DATA PROTECTION POLICY OF THE CITY OF SALZBURG
The protection of your personal data is of particular concern to us. We therefore process your data exclusively on the basis of the legal regulations (GDPR 2018, TKG 2003). This data protection policy informs what personal data are processed and what rights you have with regard to the processing. Personal data are all data that are relevant about your person. Further information on how data is handled in the magistrate of the state capital of Salzburg can be found on the website of the City of Salzburg under www.stadt-salzburg.at/dataprotection.
INFORMATION ON THE GATHERING OF PERSONAL DATA
Responsible according to Art 4 Z 7 EU General Data Protection Regulation (GDPR)
Magistrate of the state capital of Salzburg
Mirabellplatz 4, 5020 Salzburg
The data protection officer can be reached at
firstname.lastname@example.org or at the postal address:
Data protection officer
c/o Magistrate of the state capital of Salzburg
Mirabellplatz 4, 5020 Salzburg
Purpose of processing
Data is processed for the purposes of processing of sovereign and private sector affairs.
The categories of personal data used (address, name, date of birth, owner information, company information and business information) are processed from the electronic file system and open registries such as the commercial register, land register, register of business associations, club registers or census registers.
The legal bases for processing are the legal mandate, the legal requirements, the consent of the persons concerned, as well as the contractual agreements.
You have the right to revoke your consent at any time in the case of a consent. However, the legality of the processing on the basis of consent remains unaffected until revocation
You may be required to provide your persona data due to a legal contractual agreement. The consequences of non-provision are a limited fulfilment of the agreement or contract, a partial completion in the absence of participation or a non-processing or limited processing of the entry.
Recipients (categories) of personal data are:
- as third parties (other persons responsible): Jurisdiction, other authorities which are entitled to obtain the data on the basis of legal provisions and third parties involved in proceedings, the public (insofar as legally, contractually or by consent intended)
- in some cases, we use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly inspected.
- to the extent that we process and pass on data to recipients for special purposes, we inform you about this in our specialist data protection statements.
- if a transfer should be made to a third country (outside EU/EEA), we would inform you separately.
Basically, we process personal data only for as long as necessary to fulfil the above purpose/purposes and delete them thereafter as soon as possible. Often, we are however legally obliged to keep your personal data for a longer period. In this case, we will not delete your personal data until after the statutory retention requirements have expired.
With regard to the processing of your personal data (within the framework of the legal requirements), you have the following rights as data subject:
- Right to information
- Right to correction or deletion
- Right to limitation of processing (within the framework of the legal requirements)
- Right to object to the processing (within the framework of the legal requirements)
- Right to transfer of data in matters pertaining to the private sector administration (within the framework of the legal requirements)
For any relevant questions please contact: email@example.com
If you believe that the processing of your personal data violates data protection law, you can file a complaint with the Data Protection Authority (www.dsb.gv.at).
Description and scope of data processing
The following data is stored and transmitted in the cookies:
- Session ID
- Session related information (e.g. device and resolution, shopping cart items, language, font size, application state)
- Log-in information
Permanently stored cookies serve a better user experience, here the following data are stored and delivered:
- Message reading status
- User settings
- Log-in information
Legal basis for data processing
The legal basis for the processing of personal data by using cookies in connection with application forms is Art. 6 Para. 1 lit. f GDPR.
Purpose of data processing
The user data collected by technically necessary cookies are not used to create user profiles.
The use of analysis cookies is for the purpose of improving the quality of our website and its contents according to Art. 6 Para. 1 lit. f GDPR. Through the analysis cookies, we learn how the website is used and are able to continuously optimise our offering. In connection with these analysis cookies, no IP addresses are stored, so it is not possible to draw conclusions about computers or persons (see Web Analysis chapter).
Duration of storage, possibility of objection and disposal
Management of cookies
- View cookies
- Allow cookies
- Disable all or selected cookies
- Disable all cookies when closing the browser
- Block cookies
- Notify when a cookie is to be set
- Opposition to tracking web analysis
For the following browsers, you will find the instructions for disabling cookies on the manufacturer websites. If you block our cookies in your browser, you will not be able to use some areas of our website.
- Internet Explorer
- Chrome (Windows) / Chrome (Mac) / Chrome für iOS / Chrome für Android
- Safari (iOS)
You have the option to subscribe to a free newsletter on our website. In doing so, the data from the input form are transmitted to us during registration for the newsletter. These data include, aside from the email address, specifically name, the areas of interest, and the preferred delivery format.
The following data are also collected upon registration:
- IP address of the requesting computer
- Date and time of registration
Through the so-called Double Opt-In process (see https://en.wikipedia.org/wiki/Opt-in_email) during the registration procedure, we ensure that you are the owner of the used email address.
During the registrations process, your consent is obtained for processing data and reference is made to this data protection policy.
If you access our website or use our services on our website and provide us with your email address, we may subsequently use it to send you a newsletter. In such a case, only direct advertising for own similar goods or services will be sent via the newsletter.
No data is disclosed to third parties in connection with the data processing for sending newsletters. The data will only be used to send the newsletter.
In order to improve our newsletter, we also set up newsletter tracking according to Art. 6 Para. 1 lit. f GDPR.
Legal basis for data processing
The legal basis for processing data after the user registers for the newsletter, if the user’s consent to this has been obtained, is Art. 6 Para. 1 lit. a GDPR. The legal basis for sending the newsletter as a result of the sale of goods or services is § 7 Para. 3 UWG.
Purpose of data processing
The purpose of collecting the user’s email address is to deliver the newsletter. The collection of other personal data as part of the registration process ensures the prevention of misuse of the services or of the used email address.
Duration of storage
The data will be deleted as soon as it is no longer necessary to achieve the purpose of its collection. The user’s email address will therefore be stored for as long as the subscription to the newsletter is active.
Possibility of opposition and disposal
The subscription to the newsletter can be cancelled by the affected user at any time. To this end, there is a corresponding link in each newsletter.
WEB ANALYSIS TOOLS
We expressly inform you that we do not use any analysis toolson this website to evaluate your behaviour (e.g. Google Analytics).
STORAGE OF IP ADDRESSES
Logfiles store, among other things, the IP address, the browser used, the time and date, and the system used by a website visitor. Through our hosting partner, Hetzner, only pseudonymised IP addresses of visitors to the site are stored. At the web server level, this is achieved by storing in the logfile, for example, instead of the actual IP address of the visitor (e.g. 18.104.22.168), an IP address such as 123.123.123.XXX, with XXX being a random value between 1 and 254. The production of a personal reference is thus no longer possible. With mail server logs, the retention time is 7 days. Backups are kept in encrypted form for 14 days. Data processing is carried out on the basis of the legal requirements of § 96 Para. 3 TKG as well as Art. 6 Para.1 lit a (consent) and/or lit f (legitimate interest) of the GDPR. Our concern in the sense of the GDPR (legitimate interest) is to improve our offer and our website. Since the privacy of our users is important to us, the user data is pseudonymised.
INTEGRATION OF YOUTUBE VIDEOS
Disable integration of YouTube videos
We have integrated YouTube videos into our online offer, which are stored on http://www.YouTube.com and can be played directly from our website. By visiting our website, YouTube receives the information that you have accessed the corresponding sub-page of our website. This takes place regardless of whether YouTube makes available a user account via which you are logged in or if no user account exists. If you are logged in to your Google account, the information will be directly associated with your account. If you do not wish to be associated with your YouTube profile, you must first log out before activating the button. YouTube stores your data as usage profiles and uses it for the purposes of advertising, market research and/or requirements-oriented design of its website. Such an evaluation also takes place (even for users who are not logged in) for the purposes of providing customised advertising and to inform other social network users about activities on their website. You have the right to object to the formation of these user profiles, however you must direct yourself to YouTube to exercise it.
For more information about the purpose and scope of data collection and its processing by YouTube, please refer to the data protection policy. There you will also find further information on your corresponding rights and settings options for protecting your privacy: https://www.google.de/intl/en/policies/privacy. Google also processes your personal data in the United States and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
INTEGRATION OF GOOGLE MAPS
Disable integration of Google Maps
On this website, we use Google Maps functionality. This allows us to show you interactive maps directly in the website and allows you to use the map function conveniently. By visiting our website, Google receives the information that you have accessed the corresponding sub-page of our website. This takes place regardless of whether Google makes available a user account via which you are logged in or if no user account exists. If you are logged in to your Google account, the information will be directly associated with your account. If you do not wish to be associated with your Google profile, you must first log out before activating the button. Google stores your data as usage profiles and uses it for the purposes of advertising, market research and/or requirements-oriented design of its website. Such an evaluation also takes place (even for users who are not logged in) for the purposes of providing customised advertising and to inform other social network users about activities on their website. You have the right to object to the formation of these user profiles, however you must direct yourself to Google to exercise it.
For more information about the purpose and scope of data collection and its processing by the plug-in provider, please refer to the plugin provider’s data protection policy. There you will also find further information on your corresponding rights and settings options for protecting your privacy: https://www.google.de/intl/en/policies/privacy. Google also processes your personal data in the United States and is subject to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
USE OF WEBFONTS
Disable integration of web fonts
SSL AND TLS ENCRYPTION
This website uses SSL or TLS encryption for security reasons and for the protection of the transmission of confidential content, such as orders or enquiries you send to us as site operator. You can recognise an encrypted connection in the browser’s address line by switching from “http://” to “https://” and at the padlock icon in your browser line. When the SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
We use the WordPress Content Management System (CMS) on this website. In addition, on this website we use so-called plugins, which are necessary to provide our offer. We exclusively use only plug-ins that guarantee 100% adherence to the GDPR or which have a legitimate interest on the basis of Art. 6 Para. 1 lit. f GDPR. We use the following plugins:
- Limit Login Attempts:Storage according to Art. 6 Para. 1 lit. f GDPR (legitimate interest).
- Duplicate Post:Runs only locally and does not store any personal data.
- All-in-One WP Migration: Storage according to Art. 6 Para. 1 lit. f GDPR (legitimate interest).
- The Events Calendar: Runs only locally and does not store any personal data.
- ResponsiveVoice Text to Speach: Storage according to Art. 6 Para. 1 lit. f GDPR (legitimate interest).
- WP Accessibility: Runs only locally and does not store any personal data.
- Really Simple SSL by Rogier Lankhorst:Runs only locally and does not store any personal data.
- WPSuperCache by Automattic: Runs locally only and does not store any personal data.
- WPML Multilingual CMS: Runs only locally and does not store any personal data.