Data Protection while Studying
The University of Basel places great value on the protection of personal data and compliance with the relevant statutory regulations.
Data protection affects everyone. Your cooperation and sensitivity as a student are a contribution to effective data protection by the University of Basel. This extends from responsible handling of your own personal data (such as matriculation number, email address, passwords etc.) to your handling of the personal data of others (such as photographs, telephone numbers, etc.) to compliance with data protection rules in seminar, Bachelor's, or Master's coursework (such as Consent to surveys, etc.).
You can use the E-learning-Tool to familiarize yourself with the most important principles of data protection interactively and test your knowledge.
You can also visit the IT-Services website for useful information, instructions, or specific advice on technical questions and problems.
If you have questions about data protection, please reach out the Data Protection Officer's team at any time by email.
-
Legal Grounds for Data Processing
The processing (i.e. collection, storage, disclosure, deletion, etc.) of personal data by the university as a public institution requires either a direct legal basis (e.g. Sec. 7 Student Regulations, Sec. 42 Staff Regulations) or the legal assignment of a task to the university which can only be performed by processing personal data (called an indirect legal basis, such as a research contract, Sec. 1 University Statutes).
Consent is not sufficient for the university to process personal data. However, consent is required when the legal basis permits processing in general, but not the processing of specific data referring to an individual person (see informed consent).
In addition, data may only be processed for a specific purpose, the processing must be proportionate (e.g. appropriate, necessary for the specific purpose, and reasonable for the data subject) and the principles of data minimization and transparency must be followed (for more information, see informed consent). Projects involving vulnerable persons (e.g. children) or in special settings (e.g. anonymous data collection) are subject to additional rules.
The processing (i.e. collection, storage, disclosure, deletion, etc.) of personal data by the university as a public institution requires either a direct legal basis (e.g. Sec. 7 Student Regulations, Sec. 42 Staff Regulations) or the legal assignment of a task to the university which can only be performed by processing personal data (called an indirect legal basis, such as a research contract, Sec. 1 University Statutes).
Consent is not sufficient for the university to process personal data. However, consent is required when the legal basis permits processing in general, but not the processing of specific data referring to an individual person (see informed consent).
In addition, data may only be processed for a specific purpose, the processing must be proportionate (e.g. appropriate, necessary for the specific purpose, and reasonable for the data subject) and the principles of data minimization and transparency must be followed (for more information, see informed consent). Projects involving vulnerable persons (e.g. children) or in special settings (e.g. anonymous data collection) are subject to additional rules.
-
Data Protection Review
The purpose of a data protection review is to identify potential risks before the collection and processing of personal data and to minimize them where possible.
In university life, data protection reviews particularly come into play before research projects and before the introduction of new digital services for teaching, research, or administration. The primary goal of these reviews is to determine whether the nature of the data or the processing of the data entails a high risk to the rights and freedoms of the data subject.
You can learn more on the data protection reviews web page.The purpose of a data protection review is to identify potential risks before the collection and processing of personal data and to minimize them where possible.
In university life, data protection reviews particularly come into play before research projects and before the introduction of new digital services for teaching, research, or administration. The primary goal of these reviews is to determine whether the nature of the data or the processing of the data entails a high risk to the rights and freedoms of the data subject.
You can learn more on the data protection reviews web page. -
E-Learning-Tool
You can use the E-Learning-Tool to familiarize yourself with the legal grounds of data protection in a fun and engaging way and to test your knowledge.
The course is led by Professor Beat Rudin, Data Protection Officer of the Canton of Basel-Stadt and assistant lecturer at the University of Basel, and by Danielle Kaufmann, Data Protection Officer of the University of Basel.You can use the E-Learning-Tool to familiarize yourself with the legal grounds of data protection in a fun and engaging way and to test your knowledge.
The course is led by Professor Beat Rudin, Data Protection Officer of the Canton of Basel-Stadt and assistant lecturer at the University of Basel, and by Danielle Kaufmann, Data Protection Officer of the University of Basel.Links & Downloads
