Please note the following instructions for processing the samples:

• The "Date of last amendment" only needs to be specified if a procedure description has already been submitted once. This does not mean the last change to the document, but the last change to the processing activity.
• The Presidential Board of the University of Oldenburg cannot be the sole point of contact for data subjects. Therefore, please indicate in the declarations who the contact person/process owner is. This is usually the person who is in charge of the project or similar for which the data is to be processed.
• If a joint responsibility the contact details of the other controller and - if one has been appointed - also the contact details of the data protection officer of the other controller.
• For the legal basis In the case of the performance of public tasks (in particular also in the case of research) in accordance with Art. 6 para. 1 lit. e GDPR, you should also state the corresponding state law standards. Section 3 NDSG should also always be stated, followed by the specific legal basis. For example: Art. 6 para. 1 lit. e GDPR in conjunction with § 3 NDSG. § Section 3 NDSG in conjunction with. § Section 17 (2) NHG (processing of personal data of members and affiliates of a university in Lower Saxony).
• The second half of the document (technical and organisational measures pursuant to Art. 32 para. 1 GD PR) reflects your data protection concept.