In order to facilitate a transparent processing of your data and to fulfil the requirements of the current legal regulations, in particular the increased information obligations (General Data Protection Regulation GDPR of the European Union and the Austrian Data Protection Act DSG), this document provides all relevant information about the processing of your personal data carried out by Graz University of Technology.
Data Collection
In the course of your application, we are collecting the following personal application data from you, which we store and process electronically:
Terms of use
The following terms of use regulate the use of the service GitLab, operated by the Institute of Technical Informatics at Graz University of Technology. The purpose of the service is the secure and versioned storage of software code developed in the context of research and teaching. The service offered may only be used for the education of students and the development of open source software without the intention of making a profit. Compliance with the underlying licence conditions of GitLab is obligatory. We do not assume any responsibility for the content. In case of violation of the terms of use, we reserve the right to block individual projects and accounts.
Rights and obligations of project holders
The project owners take over the administration of the users and the configuration within their GitLab projects. The role of the project owner requires a TUGraz online account. The project owner may apply for GitLab accounts for external users. These are also personal and may not be passed on. Furthermore, project owners assume responsibility for all content of their projects. This includes all data managed with GitLab. In particular, when using GitLab, the project owner is responsible for ensuring that the GitLab licence conditions are adhered to.
User lifecycle
A prerequisite for the use of GitLab is a current study or teaching position at Graz University of Technology. As soon as this requirement is no longer met, the associated GitLab account will be deleted. Users are responsible for saving their projects before leaving TU Graz. In the case of external users, after the initial registration of the user with GitLab, it will be checked for the first time after eight weeks whether the associated GitLab account was active in a project on the server. If no activity is detected, the GitLab account is deleted.
Rights and obligations of the project participants
The accounts (TU Graz/GitLab accounts) of the project participants are personal and may not be passed on. Thus, the project participants assume full responsibility for their personal account and the careful storage of the access information. Project participants without a TUGrazonline account can only participate in existing projects after being added by a project owner, but cannot create their own projects.
Data Security
Authorised personnel who are allowed to access your personal data are obliged to maintain data secrecy and the confidentiality of your personal data. Furthermore, appropriate technical and organisational measures are taken to protect your personal data, in particular from accidental, unauthorised or unlawful destruction or loss, alteration and disclosure.
Person Responsible
The person responsible for data processing is Graz University of Technology, Rechbauerstraße 12, 8010 Graz.
Data Protection Official
The Graz University of Technology Data Protection Official is x-tention Informationstechnologie GmbH, Römerstraße 80A, 4600 Wels, Austria.
Rights of Persons Affected
If you have any questions about the collection, processing or use of your personal data, or you wish to exercise your right to information, correction, restriction of processing, objection and deletion of your personal data, or you wish to revoke your consent or file a complaint, please contact office(at)iti.tugraz.at. Furthermore, you also have a right of appeal to the Austrian Data Protection Authority.
The General Data Protection Regulation (Regulation (EU) 2016/679 - GDPR) has been in force since 25 May 2018 and is directly applicable as an EU regulation in the member states of the European Union. In addition, it has also been applicable law in the member states of the European Free Trade Association (EFTA) since 20 July 2018. The GDPR thus replaces the Data Protection Directive (Directive 2002/58/EC) and contributes to the harmonisation of data protection law in the EEA area. Numerous opening clauses enable national legislators to make independent regulations on various individual issues or sub-areas.
With the Data Protection Amendment Act 2018, the Austrian legislator amended the Data Protection Act (DSG, previously DSG 2002) as well as various other material laws (including the Research Organisation Act - FOG).