Data protection declaration

This data protection declaration applies to the website nora-notruf.de.

For information on the processing of your personal data while using the nora emergency call app, please refer to the separate Data protection declaration for the app.

This data protection declaration informs you about the type, scope and purposes of the collection and use of personal data on the website https://www.nora-notruf.de/ (hereinafter "website") by the Ministry of the Interior of the State of North Rhine-Westphalia (hereinafter "we" or "us"). We are the data controller for all personal data collected on the website, unless otherwise stated in this data protection declaration.

Personal data is information that can be used to identify a person, i.e. information that can be traced back to a person. This typically includes the name, e-mail address or telephone number. However, purely technical data that can be assigned to a person is also considered personal data.

  1. Data controller and data protection officer
  2. General information on data processing
    • Legal basis for processing
    • Technical service provider as data recipient
  3. Data processing in connection with visits to this website
    • Collection, processing and storage of data
    • Web analysis
    • Use of cookies
  4. Contact
    • Contacting by e-mail
    • Contacting via the contact form
  5. Integration of videos via Vimeo
  6. Your rights as a user
  7. General remarks on data protection

1. Data controller and data protection officer

The responsible authority and data controller for processing personal data is the

Ministry of the Interior of the State of North Rhine-Westphalia
Friedrichstrasse 62 - 80
40217 Duesseldorf

Phone: +49 211 871 01
E-mail: poststelle[at]im.nrw.de

Data protection officer

You can reach the data protection officer of the Ministry of the Interior of the State of North Rhine-Westphalia by e-mail at datenschutzbeauftragter[at]im.nrw.de or via the address:

Ministry of the Interior of the State of North Rhine-Westphalia
Governmental Data Protection Officer
Friedrichstrasse 62 - 80
40217 Duesseldorf

Phone: +49 211 871 01
Fax: +49 211 871 3355

2. General information on data processing

Legal basis for processing

The Ministry of the Interior of the State of North Rhine-Westphalia processes personal data in the performance of tasks incumbent upon it in the public interest. The public tasks of the Ministry of the Interior particularly also cover public relations work, including the provision of information to the public within the framework of this website. The legal basis for processing in this case is Article 6 (1) lit. e) of the EU General Data Protection Regulation (GDPR) in conjunction with Section 3 of the German Data Protection Act (DSG NRW). Insofar as the processing of personal data should be necessary in individual cases for the fulfilment of a legal obligation, Article 6 (1) lit. c) GDPR, in conjunction with the relevant legal provision from which the legal obligation arises, also serves as legal basis.

When processing personal data required for the performance of a contract to which the data subject is a contracting party, Article 6 (1) lit. b) GDPR also serves as legal basis in individual cases. This also applies to processing operations that are necessary for the implementation of pre-contractual measures. In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Article 6 (1) lit. d) GDPR is the legal basis.

Persons under the age of 16 should not transmit any personal data to us unless the consent of their parents or guardians (holders of parental responsibility) has been given (Article 8 (1) GDPR). The consent must then be explicitly noted in the message (Article 8 (2) GDPR). We do not request personal data from children and young people. Knowingly, we do not collect such data.

We delete the personal data we receive by email, DE-mail or contact form as soon as the storage is no longer necessary for the purpose you pursued or in connection with administrative procedures triggered with it and the applicable obligations to retain such data (Annex to the File Regulations for the Business Division of the Ministry of the Interior and Municipal Affairs of the State of North Rhine-Westphalia (AktO); Circular of the Ministry of the Interior and Municipal Affairs - 51 - 17.05 - of 25 July 2016). The information requirements for the administrative processes of the departments can be found here.

Technical service provider as data recipient

The technical maintenance and hosting of the website are assigned by the data controller to the service provider bevuta IT GmbH, Ettore-Bugatti-Strasse 35, 51149 Cologne, Germany. In this context, bevuta IT GmbH will process on its servers all personal data mentioned in this data protection declaration.

A data processing agreement has been concluded with bevuta IT GmbH in this regard in accordance with Article 28 GDPR. Accordingly, bevuta IT GmbH is not permitted to use the personal data for its own purposes. Rather, the personal data is processed exclusively under the instruction and on behalf of the data controller.

We have taken technical and organizational measures to ensure that the regulations on data protection are observed both by us and by our external service providers.

3. Data processing in connection with visits to this website

The provision of your personal data on this website is generally not required by law or contract. You are not obliged to provide personal data on this website. Nevertheless, the provision of the functions of this website requires the processing of your personal data.

To protect the transmission of content, this website uses TLS encryption. Data that you transmit to us via the website (for example, via the contact form) cannot be read by unauthorized third parties thanks to the encryption.

You can recognize the encrypted connection by the 🔒 icon in the browser address line and, in some browsers, the protocol specification "https://" instead of "http://".

Collection, processing and storage of data

Each time content of the website is accessed, data is temporarily stored on the servers of our hosting partner via so-called protocol or log files, which may allow identification. The following data is recorded each time the website is accessed:

  • Date and time of the request
  • Page called up and type of request
  • Message whether the call was successful (HTTP status code)
  • Operating system, browser type and browser version used
  • Host name and IP address of the calling device/computer
  • Referrer URL
  • Amount of data transferred

This data is not merged with other personal data that you actively provide when using the website.

We collect server log files for the purpose of administering the website and being able to detect and prevent unauthorized access.

The server log files with the above data are automatically deleted after 7 days. We reserve the right to store the server log files longer if facts exist that suggest the assumption of unauthorized access (such as an attempt to break into our IT system or a so-called DDOS attack).

Data logged when accessing this website or collected for a specific service will only be transmitted to third parties outside the above-mentioned data controllers and data processors,

  • insofar as we are obliged to do so by law or by judicial or prosecutorial order, or
  • if the transfer is necessary for legal or criminal prosecution in the event of attacks on the Internet infrastructure of the hosting partner.

In addition, we expressly draw attention to the fact that the service provider Vimeo, which is integrated by the Ministry of the Interior on the website, stores website visitors' data in accordance with its data usage guidelines when these services are actively used, such as playing a video on the website, and uses this data for its business purposes. The Ministry of the Interior has no influence on the collection of data and its further use by Vimeo. Thus, there is no knowledge of the extent to which, where and for how long the data is stored, the extent to which the networks comply with existing deletion obligations, what evaluations and links are made with the data and to whom the data is disclosed.

Web analysis

In order to analyze the use of our website and thereby further develop and improve our information offering, we use the statistical analysis tool Matomo (formerly "Piwik"). Matomo is an open source web analysis service and is operated on the servers of our hosting partner. The statistical information about the use of our website collected via Matomo is stored exclusively on the servers of our hosting partner and is not disclosed to third parties.

We use Matomo for the purpose of performing our public task pursuant to Article 6 (1) p. 1 lit. e) GDPR in conjunction with Section 3 DSG NRW.

We operate Matomo without tracking cookies. Instead, we use a privacy-friendly device fingerprinting method that distinguishes visits based on device and browser information and records them as anonymous Visitor IDs and User IDs. This data is randomly changed every 24 hours and is tied to the nora-notruf.de website. Visitors can therefore not be tracked over a longer period of time and across multiple websites. A detailed description of the technical functionality can be found here.

Matomo's IP anonymization is also used when collecting IP addresses.

You can also object to this anonymized evaluation by Matomo. If you select the "Do-not-track" option in your browser, Matomo will take this setting into account and will not evaluate your visits using device fingerprinting. Alternatively, you can deactivate the analysis by unchecking the box below:

If you uncheck the box, Matomo will place a functional opt-out cookie in your browser. This way, we ensure that the next time you visit this website, there will be no tracking from the beginning. Please note: If you delete your cookies, this will also delete the Matomo opt-out cookie. When you visit our site again, you must therefore repeat the opt-out.

Use of cookies

Cookies are small text files that are stored on your device by the browser used to call up our website. Individual services of a website can "recognize" you in this way and "remember" which settings you have made. On the one hand, this serves the user-friendliness of websites and thus the users. On the other hand, cookies are typically used to collect statistical data on website usage and to use the data thus obtained for analysis purposes.

Some cookies are automatically deleted from your device as soon as you leave the website again (so-called session cookies). Other cookies are stored for a certain period of time in order to be able to recognize your settings on recurring visits (persistent cookies).

The cookies we use are exclusively so-called functional cookies, which are necessary for the operation and further development of the website. We do not use so-called third-party cookies of other companies and no advertising, tracking or analysis cookies. We have configured the analysis tool Matomo to operate without cookies.

You can influence the use of cookies. Most browsers have an option to restrict or completely prevent the storage of cookies. However, preventing functional cookies may limit the use and, in particular, the comfort of use of the website.

4. Contact

If we receive a message from you via the contact form or an e-mail, we assume that we can reply to you by e-mail. If you do not wish us to do so, you would have to expressly request us to reply by another means. The processing of the data transmitted with the contact form and the content (which may also contain personal data transmitted by you) is carried out on the basis of Article 6 (1) lit. a) GDPR for the purpose of processing your request.

We use the personal data you enter only for the purpose you have requested and only within the Ministry of the Interior or the companies, authorities and departments entrusted with the respective service.

Contacting by e-mail

Via the e-mail address contact[at]nora-notruf.de, you can obtain technical support, report accessibility issues or give feedback and make suggestions concerning the emergency call app. The e-mails sent this way are processed as support requests on our behalf by bevuta IT GmbH. They are stored on the servers of bevuta IT GmbH and are deleted one year after the support ticket opening date.

Contacting the Ministry of the Interior by e-mail is possible not only via the personal office e-mail addresses of employees and various functional mailboxes, but also via this central e-mail address: poststelle[at]im.nrw.de.

The personal data sent to the central address and stored in the organizational unit responsible for central message distribution will be deleted, after being forwarded to the responsible organizational units of the Ministry of the Interior, as soon as the storage is no longer required for the purpose you pursued or in connection with ensuing administrative procedures and in the context of applicable obligations to retain such data (see Annex to the File Regulations for the Business Division of the Ministry of the Interior and Municipal Affairs of the State of North Rhine-Westphalia (AktO); Circular of the Ministry of the Interior and Municipal Affairs - 51 - 17.05 - of 25 July 2016). The information requirements for the administrative procedures of the Departments can be found here (information in German).

We point out that the processing of data is based on Article 6 (1) lit. e) GDPR in conjunction with Section 3 DSG NRW. Processing of the personal data you have submitted is necessary for the purpose of processing your request.

Contacting via the contact form

You can also contact us through this website using the form found here.

The contact form only asks for your e-mail address, your message and an assignment of topics. In addition, you can enter your name as optional information. Without this data (except for the name), your request submitted via the contact form cannot be processed. When you submit the form, the language version of the website used, a timestamp and your IP address are also stored.

5. Integration of videos via Vimeo

We use the offer and the technical platform of Vimeo to provide video content and to embed videos on our website. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA.

If a page is called up that contains a video hosted via Vimeo, a connection is established to the Vimeo servers.

To ensure that no cookies are set by Vimeo, all Vimeo videos have a so-called do-not-track configuration.

We have neither influence on the data collection and its further use by Vimeo, nor effective control possibilities. Information about which data is processed by Vimeo and for which purposes can be found in the Vimeo privacy policy.

6. Your rights as a user

You have the right to receive information about the personal data stored about you free of charge upon request. In addition, you have the right to request the correction of incorrect data, the right to request the restriction of processing of data processed too extensively, and the right to request the deletion of personal data processed unlawfully or stored for too long (insofar as this does not conflict with any legal obligation to retain data and no other reasons pursuant to Article 17 (3) GDPR). In addition, you have the right to transfer all data you have provided to us in a common file format (right to data portability).

To exercise your rights, you can contact us in writing at the address given in the Legal Notice (poststelle[at]im.nrw.de)

Right of objection

In addition, you have the right to file an objection at any time, on grounds relating to your particular situation, to the processing of personal data concerning you, which is carried out on the basis of Article 6 (1) lit. e) GDPR.

If you file an objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or unless the processing serves to assert, exercise or defend legal claims.

To file an objection, you can contact us informally at the specified e-mail address poststelle[at]im.nrw.de or use the contact form on the website.

In addition, you also have the right to lodge a complaint with a data protection supervisory authority pursuant to Article 77 GDPR. A list of German and European data protection officers and their contact details can be found at the following link:

https://www.bfdi.bund.de/DE/Service/Anschriften/Laender/Laender-node.html

The supervisory authority responsible for data protection here is the

State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia
Kavalleriestr. 2-4
40213 Duesseldorf

Phone: +49 211 38424 0
Fax: +49 211 38424 10
E-mail: poststelle[at]ldi.nrw.de

7. General remarks on data protection

In the course of further development of the website, changes to this data protection declaration may also become necessary. We therefore recommend that you read the data protection declaration again from time to time.

General information on data protection can be found on the website of the North Rhine-Westphalia State Commissioner for Data Protection and Freedom of Information: www.ldi.nrw.de

The Legal Notice can be found here.