für Medizinstudierende,
  • Richard Plaschka-Stipendium,
  • Sparkling Science und Sparkling Science 2.0,
  • Stipendien der Stipendienstiftung der Republik Österreich,
  • Talent Austria-Stipendien und Preise,
  • Top Citizen Science,
  • Universität Klagenfurt - Technologie-Stipendien,
  • Wissenschaftlich-Technische Zusammenarbeit (WTZ).

 

12.2 Collection and processing of your data, purpose limitation

The data you provide either during online registration and online application or in applications submitted by email or post will be used in accordance with Section 2g of the Austrian Research Organisation Act (FOG) for processing the application, for assessment by reviewers, for sending letters of award or rejection, for concluding the contract, for transmitting information for preparing the funded stay or project, for paying out and accounting for the funding and for follow-up support. In accordance with § 2g para. 1 no. 2 FOG, selected data may be published on the Internet or in other publicly accessible reports. In accordance with § 10a of the OeAD Act, your data will be transferred to the mobility and cooperation database, which is also managed by the OeAD-GmbH, at the end of your stay or funded project.

12.3 Collection and processing of personal data of third parties

If you transfer personal data of third parties (namely of project partners, employees, other persons employed or participating in the project, scholarship applicants or scholarship holders) to us in the course of the application or as part of your reporting and accounting obligations, you are obliged to inform the persons concerned about this data transfer and data use and, if necessary, to obtain their consent to data processing or data transfer in full. We process their data in accordance with Section 2g of the Research Organisation Act. These persons can assert their rights to information, rectification and restriction of processing at datenschutz@oead.at (see also section 4). However, the right to erasure and the right to object are excluded by law.

12.4 Disclosure of data to third parties

In accordance with § 2g FOG, your data will be passed on to experts (if necessary also in member states of the European Union, the European Economic Area and in third countries). If you are awarded or granted funding, your data will also be forwarded to the host institution and your supervisor there and, in the case of third-country nationals who are staying in Austria, also to the Federal Ministry for European and International Affairs (BMEIA) for forwarding to the competent representation authority for issuing the entry visa and the Federal Ministry of the Interior (BMI) for forwarding to the competent residence authorities for issuing the residence permit. If you indicate in your application that you wish to be provided with accommodation in Austria, your master data and data on the duration of your stay will be forwarded to OeAD-WohnraumverwaltungsGmbH and to other accommodation providers listed in the application form.

We and the relevant federal ministry are authorised in accordance with Art. 6 (1) (f) GDPR (our legitimate interest in verifying the information provided by applicants and preventing misuse of the funding) to use your personal data, including the information you provide yourself, to assess whether the eligibility requirements have been met and to check the proof of use or settlement (e.g. to prevent misuse of the funding) also by making enquiries with the relevant federal bodies or with another legal entity that awards or processes the relevant funding, or with other third parties, and to transmit this information to them, whereby they in turn are authorised to process the personal data required for the enquiry and to provide information.

Furthermore, we and the respective responsible federal ministry are authorised to carry out transparency portal queries in accordance with § 32 Para. 5 TDBG 2012, Federal Law Gazette I No. 99/2012, as amended. All payments of subsidies as well as reclaims and repayments must be reported to the Federal Ministry of Finance (transparency portal).

Your personal data may also have to be transferred or disclosed to bodies and authorised representatives of the Austrian Court of Audit (in particular pursuant to Section 3 (2), Section 4 (1) and Section 13 (3) of the Austrian Court of Audit Act 1948, Federal Law Gazette No. 144, as amended), the Federal Ministry of Finance (in particular pursuant to Sections 57 to 61 and 47 of the Federal Budget Act 2013, Federal Law Gazette BGBl. I No. 139/2009, and § 14 General Framework Guidelines for the Granting of Subsidies from Federal Funds (ARR 2014), both as amended) and the European Union in accordance with the provisions of EU law.

12.5 Transfer of data abroad

Your data may also be transmitted to academic institutions, other funding and grant-awarding bodies as well as to reviewers and members of selection committees appointed by the funding body in member states of the European Union for the purpose of assessing/reviewing applications and checking statements of account.

If you have applied for funding for a stay abroad, your application data may be passed on to selection committees during the selection phase (applicable to applications for Japan, Heras, Ceepus, Eurasia Pacific Uninet, ASEA-UNINET, Lectureship Programme, WTZ) and, after funding has been granted (applies to all "outgoing" programmes), to the respective foreign host or final-decision institution, even if this is based outside the EU/EEA area.

12.6 Restriction of your rights

The right to erasure pursuant to Article 17(3)(b) GDPR and the right to object pursuant to Article 21(6) GDPR are excluded for processing pursuant to Section 2g(1)(1) (retention period for funding documents) and (2) (publication on the Internet and in reports) and (4) FOG (project details and details of persons involved in the project) from the time funding is awarded. Similarly, with regard to the mobility and cooperation database pursuant to Section 10 (3) of the OeAD Act, the right to erasure pursuant to Article 17 (3) (b) GDPR and the right to object pursuant to Article 21 (6) GDPR are excluded.

12.7 Contact persons within the OeAD-GmbH

Our scholarship departments will be happy to assist you with requests for information, correction, cancellation and deletion:

• Bereich Mobilität und Kooperation (MPC): mpc@oead.at

• Appear Office: appear@oead.at

• Public Science: citizenscience@oead.at

Alternatively, or if you do not know the department responsible, you can also submit your requests to our data protection officer (see Section I. B. Point 2.).

12.8 Legal basis, retention period

Data processing is carried out on the basis of Article 6(1)(b) (processing for the performance of a contract and for pre-contractual measures), (c) (legal obligation of the controller) and (f) GDPR (to safeguard the legitimate interests of the controller and the OeAD-GmbH) as well as on the basis of Section 2g of the Research Organisation Act (processing by Art 89 funding and grant agencies), Section 3(4) and (5) of the OeAD Act (transfer of data to the MFA and BMI) and Section 10a of the OeAD Act (mobility and cooperation database). Data is transferred to third countries on the basis of Art. 49(1)(b) GDPR.

If you do not complete the registration to prepare an online application, i.e. do not confirm the activation link within 7 days, your registration data will be automatically deleted.

If you enter data for an application but then do not submit an application, this data will be stored for a period of one year and only then automatically deleted so that you can use this data again in the following year for any new application. However, you also have the option of deleting the data you have entered yourself at any time beforehand.

As soon as you have submitted an application, your data will be stored in accordance with Section 2g (1) FOG for a period of ten years, namely

a) in the event that the application is withdrawn or not pursued or a negative decision is made, from the last contact and

b) in the event of a positive decision, from the end of the year of payment of the total funding (= payment of the last instalment after our approval of the settlement or receipt of a repayment in accordance with our reclaim after the settlement).

The right to erasure pursuant to Art. 17 para. 3 letter b GDPR and the right to object pursuant to Art. 21 para. 6 GDPR are excluded for processing pursuant to Art. 2g para. 1 no. 1 (retention period for funding documents) and 2 (publication on the internet and in reports) as well as para. 4 FOG (project details and details of persons involved in the project) from the time funding is awarded.

The data on mobilities to be transmitted to the mobility and cooperation database in the event of funding being awarded in accordance with § 10a of the OeAD Act will be stored indefinitely. The right to erasure pursuant to Art. 17 para. 3 letter b GDPR and the right to object pursuant to Art. 21 para. 6 GDPR are excluded by law.

13. stima.at,scholarships.at, sop-at.com

13.1 Usage of your data

Your title, name, gender, institution and email address are required for online registration on scholarships.at or for Scientific and Technical Cooperation (STC) on www.sop-at.com and these data will be processed and stored. For reviewers, we also add the fields of study or subject areas (scientific disciplines) for which you can provide reviews, as well as any special research areas and when you have provided reviews for which applications. In the course of using the database, personal usage data (log data) is also stored, in particular the date and time of login and logout, your IP address, the Internet browser you are using and any queries and changes you have made.

13.2 Processor

The data applications in question are operated by IT service providers on our behalf, who may gain access to your personal data in the course of their activities if they require the data to fulfil their respective services. These service providers have been obliged by us to take sufficient technical and organisational measures to ensure the protection of your data. These service providers are not permitted to pass on your data (except in cases regulated by law). You can request further information on the processors commissioned by us at datenschutz@oead.at.

13.3 Disclosure of data to third parties

 Your data will only be passed on to the competent bodies of our clients (such as the Federal Ministry of Education, Science and Research, the Austrian Development Agency) and their supervisory bodies (such as the Austrian Court of Audit) in cases provided for by law. Likewise, the members of the selection committees appointed by our clients will receive the names and areas of specialisation of the reviewers. The applicants, on the other hand, do not receive any data from the reviewers.

13.4 Transfer of data abroad

If the selection committee also includes members of foreign institutions (action programmes, Richard Plaschka Scholarship), your data and your expert opinions will also be passed on to these persons based in the European Union.

13.5 Legal basis, retention period

Data processing is based on your consent in accordance with Article 6(1)(a) GDPR and on Section 2g of the Research Organisation Act (processing by Art 89 funding and grant agencies). Data is transferred to third countries on the basis of Article 49(1)(b) GDPR.

Your data will be stored for as long as you are available as a reviewer or administrator or until you withdraw your consent. Services provided until the request for cancellation or until the request for deletion of your data are processed and stored (together with your name and your institutional affiliation) in the mobility and cooperation database in accordance with § 10a of the OeAD Act. The right to cancellation or revocation with regard to this data in the mobility and cooperation database is excluded in accordance with § 10a para. 3 of the OeAD Act.

14. List of scholarship holders from Austrian higher education and research institutions

14.1 Collection and processing of your data, purpose limitation

Higher education or research institutions in Austria that grant students or researchers from third countries a scholarship for a stay in Austria or accept such persons may transmit the following data of these scholarship holders to the OeAD-GmbH: Name (incl. title), personal characteristics (in particular date of birth, gender, nationality), host Austrian institution including contact person, details of the scholarship (in particular name of the programme, award period, amount, transaction number), planned arrival and competent Austrian immigration authority. The OeAD-GmbH will forward this information collected from all reporting higher education and research institutions to the Austrian Federal Ministry for European and International Affairs (BMEIA) for forwarding to the competent representation authority (Austrian embassies or consulates general) for the purpose of issuing entry visas and to the Austrian Federal Ministry of the Interior (BMI) for forwarding to the competent residence authorities (magistrates, district authorities) for issuing residence permits. The OeAD-GmbH does not check the reported data.

14.2 Contact persons at the OeAD-GmbH for information, rectification, restriction of processing, erasure and objection

You can contact recht@oead.at to request information, rectification, erasure or objection to the processing of your data. To assert your rights under the GDPR, you can also contact the persons or organisations named in section 3.

14.3 Legal basis, retention period

Data processing is carried out on the basis of Art. 6 para. 1 letter c GDPR in conjunction with § 3 para. 4 and 5 OeAD Act. We store your data for a period of three years for documentation purposes and to answer any queries from the authorities. Your data will be deleted after this period - subject to other statutory retention obligations.

15. Digital Überall

15.1. General information on the funding programme

The Federal Ministry of Finance (hereinafter "BMF") has commissioned the OeAD-GmbH - Agency for Education and Internationalisation (hereinafter "OeAD-GmbH") with the organisational and technical implementation of the "Digital skills for All" project (the BKA is now responsible for this project). BKA and OeAD-GmbH act as joint controllers within the meaning of the GDPR. To assert your rights under data protection law, you can contact either the BKA or the OeAD-GmbH, which will proceed by mutual agreement.

15.2. Collection and processing of data, purpose limitation

The following data must be provided in the grant application (submission form):

  • Name and address of the organisation,
  • Where applicable: company register number, ZVR number, etc.,
  • Contact persons including contact details (e-mail address, telephone number),
  • Reference projects including brief description and possible links,
  • Data contained in enclosures (quality certificate according to Ö-Cert, quality seal "Digital Senior Education", organisational profile, number of workshop profiles attached).

In addition, the following data is processed:

  • Data contained in lists of participants: Date, time, place and topic of the workshop as well as the name of the trainer including signature and all participants including signature,
  • Number of participating pupils and number of classes for each workshop.

The data provided in the funding applications are used for processing the funding application, for sending letters of award or rejection, for further correspondence (queries), for concluding the contract, for transmitting information, for disbursing and invoicing the funding and for follow-up support and evaluation.

In addition, data is processed for accounting purposes and to fulfil accountability obligations towards the competent authorities, in particular the Federal Ministry of Finance and the Court of Auditors.

15.3. Collection and processing of personal data of third parties

If you (in particular as school management or representative for the funding applicants) transfer personal data of third parties (namely pupils) to us in the course of the application or as part of your reporting and accounting obligations, you are obliged to inform the persons concerned about this data transfer and data use and, if necessary, to obtain their consent to data processing or data transfer in full.

15.4. Disclosure of data to third parties

In accordance with Art. 6 (1) (f) GDPR (our legitimate interest in verifying the information provided by applicants and preventing misuse of the funding), we and the relevant federal ministry are authorised to process the personal data, including information provided by you, for the purpose of assessing whether the eligibility requirements have been met and to check the proof of use or settlement (e.g. to avoid double funding). We and the relevant federal ministry are also entitled to collect and transmit the personal data to the relevant federal bodies or to another legal entity that awards or processes the relevant funding, or to other third parties, whereby these in turn are entitled to process the personal data required for the enquiry and to provide information.

We and the responsible federal ministry are also authorised to carry out transparency portal queries in accordance with § 32 Para. 5 TDBG 2012, Federal Law Gazette I No. 99/2012, as amended. All payments of subsidies as well as reclaims and repayments must be reported to the Federal Ministry of Finance (transparency portal).

Personal data may also have to be transferred or disclosed, in particular to bodies and authorised representatives of the Court of Audit (in particular pursuant to Section 3 (2), Section 4 (1) and Section 13 (3) of the Austrian Court of Audit Act 1948, Federal Law Gazette No. 144, as amended), the Federal Ministry of Finance (in particular pursuant to Sections 57 to 61 and 47 of the Federal Budget Act 2013, Federal Law Gazette I No. 139/2009, and Section 14 of the General Framework Guidelines for the Granting of Subsidies from Federal Funds (ARR 2014), both as amended) and the European Union in accordance with EU law. I No. 139/2009, and § 14 General Framework Guidelines for the Granting of Subsidies from Federal Funds (ARR 2014), both as amended) and the European Union in accordance with the provisions of EU law.

15.5. Legal basis, retention period

Data processing is carried out on the basis of Art. 6 para. 1 letter b (processing for the fulfilment of a contract and for pre-contractual measures), letter c (legal obligation of the controller) and letter f (to safeguard the legitimate interests of the controller and the OeAD-GmbH) GDPR.

If you do not complete the registration to prepare an online application, i.e. do not confirm the activation link within 7 days, your registration data will be automatically deleted.

If you enter data for an application but then do not submit an application, this data will be stored for a period of one year and only then automatically deleted so that you can use this data again in the following year for any new application. However, you also have the option of deleting the data you have entered yourself at any time beforehand.

As soon as you have submitted an application, your data will be stored for a period of ten years, namely

a) in the event that the application is withdrawn or not pursued or a negative decision is made, from the last contact and

b) in the event of a positive decision, from the end of the year in which the entire funding is disbursed.

16. Kinder- und Jugenduniversitäten

16.1 General information on the funding programme

The Federal Ministry of Education, Science and Research (hereinafter referred to as ‘BMBWF’) has commissioned OeAD-GmbH - Agency for Education and Internationalisation (hereinafter referred to as ‘OeAD-GmbH’) with the organisational and technical implementation of the BMBWF funding programme ‘Children's and Youth Universities’. This BMBWF funding programme is based on the BMBWF's special guidelines for the funding of children's and youth universities.

Funding is provided for

  • the organisation of children's and youth universities
  • In addition, the creation and implementation of ‘holiday care with scientific standards’ during the summer holidays with low and socially acceptable co-payments for parents

by legal entities and natural persons outside the federal administration who or whose bodies have the financial resources and the necessary professional suitability to carry out the projects addressed by this special guideline.

The funding concept is designed for a 6-year period (2021 to 2026) with 6 calls for proposals (Children's and Youth Universities in 2021, 2022, 2023, 2024, 2025 and 2026). The call for proposals for a children's and youth university will be opened - if possible - in September of the previous year.

In addition to the above-mentioned federal funding, the programme is also funded by the state of Lower Austria. This additional state funding is also handled by the OeAD-GmbH.

16.2 Collection and processing of data, purpose limitation

The following data must be provided in German in the funding application (submission form):

  • Name and address of the organisation,
  • Where applicable: company register number, ZVR number, etc.,
  • Contact persons including contact details (e-mail address, telephone number),
  • Project title,
  • Information on funding applicants and cooperation partners,
  • Date and original signature of the authorised signatory
  • Data contained in enclosures:
  • Brief description of the project (max. 1 page),
  • Project description (max. 20,000 characters incl. spaces)
  • Detailed performance and time schedule,
  • Detailed cost and financing plan, incl.

      - Amount of funds received from the BMBWF within the last 3 years for the organisation of children's and youth universities,

      - Amount of funds received from public funds or another legal entity including other regional authorities and the European Union within the last 3 years for the organisation of children's and youth universities (even if with different purposes)

      - Amount of any applications for funding for the organisation of universities for children and young people from another federal budgetary authority or another legal entity, including other regional authorities and the European Union, for which a decision has not yet been made or to which the applicant for funding still intends to apply.

 The data provided in the funding application will be used to process the funding application, to send letters of award or rejection, for further correspondence (queries), to conclude the contract, to provide information, to pay out and invoice the funding and for follow-up support and evaluation.

16.3  Collection and processing of personal data of third parties

If you (especially as a representative for the funding applicants) transfer personal data of third parties to us in the course of the funding application or as part of your reporting and accounting obligations, you are obliged to inform the persons concerned about this data transfer and data use and, if necessary, to obtain their consent to data processing or data transfer in full.

16.4 Disclosure of data to third parties

In accordance with Art. 6 (1) (f) GDPR (our legitimate interest in verifying the information provided by applicants and preventing misuse of the funding), we and the relevant federal ministry are authorised to process the personal data, including information provided by you, for the purpose of assessing whether the eligibility requirements have been met and to check the proof of use or settlement (e.g. to avoid double funding). to collect and transmit the personal data to the relevant federal bodies or to another legal entity that awards or processes the relevant funding, or to other third parties, even beyond the information you provide yourself, whereby these third parties are in turn authorised to process the personal data required for the enquiry and to provide information.

All submission documents (where necessary with the consent of the persons concerned), the final report and the final accounts as well as the minutes of the BMBWF jury meeting, which also contain the discussion points on the individual projects (strengths and weaknesses or, above all, reasons for cuts or rejection of the projects), will also be forwarded to and processed by the province of Lower Austria for the processing of additional funding from the province of Lower Austria.

We and the responsible federal ministry are also authorised to carry out transparency portal queries in accordance with § 32 Para. 5 TDBG 2012, Federal Law Gazette I No. 99/2012, as amended. All payments of subsidies as well as reclaims and repayments must be reported to the Federal Ministry of Finance (transparency portal).

Personal data may also have to be transferred or disclosed, in particular to bodies and authorised representatives of the Court of Audit (in particular pursuant to Section 3 (2), Section 4 (1) and Section 13 (3) of the Austrian Court of Audit Act 1948, Federal Law Gazette No. 144, as amended), the Federal Ministry of Finance (in particular pursuant to Sections 57 to 61 and 47 of the Federal Budget Act 2013, Federal Law Gazette I No. 139/2009, and Section 14 of the General Framework Guidelines for the Granting of Subsidies from Federal Funds (ARR 2014), both as amended) and the European Union in accordance with EU law. I No. 139/2009, and § 14 General Framework Guidelines for the Granting of Subsidies from Federal Funds (ARR 2014), both as amended) and the European Union in accordance with the provisions of EU law.

16.5 Legal basis, retention period

Data processing is carried out on the basis of Art. 6 para. 1 letter b (processing for the fulfilment of a contract and for pre-contractual measures), letter c (legal obligation of the controller) and letter f (to safeguard the legitimate interests of the controller) GDPR.

If you do not complete the registration to prepare an online application, i.e. do not confirm the activation link within 7 days, your registration data will be automatically deleted.

If you enter data for an application but then do not submit an application, this data will be stored for a period of one year and then automatically deleted so that you can use this data again in the following year for any new application. However, you also have the option of deleting the data you have entered yourself at any time beforehand.

As soon as you have submitted an application, your data will be stored for a period of ten years, namely

a) in the event that the application is withdrawn or not pursued or a negative decision is made, from the last contact and

b) in the event of a favourable decision, from the end of the year in which the entire funding is disbursed.

17. Surveys

Participation in surveys is voluntary. The OeAD-GmbH does not collect any personal data and does not create any personal user profiles, unless you voluntarily disclose them when participating in individual surveys (e.g. e-mail address, name, telephone number, interests, etc.).

To conduct the survey, OeAD-GmbH uses a software tool from bestHeads Online Marketing GmbH, based in Vienna. To the privacy policy of bestHeads. The data collected when you participate in the survey (IP address of the device from which you participate in the survey, including the date and access of participation = server log) will be stored by bestHeads Online Marketing GmbH (https://www.bestheads.com/) for a period of six months on the servers of Hetzner Online GmbH in Germany (a server backup is located at cwd. at GmbH in Vienna) for the purpose of providing assistance in the event of errors and analysing errors and security concerns and will be automatically deleted after this period (data whose further retention is required for evidence purposes is excluded from deletion until the respective incident has been finally clarified).

By participating in the survey, cookies are set by the OeAD-GmbH. You can delete them in your browser settings at any time.

As soon as you provide personal data when participating in the survey, you acknowledge that the OeAD-GmbH will store and process this data for the purpose of processing and analysing this survey. All information you provide in the survey will be treated confidentially and processed and used by the OeAD-GmbH in accordance with the GDPR exclusively for the purpose of the survey stated on the start page. Your data will be passed on to third parties and published in anonymised form without exception.

Data processing is carried out on the basis of Article 6 para 1 lit f GDPR due to our legitimate interest in processing and analysing the respective survey.

18. Holocaust Education

18.1 Erinnern.at

 

18.2 Fliehen vor dem Holocaust - App

Die App "Fliehen vor dem Holocaust. Meine Begegnung mit Geflüchteten." speichert keine personenbezogenen Daten. Sie ist nicht kommerziell und dient der Bildung über Holocaust und Nationalsozialismus.

18.3 Fluchtpunkte.net

 

18.4 Romasintigenocide.eu

 

18.5 weitererzaehlen.at

 

18.6 ueber-leben.at

 

18.7 neue-heimat-israel.at

 

18.8 alte-neue-heimat.at

19. Kultur:Bildung

19.1 Competition submissions and applications for (financial) support for OeAD programmes, funded or commissioned by the BMBWF and other funding and commissioning bodies

19.1.1. Programmes concerned

This section explains the use of data in the course of a submission for (financial) support and, if awarded, also the processing of (financial) support from funds of the BMBWF and other funding and commissioning organisations. This includes all programmes in the OeAD's ‘Cultural Education with Schools’ section.

19.1.2. Collection and processing of personal data, purpose limitation

The data provided during registration and submission will be used for processing the submission, for evaluation by jury members, for sending award or rejection letters, for concluding contracts, for transmitting information for preparing the project or the submitted competition project, for disbursing and accounting for the funds and for follow-up support. Selected data will be published in the public interest in the media, on the Internet or in other publicly accessible reports of the OeAD.

19.1.3. Collection and processing of personal data of third parties

If personal data of third parties (namely of project partners, artists and other persons employed within the framework of the programme/project) are transmitted to the OeAD in the course of the application or as part of the reporting and accounting obligations, the person transmitting the data is obliged to obtain the authorisation and consent of the persons concerned for this data transmission and data use in advance. These persons can assert their rights of access, rectification and restriction of processing at datenschutz@oead.at, which may have a negative impact on the (financial) support.

19.1.4. Disclosure of data to third parties and transfer of data abroad

Personal data will also be passed on to jury members (possibly also in member states of the European Union and the European Economic Area) for programmes/projects that are juried. For the assessment/examination of programme/project applications, competition submissions and for the examination of accounts, personal data may also be transmitted to scientific institutions, other funding and grant-awarding bodies as well as to experts and members of selection committees appointed by the funding body in member states of the European Union or the European Economic Area.

In the event that (financial) support is awarded or granted, data will also be forwarded to the funding body.

19.1.5. Legal basis, retention period

Data processing (legal basis, retention period) is carried out on the basis of Art. 6 para. 1 letter b (processing for the fulfilment of a contract and for pre-contractual measures), letter c (legal obligation of the controller), letter e (for the performance of a task carried out in the public interest) and letter f (for the protection of the legitimate interests of the OeAD and the controller) GDPR.

All personal data and all documents/receipts associated with the business case must be stored for a period of seven years (or ten years in the case of commissions and funding from the Federal Chancellery or the Federal Ministry of Arts, Culture, Civil Service and Sport, and 10-20 years in the case of EU projects, depending on the programme). The retention period begins on 1 January following the cut-off date:
 

  1. in the event that the project application or funding application is withdrawn or not pursued or a negative decision is made, from the last contact (cut-off date),
  2. in the event of a positive project decision, from the end of the year of payment (cut-off date) of all financial support or funding provided by the OeAD (= payment of the last instalment after our approval of the statement of account or receipt of a repayment in accordance with our reclaim after the statement of account),
  3. in the case of a positive project decision, from the end of the year of the school year concerned (cut-off date) if no project-supporting financial resources are provided, and
  4. in the case of a positive project decision, from the end of the year of the school year affected by the project (cut-off date) in which someone can send his/her fee note to the school.

Upon request, personal data may have to be transmitted or disclosed to bodies and authorised representatives of the Austrian Court of Audit, the Federal Ministry of Finance, the Federal Ministry of Education, Science and Research and the European Union in accordance with EU law.

The data will be deleted automatically within the standardised deletion routine after the deadlines have expired.

If you do not complete the registration/submission/application in preparation for an online registration/submission/application, i.e. do not confirm the activation link (‘Send’) within the registration deadline/submission deadline/application deadline, the registration, submission or application data will be deleted.

19.1.6. Registration for events organised by the OeAD as part of the programmes/projects

Your personal data (name, institution, address, e-mail address) will be stored in our address system for the purpose of organising the event. The data you provide when registering for events will be processed and stored for the purpose of preparing and, if necessary, sending event documents, organising the event, documenting the event (in particular by means of lists of participants) and evaluating the events. By registering, you acknowledge that photos and videos will be taken at the event, which will subsequently be processed and published in OeAD publications or on the intranet to document the event.  

Networking is important to us! We therefore create a network list in which your personal data (name, institution, e-mail address) is listed, unless you object to this by e-mail to kulturvermittlung@oead.at up to one week before the event. At the end of an event, we will send the network list to all participants included in the network list and you agree to this data transfer and to being contacted by other participants on this list. You can revoke this consent directly with the other participants on this list. We may pass on your data (name, institution, e-mail) to the speakers in order to optimise their preparation. Your data (name, institution, e-mail) must also be passed on to the sponsor/client (e.g. Federal Ministry of Education, Science and Research) as proof of the organisation of and participation in the event. If we have cooperation partners for the organisation of the event, it is also necessary to pass on a network list to them for the preparation and organisation of the event.

Data processing is carried out on the basis of Art. 6 para. 1 letter f GDPR (legitimate interest of the OeAD to document the event for the Executive Board and the respective funding/client as well as to carry out public relations work). The data will be stored for seven years from the end of the event for verification and control purposes vis-à-vis the bodies funding the event (e.g. BMBWF; European Commission) and their control bodies (e.g. Court of Auditors) and then deleted.

H. Further privacy policies

3. EU-Strategie für den Donauraum (EUSDR)

4. Level Up - Erwachsenenbildung

7. Referenzstelle für Qualität in der Allgemein- und Berufsbildung (RQB)

9. NQR - Qualifikationsregister

12. Innovationsstiftung für Bildung (ISB)

13. K3 - Kulturvermittlung mit Lehrlingen