Data protection declaration of the emergency call app nora of the federal states

This data protection declaration informs about processing of your personal date while using the emergency call app nora.

For information on processing of your personal data while using the website nora-notruf.de, please refer to the separate Data protection declaration for this website.

The following data protection declaration informs you how your personal data is processed when using the official emergency call app of the federal states and which data protection rights you are entitled to.

In a general section the data protection declaration first explains who is responsible for data processing in the app, the scope of this data protection declaration (and its end when an emergency call is transferred to the emergency call centres) and the data processing by the technical service provider. The individual data-processing procedures of the app are described below. Important details are provided for each procedure, such as the categories of data to be processed, the legal basis, and the deletion periods.

At the end of this data protection declaration, you will be informed about your rights as a data subject and you will find a list of the contact details of all data controllers as well as a reference to where the contact details of the data protection officers of the data controllers can be found.

Overview

Joint responsibility of the competent authorities in all federal states for the app; contact details for questions, suggestions and complaints
Scope of this data protection declaration; emergency call centres as recipients of data
Technical service provider as recipient of data
Data processing activities of the emergency call app in detail
Your rights
Contact details of the responsible persons
Contact details of the data protection officer
References according to Art. 26 Abs. 2 GDPR

With regard to sections 1 - 8 and their subsections, there is first a brief summary of the contents to provide an initial overview. It is followed by a profound explanation in which the information of the respective sections from the overview are presented in detail.

1. Joint responsibility of the competent authorities in all federal states for the app; contact details for questions, suggestions and complaints

Summary: 16 federal states jointly responsible.

The responsible authorities in all 16 federal states (hereinafter referred to as "states") are jointly responsible for data processing by this app. A list of the responsible authorities can be found in section 6 of this data protection declaration. In an agreement pursuant to Article 26 of the General Data Protection Regulation (GDPR), the states have determined that the internal administration and organization of the app will be carried out by the established business and coordination office, which is currently incorporated in the state of North Rhine-Westphalia (Ministry of the Interior) and which serves as the direct point of contact for citizens and those affected by the data processing. Notwithstanding this, you can address any data protection inquiries and assertion of data subject rights to any data controller (see their contact details under section 6).

Summary: Special contact point in the state of North Rhine-Westphalia and link to the contact form.

Contact details of the business and coordination office:

Ministry of the Interior of the State of NRW
Business and Coordination Office Emergency App System
Friedrichstrasse 62-80
40217 Duesseldorf

E-mail: poststelle[at]im.nrw.de

In principle, you can assert your rights against any responsible person. For organizational reasons, we recommend that you direct all questions, suggestions and complaints to this address or use the contact form in the app or on www.nora-notruf.de.

Summary: Contact details of all responsible persons under section 6.

The contact details of the controllers are listed in section 6. Section 7 explains how you can view the contact details of the respective data protection officers.

2. Scope of this data protection declaration; emergency call centres as recipients of data

Summary: Data protection declaration only concerns data processing in the app.

This data protection declaration covers the processing of personal data by the emergency call app. Which data is included is explained more precisely in section 4. All data generated by the app is either "master data" of a user account or "emergency call data", which is generated when a specific emergency call is made. This data protection declaration covers the processing of master data when creating, managing and deleting a user account and the processing of emergency call data when creating and making an emergency call.

Summary: Once a control centre in the states has received the data, the control centre is responsible.

At the moment the emergency call is made, the emergency call data is transferred by the app to the relevant police or non-police control centre. From the moment the emergency call data is received by the control centres, only the operators of the control centres are responsible data controllers for the transferred emergency call data. Therefore, it may vary from one federal state to another which agency is responsible for the further handling of the emergency call data. Depending on the federal state, the further handling of the emergency call data can also vary. For example, there may be different retention periods. For information on the further handling of emergency call data by the control centres, please refer to the data protection declaration of the respective control centre. The app displays which control centre receives the emergency call.

3. Technical service provider as recipient of data

Summary: The bevuta IT GmbH and an Internet network operator process your data on your behalf.

The technical maintenance and hosting of the app has been assigned by the responsible parties to the service provider bevuta IT GmbH, Ettore-Bugatti-Straße 35, 51149 Köln. In this context, the bevuta IT GmbH will process on its servers all personal data mentioned in this data protection declaration.

In addition, an Internet network operator checks incoming data traffic for potential DDoS attacks and takes appropriate protective measures if attacks are detected.

In case of crashes of the nora app, crash reports are generated, transmitted to bevuta IT GmbH and analyzed in order to improve the stability of the app. The crash reports may contain information related to the use of the nora emergency call app, such as device type, operating system, app version and time of the crash. This serves exclusively to further develop the nora emergency call app.

Summary: The bevuta IT GmbH may not use the data for its own purposes.

In accordance with Art. 28 GDPR a data processing agreement has been concluded with bevuta IT. Accordingly, bevuta IT GmbH is not permitted to use the personal data for its own purposes. The personal data is rather processed exclusively under the instruction and on behalf of the federal states.

4. Data processing methods of the emergency call app in detail

4.1. Registration („mandatory information“)

Summary: Registration required for use.

In order to use the app, you are asked to register and to enter the required data (first name, last name, mobile number, hereinafter "registration data") in the dialogues ("input mask") after downloading and opening the app for the first time. Unless marked as "optional/voluntary", the indication of your Registration Data is required for the conclusion of the respective usage contract and for the use of the app. Without this, the contract cannot be concluded and the app cannot be used. In case of a later change of the registered mobile number in the personal details, the registration process must be gone through again completely.

Overview of the mandatory information

Summary: mandatory information: mobile number, name and indication of the call back option

As part of the registration process, you are asked to enter the following mandatory information:

Your mobile number
A call back option (selection: yes/no/not specified)
Name (first and last name)

Legal basis

Summary: The data processing is permitted because it is necessary for the fulfilment of the contract and for the exercise of official authority.

The registration data is processed on the basis of Art. 6 para. 1 lit. b) GDPR in conjunction with the respective state-specific special standards. This legal basis permits the processing of personal data for the purpose of fulfilling a contract. The underlying contract is concluded here between you and the state of North Rhine-Westphalia, represented by the Ministry of the Interior of the state of North Rhine-Westphalia, insofar as you accept the terms of use.

In addition, the data is processed on the basis of Art. 6 para. 1 lit. e) in conjunction with para. 3 GDPR in connection with the respective state-specific special standards. This legal basis permits the processing of personal data for the purpose of the exercise of official authority. The federal states are required by law to ensure that emergency calls are answered.

Deletion

Summary: When the account is deleted, all data is deleted, too.

The deletion of the registration data takes place after the deletion of the app. The data collected on the basis of Art. 6 para. 1 lit. b) GDPR (for entering into the usage contract) is deleted as soon as it is no longer required for the fulfillment of the contract, usually when you delete the app from your mobile device.

Insofar as data is processed because this is necessary for the exercise of official authority (Art. 6 Para. 1 lit. e), it is deleted as soon as it is no longer required for the fulfillment of the legal task. The data collected on the basis of a state-specific special legal basis is deleted in accordance with the storage periods specified in the relevant special laws.

4.2. Creation of a user profile (voluntary “personal information“)

Summary: Voluntary "Personal information" is helpful for operational planning.

You have the opportunity to supplement your user profile with additional, voluntary information. The data is helpful for operational planning. They enable better and faster organization of care in the case of an emergency situation. Based on the information, it is possible to assess whether, for example, an emergency physician is needed or whether police support must be requested. The personal information is only stored in the app until an emergency call is made and is only sent to the control centres in the emergency scenarios in which it is relevant. The storage of personal data in the personal information is only possible if you have previously given your consent for this processing.

Overview of the master data

Summary: Voluntary information: Age, gender, health conditions, disabilities, emergency key, pets, infectious diseases, quarantine.

The following predefined specifications can be selected:

Age and gender (selection: Date of birth, for gender: Female, Male, Diverse, Not specified)
Health conditions (multiple choice: Severe allergy (Emergency kit needed); Asthma / COPD; Pacemaker / defibrillator; Other; No health conditions; Not specified.)
Disabilities (multiple choice: hearing impairment; speech impediment; visual impairment; deafblindness; mobility impairment; cognitive impairment; mental health impairment; No disability; Not specified).
Other
- (selection: An emergency key exists.)
- (selection: I have a dog.)
- (selection: I am in quarantine or have an infectious disease.)

Legal basis

Summary: The data processing is only allowed if you have consented.

This additional voluntary information is provided on the basis of your declaration of consent in accordance with Art. 6 para. 1 lit. a) and Art. 9 para. 2 lit. a) GDPR in conjunction with the relevant state law provisions.

Deletion

Summary: The consent can always be revoked or the settings can be changed at any time.

The data is deleted if you revoke the declaration of consent. You can also remove the information yourself from your user account in the app at any time.

4.3. Creation and submitting of an emergency call

Summary: Before submitting, 5 questions are asked, which are answered via buttons.

In order to be able to correctly record the emergency situation at the control centre and initiate the appropriate assistance measures as quickly as possible, the control centre staff need important information from you. For this purpose, you are asked to answer a few questions before the emergency call is sent.

You are asked a maximum of five questions. Answers are provided in the app and can be selected by you. Free text cannot be entered here. If necessary, the questions can be related to the health status of a third (injured or endangered) person.

Before sending the data, all data pending for transmission is displayed and can be edited. At this point, you still have the option to completely cancel the submission of the emergency call.

Processed personal data

Summary: The answers to the 5 questions and the following data is transmitted with the emergency call: location data, registration data and user account data.

When the emergency call is sent, the registration data, master data (if relevant) and location data is transmitted and processed. In addition, a classification of the emergency call is carried out in connection with the answers you have selected and is also recorded and processed. As a result of the response option, it is possible that personal data of third parties (in particular health data) is transmitted (symptoms of illness, injuries).

Recipients of the data

Summary: The answers to the 5 questions and the following data is transmitted with the emergency call: location data, registration data and user account data.

The data is sent via "geo-localization" (see section 4.4.) to the determined and locally responsible control centre. The determined control centre is displayed as the first message in the chat history after the emergency call has been transmitted.

Legal basis

Summary: Data processing is permitted because it is necessary for the exercise of official authority.

The data is processed on the basis of Art. 6 para. 1 lit. e) in conjunction with para. 3 GDPR in connection with the respective state-specific special standards. This legal basis permits the processing of personal data for the purpose of the exercise of official authority. The federal states are required by law to ensure that emergency calls are answered.

Summary: The transmission of the voluntary information (see section 4.2.) only takes place if you have given your consent. Insofar as the information concerns third parties who can no longer consent, consent is also not required when it comes to the protection of life and health.

The voluntary registration data is processed on the basis of your declaration of consent (see section 4.2.).

The transfer of health data from third parties is carried out on the basis of Art. 9 para. 2 lit. c) of the GDPR in conjunction with the state-specific standards. Generally, it can be assumed that if you transfer health data of third parties via the app, a situation which can be subsumed under Art. 9 para .2 lit. c) of the GDPR exists (a risk to life or limb of the third party and consent cannot be obtained for legal or factual reasons). If this is not the case, you would have to obtain the consent of the third party (there is no technical function for this in the app – you find a corresponding note in the terms of use).

Summary: Legal basis for data processing in police emergency calls: To avert danger: State police/data protection laws that implement the JI-Directive. For law enforcement: Criminal Procedure Code and Part 3 of the Federal Data Protection Act.

In case of a police emergency call, insofar as data is processed for the purpose of law enforcement or related danger prevention, the following legal bases exist:

The legal basis for processing by the police in the case of danger prevention is based on the respective state police law or the state data protection laws, which implement the provisions of Directive (EU) 2016/680 (JI-Directive). In the context of law enforcement, the legal basis for processing by the police authority is based on the Code of Criminal Procedure and Part 3 of the Federal Data Protection Act. The review and documentation of the legal basis under state law is the responsibility of each individual state on its own.

Deletion

Summary: The storage period can be inquired at the locally responsible control centre.

The data record about an emergency call is stored on the servers of the app for only a few days to ensure that the responsible control centre can download the entire data record and store it in accordance with the respective state regulations. For questions about the duration of the retention, please contact the respective control centre or the respective federal state (the contact details can be found below under section 6).

4.4. Geo-localization during an emergency call

Summary: Location data is sent to the control centre. A different emergency location can be specified.

It is of elementary importance that the location of the emergency caller is determined during an emergency. Without the transmission of the location, no help can be provided by emergency forces. Since in emergencies it is essential that emergency forces provide help as promptly as possible, the transmission of the location is the fastest way to determine the whereabouts of a person and to provide help as quickly as possible.
For mobile devices using Android, the current app version requires the activation of Google location accuracy in the settings of the mobile device. After the next app update, location determination will also be possible without using this service.
If the emergency location differs from the determined device location, you can specify a different emergency location by clicking on the map or by entering an address.

Processed personal data

The GNSS location detected by your mobile device is determined in the following stages:

when starting the emergency call, as a suggestion,
when sending the emergency call, as determined location of your device
after sending the emergency call, as regularly updated live-location.

If you select a different emergency location via (i) the map in the app or (ii) entering an address, this personal data is also processed.

Recipients of the data

Summary: The locally responsible control centre receives the data.

The location is transmitted to the responsible control centre at the moment the emergency call is sent and immediately afterwards as a live-location after the emergency call has been sent. Which control centre the data is sent to is displayed as the first message in the chat after the emergency call is transmitted.

Legal basis

Summary: The data processing is permitted because it is necessary for the exercise of official authority. Legal basis for data processing in police emergency calls: To avert danger: State police/data protection laws that implement the JI-Directive. For law enforcement: Code of Criminal Procedure and Part 3 of the Federal Data Protection Act.

The geo-localization data is processed on the basis of Art. 6 para. 1 lit. e) in conjunction with para. 3 GDPR in connection with the respective state-specific special standards. This legal basis permits the processing of personal data for the purpose of the exercise of official authority. The federal states are required by law to ensure that emergency calls are answered.

In the case of a police emergency call, insofar as data is processed for the purpose of law enforcement or related danger prevention, the following legal bases exist:

The legal basis for processing by the police in the case of averting danger is based on the respective state police or data protection laws, which implement the provisions of Directive (EU) 2016/680 (JI-Directive). In the context of law enforcement, the legal basis for processing by the police authority is based on the Code of Criminal Procedure and Part 3 of the Federal Data Protection Act. The review and documentation of the legal basis under state law is the responsibility of each individual state.

Deletion

Summary: The storage period of the data can be inquired at the locally responsible control centre.

The data record about an emergency call is stored on the servers of the system for only a few days to ensure that the responsible control centre can download the entire data record and retain it in accordance with the respective state law. For questions regarding the duration of retention, please contact the respective control centre or the respective federal state (the contact details can be found below under section 6).

4.5. Chat function

Summary: After sending the emergency call, messages can be written with the control centre (chat).

After sending the emergency call, you have the option of contacting the control centre via a chat window. The control centre can also contact you via chat. However, the use of the chat is not obligatory or mandatory. When using the chat, messages can be sent directly to the control centre via a free text window. This gives you the opportunity to describe the emergency situation more precisely, to enable a faster and more detailed assessment.

If necessary, sensitive health data of yourself or third parties (e.g. an endangered, injured or unconscious person) may be transmitted and processed through the chat function. The latter is always the case if you call for help not for yourself but for another person who is in need.

Processed personal data

Summary: All data from the chat are processed by the control centre.

The personal data contained in the chat messages are collected and processed by the control centre. Under certain circumstances, the messages may contain sensitive health data about you if you disclose this there. Under certain circumstances, chat messages may ask for personal data of third parties (especially health data). These may include, but are not limited to symptoms of illness, health conditions, mental and/or physical impairments, injuries, appearance or contact details.

In addition to the chat messages from you and the control centre, the status of the chat message is also processed in the app (sent, read, with timestamp).

Legal basis

Summary: Providing additional health information within the chat is voluntary and based on your consent.

The data processing is permitted because it is necessary for the exercise of official authority.

Insofar as the information concerns third parties who are no longer able to consent, consent is also not required when it comes to the protection of life and limb.

Legal basis for police emergency calls:

To avert danger: State police/data protection laws that implement the JI-Directive.
For law enforcement: Code of Criminal Procedure and Part 3 of the Federal Data Protection Act.

Data that you provide in the context of the chat will be processed on the basis of your consent given in the context of registration in accordance with Art. 6 para. 1lit. a) GDPR or, in the case of health data, on the basis of your consent given in the context of registration in accordance with Art. 9 para. 2 lit. a) GDPR in conjunction with the respective state-specific special standards.

The transfer of health data from third parties is carried out on the basis of Art. 9 para. 2 lit. c) of the GDPR in conjunction with the state-specific standards. Generally, it can be assumed that if you transfer health data of third parties via the app, a situation exists that can be subsumed under Art. 9 para. 2 lit. c) of the GDPR (a risk to life or limb of the third party and consent cannot be obtained for legal or factual reasons). If this is not the case, you would have to obtain the consent of the third party (there is no technical function for this in the app - you will find a corresponding note in the terms of use).

In the case of a police emergency call, insofar as data is processed for the purpose of law enforcement or related danger prevention, the following legal bases exist:

Deletion

Summary: The chat history is stored in the app (until uninstallation) or on the app's server for only a few days. The control centre may store the chat history for longer if necessary. This results from the data protection declaration of the control centre.

The data record about an emergency call is stored on the servers of the emergency app system for only a few days to ensure that the responsible control centre can download the entire data record and store it according to the respective state law. To ensure legally required documentation obligations, the chat content can be downloaded and stored together with the emergency calls by the control centres. For questions regarding the duration of retention, please contact the respective control centre or the respective federal state (the contact details can be found below under section 6).

4.6. Notification of the emergency call in case of violation of terms of use

Summary: An emergency call via the app, although there is no emergency, is a violation of the terms of use and may be punishable according to Sec. 145 seq. German Criminal Code (“StGB”). The marking of an emergency call as a violation of the terms of use is done by the control centres. You will be notified of the multiple violations in the app. You can then contact support. Ongoing violations may result in suspension of the user account.

If you send an emergency call via the app even though there is no emergency situation and the help of emergency services is not required, this is a violation of the app's terms of use. Such behavior may at the same time constitute criminal conduct according to Sec. 145 seq. German Criminal Code (“StGB”). It is the responsibility of the employees at the respective control centres to assess whether a violation of the terms of use has occurred and whether law enforcement authorities should be called in.

If an emergency call is classified by the staff at the respective control centre as a violation of the terms of use or as abusive within the meaning of Sec. 145 seq. German Criminal Code (“StGB”), the staff can report it or mark it as a violation of the terms of use.

If multiple emergency calls are marked as a violation of the terms of use through your app, you will be notified in the app and made aware of this. If you have not placed an emergency call or if you consider it to be justified, you can contact the support (https://www.nora-notruf.de/en-en/questions/support or write to contact[at]nora-notruf.de). In case of continuous emergency calls that are marked as not justified and in case of multiple notifications, the user account may be suspended.

Processed personal data

Summary: App ID and call number are reported.

The control centre reports the app ID and the phone number of the affected user.

Legal basis

The data is processed on the basis of Art. 6 para.1 lit. e) GDPR. This legal basis permits the processing of personal data for the purpose of the exercise of official authority. The federal states are legally obliged to ensure the receipt of emergency calls. In order to ensure the functioning of the entire system and, under certain circumstances, to enable the prosecution of criminal offenses, the processing of personal data is necessary.

Deletion

The data concerning a violation of the terms of use is deleted after 365 days.

4.7. Push Notifications

Summary: The emergency call app uses push notifications from the operating system producer (iOS and Android). Push notifications are messages that are displayed on the user's device screen without opening the app. This actively informs you about news.

We use the respective push services of the operating system producer (iOS - Apple Push Notification Service; Android - Google Cloud Messaging) to inform you about processes within the app, such as that there is a new chat message from the control centre. During the initial setup of the app, you are asked if you consent to receive notifications. You are free to decide whether you want to receive push notifications. In case of your permission, a device token is assigned for iOS or a registration ID for Android. The sole purpose of processing the device token or the registration ID is to provide the push service. In both cases, this is an encrypted device ID.

Legal basis

The legal basis for data processing in connection with push notifications is your consent and thus Art. 6 para. 1 lit. a) GDPR.

You can revoke your consent to receive push notifications at any time with effect for the future. You can revoke your consent directly on your mobile device as follows:

Deactivate push notifications in the iOS operating system:

Open "Settings" on your mobile device.
Look for the "nora Emergency Call App" here and click on it.
Select the item „Notifications“.
Under the item "Allow notifications” you can deactivate push notifications.

Deactivate push notifications in the Android operating system:

Open the "Notification Center".
Tap and hold your finger on a notification from the "nora Emergency Call App" and then tap on "App info".
Remove the checkmark under the item "Receive notifications“.

Deletion

The device token or registration ID is deleted from the servers of the app system when you deregister.

5. Your rights

Summary: Your rights: information, rectification, restriction of processing, deletion, preservation of data.

You have the right to receive information about the personal data stored about you free of charge upon request. In addition, you have the right to request the rectification of inaccurate data, the right to request the restriction of processing of data that has been processed too extensively and the right to request the deletion of personal data that has been processed unlawfully or stored for too long (insofar as this does not conflict with any legal obligation to retain data and no other reasons pursuant to Art. 17 para. 3 GDPR). In addition, you have the right to receive the personal data concerning you that you have provided to us in a common file format (right to data portability).

Summary: To exercise your rights, you can contact us at nora-datenschutz[at]im.nrw.de or use the contact form in the app.

To exercise your rights, simply send an email to nora-datenschutz[at]im.nrw.de. You can also use the contact form in the app or on the website www.nora-notruf.de. You can also use the other contact options listed in section 1.

Right of objection according to Art. 21 GDPR

Summary: Right to object if data is processed according to Art. 6 para. 1 lit. e) and lit. f). To exercise this right, you can use nora-datenschutz[at]im.nrw.de or the contact form.

You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6 para. 1 lit. e) and lit. f) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

To enter an objection, you can contact us informally at the e-mail address nora-datenschutz[at]im.nrw.de or use the contact form in the app or on the website www.nora-notruf.de.

Summary: In addition, there is a right of appeal to the data supervisory authority.

In addition, you also have the right of appeal to a data protection supervisory authority. A list of German and European data protection officers and their contact details can be found here: https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

6. Contact details of the responsible persons

You can access the contact details of the responsible persons here: https://www.nora-notruf.de/en-en/contact-details-responsible-authorities/

7. Contact details of the data protection officer

Summary: The contact details of the data protection officers of the responsible persons can be found here: https://www.nora-notruf.de/en-en/data-protection-officers

If you have any questions or concerns regarding the processing of your personal data in connection with the emergency call app, you can contact the emergency call app office as well as the data protection officers of the responsible authorities in the federal states. In general, these are the responsible ministries of home affairs and local of the federal states. You can find a complete list of the contact data of the official data protection officers of the ministries here: https://www.nora-notruf.de/en-en/data-protection-officers

8. References according to Art. 26 para. 2 GDPR

In order to enable all German citizens, but especially people with disabilities, to access emergency services, the 16 federal states have decided to provide a uniform emergency call app. To this end, all 16 responsible persons are working closely together.

The joint responsibility under data protection law exists exclusively for the emergency call app system data generated and processed in the course of using the app (see data processing operations under section 4).

Joint responsibility under data protection law ends when the emergency call is completed. All further steps (e.g., storage in the emergency call centre, forwarding to the competent authority) are the responsibility of the respective competent authority in the respective country.

The responsible parties support each other in the performance of data protection obligations. The required information according to Art. 13 and 14 GDPR is provided by the responsible persons with this data protection declaration.