Frontaler Blick auf das D4 Gebäude.

Data Protection Officer of WU

WU has appointed Georg Fellner, an attorney with bkp Rechtsanwälte, as the WU Data Protection Officer.

The Data Protection Officer’s responsibilities include:

  • Representing WU to the outside in his role as Data Protection Officer

  • Investigating, documenting, and reporting any data protection violations or misuse of data

  • Reviewing compliance with data protection regulations and data protection measures in place at WU

  • Reporting to the Rector’s Council (on an annual basis)

  • Drafting statements in specific cases, after consultation with the Rector’s Council

  • Providing training and increasing awareness for employees involved with data processing

  • Cooperating with the Austrian Data Protection Authority

  • Consulting in the context of data protection impact assessment and supervising its implementation


As before, general data protection issues will be handled by Gloria Arnold, Kenan Selak and Martina Wolkensteiner in the Legal Affairs Office. They are also responsible for coordination with the Data Protection Officer. Responsibility for the technical implementation of data protection measures remains with IT-SERVICES (contact: Karl Langenberger).

If you have any general questions on data protection laws, please contact:

To contact the Data Protection Officer, please write to:

Procedure in the event of a personal data breach

Article 4 item 12 of the EU General Data Protection Regulation (GDPR) defines a “personal data breach” as “a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed.”

To be prepared for such an eventuality, WU has defined a procedure to implement in the event of a personal data breach. Regardless of whether a personal data breach has been detected or is only suspected, the following procedure applies:

  1. The individual who has learned of an actual, suspected, or possible data breach (hereinafter referred to as “the incident”) shall inform their supervisor immediately; if the individual’s supervisor is unavailable, the individual shall contact the Data Protection Officer and the Legal Affairs Office and provide them with all available information relating to the incident.

  2. The supervisor shall contact the WU Data Protection Officer and the Legal Affairs Office without delay.

All persons involved in processing any actual, suspected, or possible data breach are obligated to maintain strict confidentiality vis-à-vis third parties.

All media inquiries are to be redirected to the respective member of the Rector’s Council or the Press Relations Officer.

The information obligations that apply in the event of a data breach are based on articles 33 and 34 of the General Data Protection Regulation (GDPR).

GDPR web page

For more information on data protection, please see WU’s GDPR web page: