oesterreich.gv.at – startpage
Login

Privacy statement for oesterreich.gv.at

Purpose of the privacy policy

The Federal Chancellery (Bundeskanzleramt – BKA) has a duty to protect your personal data. In this statement, we outline which data is reached during the use of oesterreich.gv.at, how it is collected, and also what we use this data for.

The Federal Chancellery is responsible for the data collected from you in accordance with Article 24 et seq. of the General Data Protection Regulation (GDPR).

What is the purpose of this declaration?

This declaration applies to the website oesterreich.gv.at and all subpages.

Data capture

Your data are collected by the following data processing operations.

Cookies

Cookies are small text files that are stored on the requesting party's device in order to recognize them. Thus, the information contained in the cookies serve the session control, or it is necessary information for the functionality and are technically absolutely necessary.

  • www.oesterreich.gv.at: this domain represents the non-registered area of oesterreich.gv.at and does not use cookies
  • login.id-austria.gv.at: this domain is used for the registration procedure and requires the technically necessary cookies "UNIQUE_ID" and "JSESSIONID".
  • secure.oesterreich.gv.at: this domain represents the logged in area of oesterreich.gv.at and uses the cookie "_shibsession_xxxxxxxx" for the session control, where "xxxxxxxxx" is a generated hexadecimal value

Log data

Each time you access the website, the visit is recorded in a log file (server logs) for a period of six months with the following log data:

  • IP address of the enquirer
  • call method (GET, HEAD, PUT)
  • target address without HOST
  • minutes with version (e.g. HTTP/1.1)
  • name of the file retrieved and amount of data transferred
  • date and time of the retrieval
  • notification indicating whether the retrieval was successful
  • processing time of the request in microseconds
  • user agent used
  • SSL version used
  • Referring Page (Referrer)

This data is used for system security verification, error analysis and for statistical purposes.

We reserve the right to carry out personal analysis or profiling in the event of attacks on BKA’s internet infrastructure.

Analysis tool Matomo

The website and the app use the open-source tool Matomo for statistical purposes. In addition, the log data are stored in the Matomo tool and hence made anonymous. With Matomo, no data are transmitted to servers which are not monitored by the Federal Chancellery (BKA).

Chatbot

To ensure a continuous improvement in the answering performance, dialogues and data arising from user enquiries are processed to enhance the service quality.

Services automated by the ID Austria or citizen’s card

When using your ID Austria or citizen’s card, the following data are processed on the website oesterreich.gv.at or in the app:

  • first name
  • surname
  • date of birth
  • personal identifiers associated with the specific area, as well as encrypted area-specific personal identifiers which are generated with the help of the ID Austria or citizen’s card, and which depend on the particular process and particular stage of the process
  • txID (identification number), which is assigned by the system when logging in with the ID Austria and is retained until logging out.

Feedback function

In order to continuously improve the platform oesterreich.gv.at based on the experiences of users, it is possible to give feedback. In this process, a rating and an open comment can be posted, of which the latter is saved in plain text. Feedback is anonymous and no information about the assessor is stored (unless the person himself/herself enters personal data in the comment field).

Push notifications

oesterreich.gv.at supports the sending of WebPush notifications via the official WebPush services of browser manufacturers, such as fcm.googleapis.com (Chrome/Google), updates.push.services.mozilla.com (Firefox/Mozilla), *.notify.windows.com (Edge/Microsoft) or web.push.apple.com (Safari/Apple).

For sending and receiving these notifications, a so-called „WebPush Subscription“ is generated in the browser. This contains technical information that is necessary to deliver messages to a specific browser. The WebPush Subscription is also stored and processed by us.

To assign a WebPush subscription to a person, a pseudonymized ID is stored and processed in our service. Direct identification of a natural person is no longer possible without additional information.

Data storage

The data are stored in the Federal Data Processing Centre Ltd ("Bundesrechenzentrum GmbH" or simply "BRZ GmbH"), the IT service provider of the Austrian federal administration. Copies are available exclusively for the central backup process of the Federal Data Processing Centre Ltd (BRZ GmbH). The BRZ GmbH system administrators, who are responsible for the technical operation, have access to this data. This data is accessed only exclusively in individual cases, in accordance with the General Data Protection Regulation (GDPR) the Data Protection Act (Datenschutzgesetz or DSG) and this data protection declaration.

There is no transfer of this data to any third parties.

Data subject rights

You have the right to information about data concerning yourself, as well as the right to have data rectified or deleted. You have a right to restrict or to object to data processing, as well as the right to transfer data.

If you consider that your rights are not being complied with or are not being adequately complied with, you have the possibility to lodge a complaint with the Data Protection Authority.

Contact details

Federal Chancellery (Bundeskanzleramt - BKA)

Abteilung VII/4 E-Government Bürger
Ballhausplatz 2
A-1010 Wien

BKA data protection officers:

Bundeskanzleramt Österreich,
Datenschutzbeauftragte
Ballhausplatz 2, 1010 Wien
E-Mail: datenschutz@bka.gv.at

Last update: 20/06/2025
Responsible for the content: Federal Chancellery
Not certified translation