responsibility finder
Schleswig-Holstein

Privacy policy

In the following, we provide information about the processing of personal data when using our website.

Terms

When creating our privacy policy, we rely on the terms that are also used within the GDPR. At the same time, we want our privacy policy to be easy to understand and easy to read in accordance with the subject matter. We would therefore like to define the terms used in this policy in advance:

"personal data"

Personal data means any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

"person concerned"

Data subject is any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.

"Processing"

Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of processing

Restriction of processing is the marking of stored personal data with the aim of restricting its future processing.

"Profiling"

Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

"Person responsible"

Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

"Processor"

Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

"Receiver"

Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

"Third"

Third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

"Consent"

Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Person responsible

The controller within the meaning of the GDPR is

Der Ministerpräsident des Landes Schleswig-Holstein
-Staatskanzlei-
Zentrales IT-Management der Landesregierung
Düsternbrooker Weg 104
24105 Kiel
E-Mail: zufish@stk.landsh.de

Data Protection Officer

The data protection officer is:

Data Protection Officer of ZIT SH
Düsternbrooker Weg 104
24105 Kiel
E-Mail: DSB-ZIT@stk.landsh.de

Data subjects can contact our data protection officer at any time with concerns about data protection.

Cookies

Like many other websites, our website also uses cookies, i.e. small text files that are stored on your computer via your browser. Such a cookie contains a cookie ID, i.e. an unambiguous identifier through which the cookie and thus your browser can be assigned to our site and our server. This enables us to recognize and identify your browser and thus distinguish it from other browsers that may use different cookies.

By using cookies, we can provide user-friendly services via our website and continuously improve and optimize the offers and information on our website. The purpose of recognition and identification is therefore to simplify the use of our website.

You can prevent the setting of cookies at any time by making the appropriate settings in your browser and thus permanently object to the setting of cookies. You also have the option of deleting cookies that have already been set within your browser. However, if you object to the setting of cookies in this way, you may not be able to use all the functions of our website to their full extent.

General information and data collection

When you access our website, general information and data is collected and stored in so-called log files on our server. These are usually

  • Accessing browser type and version,
  • Accessing operating system,
  • Referrer URL (website from which you were redirected to our site),
  • accessed subpages,
  • Date and time of access,
  • IP address (Internet Protocol address),
  • data and information similar to the above-mentioned data and information that we need to defend against cyberattacks and other attacks on our IT systems.

We use this information without drawing conclusions about the person concerned, but need it in order to

  • to display and provide the content of our website correctly and truthfully,
  • to successively improve the content of our website and the advertising for it,
  • to ensure and guarantee the general functionality and operability of our website and our IT systems and
  • in order to be able to provide the prosecuting authorities with the relevant information in the event of criminal offenses in connection with our website.

The purpose of processing is therefore statistical analysis and to increase data and IT security.

The above-mentioned log file data is anonymized after 5 days. It is stored separately from any other personal data of the data subject.

Contact form function

Our website contains contact forms that allow you to contact us or other responsible parties electronically. If you contact us using these communication tools, the personal data you provide will be forwarded to the relevant office by email for the purpose of processing and responding to your inquiry and contacting you.

Rights of data subjects

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

Right of access - Art. 15 GDPR

You can request confirmation as to whether personal data concerning you is being processed. If such processing is taking place, you can request the following information:

  • the purposes of processing,
  • the category of personal data being processed,
  • the recipients or categories of recipients to whom your data has been or will be disclosed,
  • the planned storage period,
  • the existence of a right to rectification or erasure,
  • the existence of a right to restriction of processing or to object to such processing,
  • the existence of a right to lodge a complaint with a supervisory authority,
  • all information about the origin of your data if it was not collected by us, and
  • the existence of automated decision-making, including profiling and, where applicable, meaningful information about its details

Right to rectification - Art. 17 GDPR

You may request that your personal data stored by us be deleted immediately, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

Right to erasure - Art. 17 GDPR

You may request that your personal data stored by us be deleted immediately, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

Right to restriction of processing - Art. 18 GDPR

You may request the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse to delete it and we no longer need the data, but you need it to assert, exercise or defend legal claims or you have lodged an objection to the processing in accordance with Art. 21 GDPR.

Right to data portability - Art. 20 GDPR

You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format from the controller or to request that it be transmitted to another controller.

Right of withdrawal - (Art. 7 GDPR)

If the processing of data is based on your consent, you are entitled to withdraw your consent to the use of your personal data at any time in accordance with Art. 7 (3) GDPR. Please note that the revocation only takes effect for the future. Processing that took place before the revocation is not affected.

Right to lodge a complaint with a supervisory authority - Art. 77 GDPR

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or the

Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein
Postfach 71 16
24171 Kiel
Mail: mail@datenschutzzentrum.de

Legal basis of the processing

The legal basis for the processing of personal data is Art. 6 para. 1 lit. e) GDPR and Section 52c LVwG.

The legal basis of Art. 6 para. 1 lit. a) GDPR is relevant if the data subject has consented to the processing of their personal data.

Storage duration of personal data

The standard for the duration of the storage of personal data is the statutory retention period. After this period has expired, the respective data is routinely deleted, provided that it is required for the fulfillment or initiation of a contract.

Further information and offers