© CIT

Privacy Policy for the Use of UniGPT

UniGPT enables the use of conversational artificial intelligence for study, teaching, and research purposes. Below we provide you with information on the processing of personal data in connection with the use of UniGPT.

1. Name and Address of the Responsible Controller

The responsible controller as defined in the EU General Data Protection Regulation (GDPR) and other national data protection laws of the EU member states as well as other data protection-related provisions is:

Universität Münster / University of Münster
represented by its Rector
Schlossplatz 2, 48149 Münster, Germany
Phone: + 49 251 83-0
E-mail: mailbox@uni-muenster.de

2. Name and Address of the Data Protection Officer

You can contact the Data Protection Officer at:

Data Protection Office
Schlossplatz 2, 48149 Münster
Phone: + 49 251 83-22446
E-mail: datenschutz@uni-muenster.de

3. Data Processing When Using UniGPT

Scope of Data Processing
When you use the service UniGPT provided by the University of Münster, we process and store the following data:

  • Account name
  • Email address
  • Account group memberships
  • User-generated data (chats)
  • Logs and metrics

Purposes of Data Processing
The processing of your personal data is intended to make UniGPT available for study, teaching, and research purposes. Logs and metrics are stored for error diagnosis, IT security, and statistical purposes and can be viewed by individual CIT staff members. User-generated data (chats) are not used for training models.

Legal Basis for the Processing of Personal Data
If the processing of your personal data is necessary for the performance of a task that is in the public interest or in the exercise of official authority vested in the University of Münster, Article 6(1)(e), paragraph 3 GDPR in conjunction with § 3 paragraph 1 HSG NRW and § 3 paragraph 1 DSG NRW serves as the legal basis for the processing.

If the University of Münster seeks consent for the processing of personal data in the context of using UniGPT, Article 6(1)(a) GDPR or Article 9(2)(a) GDPR serves as the legal basis.

Duration of Storage of Personal Data
Logs and metrics are automatically deleted after 14 days. All other data are automatically deleted after 6 months without login.

3. Data Transfers

When using external models, user-generated data (prompts) are transmitted to external providers. The privacy policies of the respective providers apply.

4. Your Rights as a Data Subject

You have the right to information about your personal data processed by the University of Münster (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR) and the right to withdraw prior consent to such processing (Art. 7 (3) GDPR).

You may withdraw your consent in writing or by email from the contact persons listed under nos. 1 and 2 (see above) of this data protection statement.

You also have the right to lodge a complaint with the supervisory authority. The responsible supervisory authority is the Landesbeauftragte für Datenschutz und Informationsfreiheit Nordrhein-Westfalen, Postfach 20 04 44, 40102 Düsseldorf, phone: +49 211 38424-0, e-mail: poststelle@ldi.nrw.de