Privacy Policy
I. Person responsible
The responsible party within the meaning of Art. 4 No. 7 GDPR is:
State capital Düsseldorf
Der Oberbürgermeister
Marktplatz 2
40213 Düsseldorf
Telephone 0211-8991
Fax 0211-8929222
II. Accessibility of the official data protection officer
If you have any questions about whether the City of Düsseldorf processes your data in accordance with data protection regulations, you can address them to the official data protection officer of the State Capital of Düsseldorf, Department 07/1, 40200 Düsseldorf, Telephone 0211-8991, Email datenschutz07@duesseldorf.deAlternatively - and for general questions about data protection - you can also contact the State Commissioner for Data Protection and Freedom of Information North Rhine-Westphalia, Kavalleriestraße 2-4, 40213 Düsseldorf, telephone 0211- 384240, email poststelle@ldi.nrw.de.
III. General information about data processing
We process personal data of our users to the extent necessary to provide a functional website as well as our content and services. The data will then be deleted immediately. They will be treated confidentially by the City of Düsseldorf and by the partner responsible for technical processing, dxm GmbH & Co. KG. For individual e-government offerings on these pages, please note the specific data protection information provided there. You should also be aware that if data is transmitted unencrypted over the Internet, there is a possibility that third parties may access or falsify it. Data about online procedures and forms that are submitted under Contact offered are therefore always exchanged in encrypted form (HTTPS/SSL); this protects them from being read or manipulated. Confidential data should never be sent via unencrypted email. Further information can be found in the general terms and conditions for electronic communication with the City of Düsseldorf. Your personal data will be processed below either on the basis of a legal basis or with your consent. These bases are listed in Art. 6 (1) GDPR. Processing is legally permissible if it serves the purpose of fulfilling the duties of the City of Düsseldorf; in this case, the basis is either general data protection law from Art. 6 (1) GDPR in conjunction with Section 3 of the North Rhine-Westphalia Data Protection Act (DSG) or a sector-specific legal provision. In addition, your consent can be a viable basis for data processing.
Data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. If data is collected to provide the website, this is the case when the respective session ends. If the data is stored in the web server's log files, this occurs after seven days at the latest.
IV. Provision of the website and creation of log files
Each time our website is accessed, our system automatically collects data and information from the computer system of the calling computer. The following data is collected here:
a. Information about the browser type and version used,
b. the user’s operating system,
c. the user’s Internet service provider,
d. the user’s IP address,
e. Date and time of access,
f. Websites from which the user’s system accesses our website,
g. Websites accessed by the user’s system via our website.
The data is also stored in the log files of our system. This data is not stored together with other personal data of the user. The legal basis for the temporary storage of the data and the log files is Art. 6 (1) (e) GDPR. The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must be stored for the duration of the session. Storage in log files occurs to ensure the functionality of the website. We also use the data to optimize the website and to ensure the security of our information technology systems. The data is not evaluated for marketing purposes in this context. These purposes also constitute the public interest in data processing according to Art. 6 (1) (e) GDPR.
The collection of data to provide the website and the storage of data in log files are essential for the operation of the website. Therefore, the user has no right to object.
V. Use of cookies and tracking tools
The City of Düsseldorf uses so-called session cookies on its website to optimize the use of the website with each visit. Session cookies are small pieces of information that a provider places in the memory of the visitor's computer to make returning to the website easier and more user-friendly. A session cookie stores a randomly generated unique identification number, a so-called session ID. Furthermore, a cookie contains information about its origin and the
Storage period. These cookies cannot store other data. The session IDs are automatically deleted from the system after one day. The session IDs do not contain any elements that allow conclusions to be drawn about the person of the user. If you leave our site and go to external websites, it is possible that additional cookies will be set by recipients of the clicked target page. The State Capital of Düsseldorf is not legally responsible for the setting of these cookies. For information on the use of cookies and the information stored on them, please compare the privacy policies of the respective external websites. Technical programs such as etracker, PIWIK, Google Analytics, which are used to record and analyze user behavior, are described, where used, in the special data protection notices of the corresponding departments. On these websites, data is collected and stored for analysis and optimization purposes. This data can be used to create user profiles under a pseudonym. The collection and storage of data can be revoked at any time with effect for the future.
VI. Newsletter
The City of Düsseldorf offers its users in some departments (e.g., museums, press office, etc.) the opportunity to learn about the city's current activities and developments by subscribing to a newsletter. Our newsletters are generally sent by the delivery service provider Newsletter2Go GmbH, Köpenicker Straße 126, 10179 Berlin, Germany. You can view the delivery service provider's privacy policy here: www.newsletter2go.de/datenschutz
The processing of the email address serves exclusively to send the newsletter to the subscriber. The shipping service provider can use the recipient's data in pseudonymous form, i.e. without assignment to a user, to optimize or improve its own services, e.g. for the technical optimization of the delivery and presentation of the newsletter or for statistical purposes. However, the shipping service provider does not use the data of our newsletter recipients to write to them directly or to pass the data on to third parties. The following data is collected during registration: IP address of the accessing computer Date and time of registration
Your consent (Art. 6 (1) (a) GDPR) is obtained for the processing of the data during the registration process (so-called double opt-in procedure) and reference is made to this privacy policy. The data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. The user's email address will therefore be stored as long as the newsletter subscription is active. The newsletter subscription can be canceled by the affected user at any time. A corresponding link is provided in every newsletter for this purpose. This also revokes the consent to the storage of the personal data collected during the registration process.
VII. Eye-Able®
Eye-Able® is a software from Web Inclusion GmbH to guarantee all people barrier-reduced access to information on the Internet. The files required for this, such as JavaScript, style sheets and images, are loaded from an external server. When features are activated, Eye-Able uses the browser's local storage to save the settings. All settings are only saved locally and are not transferred further.
To fend off attacks and provide the service in near real time, Eye-Able® uses the Content Delivery Network (CDN) of BunnyWay doo (Cesta komandanta Staneta 4A, 1215 Medvode, Slovenia). This service is used for the purpose of fulfilling the contract with its customers (Art. 6 (1) (b) GDPR) and in the interest of a secure, fast, and efficient provision of the online service by a professional provider (Art. 6 (1) (f) GDPR). All transmitted data and servers remain in the EU at all times to enable data protection-compliant processing in accordance with the GDPR. Web Inclusion GmbH never collects or analyzes personal user behavior or other personal data. Further information can be found in the privacy policies: https://eye-able.com/datenschutz/
VIII. Use of social media and platforms
The following information informs you about the data protection aspects of the social network and platform presence operated by the City of Düsseldorf. Purpose of processing: In addition to other media channels, particularly the city's website, the City of Düsseldorf maintains online presences within social networks and platforms in order to inform citizens, interested parties, and users active there as part of its public relations work. Citizens, users, and interested parties thus have various options available to obtain information about the City of Düsseldorf and to contact it.
Legal basis
The City of Düsseldorf uses social networks for targeted public relations and communication with citizens. The associated processing of users' personal data is permitted under Art. 6 (1) (f) GDPR.
e) GDPR in conjunction with Section 3 (1) of the North Rhine-Westphalia Data Protection Act. Effective information of citizens by government agencies serves the performance of a task in the public interest. Furthermore, users are generally asked by the respective platform providers for their consent to the aforementioned data processing in accordance with Article 6 (1) (f) GDPR.
a) GDPR.
Information on data processing in social networks
We would like to point out that when using social networks, user data may be processed outside the European Union. What data is specifically collected and for what purposes is not known. However, the user's IP address and other data stored on your device in the form of cookies are certainly collected and processed. Data transfer outside the European Union may pose risks for users because, for example, it could make it more difficult to enforce user rights, particularly in the US.
Furthermore, users' data may be processed by providers for market research and advertising purposes. For example, user profiles are created based on user behavior and the resulting interests of users. These user profiles can be used by providers, for example, to place advertisements within and outside the platforms that presumably correspond to users' interests. For these purposes, cookies are usually stored on users' computers, in which the user behavior and interests are saved. Furthermore, data can also be stored in the user profiles regardless of the devices used by users (particularly if users are members of the respective platforms and are logged in to them).
For a detailed description of the respective processing activities and the options for opting out, please refer to the information provided by the providers linked below. In the case of requests for information and the assertion of user rights, we point out that these can be most effectively asserted with the providers. Only the providers have access to user data and can directly take appropriate measures and provide information. If you still need help, please contact us.
IX. Rights of the data subject
In general, the data subject has the following rights when processing personal data under the GDPR:
- Right to information, Art. 15 GDPR Those affected have the right to receive information about their personal data processed by the State Capital of Düsseldorf and in particular about the purpose of the processing and the period of storage.
- Right to rectification, Art. 16 GDPR This right includes the right to have inaccurate personal data corrected or incomplete personal data completed.
- Right to erasure, Art. 17 GDPR. Data subjects have the right to have their personal data erased by the City of Düsseldorf, as the controller, if the data is no longer necessary for the specific purpose, if the consent granted has been revoked, or if the personal data was processed unlawfully. The request for erasure must not be precluded by any legal grounds, such as those mentioned in Art. 17 (3) GDPR.
- Right to restriction of processing, Art. 18 GDPR Data subjects have the right to restrict further processing of their personal data if the legal requirements are met.
- Right to data portability, Art. 20 GDPR In accordance with Art. 20 GDPR, the data subject has the right to receive the data concerning him or her from the controller in a common, machine-readable format and has the right to have these data made available to another controller.
- Right to object, Art. 21 GDPR In accordance with Art. 21 GDPR, the data subject has the right to object at any time to the processing of his or her personal data collected by the controller for reasons arising from his or her particular situation.
- Automated decision-making in individual cases, including profiling, Art. 22 GDPR The data subject has the right not to be subject to a decision based solely on automated processing, including profiling, unless there is an exception pursuant to paragraph 2 of this provision.
- Right to withdraw the consent given If the data processing is based on consent, the data subject has the right to withdraw his or her consent at any time.
X. Supervisory authority and the right to lodge a complaint
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia, Kavalleriestraße 2-4, 40213 Düsseldorf, Tel. +0211 384240 XNUMX, Email poststelle@ldi.nrw.de. You can exercise this right if you believe that the processing of your personal data violates the provisions of the GDPR. In addition to this privacy policy, the rules of the privacy policy of the State Capital of Düsseldorf apply: https://www.duesseldorf.de/infonav/datenschutz