Datenschutz/en
Privacy policy
This privacy policy informs you, as a user of our website and our services, about the nature, scope and purpose of the collection and use of personal data.
Please be expressly advised that data transmission over the internet (e.g. when communicating via email) may involve security vulnerabilities and does not offer 100% protection against access by third parties.
Actuality and change of this privacy policy
This privacy policy is currently valid and was updated in December 2018. Due to the further development of our website and offers or due to changed legal or regulatory requirements, it may become necessary to change the privacy policy. You can access and print out the current data protection declaration at any time on our website under
https://geoportal.saarland.de/article/Datenschutz/
You can save or print the respective privacy policy by either selecting the "print" or "save page as" commands in your browser.
In addition, you can find more information at https://www.saarland.de/lvgl/DE/services/datenschutz/datenschutz.html
Data controller
Landesamt für Vermessung, Geoinformation und Landentwicklung
Zentrale Stelle Geodateninfrastruktur Saarland
Von der Heydt 22
66115 Saarbrücken, Germany
Email: gdi-sl@lvgl.saarland.de
Phone: +49 681 9712-03
Fax: +49 681 9712-200
Data Protection Officer:
Landesamt für Vermessung, Geoinformation und Landentwicklung
Guido Montag
Von der Heydt 22
66115 Saarbrücken, Germany
Email: datenschutz@lvgl.saarland.de
Phone: +49 681 9712-418
Fax: +49 681 9712-200
Personal data
Personal data consists of information that can be used to identify a natural person. This information may include a name, address, email address, phone number, date of birth or even an IP address. We are permitted to collect, use and store personal data only to the extent provided for by law and the degree to which you have consented to data collection as a user.
The use of our website is usually possible without providing personal information. In cases where personal data (e.g. a name, address or email address) is collected on our website, this is provided on a voluntary basis.
As a general rule, we process personal data about our users only insofar as this is necessary to provide a fully functional website, which also includes providing related content and services. As a rule, the processing of personal data from our users typically requires their consent beforehand. One exception to this rule is cases where consent cannot be obtained beforehand for practical reasons and the processing of data in such cases is allowed by the provisions of applicable law.
Registration
Our website offers users the option of registering an account, which requires the entry of items of personal data. These items of data are entered in a form, which is submitted to us for storage on our servers. This data is not shared with third parties.
The following items of data are collected during the registration process:
- Username (any name can be chosen)
- Email address
At the time of registration, the following data is also collected:
- Username, password, email and IP address
The legal basis for processing the data is point (a) of art. 6(1) of the GDPR, with the user’s consent having been obtained. If registration is necessary for the performance of a contract to which the user is party or in order to take steps prior to entering into a contract, an additional legal basis is provided for processing by GDPR art. 6(1) point (b).
User registration is required in order to provide the following content and services on our website:
- Storage of arbitrary map compilations as WMC documents (these can then be reloaded by the user as required in subsequent sessions)
- Storage of search queries
- Subscription to availability monitoring as provided by registered map services (email notification for individual service outages)
- Application for service activations (usage of protected map services)
The following items of data are stored for registered users:
- User ID
- Username
- Email address
- Time of registration
- Time of last login
- Password hash
- Password hash for external use of protected services
- Search queries stored by the user
- Map compilations stored by the user (WMC documents)
- Activated protected services
- Spatial area unit for the optional ‘spatial’ intersection of protected services
During access to protected services by registered users, the user ID as well as the access parameters of the service are stored on a per-access basis. These items of data are used for billing as well as for technical support.
This data is erased once it is no longer required to achieve the purpose for which it was originally collected, i.e. the contract has been performed in full and no legal retention periods are applicable.
Typically, the data collected is erased 90 days after contract conclusion.
As a user, you have the option of cancelling your registration at any time. You can also contact us to have your stored data amended at any time.
The account can be terminated as follows:
The account data can be erased by one of our members of staff. To request this, you can call us on +49 681 9712-03 or email us at geoportal.saarland@lvgl.saarland.de.
The data collected can be amended as followed:
When you are logged into the Geoportal, you can use the ‘Edit profile’ menu option to change your password and email address.
Access data/server log files
Each time our internet portal is accessed, our system collects data and information automatically from the device or computer accessing our website.
Categories of data subjects
The data subjects affected by the processing of personal data are all visitors to our website, insofar as they have consented to the processing or an exceptional case exists.
The following items of data are collected and are erased after a period of 7 days:
- IP address
- Date and time of request
- Client software on the requesting device, i.e. typically the browser type and the required access method/function
- Input values transferred (e.g. the target file)
- Web server access status (e.g. file transfer, file not found, command not executed) and the name of the file requested
The Geoportal log files are used for the purpose of statistical analysis. The following items of data are stored in this context:
- Unique users per hour
- Number of visits per hour
- Page hits per hour
- Accesses per hour
- Bytes transferred per hour
- URLs accessed
- HTTP error codes
The data is anonymised before analysis, and used to produce statistical reports to help with operations, security and optimising the services as provided.
This data is not aggregated with the user’s other personal data that we have stored.
The legal basis for the temporary storage of data and log files is provided by the purposes of legitimate interests pursuant to point (f) of art. 6(1) of the GDPR (business interest in website usage).
IP addresses are stored in log files to assure the website’s functional capability. This data is also used in order to optimise the website and to ensure the security of our information technology systems. The data is not evaluated for marketing purposes.
Data must be collected in order to provide the website to the user and data must be recorded in log files in order to operate the website.
Cookies
Our website uses cookies. Cookies are small files stored on the user’s access device (PC, phone, etc.) that facilitate the storage of specific information related to this device. These cookies improve the usability of webpages and also provide user functions (e.g. storage of login credentials). We use cookies in order to make our website more user-friendly. Some of our website features depend on being able to identify the accessing browser even when the user switches from one page to another.
The following types of data are stored and transferred in the cookies:
- Session
- User status
- Whether you accept cookies
Cookies are stored on your device only during the current session. The legal basis for the processing of personal data while using cookies is provided by the purposes of legitimate interest pursuant to point (f) of art. 6(1) of the GDPR (business interest in website usage).
The legal basis for the processing of personal data while using cookies for analysis purposes is provided by the corresponding consent given by the user for these purposes (GDPR art. 6(1) point (a)).
The purpose of using technically essential cookies is to simplify the use of the website for users. Some website features cannot be offered without the use of cookies. For these features, it is essential that the browser remains identifiable even after a page change.
On certain pages (e.g. the Map Viewer), cookies are used without notifying you, the user, that they are being used. Most browsers are configured so that they accept cookies automatically. These purposes also grant us a legitimate interest in the processing of personal data pursuant to point (f) of art. 6(1) of the GDPR.
You can change the settings in your web browser to deactivate or restrict the use and storage of cookies. Any cookies already stored can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it is possible that some or all of the features on our website may no longer be usable (in full). The storage of Flash cookies cannot be altered in browser settings, but can be prevented by changing the settings in the Flash Player.
Other
Font Awesome
Our website uses so-called web fonts or icons for the uniform display of fonts or icons, which are provided by Fonticons, Inc. When you call up a page, your browser loads the required web fonts or icons into its browser cache in order to display texts, fonts and icons correctly.
For this purpose, the browser you use must connect to the servers of Fonticons, Inc. This enables Fonticons, Inc. to know that our website has been accessed via your IP address. Font Awesome is used in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest within the meaning of point (f) of art. 6(1) of the GDPR.
For more information about Font Awesome, see https://fontawesome.com/help and the Fonticons, Inc. privacy policy: https://fontawesome.com/privacy.
reCaptcha
On our website, we also use the reCAPTCHA function of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland ("Google"). This function is primarily used to distinguish whether an input is made by a natural person or is abused by machine and automated processing. The service includes the sending of the IP address and possibly other data required by Google for the reCAPTCHA service to Google and is carried out in accordance with point (f) of art. 6(1) of the GDPR on the basis of our legitimate interest in determining individual ownership on the Internet and the prevention of abuse and spam.
Further information on Google reCAPTCHA as well as Google's privacy policy can be found at: https://www.google.com/intl/de/policies/privacy/.
Contacting us
You can contact us by emailing us at the email address provided. In this case, the user’s personal data as supplied in the email will be stored. Data is not shared with third parties as part of this process. All data is used exclusively for the processing of the communication.
Please note that any message that you send to us via email is not encrypted automatically. Without such encryption, your message is at risk from access by third parties. If, after reading your email, we see that you are requesting a reply, we will assume that you agree to us replying to your enquiry with an unencrypted email, insofar as our reply also does not require encryption as a result of its content.
The legal basis for processing the data provided by contacting us with our contact form and/or by email is provided by the purposes of legitimate interest pursuant to point (f) of art. 6(1) of the GDPR (user contact options).If the contact made is intended to conclude a contract, then an additional legal basis is provided for processing by point (b) of art. 6(1) of the GDPR.
This data is erased once it is no longer required to achieve the purpose for which it was originally collected. For personal data sent via email, this is the case once the respective communication with the user has been completed successfully.
You may object to the storage of your personal data at any time. In such a case, further communication will no longer be possible.
You may express this objection in the following way:
Please send an email to the GDI-SL Central Coordination Unit at gdi-sl@lvgl.saarland.de.
Links to other websites
Pages on GeoPortal Saarland also include links to other websites. Whether or not their operators comply with data protection laws is beyond our control. We are responsible neither for this content nor for its currency.
Rights of the data subject
You can contact us at the address given below to request details of the personal data we have stored about you. This is a free service. In addition, if certain conditions are met as set out in GDPR art. 16 and 17, you may also request the rectification or erasure of your stored personal data. Furthermore, you may also have a right to restriction of processing regarding your data and a right to data portability, i.e. the surrender/transfer of the data you have provided in a structured, commonly used and machine readable format (GDPR art. 18, 20).
Right to object
You have the right to object to the processing of your personal data at any time; this right is granted by GDPR art. 6(1) point (f). This objection may be raised in particular against the processing of data for direct marketing purposes.
Beschwerderecht
Des Weiteren besteht für Sie die Möglichkeit, sich mit einer Beschwerde an den oben genannten Datenschutzbeauftragten oder an eine Datenschutzaufsichtsbehörde zu wenden.
Die für uns zuständige Aufsichtsbehörde ist:
Unabhängiges Datenschutzzentrum Saarland
Die Landesbeauftragte für Datenschutz und Informationsfreiheit
Fritz-Dobisch-Straße 12
66111 Saarbrücken
E-Mail: poststelle@datenschutz.saarland.de
Telefon: +49 681 94781-0
Telefax: +49 681 94781-29