This data protection information applies to data processing by:
Governikus GmbH & Co. KG
on behalf of the Federal Office for Information Security
Godesberger Allee 185-189
"See my personal data / Identify" service
(Governikus GmbH & Co. KG on behalf of the Federal Office for Information Security)
The AusweisApp2 has the function "See my personal data / Identify". With this function the data stored on the identity card, the electronic residence permit or the eID card can be read and displayed. Here we also speak of a so-called self-disclosure.
As soon as the AusweisApp2 is started and a suitable card reader is installed or an Android smartphone is connected, this function can be called up under the menu item "Identify".
After the PIN entry and successful data transfer, the data is displayed in the AusweisApp2.
The self-disclosure is a pure demonstration service. The read out data is only brought to the announcement and is not passed on. The data is not stored at the Governikus KG. The user can save the data as a PDF file on his terminal device. The verification of the data takes place via the respective eID server to which the service accesses. On the eID server, the authorization certificates are administered and revocation lists are kept. The server takes over the secure communication with the AusweisApp2 and the identity card and forwards the read out data to the service.
It determines the authenticity and validity of the identity card, checks whether it has been blocked by the card holder and transmits the results of the online card function to the other systems of the service provider.
For the identity comparison via the eID server, there must always be an Internet connection so that the comparison can take place and the data can be transmitted in encrypted form. This is necessary in order to carry out the cryptographic protocols with the chip of the identity card and to regularly receive the necessary authorization certificates and revocation lists.
The eID server always complies with the current technical guidelines of the BSI. This ensures that the state of the art is mapped.
Access to the data on the identity card, the electronic residence permit or the eID card is only possible if the person who wants to access the data first identifies himself uniquely. This is done using the authorization certificate. It is always displayed who wants to access your data. Permission to obtain an authorisation certificate is granted to a service provider upon application and after verification at the Federal Administration Office's issuing office for authorisation certificates. In order to display the technical authorization certificate and to be able to carry out a validity check of the ID document, an Internet connection is absolutely necessary. For this reason, one also speaks of the online ID card function. Further details on how the online ID card function works can be found here.
Application, database server and HSM are located in the following computer center: Zenium Technology Partners, Sossenheim, 65936 Frankfurt am Main.
Data acquisition and storage
When you call the website www.ausweisapp.bund.de, the browser used on your terminal device automatically sends information to the server of our website. This data is stored exclusively for statistical and security purposes. Only the IP address of the Internet service provider, the date and time of access and the specific destination address are recorded for a limited period of time. The data mentioned will be processed by us for the following purposes:
- Ensuring a smooth connection of the website,
- Ensure comfortable use of our website,
- Evaluation of system safety and stability as well as
- for other administrative purposes
The data is processed on the basis of Art. 6 of the German Data Protection Act (DSGVO). Under no circumstances do we use the collected data for the purpose of drawing conclusions about your person.
If you have contacted us by telephone, e-mail or using an evaluation form, it is necessary to provide your first and last name and a valid e-mail address. This data will be stored by our AusweisApp2 support or communication teams for possible contact and will be deleted from our systems no later than 6 months after your support request has been completed. Comments on older versions of AusweisApp2 will be anonymized.
Disclosure of personal data to third parties
Your personal data will not be transferred to third parties for purposes other than those listed below. We will only pass on your personal data to third parties if:
- you have given your express consent to this,
- the disclosure is necessary to assert, exercise or defend legal claims and there is no reason to assume that you have an overriding legitimate interest in not disclosing your data,
- in the event that there is a legal obligation to pass on such information, and
- this is legally permissible and necessary for the execution of contractual relationships with you.
On the pages of www.ausweisapp.bund.de cookies are used, which are valid for the time of the visit on the website. Most browsers are settet to automatically accept cookies. However, the storage of cookies can be deactivated or the browser can be set so that cookies are only stored for the duration of the respective connection to the Internet. However, a complete deactivation of cookies may result in you not being able to use all the functions of our website.
Use of Youtube videos
We use embedded YouTube videos in advanced privacy mode. YouTube is a service provided by Google Inc., Amphitheatre Parkway, Mountain View, CA 94043, USA. YouTube provides this extended data protection mode, thereby ensuring that YouTube does not store any cookies containing personal data on your computer. The IP address is transmitted when the website is accessed and to embed the videos. This IP address cannot be assigned unless you have registered with YouTube or another Google service or are permanently registered prior to accessing the site. As soon as you start the playback of an embedded video by clicking on it, YouTube only saves cookies on your computer which do not contain any personally identifiable data due to the extended data protection mode. These cookies can be prevented by appropriate browser settings and extensions (Source: YouTube "Enable advanced privacy mode for embedded videos").
On this website data is collected and stored using the web analysis service software Matomo (www.matomo.org), a service of the provider InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand, ("Matomo") on the basis of our justified interest in the statistical analysis of user behaviour for optimisation and marketing purposes in accordance with Art. 6 para. 1 lit. f DSGVO. From this data, pseudonymised user profiles can be created and evaluated for the same purpose. Cookies can be used for this purpose. Cookies are small text files that are stored locally in the cache of the Internet browser of the page visitor. The cookies enable, among other things, the recognition of the Internet browser. The data collected using Matomo technology (including your pseudonymised IP address) is processed on our servers. . The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym. If you do not agree with the storage and evaluation of this data from your visit, you can object to its subsequent storage and use at any time by mouse click. In this case, a so-called opt-out cookie is stored in your browser, which means that Matomo does not collect any session data. Please note that the complete deletion of your cookies means that the opt-out cookie will also be deleted and may have to be reactivated by you.
Rights of affected parties
You have the right to do so:
- to request information about your personal data processed by us,
- demand t
- he correction of incorrect data or the completion of stored data without delay,
- demand the deletion of the stored personal data,
- to demand the restriction of the processing of your personal data insofar as the correctness of the data is disputed by you, the processing is unlawful, but you refuse its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims.
- to revoke your consent once given to us at any time,
- to complain to a supervisory authority.
- Right of objection
If your personal data is processed on the basis of legitimate interests, you have the right to object to the processing of your data. If you would like to make use of your right of revocation or objection, simply send an e-mail to datenschutzgovernikusde.
We use the widespread SSL method in connection with the highest level of encryption supported by your browser during your visit to our website. As a rule, this is a 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed representation of the lock symbol in the lower status bar of your browser.
In the event of complaints, you may at any time contact the competent supervisory authority of the Union or the Member States. The State Commissioner for Data Protection and Freedom of Information of the Free Hanseatic City of Bremen, Dr. Imke Sommer, is responsible for our company.
Actuality and amendment of this data protection declaration
This data protection declaration is currently valid and as of May 2018. Due to the further development of our website and offers above it or due to changed legal or official requirements, it may be necessary to amend this data protection declaration.The current data protection declaration can be accessed at any time on the website at www.ausweisapp.bund.de/en/privacy.
Data protection officer
Governikus GmbH & Co. KG
Hochschulring 4, D-28359 Bremen