Data Protection
The data stored on the ServiceCard and the data generated by using the card are subject to the regulations of the Bavarian Data Protection Act. To facilitate the functioning of the required applications and the data stored for that purpose, which are used by the respective background systems, are mutually locked and defined by separate keys. The various applications only store such data as is required by a given application, for example only such data that are needed by the electronic purse. This ensures that no links are created between the background systems by the ServiceCard. To be more precise, this means that no personalised user profiles can be created. Furthermore, the reading and writing rights in the background systems are usually limited to the required functionalities of the various applications.
Data saved on the Mifare-DESfire EV1 Chip: Serial card number, System key (all members of staa have the same sequence of numbers), Cardowner ID, Library user number, Profile keys (PKZ; students, staff, guests), Cost centre, University ID as well as the credit of the electronic purse (in cents) and the card's validity (from - to).
Data that is saved in card management / background systems: card series, card sequence, cardowner ID, period of validity, lock flag, PKZ (personal identity number), date of issue. Only the administration of the university has access to these details. Personal data that has been stored and processed, can be used for the intended purposes after the data protection officer has checked them and given his consent thereto.
The following is to be noted: Since card holders are directly affected, they are entitled to be informed, at no charge, about all personal data stored; they can, under certain circumstances, request that such date be corrected, deleted, or locked, in accordance with the Bavarian Data Protection Act (BayDSG). ServiceCard holders may use a separate reader device at the Z/IS department during staff hours to see all data that has been stored on the card and in the card management system, if they so desire. For all other questions, the university's data protection officer (DSB), Mr Thomas Loskarn is available. Phone: 0951/863-1030. Furthermore, the data protection officer of the state may be contacted by phone.