Privacy Policy City of Bocholt
By visiting our website https://www.bocholt.de, the Bocholt municipal administration provides you with a telemedia service within the meaning of the Telemedia Act. The operator of these pages takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration. The following information provides a simple overview of what happens to your personal data when you visit our website or use other administrative services.
I. General information pursuant to Article 13 of the General Data Protection Regulation (GDPR)
1. contact details
1.1 Name and address of the responsible body
Responsible for this website is
Municipality of Bocholt
The Mayor
Kaiser-Wilhelm-Str. 52-58
46395 Bocholt
Tel.: 02871/953-0
E-mail: Stadtverwaltungverwaltung(at)bocholt(dot)de
DE-Mail: Stadtverwaltungverwaltung(at)bocholt.de-mail(dot)de
URL: https: //www.bocholt.de
1.2 Name and address of the data protection officer
Pursuant to Art. 37 para. 3, the Bocholt Municipality has appointed a joint official data protection officer who serves several municipal administrations. Information on the institution as well as on the data protection officer is as follows
Zweckverband KAAW - Municipal ADV User Association West
Weberstrasse 5
49477 Bocholt
Germany
Mario Könning
Place of work: City Hall of Borken Municipality
Phone: +49 (2861) 939409 or +49 (0)5451 5622-751
e-mail: Send e-mail
1.3 Name and address of the supervisory authority for data protection
The competent supervisory authority for data protection is the
State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
Kavalleriestr. 2-4
40213 Düsseldorf
Telephone: 0211/38424-0
Fax: 0211/38424-10
E-mail: poststelle(at)ldi.nrw(dot)de
2. your rights as a user
As a data subject within the meaning of the GDPR, you have the opportunity to assert various rights. You have the right
- according to Art. 15 DS-GVO in conjunction with. §§ 12, 49 DSG NRW to request information about your personal data processed by us. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details. Please note that your right to information may be restricted or excluded in certain cases in accordance with Section 48 of the North Rhine-Westphalia State Data Protection Act.
- pursuant to Art. 16 DS-GVO in conjunction with. § 50 Para. 1 DSG NRW to demand the correction of inaccurate data or the completion of your personal data stored by us without delay;
- pursuant to Art. 17 DS-GVO in conjunction with. § 50 para. 2 DSG NRW, to demand the deletion of your personal data stored by us if this is a legal requirement. However, the right to erasure pursuant to Art. 17 (1) and (2) DS-GVO does not apply, inter alia, if the processing of personal data is necessary for the performance of a task in the public interest or for the assertion, exercise or defence of legal claims;
- pursuant to Art. 18 DS-GVO in conjunction with. § 50 (3) DSG NRW, to restrict the processing of your personal data if you dispute the accuracy of the data, the processing is unlawful, but you object to its erasure and we no longer need the data, but you require it for the assertion, exercise or defence of legal claims, or you object to the processing of your personal data pursuant to Art. 21 DS-GVO in conjunction with Art. 14 DSG NRW. § 14 DSG NRW, you have lodged an objection against the processing;
- pursuant to Art. 20 DS-GVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
- pursuant to Art. 21 DS-GVO in conjunction with. § Section 14 DSG NRW, you have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data carried out on the basis of Article 6(1)(a) or (e) DS-GVO. The controller shall then no longer process the personal data, unless it can demonstrate compelling legitimate grounds for the processing which override the interests and rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims. The collection of data for the provision of the website and the storage of log files are absolutely necessary for the operation of the website. Please address your objection to this e-mail address .
- In accordance with Art. 7 Para. 3 DS-GVO, you have the right to revoke your consent at any time. This means that we may no longer continue the data processing based on this consent in the future.
- complain to a supervisory authority in accordance with Art. 77 DS-GVO. As a rule, you can contact the supervisory authority of your usual place of residence for this purpose.
3 General communication with the Bocholt municipality
a) What data is processed for what purpose?
We offer you various access options for "electronic" communication for contacting the Bocholt municipal administration:
- Contact form
- E-mail communication
- DE-Mail communication
- Telephone system (the answering machine: recording on tape)
- User account (website)
When you contact us, the following data may be stored
- Salutation
- First name
- Last name
- E-mail address
- Street
- House number
- Postcode
- City
- Telephone number
- Subject
- Your message / content
- Timestamp
- IP address
The purpose of the data processing and storage is to be able to meet your request.
b) On what legal basis is this data processed?
If you use one of the communication media, personal data is entered on an explicit voluntary basis. The legal basis for the processing is Art. 6 para. 1 letter a DS-GVO. If your request and the medium used is an administrative act, we process this information in accordance with Art. 6 (1) (e) DS-GVO.
Persons under the age of 16 should not transmit any personal data to us unless the consent of their parents or guardians has been given (Art. 8 (1) DS-GVO). The consent must then be explicitly noted in the message (Art. 8 (2) DS-GVO).
c) Are there other recipients of the personal data besides the data controller?
We only use the personal data you enter for the purpose you requested and only within the administration or the specialist offices commissioned with the respective service.
If it is an official request that is not the responsibility of our city administration, we assume that you agree that we may forward your request to the responsible public institution (e.g. district, state, federal, etc.) so that we can deal with your request. We will only pass on your request in connection with public institutions.
d) How long is the data stored?
We delete the personal data we receive via communication as soon as the storage is no longer required for the purpose you intended or in connection with administrative procedures triggered by it and the retention obligations applicable for this purpose.
e) Note on e-mail communication
We expressly point out that communication by electronic means via e-mail is at your own risk. The municipality of Bocholt cannot guarantee the security or authenticity of any message received.
Please use your DE-Mail address or our contact form for secure communication.
f) Notes on tape recordings (answering machines)
We would like to point out that if your spoken word is recorded by the answering machine and the content is decisive for the implementation of an administrative act, we process (store) this information for the intended purpose.
Data processing when visiting our website (DSGVO)
4 External links
This website may contain links to third party websites or to other websites under our responsibility. If you follow a link to a website outside our responsibility, please note that these websites have their own data protection information. We do not accept any responsibility or liability for these third-party websites and their data protection information. Therefore, before using these websites, please check whether you agree with the data protection declarations there.
You can recognise external links either by the fact that they are slightly different in colour from the rest of the text or that they are underlined. Your cursor will show you external links when you move it over such a link. Only when you click on an external link will your personal data be transferred to the target of the link. In doing so, the operator of the other website receives in particular your IP address, the time at which you clicked on the link, the page on which you clicked on the link, as well as further information which you will find in the data protection notices of the respective provider.
Please also note that individual links may lead to data transfer outside the European Economic Area. This could give foreign authorities access to your data. You may not have any legal remedies against these data accesses. If you do not wish your personal data to be transferred to the link destination or even to be undesirably exposed to access by foreign authorities, please do not click on any links.
5. web hosters
a) What data is processed for what purpose?
When you access website content, information is automatically sent to our website server by the browser used on your end device. This information is temporarily stored in a so-called log file, which may allow identification. The following data is collected:
- Name of the server
- amount of data transferred
- Internet protocol address (IP address)
- Date and time of access
- Destination of the request
- Status of the request
- Website from which the user accessed the server
- Web browser used, operating system of your computer if applicable, and name of your provider
The above data (log files) are processed by us for the following purposes:
- Ensuring a smooth connection setup of the website
- Ensuring a comfortable use of our website
- Evaluation of system security and stability
- prosecution in the event of misuse and
- for further administrative purposes
b) On what legal basis is this data processed?
The legal basis for the temporary storage of data is § 3 para. 1 DSG NRW in conjunction with. Art. 6 para. 1 letter e and para. 3 DS-GVO.
c) Are there other recipients of the personal data besides the responsible party?
Instead of operating this website on our own server, we can also have it operated on the server of an external service provider (hosting company). In this case, the personal data collected on this website will be stored on the servers of the hosting company. In addition to the data mentioned above, this may include, for example, contact requests, contact details, names, website access data, meta and communication data, contract data and other data generated via a website. You can find out more about this in the section "Configurable forms". Our service provider for our website is
EGOTEC AG
Board of Directors: Heiko Roth, Johannes Jakob
Chairwoman of the Supervisory Board: Silvia Jakob
Pfalzgraf-Otto-Strasse 81
74821 Mosbach
info(at)egotec(dot)com
EGOTEC receives and processes personal data on behalf as a processor. The hosting, the operation of our website takes place in Germany, at:
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
This service provider (Hetzner Online GmbH) is a subcontractor of EGOTEC AG and also processes the data exclusively as an order processor.
d) How long is the data stored?
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. In the case of the provision of the website, this is the case when the respective session has ended. Log files are kept for up to thirty days directly and only accessible to administrators.
6. website user account
a) What data is processed and for what purpose?
As a user of our website, you have the option of setting up a user account. The account is set up either in connection with the ServiceKonto NRW or through your manual entry. The user account is used for various purposes. On the one hand, you can automatically fill out forms provided by us with your master data or, on the other hand, the user account is required for registration in the newsletter.
The user account is not a prerequisite for using our administrative processes. Therefore, you can also use our website without a user account.
b) On what legal basis is this data processed?
The legal basis for the temporary storage of the data is your consent in accordance with Art. 6 Para. 1 Letter a DSGVO.
c) Are there other recipients of the personal data besides the controller?
The user account is part of our content management system. Therefore, our service provider processes the data on our behalf. For more details, please refer to bullet point 5 letter c.
d) How long is the data stored?
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. As a rule, the user account is deleted by you. If the city of Bocholt determines that the user account has been inactive for 3 years, it will be deleted by the system.
7 Newsletter (e-mail & messenger services)
a) Which data is processed for which purpose?
The prerequisite for a newsletter registration is a corresponding user account. The user account serves as a verification process and enables you to subscribe to our newsletter:
- Business Development Newsletter
- Newsletter City Marketing
- Newsletter City of Bocholt
Depending on the newsletter, the following data may be processed:
- Master data such as names
- address data
- Communication data such as e-mail addresses, telephone numbers
- IT data such as IP address
- Login and registration data
The above data will be processed by us for the following purposes
- To inform you in the context of our news.
b) On what legal basis is this data processed?
The legal basis for the temporary storage of the data is Article 6 (1) (a) EU-DSGVO in accordance with your consent.
c) Are there other recipients of the personal data besides the responsible party?
When you register for a newsletter, the data collected is used exclusively within the scope of the newsletter. As a rule, the data will not be transferred to third parties.
The city of Bocholt uses a module of your website operator for sending the newsletter. The website operator, for more details see section 5 letter c, processes the data on behalf of the city. If you receive information from us via a messenger service, we process your personal data together with the messenger service. The relevant messenger service initially processes your information and ours. In order to comply with data protection, we have commissioned the service of Whappodo.com GmbH. This service provider processes the data of the messenger services on behalf of us in order to provide you with the newsletter or the information via this communication channel.
d) How long is the data stored?
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected or you have revoked your consent to us. If you object to the processing for this subject area, your personal data will be deleted immediately.
d) Objection
The subscription to the newsletter can be cancelled by the user concerned at any time. Either by deactivation in the user account. For this purpose, there is a corresponding link or notice in each newsletter.
Exception: Newsletter via Threema and Telegram. Please send the word STOP for this purpose.
d) Notes on messenger services
We use the so-called double opt-in procedure to register for our newsletter. This means that after your registration, we will send you an e-mail to the e-mail address you provided in which we ask you to confirm that you wish to receive the newsletter. If you do not confirm your registration within a certain period of time, your information will be blocked and automatically deleted after a certain period of time.
Whappodo.com
We use the service Whappodo. Whappodo is a central platform that allows us the city of Bocholt to integrate various messenger services to communicate with you via a central user interface. Therefore, the service provider processes your data on behalf of us, which you make available to us via the messenger services you use.
Among other things, the data protection information of the service provider also applies: https://www.whappodo.com/datenschutz/
Telegram Messenger
If you use Telegram together with us, we refer you to the terms of use and data protection conditions of the service provider: https://telegram.org/privacy.
Threema Messenger
If you use Threema together with us, please refer to the terms of use and data protection of the service provider: https://threema.ch/de/privacy
8. forms
Our website uses various forms and systems for creating forms. We either provide you with appropriate forms via our Content Management System (CMS) (section 8.1) or use a form management system (section 8.2), which generally offers you administrative services as part of the digitalisation process. You can find out more in the following bullet points.
8.1 Configurable forms (CMS)
a) What data is processed for what purpose?
Our website contains configurable forms. This enables the Bocholt Municipality to create forms such as a contact form, feedbacks, etc. Personal data can be processed via a configurable form. We explain which configurable forms we use in the following subsections from section 6.1.1 onwards.
b) What is the legal basis for processing this data?
The legal basis for the processing of your data in the context of a configurable form is generally Art. 6 (1) DS-GVO. Depending on the (form) content, you can find the legal basis in the following subdivisions or ask the data protection officer.
c) Are there other recipients of the personal data besides the data controller?
The processing is carried out on behalf of our hosting provider. For more information on the hosting provider, please refer to bullet point 5 (Web host). Depending on the content of the form, other internal or, in rare cases, external bodies may be involved. You can find out more in the corresponding subdivision point for the appropriate form.
d) How long is the data stored?
We delete the personal data we receive by form as soon as the storage is no longer required for the triggered administrative processes and the retention obligations that apply to them. For more detailed information on deletion, please refer to the corresponding information requirements for the individual forms.
8.1.1 Contact form
a) What data is processed for what purpose?
In section 3, we have already informed you in detail about the communication between you and the Bocholt municipal administration. The contact form offers you a secure exchange of communication. For more information on the purposes, please refer to section 1, bullet point 3.
b) On what legal basis are these data processed?
The legal basis for the initial contact is usually Art. 6 para. 1 lit. a DSGVO. A detailed description is provided for you in section 3 letter b.
c) Are there other recipients of the personal data besides the data controller?
We have already informed you in detail about the recipients in bullet points 3 and 8.1. Please feel free to look them up.
d) How long will the data be stored?
In bullet point 3(d), we have already informed you in detail about deletion periods in the context of communication with the municipality.
8.2 Online forms (form management)
a) What data is processed for what purpose?
The forms provided process your personal data in accordance with your request or in connection with administrative processes triggered by it. These services are accessed via an external link. As we are also the operator of the form server, we inform you about this data protection declaration.
As a rule, we collect your master data, address data, contact data and, depending on your request, further information. You can find individual information on data protection for the corresponding administrative process in the information requirements for the corresponding forms (details can be found in section 3 of this data protection declaration).
b) On what legal basis is this data processed?
As a rule, the legal basis for processing your data is
Art. 6 para. 1 letter e, c or d DS-GVO.
Other legal bases may also come into play depending on the form:
Art. 6 para. 1 letter a DS-GVO
Art. 6 para. 1 letter b DS-GVO
c) Are there other recipients of the personal data besides the data controller?
In the case of postal delivery of forms by you to the Bocholt municipal administration, no other recipients are affected.
In the case of electronic delivery of forms, the Bocholt municipal administration uses a service provider. For this purpose, the service provider receives the above-mentioned data as a processor. The following service providers are involved:
- Zweckverband KAAW as contract partner
- bol Behörden Online Systemhaus GmbH as hosting provider.
In connection with triggered administrative processes, it cannot be ruled out that other bodies will receive your personal data. More detailed information is described in the information requirements of the respective administrative process.
d) How long is the data stored?
We delete the personal data we receive by form as soon as the storage is no longer required for the administrative process triggered and the retention obligations applicable to it. More detailed information on deletion can be found in the corresponding information requirements for the individual forms.
Personal data that is called up via a link (form call-up) is stored by the hosting provider for 180 days (IP address, browser used, log files).
e) Notes on electronic transmission
We assure you that your personal data will be transmitted in encrypted form according to the state of the art.
9. use of local storage items, session storage items and cookies
a) Which data is processed for which purpose?
Our website uses local storage items, session storage items and cookies.
Local storage is a mechanism that allows data to be stored within the browser on your terminal device. This data usually includes user preferences, such as the "day" or "night" mode of a website, and is retained until you manually delete the data.
Session storage is very similar to local storage, whereas the storage period only lasts during the current session, i.e. until the current tab is closed. After that, the Session Storage items are deleted from your terminal.
Cookies are pieces of information that a web server (server that provides web content) stores on your device in order to identify that device. They are either stored temporarily for the duration of a session (session cookies) and deleted at the end of your visit to a website or permanently (permanent cookies) on your end device until you delete them yourself or until they are automatically deleted by your web browser.
These three objects can also be stored on your end device by third-party companies when you enter our site (third-party requests). This enables us, as the operator, and you, as a visitor to this website, to use certain services provided by third parties installed on this website. Examples of this are cookies for the processing of payment services or cookies for the display of videos or maps.
b) On what legal basis is this data processed?
These mechanisms have a variety of uses. They can improve the functionality of a website, control shopping cart functions, increase the security and comfort of website use and carry out analyses regarding visitor flows and behaviour. Depending on the individual functions, they must be classified in terms of data protection law. If they are necessary for the operation of the website and intended to provide certain functions (shopping cart function) or serve to optimise the website (e.g. cookies to measure visitor behaviour), then their use is based on Art. 6 para. 1 lit. e DSGVO. As website operators, we have a public interest in storing these objects for the technically error-free and optimised provision of our services. In all other cases, the storage of cookies only takes place after your explicit consent of Art. 6 para. 1 lit a DSGVO.
c) Are there other recipients of the personal data besides the responsible party?
Insofar as objects or mechanisms are used by third-party companies or for analysis purposes, we will inform you about this separately within the scope of this data protection notice. Your required consent will be requested and can be revoked at any time.
d) How long is the data stored?
The objects or mechanisms are deleted after the purpose has been fulfilled. You are responsible for the deletion of cookies that are stored on your end device by giving your consent.
10 Use of external services (third-party services)
External services are used on our website. External services are services from third-party providers that are used on our website. This may be for a variety of reasons, such as embedding videos, maps, application tools, website security and more. When using these services, personal data is also shared with the respective providers of these external services. If we do not have a public or contractual interest in using these services in accordance with Article 6 lit. b, e DSGVO, we will obtain your consent as a visitor to our website, which can be revoked at any time, before using them (Article 6 para. 1 lit. a DSGVO).
10.1 Content Management System - EGOTEC AG
a) Which data is processed for which purpose?
A content management system enables the creation, editing, organisation and presentation of digital content. We use a content management system to create content for our website. This enables us to create a more appealing website.
b) What is the legal basis for processing this data?
We base this processing on a public interest (Art. 6(1)(e) DSGVO). Our public interest is the technically error-free presentation and optimisation of the website.
c) Are there other recipients of the personal data besides the controller?
We use the CMS from EGOTEC AG, EGOCMS. The provider of the service is EGOTEC, Pfalzgraf-Otto-Straße 81, 74821 Mosbach.
As the service is used locally on behalf of EGOTEC, no further data is transferred to third parties with the exception of the hosting provider (see section 5).
d) How long is the data stored?
The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected.
10.2 Booking appointments online
a) What data is processed for what purpose?
The online appointment booking service is available to you free of charge. The use of online appointment booking is personal. For this purpose, we process personal data (registration data, appointment data) within the scope of your booking.
b) On what legal basis are these data processed?
If you book an appointment via our website, personal data is entered on an explicit voluntary basis. The legal basis for the processing is Art. 6 para. 1 letter a DS-GVO.
Persons under the age of 16 should not transmit any personal data to us unless the consent of their parents or guardians has been given (Art. 8 (1) DS-GVO). The consent must then be explicitly noted in the message (Art. 8 (2) DS-GVO).
c) Are there other recipients of the personal data apart from the person responsible?
The appointment software of the city of Bocholt is hosted by:
JCC SOFTWARE
Zutphenstraat 59
7575 EJ Oldenzaal
Netherlands
The service provider receives the above-mentioned data as a processor for this purpose.
Internally, the competent department receives your data.
d)How long is the data stored?
We delete the personal data we receive via the appointment booking software as soon as the storage is no longer necessary for the purpose for which you provided it.
e) Notes on appointment bookings
Appointments can only be made by the person named in the reservation or by an authorised representative on behalf of that person. The name of the person making the reservation cannot be changed afterwards. The transfer of an appointment to a third person is not permitted.
The date of birth serves as the verification date for collecting the local ticket number for the scheduled appointment.
10.3 Analytics (analysis tools)
a) What data is processed for what purpose?
We process personal data of website visitors to analyse user behaviour. By evaluating the data obtained, we are able to compile information on the use of the individual components of our website. This enables us to increase the user-friendliness of our website. By means of the analysis tools used, our website visitors could, for example, be recognised the next time they visit our website and their click/scroll behaviour, their downloads measured, page views recognised, visit duration or bounce rates measured, as well as the origin of the website visitors (municipality, country, from which page the visitor comes) traced. With the help of the analysis tools, we can improve our market research activities and thus offer you future-oriented administrative services.
b) On what legal basis are these data processed?
The processing of the data is based on the legal basis of consent (Article 6 (1) a DSGVO). As a website visitor, you have consented to the processing of your personal data with your voluntary, explicit consent given in advance. Without separate consent, the personal data will not be processed by us in the manner described above, provided that there is no other legal basis within the meaning of Article 6 (1) DSGVO on which we base the processing. We proceed in the same way if you revoke your consent. The lawfulness of the processing carried out until the revocation remains unaffected.
c) Are there other recipients of the personal data besides the data controller?
The recipient(s) depends on the service used. Which services we use in the context of the analysis is still described below.
d) How long is the data stored?
The information obtained as part of the analysis is deleted as soon as the purpose has been achieved and there is no reason for further processing. You must ask the respective service of the third-party provider how the third-party providers handle your data.
10.3.1 Matomo
a) What data is processed for what purpose?
We use the open source software Matomo to analyse and statistically evaluate the use of the website. Cookies are used for this purpose. The information generated by the cookie about website usage is transmitted to our servers and compiled into pseudonymous usage profiles. The information is used to evaluate the use of the website and to enable us to design our website in line with requirements. The information is not passed on to third parties. Under no circumstances will the IP address be linked to other data relating to the user. The IP addresses are made anonymous so that an allocation is not possible (IP masking).
b) On what legal basis are these data processed?
The legal basis for the temporary storage of the data is Section 3 (1) DSG NRW in conjunction with. Article 6 para. 1 letters a, e EU-DSGVO.
c) Are there other recipients of the personal data besides the responsible party?
The provider of the service is InnoCraft Ltd, 150 Willis St, 6011 Wellington,
New Zealand. There is no disclosure of information to third parties through the use of Matamo, as this service is hosted locally.
d) How long is the data stored?
Data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Furthermore, it is your responsibility as a user to delete your cookies if necessary. If you delete your cookies, this will result in the opt-out cookie also being deleted and you may have to deactivate Matomo again.
e) Notes on cookies
The service uses the following cookies on our website:
Name: _pk_id.1.164d
Storage period: 393 days
Type: 1st-party
Purpose: This cookie is used to store a unique visitor ID.
10.4 Google services
We use Google services on our website. These services are integrated in a data protection compliant manner (iFrame and two-click solution). As a visitor, you have the option of proactively activating the services when using the website. If you activate them, personal data, usually your IP address, will also be processed by Google. We explain below which services we have embedded in our website from Google.
10.4.1 Third-party providers: Google Translate
a) What data is processed for what purpose?
We use the Google Translate service on our website with the aim and purpose of having texts provided by us on our website automatically translated by Google into a language selected by you. When the translation function is activated, personal data is processed. The following data is processed by Google:
- IP address
- Location of access
- Data from the accessed device
- Duration/time of visit
- Diagnostic data
Please note: If you use the translation function with a logged-in Google user account, unique identifiers, among other things, will be assigned to your user account and processed.
b) What is the legal basis for processing this data?
The legal basis for the temporary storage of the data is Section 3 (1) DSG NRW in conjunction with. Art. 6 para. 1 letter a DS-GVO in accordance with your consent as soon as you activate the service.
c) Are there other recipients of the personal data besides the responsible party?
The data collected is processed exclusively by Google Ireland Ltd, Gordon House, Barrow Street Dublin 4, Ireland. The use of the service may result in data transfer to a third country (USA).
d) How long will the data be stored?
General information on data protection can be found here: https: //policies.google.com/privacy. Information on the deletion of these services can also be found here.
10.5 E-payment (external payment service providers)
a) Which data is processed for which purpose?
We, the Bocholt Municipality, use an online payment service to enable you to make online payments as part of our administrative processes and services. The service is accessed via an external link, but we already inform you here about data protection when handling your personal data.
You have the option of paying contributions, fees, entrance fees, taxes, fines, etc. via the administrative processes we set up in connection with the associated charges.
We collect personal data from you in two different ways as part of the e-payment process:
1. when you visit the website of our online payment service, we collect personal data via log data (see section two of this privacy policy for more information).
2. personal data is collected when you use the selected online payment process. The data - accounting records - are processed automatically in our financial accounting system. All information corresponding to your payment transaction is affected.
The aforementioned data is processed by us for the following purposes:
- Processing administrative transactions that involve a payment.
- The data collection serves the purpose of forwarding the data to a payment service provider who carries out the actual payment transaction with the user. As a rule, the following data are processed here: Application, name, first name, administrative procedure used for the booking record and its URL and one or more monetary amounts. Possibly further data included in the calling application/procedure are processed (e.g. vehicle registration number for administrative offences).
b) On what legal basis are these data processed?
The legal basis for the temporary processing of the data is Section 3 (1) DSG NRW in conjunction with. Art. 6 para. 1 letters a and e DS-GVO and your selected payment method.
c) Are there other recipients of the personal data besides the responsible party?
In the case of an electronic payment, the Bocholt Municipality uses a service provider (order processor for the software) as well as other payment service providers. In doing so, the categories of recipients only receive the information for which they are responsible. The following categories of recipients are affected:
- Zweckverband KAAW as contractual partner
- GovConnect GmbH as software producer (payment platform)
- ITEBO GmbH as hosting provider
- Payment service provider as the person responsible for carrying out the payment process such as
- PayPal
- Paydirekt
- Sofortüberweisung
- credit card payment
- Direct debit
- Giropay
- Notes: Please note the data protection regulations of the service provider you have selected.
d)How long is the data stored?
We store the accruing data on the payment process in connection with the administrative processes triggered by this and the retention obligations applicable to this. These amount to ten years.
e) Information on the selection of your online payment service
By using the respective online payment service, you, as the user, submit to its contractual conditions. The municipality of Bocholt has no influence on these contractual conditions. Once data has been entered and "sent" to the payment service provider by mouse click, it can no longer be taken back or deleted by the service provider. After the data has been processed by the connected payment service provider, the data is retained and stored by the service provider for statistical purposes. Afterwards, they are deleted automatically. In addition, the data is created, stored and transmitted for the creation and transmission of booking records for the Bocholt city administration. There they are stored for at least ten years. It is not possible to delete the data from the financial systems. The data may be transmitted to foreign servers if the selected payment service provider operates the servers abroad. The service provider has no possibility to influence this.
All connections are SSL/TLS encrypted. This ensures secure transmission of all data between the parties involved according to the current state of the art. However, the actual level of encryption depends on the web browser used.
11. social networks
The city of Bocholt refers exclusively by links to its presences of social media such as Facebook, Twitter, YouTube etc.. You will recognise the link by the respective logo of the social network.
No so-called social media plugins are used by the city of Bocholt. External pages of the social networks are only called up through the active use of the links. If you do not want social networks to assign data collected via our website to your user account, you must log out of the social network before visiting our website. For the purpose and scope of the data collection and the further processing and use of the data by social networks, as well as your rights in this regard and setting options for protecting your privacy, please refer to the data protection information of the respective provider.
We would like to point out at this point that you use the services offered by us and their functions on your own responsibility. This applies in particular to interactive functions such as sharing, rating, commenting, etc.
For information on how the social networks process your data, please refer to the data protection declarations of the respective service providers. The City of Bocholt has no influence on the type and scope of your processed data, the type of processing and use, or the transfer of your data to third parties.
Third-country transfers in the case of social media services are also not excluded.
Supplementary information on social networks
Facebook is operated by Facebook Inc, 1601 S. Carlifornia Ave, Palo Alto, CA 94304, USA. The City of Bocholt has set up one or more Facebook "Company Pages" to provide you with current city information such as digital services, regional developments, etc. via this channel in addition to our website. By clicking on "Like" or "Subscribe" to our Facebook page, you will always be kept up to date. Depending on your privacy settings on Facebook, we can see if you have given us a LIKE. If you comment on, like or otherwise interact with our posts, you must comply with the provider's privacy policy. Facebook may use your personal data for market and opinion research, profiling, advertising purposes and more. The city of Bocholt has no influence on these processing operations. For further information, please click here: https://www.facebook.com/about/privacy/
An opt-out is possible for you, you can read more here: https://www.facebook.com/settings?tab=ads
Instagram is operated by Facebook Inc, 1601 S. Carlifornia Ave, Palo Alto, CA 94304, USA. The City of Bocholt has created one or more Instagram accounts to provide you with current city information such as digital services, regional developments, etc. through this channel of our website. By clicking on "Follow", you subscribe to the account and always stay up to date. Via the municipal Instagram account, you get an insight into accounts that follow the city of Bocholt. We cannot make any data protection settings for this and give you protection against this disclosure. Insofar as you comment on, like or otherwise interact with our posts, you must take into account the provider's privacy policy. Information on this can be found at the following link: https://www.facebook.com/help/instagram/155833707900388.
The City of Bocholt has set up one or more Twitter accounts in order to provide you with short messages on current events of the City of Bocholt via this channel. If you carry out interactions (tweets, retweets), you must take into account the privacy policy of the provider. Further information can be found here: https://twitter.com/de/privacy
YouTube is operated by Google Ireland Limeted, Gordon House, Barrow Street, Dublin 4, Ireland. The City of Bocholt has set up a YouTube channel for you to view videos from the City of Bocholt. By "subscribing" you can follow our channel and be informed about newly posted videos. It is up to you to what extent we can see whether you subscribe to our channel (privacy settings of your account). If you make interactions such as comments, ratings, etc., you must take into account the privacy policy of the provider.
YouTube may use your personal data for market and opinion research, profiling, advertising purposes and more. The
An opt-out is possible for you, you can read more here: https://adssettings.google.com/authenticated
3. information obligations for data processing in the context of the use of administrative services
12 Other information relating to data protection
12.1 Job advertisements / applications
In order to publish job advertisements or to be able to refer to them, we have integrated elements of job portals on the website. As the city administration of Bocholt, we use the BITE applicant manager. In the following, you will learn how we handle your data during the application phase and how we process it using the "BITE" software solution.
a) What data is processed for what purpose?
Your data is required for the personnel selection process. Specifically, we first store the data provided to us. On the basis of this information, we check whether an invitation to an interview can be considered as part of the selection procedure. If you are fundamentally suitable, we may collect further personal data that is essential for the selection decision. If you are considered for employment, we will inform you of this further information to be collected.
b) On what legal basis is this data processed?
Your personal data is processed on the following legal basis:
- Art. 6(1)(1)(b) DSGVO (initiation of a contractual or employment relationship) in conjunction with Art. 9(2)(b) and (h) DSGVO, Art. 8(1) (conditions for a child's consent in relation to information society services).
- Art. 6 para. 1 lit. a, Art. 7 DSGVO (voluntary consent)
- Art. 88 DSGVO (data processing in the context of employment) in conjunction with Section 18 of the North Rhine-Westphalia State Data Protection Act.
c) Are there other recipients of the personal data besides the data controller?
Your data will be passed on to the extent necessary to carry out the personnel selection procedure to:
- internal administrative departments (in particular human resources) or persons, insofar as they are to be involved in the recruitment process.
- We are also legally obliged to inform certain interest groups about the applications received and to submit them if necessary. These are
- the staff council,
- the representative for severely handicapped persons and
- the Equal Opportunities Officer.
- BITE GmbH, Magirus-Deutz-Str. 16, 89077 Ulm, Germany, Tel.: 0731/14 11 50-0, E-Mail: info(at)b-ite(dot)de.
- Transmission outside the European Union or the European Economic Area is not envisaged.
If you apply online using our BITE applicant manager, the company BITE GmbH processes your personal data on our behalf. The provider of the service is BITE GmbH, Filchnerstraße 16, 89231 Neu-Ulm, Germany. Further information can be found in the provider's data protection information at the following URL: https: //www.b-ite.de/legalnotice.html. The job advertisements are provided via the URL of the company b-ite.com.
Further data transfers - including to third parties for advertising purposes - do not take place.
d) How long is the data stored?
We store your personal data obtained in the course of the personnel selection process for at least six months.
In the event of an unsuccessful application or its withdrawal, we will also destroy or delete the data you have submitted after six months following the rejection. The retention or storage of the data is necessary within the aforementioned time limits in the event of any legal action.
If you give your consent to be included in an applicant pool, we will store your data for up to a maximum of two years. After that, they will be deleted and you would have to apply again.
e) Notes
If you are hired, you will be informed separately about the regulations that will then apply to the handling of your personal data.
You have the option of having your application filled out automatically by interfaces. This processing of data is carried out in accordance with your consent. Please note that data is transferred between two systems.
The general data protection information on the contact details of the responsible person and data protection officer, data subject rights, right of complaint to the supervisory authority can be found under point A of this data protection declaration.