Privacy statement Privacy statement for oesterreich.gv.at and the "Digital Office (Digitales Amt)” government app.
1. Purpose of the privacy statement
The Federal Ministry for Digital and Economic Affairs (Bundesministerium für Digitalisierung und Wirtschaftssstandort – BMDW) has a duty to protect your personal data. In this statement, we outline which data is reached during the use of oesterreich.gv.at, how it is collected, and also what we use this data for.
The Federal Ministry of Digital and Economic Affairs is responsible for the data collected from you in accordance with Article 24 et seq. of the General Data Protection Regulation (GDPR).
2. What is the purpose of this declaration?
This declaration applies to the website oesterreich.gv.at, all subpages and the “Digitales Amt” government app.
3. Data capture
Your data are collected by the following data processing operations.
Cookies are small text files stored on the requestors’ device to recognize them. Thus, the information contained in the cookies serves the purpose of meeting management and is strictly necessary for the declared area. No cookies are used in the not declared area.
3.2 Log data
Each time you access the website, the visit is recorded in a log file (server logs) for a period of 6 months with the following log data:
- IP address of the enquirer
- call method (GET, HEAD, PUT)
- target address without HOST
- minutes with version (e.g. HTTP/1.1)
- name of the file retrieved and amount of data transferred
- date and time of the retrieval
- notification whether the retrieval was successful
- processing time of the request in microseconds
- user agent used
- SSL version used
This data is used for system security verification, error analysis and also for statistics.
We reserve the right to carry out personal analysis or profiling in the event of attacks on BMDW’s internet infrastructure.
3.3 Analysis tool Matomo
The website and the app use the open-source tool Matomo for statistical purposes. In addition, the log data are stored in the Matomo tool and hence made anonymous. With Matomo, no data are transmitted to servers which are not monitored by the Federal Ministry for Digital and Economic Affairs (BMDW).
To ensure a continuous improvement in the answering performance, dialogues and data arising from user enquiries are processed in order to boost service quality.
3.5 Services automated by the mobile signature or citizen’s card
In order to use specific services in a registered area, a mobile signature or citizen’s card is required. Information on the mobile signature and its possible uses can be found on this website, as well as on www.buergerkarte.at.
When using your mobile signature or citizen’s card, the following data are processed on the website or in the app:
- first name
- date of birth
- personal identifiers associated with the specific area, as well as encrypted area-specific personal identifiers which are generated with the help of the mobile signature or citizen’s card, and which depend on the particular process and particular stage of the process
3.6 A-Trust mobile signature service in the app
The use of personal data by A-Trust takes place in accordance with the relevant data-protection regulations, in particular the requirements of the General Data Protection Regulation (GDPR). The use of data takes place exclusively for the purpose of fulfilling a contract or on a legal basis. The customer also recognizes and consents to the fact that the following types of data need to be used and processed in order for services included in the contract to be delivered:
Name (first name(s), surname(s)), telephone number, certificate serial number, length of validity of the certificate, timings of signatures, domain of the signature recipient, unique ID, Push ID, document to be signed, date of contract.
3.7 Feedback function
In order to continuously improve the platform oesterreich.gv.at and the “Digitales Amt” government app based on the experiences of users, it is possible to give feedback. In this process, a rating and an honest comment can be posted, the latter of which is saved in plain text. Feedback is anonymous and no information about the assessor is stored (unless the person himself/herself enters personal data in the comment field).
3.8 Push messages in the app
Push messages (notifications) from “Digitales Amt” are sent via Firebase Cloud Messaging (FCM). For iOS users, the transmission also takes place via the Apple Push Notification Service (APNs). In this case, the option to use Google Analytics is disabled.
In order to send the notifications to the respective recipient, a non-person-specific ID is generated for the app and processed in FCM – with iOS additionally in APNs –, and in the push notification service of the app.
In order to be able to use the notification function, you have to enable this in the app.
To do so, the app opens an operating system dialogue once you have accepted the terms and conditions of use. You can always change your selection in the system settings, but you have to switch back into the app for it to to take effect.
4. Data storage
The data are stored in the Federal Data Processing Centre Ltd (“Bundesrechenzentrum GmbH” or simply “BRZ GmbH”), which is the IT service provider of the Austrian federal administration. Copies are available exclusively for the central backup process of the Federal Data Processing Centre Ltd (BRZ GmbH). The BRZ GmbH system administrators, who are responsible for the technical operation, are the only individuals who have access to this data. This data is accessed only in isolated cases, in accordance with the General Data Protection Regulation (GDPR) the Data Protection Act (Datenschutzgesetz or DSG) and this data protection declaration.
There is no transfer of this data to any third parties.
5. Data subject rights
You have the right to information about data which is about yourself, as well as the right to have data rectified or deleted. You have a right to restrict or to object to data processing, as well as the right to transfer data.
If you consider that your rights are not being complied with or are not being ad-equately complied with, you have the possibility to lodge a complaint with the Data Protection Authority.
6. Contact details
Responsible department: Federal Ministry for Digital and Economic Affairs (Bundesministerium für Digitalisierung und Wirtschaftsstandort - BMDW)
Abteilung I/B/4 E-Government Bürger
BMDW data protection officers:
- Beate LUKAS-JANOWSKY (engineering graduate)
- Jakob WURM (Master’s degree)
Responsible for the content: Federal Ministry for Digital and Economic Affairs