Information to be provided where personal data are collected from the data subject (Art. 13 GDPR) to the procedure of CENIT@EA-Scholarships

    Show all

    Information to be provided where personal data are collected from the data subject (Art. 13 GDPR) to the procedure of CENIT@EA-Scholarships

    Information to be provided where personal data are collected from the data subject (Art. 13 GDPR) to the procedure of CENIT@EA-Scholarships

    1. Data processor details
    1.1. Name and contact data of the controller
    • Carl von Ossietzky Universität Oldenburg
    • Ammerländer Heerstr. 114-118
    • 26129 Oldenburg
    • Tel.: +49441-798-0
    1.2. Contact person / process owner
    • Univ.-Prof. Dr.-Ing. habil. Jorge Marx Gómez
    • University of Oldenburg
    • Department of Computing Science
    • Chair Business Informatics (Very Large Business Applications)
    • Ammerländer Heerstr. 114-118; 26129 Oldenburg – GERMANY
    • Tel. +49 441/ 798-4470,  Fax -4472
    • Email:


    1.3. Name and contact data of the data protection officer
    • Carl von Ossietzky Universität Oldenburg
    • Der Datenschutzbeauftragte
    • Ammerländer Heerstr. 114-118
    • 26129 Oldenburg
    • Tel.: +49441-798-4196
    • Email:


    2. Frame of processing
    2.1. Categories of the processed personal data
    • Contact data (incl. country of origin)
    • Demographic data (incl. date of birth, nationality, passport/ID, gender)
    • Professional / academic qualification


    2.2. The period for which the personal data will be stored

    The collected data will be stored until 31.12.2025. The official end date of the project is 31.12.2020. The German Academic Exchange Service (DAAD) requires the data collected to be stored for a further 5 years in the General Auxiliary Terms and Conditions for Grants for Project Funding (ANBest-P) under item 6.5. However, since the CENIT@EA project is currently in default, its duration will be extended. Therefore, the collected data must be stored longer. An exact date has not yet been set, as the exact duration of the delay is not known at present. The coordinators of the project are reviewing the need to store the collected data in time and before the start of the extension. Data of rejected applicants will be deleted after the second cohort of the programme has been established in order to make it easier for rejected applicants to re-apply for the second cohort and to ensure a reservelist. The exact date for this has not yet been determined due to the delay of the project.

    2.3 The purposes of the processing the personal data are intended for

    CENIT@EA is committed to ensuring an appropriate distribution of scholarships among students from the East African region by making a fair, transparent and considerate selection of scholarship holders. During the project two (online) selection events for scholarship holders will take place. All these meetings are preceded by the review and evaluation of applications.

    2.4. Legal basis for processing

    Consent of the data subject according to Art. 6 Section 1 lit. a. GDPR.

    2.5. Provision of data

    The provision of personal data is not prescribed by law/contract and is not necessary for the conclusion of a contract. The data subject is also not obliged to provide the personal data.

    2.6. Consequences of not providing personal data

    If it is not possible to provide all the necessary data, it will not be possible to review the data and thus potentially prevent the awarding of a scholarship to this applicant.

    2.7. Existence of automated decision-making in individual cases (incl. profiling)

    There is no automated decision-making in individual cases (including profiling).

    3. Passing on and foreign connection
    3.1. The recipients or categories of recipients of the personal data
    • Jorge Marx Gómez (UOL)
    • Martin Fränzle (UOL)
    • Stefan Wunderlich (UOL)
    • Christian Osorio (UOL)
    • Barbara Rapp (UOL)
    • Hardi Hungar (DLR)
    • Heike Hölzner (HTW)
    • Lukusa Kabulepa (HM)
    • Simon Cremer (DAAD)


    3.2. Transfer to a third country[1] or international organization

    Important note:

    Data will be transferred to the following entities outside the European Union:

    • Kisangiri Michael (CENIT-EA Director), Nelson Mandela African Institution of Science and Technology (Tanzania)
    • Ben Ruhinda (Project Coordinator at IUCEA), Interuniversity Council of Universities in East Africa (Kenya)
    • Godfrey Justo & Alexandre Rutikanga, University of Technology and Arts of Byumba (Rwanda)
    • J.J. Masele, University of Dar es Salam (Tanzania) 

    For the above-mentioned third countries, there is no adequacy decision of the European Commission within the meaning of Art. 47 GDPR and no suitable guarantees within the meaning of Art. 46 GDPR. This means that there is no data protection level in the recipient country comparable to that of the EU and that the bodies involved in the transfer have not provided any special guarantees to compensate for the deficits. The consequence of this is that you, as the data subject, may not be able to enforce your data subject’s rights effectively or at all. Furthermore, the unauthorized processing of your personal data (in particular disclosure to third parties) may result in material and immaterial damage (e.g. identity theft/ fraud, discrimination, financial loss, damage to reputation, etc.). 

    4. Your rights as data subject

    The following rights shall apply to you as a data subject of the data processing:

      • Right of access (Art. 15 DSGVO)
      • Right to rectification (Art. 16 DSGVO)
      • Right to erasure (Art. 17 DSGVO)
      • Restriction of processing (Art. 18 DSGVO)
      • Right to object to processing (Art. 21 DSGVO)
      • Right to data transferability (Art. 20 DSGVO)
      • You can revoke any consent you may have given at any time with effect for the future, without affecting the legality of the processing carried out on the basis of the consent up to the time of revocation (Art. 7 para. 3 DSGVO).
      • If you are of the opinion that the processing of your personal data violates data protection regulations, please contact the data protection officer (see section 1.3.). Irrespective of this, you have the right to complain to the competent supervisory authority. The competent supervisory authority is:


    The State Commissioner for Data Protection Lower Saxony
    Prinzenstrasse 5
    30159 Hannover, Germany
    Phone: 0511 120-4500
    Fax: 0511 120-4599

    [1] A third country is any country outside the European Union.