You are here: Home Topics Data protection

Data protection

In the light of the ongoing digitalization of our working world, data protection is also a growing and complicated field of action. On the one hand, legal aspects when processing personal data must be clarified, and on the other hand, their technical implementation must be ensured.


In principle, the employer is obliged and responsible for ensuring that all legal provisions relating to data protection and the protection of personal rights in the operational environment are complied with.

The processing of personal data must be comprehensively documented in accordance with the current legal situation under the EU General Data Protection Regulation (GDPR). In addition, the purpose for which the data will be used and how long it will be processed and stored must be explained to the data subject when this data is collected.


Participation rights of the Staff Council in the field of „data protection“

  • Allgemeinen Aufgaben der Personalvertretung: ... darüber zu wachen, dass geltende Bestimmungen zugunsten der Beschäftigten eingehalten werden. (§ 70 Abs. 1 Nr. 2 LPVG)
  • Bestellung des behördlichen Datenschutzbeauftragten (§ 75 Abs. 4 Nr. 1b LPVG)
  • Inhalt von Fragebögen (§ 75 Abs. 4 Nr. 3 LPVG)
  • Allgemeine Fragen zur Weiterbildung (§ 75 Abs. 4 Nr. 10 LPVG)
  • Verhaltens- und Leistungskontrolle (§ 75 Abs. 4 Nr. 11 LPVG)
  • Einführung technischer Einrichtungen (§ 75 Abs. 4 Nr. 13 LPVG)
  • Einführung Informations und Kommunikationsnetze (§ 75 Abs. 4 Nr. 16 LPVG)


IuK (Information and Communication Technology) Commission

The Staff Council participates as a permanent member in the meetings of the IuK Commission of the University of Freiburg. In these meetings, we deal with questions regarding IT technology in relation to data protection, data security, the protection of employees' personal rights, or aspects of the introduction of new IT systems or related processes. The Staff Council makes suggestions for the protection and welfare of employees and works to ensure compliance with the current data protection regulations. To regulate the introduction and operation of IT systems, corresponding operating agreements are usually concluded between the employer and the Staff Council.