This data protection declaration regulates the data processing within the framework of the Internet offer of Alumniportal - Høyskolen for ledelse og teologi, St. Olavs gate 24, 0166 Oslo, Norway (responsible party).
In the following, we summarise what personal data we collect and how we process it. Personal data is information that can be used to identify a person, i.e. information that can be traced back to a person. This typically includes the name, e-mail address or telephone number. However, purely technical data that can be assigned to a person is also considered personal data.
We would like to point out that our website is operated for us by Paulbergman GmbH (https://www.alumnii.de/en/) as an order data processor. All data collected within the scope of this website is processed by Paulbergman GmbH. The authorisation for data processing is based on Art. 6 para. 1 p. 1 lit. f GDPR. The standard permits the processing of personal data within the framework of the "legitimate interest" of the responsible party, insofar as your fundamental rights, freedoms or interests do not prevail. Our legitimate interest is to outsource tasks to external service providers who can act more efficiently due to their speciality. You can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the data processing. To do so, simply send an e-mail to .
If you have any questions about data protection, please contact. There you can reach the contact person responsible for data protection.
We would like to point out that the provision of your personal data on this website is generally neither legally nor contractually required. You are not obliged to provide personal data on this website unless we indicate this in individual cases in this data protection declaration. Nevertheless, the provision of the functions of this website and the execution of an order requires the processing of your personal data.
When you come to our website as a visitor...
... then we collect data from you that you transmit in connection with accessing a website. This concerns in particular the date and time of the website access, your IP address, the source of the access (the so-called referrer) and data on your operating system and browser. We also collect data on which sub-pages you access.
IP addresses are assigned to every device (e.g. smartphone, tablet, PC) that is connected to the internet. Which IP address this is depends on which internet access your end device is currently connected to the internet via. It can be the IP address assigned to you by your Internet provider, for example if you are connected to the Internet at home via your W-LAN. It can also be an IP address assigned to you by your mobile phone provider or the IP address of a provider of a public or private W-LAN or other Internet access. In its most common form (IPv4), the IP address consists of four blocks of digits. In most cases, you as a private user will not use a constant IP address, as this is only temporarily assigned to you by your provider (so-called "dynamic IP address"). With a permanently assigned IP address (so-called "static IP address"), a clear assignment of user data is in principle easier. Except for the purpose of tracking unauthorised access to our website, we generally do not use this data in a personalised manner, but only evaluate on an anonymous basis how many accesses are made daily and the like.
Our website already supports the new IPv6 addresses. If you already have an IPv6 address, you should also know the following: The IPv6 address consists of eight blocks of four. The first four blocks, as with the entire IPv4 address, are typically assigned dynamically for private users. However, the last four blocks of an IPv6 address (so-called "interface identifiers") are determined by the terminal device you use to browse the website. Unless otherwise set in your operating system, the so-called MAC address is used for this purpose. The MAC address is a kind of serial number that is assigned once worldwide for each IP-capable device. We therefore do not store the last four blocks of your IPv6 address. In general, we recommend that you activate the so-called "Privacy Extensions" on your end device in order to better anonymise the last four blocks of your IPv6 address. Most common operating systems have a "Privacy Extensions" function, but a few do not.
The authorisation to process data is based on Art. 6 para. 1 p. 1 lit. f GDPR. The standard permits the processing of personal data within the scope of the "legitimate interest" of the controller, insofar as your fundamental rights, freedoms or interests do not prevail. Our legitimate interest is the continuous improvement of our offer, as well as for the analysis and defence against attacks and the exclusion of abuse. You can object to this data processing at any time if there are reasons that exist in your particular situation and that speak against the data processing. To do so, simply send an e-mail to .
All personal data in log files are automatically deleted after 30 days at the latest, unless there are facts that suggest the assumption of unauthorised access (such as an attempt at hacking or a so-called DDOS attack).
We use map extracts from the service provider OpenStreetMap Foundation to clearly display locations of e.g. events for you on the website or in the member area of the network (e.g. jobs, member card).
OpenStreetMap is an open source mapping tool. In order for the map to be displayed to you, your IP address is forwarded to OpenStreetMap. You can see how OpenStreetMap stores your data on the OpenStreetMap privacy page here https://wiki.osmfoundation.org/wiki/Privacy_Policy. The provider of OpenStreetMap is the OpenStreetMap Foundation: Openstreetmap Foundation (132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom).
All personal data is automatically deleted after 24 months at the latest.
If you register for the newsletter or use the contact form...
... then, in addition to the above-mentioned data, we collect all the data that you provide in the corresponding forms. We store this data on the basis of your voluntarily given consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. When processing contact requests, the data we have collected will be deleted after the request you have made has been dealt with, or, if necessary, will continue to be stored on the basis of the initiation of a contractual relationship (and in this case legitimised by Art. 6 para. 1 p. 1 lit. b GDPR). You can delete your personal data in connection with a newsletter registration yourself by clicking on a link at the end of the newsletter.
Google reCAPTCHA is used to check and avoid interactions on our website through automated access, e.g. through so-called bots. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, hereinafter referred to as “Google”. With this service, Google can determine from which website a request is being sent and from which IP address the so-called reCAPTCHA input box is being used. In addition to the IP address, Google may also collect further information that is necessary for the offer and the guarantee of this service. The legal basis is Article 6 (1) lit.f) GDPR. Our legitimate interest lies in the security of our website as well as in the defense against undesired, automated access in the form of spam or similar. Google offers further information on the general handling of your user data at https://policies.google.com/privacy.
When you sign up as a member...
... then we collect all the data that we also collect for non-registered visitors to our website (see above). In addition, we collect data that is generated during interaction with our system. For example, we store contact data and pictures that you enter or upload in the system. We store messages you send to other members, comments you make on the platform, groups you join, your tags, as well as your participation in events. To regularly improve the relevance of our mailings, we record whether you have opened and clicked on email newsletters.
We collect all this data to fulfil our contractual obligations to you as a member of the network in order to pursue our purpose (networking among the members of the association), Art. 6 para. 1 p. 1 lit. b GDPR. In order to fulfil our obligations, we require at least your name and an email address. Without the provision of this data, membership in our network is not possible. We may also require further mandatory information for the authentication of members.
All other data is voluntary and enables us and other members to contact you more easily. You can view the data stored about you in the settings area of your profile; this allows you to obtain information about the stored data. You also have the option of having your data deleted in the settings area. Based on our association purpose, we make your contact details available to other members of the association. In your profile settings, you can control exactly which data can be viewed by other members.
From time to time we will contact you by e-mail to inform you about current developments in and around the association. You have the option to object to receiving such newsletters in your profile settings. Should this be necessary for the fulfilment of our association duties (e.g. to convene a general meeting), we reserve the right to send you emails even if you have objected to receiving newsletters in general.
As part of the payment function, we record all financial transactions between you and us. Your contact and payment data is stored by the data processor Stripe Inc. (https://www.stripe.com). This includes in particular that your data is transferred to the United States of America. The security of your data during this transfer is guaranteed by the fact that Stripe undertakes to comply with the Standard Contractual Clauses (SCC) (pursuant to Art. 45 Para. 2 lit. c) GDPR) of the European Commission. The data processing is necessary for the fulfilment of the contract, Art. 6 para. 1 p. 1 lit. b GDPR. Even after deleting your profile data, we store data on your payments in order to comply with our legal obligations (Art. 6 para. 1 p. 1 lit. c GDPR) and to enable seamless accounting. After expiry of all relevant periods, personal data relating to your payments will be deleted.
As a data subject of the data processing...
you have the following rights under the GDPR:
- You can obtain information about your personal data processed by us. In particular, this includes information on the purpose of processing, categories of personal data, categories of recipients and planned storage period. You can find an overview of this in your profile settings.
- You can request the correction or completion of the data we have stored. As a rule, you can also correct the data yourself in your profile settings.
- You can request the complete deletion of your personal data processed by us. The easiest way to do this is to use the corresponding function in your profile settings.
- Within the framework of the provisions of the GDPR, you can request the restriction of the processing of your personal data.
- You can request that your personal data be handed over in a machine-readable format and transferred to another controller.
- You can revoke all consents that we rely on in the processing of your data at any time. You can do this most easily in your profile settings.
- If we process your data on the basis of a legitimate interest, you have the right to object to this processing.
If you have any questions or objections regarding data protection and to exercise the above rights, please contact . We will be happy to answer your questions. You also have the right to lodge a complaint with a supervisory authority.