Locking System Regulations
Note
This is a translation of the original text. Only the German version of this regulation is legally binding.
The TU Ilmenau Student Council (StuRa) uses various locking systems to control access to the StuRa premises at various locations on campus and some other rooms in the A basement. The purpose of the locking systems is to grant all authorized persons access to the rooms assigned to them and to prevent access by unauthorized persons. In order to achieve this purpose, the StuRa assigns various identification media to authorized persons. These regulations are intended to regulate the allocation of technical access options, identification media and the maintenance of the StuRa locking systems as well as the authorizations.
§ 1 – Scope of application and responsible parties
The locking system regulations apply to all doors and rooms with an electronic locking system that are managed by the StuRa. This includes
the cellar of house A,
the Interclub,
the rooms of the co-working space,
storage rooms
The administration of physical keys for specific StuRa activities is carried out independently and does not fall within the scope of these regulations. Key handover protocols are to be used.
The IT and Finance departments of the StuRa are responsible for the operation and maintenance of the electronic locking system in accordance with the provisions of these regulations. They each appoint a person responsible for the tasks in these regulations.
Contact persons (locking system representatives) can be proposed by these departments. The locking system representatives are elected to this role by the StuRa and are therefore considered active in the IT department. For short-term projects, the IT department and the Finance department may nominate additional locking system representatives for a limited period of time.
All necessary measures of these regulations can be transferred to the locking system officers. In particular, they ensure the technical allocation of access and serve as contact persons within the StuRa for questions regarding the locking systems.
§ 2 – Rights and duties of the responsible departments, managers and contact persons
The IT department is responsible for the technical implementation of the locking systems. This includes
the programming and design of the locking system and the selection of the identification media to be procured,
the administration of the agreed access rights to the individual rooms. In particular, the activation and deactivation of the respective access authorizations must be observed when constituting new committees and implemented within one week.
the processing of applications from non-StuRa members,
the compilation of a list with the contact persons of the external organizations that are bound to the StuRa locking system.
The Finance department is responsible for the logistical and financial implementation of the locking systems. This includes
the issue and collection of the identification media used and the selection of the appropriate identification medium in existing cases,
the logging of incoming and outgoing goods as well as the current whereabouts of all identification media,
the administration of all deposits.
The locking system officers are authorized to confiscate identification media and to deny or revoke access rights if identification media are not used in accordance with the purpose for which they were issued or if these regulations are violated. They must report the incident to the StuRa immediately.
If the IT unit is not reappointed or is abolished, all duties and rights are transferred in full to the Finance unit until the separation of duties can be restored.
The persons responsible monitor the locking system records and are able to read locking movements and the identification media used. This is to prevent theft and unauthorized access. In the event of a criminal complaint, information about the locking movements can be provided to the investigating authorities.
§ 3 – Authorization to possess an identification medium
Every elected StuRa member is entitled to possess a suitable identification medium during their term of office. After the end of the term of office, the authorization to possess an identification medium expires automatically.
StuRa employees, the current student consul, members of all StuRa sub-organizations and non-StuRa members who have been elected as heads of unit or deputy heads of unit are entitled to receive an identification medium. After the end of the term of office, the authorization to possess an identification medium expires automatically.
Other organizations or persons may be authorized to possess an identification medium by resolution. The following provisions must be observed:
The applicant must submit a written application to the IT department stating the need for authorization and its duration.
The application should be processed by the IT department within two weeks and submitted to the StuRa for a decision.
If the StuRa cannot decide on the authorization in time, the IT department may provisionally release an identification medium in consultation with the Finance department. It must be possible to recall or deactivate an identification medium that has been provisionally released in this way at any time and without delay. The StuRa must pass a resolution on the allocation of the provisionally released identification medium as soon as possible.
In special cases, the usage regulations of the respective rooms regulate the access requirements, authorizations and possibilities as well as the allocation process of the identification media for these. In these cases, the specific requirements of these regulations apply.
Members of external organizations that are connected to the StuRa locking system can receive the necessary identification media from their respective organizations. Requirements are regulated in § 4.
The authorization is not transferable between persons.
§ 4 – External organizations
External organizations that are connected to the StuRa locking system can be issued their own identification media with corresponding accesses.
Access rights to the premises of external organizations must be assigned by mutual agreement between the external organization and the IT department.
They are responsible for managing the identification media issued to them, unless they allow access to the StuRa offices.
This does not affect the duties of the responsible persons in accordance with § 2. The recording obligations pursuant to § 2, para. 4 shall apply mutatis mutandis to the external organizations.
The external organizations each appoint a contact person with name and address for those responsible at StuRa. In the event of a change of contact person, the StuRa must be informed promptly.
§ 5 – Rights and obligations
An identification medium authorizes access to the assigned rooms.
In principle, every identification medium is personal and non-transferable.
The owner of an identification medium is obliged to inform the IT department immediately in the event of loss or destruction of the identification medium. The corresponding accesses will be deactivated immediately by the IT department.
The owner of an identification medium must propose a date for the return of the medium to the Finance Department within two weeks of the expiry of the agreed authorization period.
§ 6 – Deposit
An identification medium may only be handed over after a deposit has been paid.
The deposit is based on the purchase price of the respective identification medium and is documented in a separate deposit list by the Finance Department.
The deposit may be retained if the identification medium is lost or destroyed.
The deposit will be refunded upon return of the undamaged identification medium.
§ 7 – Data protection
The personal data collected in connection with the application of these regulations is used solely for the purpose of managing access authorizations and the processes defined in these regulations, such as the allocation of identification media. Processing is based on these regulations.
The closing movements are processed for a maximum of one year.
Access authorizations to rooms are processed during and up to a maximum of one year after the authorization period. Access authorizations for locking media are assigned to persons.
The retention periods of the Thüringer Studierendenschaftsfinanzverordnung (ThürStudFVO) apply to accounting processing activities.
After the retention period has expired, the stored data is destroyed in accordance with the GDPR.
§ 8 – Entry into force
These regulations were submitted to the StuRa for approval on June 23, 2010 and will enter into force on June 24, 2010, subject to editorial changes.
The first amendment to these regulations was adopted by the StuRa on July 16, 2014 and comes into force on the following day.
The second amendment to these regulations was adopted by the StuRa on February 14, 2024 and comes into force on the following day.
§ 9 – Attachments
The annexes and supplementary documents defined in these regulations must be observed. These include, among others:
Key handover protocol