Data protection

The City of Rinteln is subject to the provisions of the European General Data Protection Regulation (GDPR) as well as the Nieders. Data Protection Act. For this reason we have taken technical and organizational measures to provide for the protection of personal data and to ensure compliance with the rules on data protection. Our websites contain links to other websites to which this data protection statement does not extend. The City of Rinteln is not responsible for the privacy practices or the content of other websites.


1.  Preliminary note

We are very pleased about your interest in our institution. Our online presence is encrypted to establish confidentiality and integrity in the communication between the web server and the web browser (client) "https".


The following points are intended to provide you with information about your data. The legislator has determined what information is required for this purpose.

Anyone who wants to know more can find this in the General Data Protection Regulation in Articles 12 to 22 and 34. The text of the General Data Protection Regulation is available on the Internet under the following link https://dsgvo-gesetz.de/.

If you have further questions about data protection, you can always contact the data protection officer and/or the administration of the City of Rinteln.


2.  What are personal data?

Any information that relates to a specific or identifiable person. A person is identifiable if he or she can be identified directly or indirectly. This can be done, for example, by correlation to an identifier such as a name, an identification number, to location data, to an online identifier or to one or more special features.


3.  Basic information

3.1  Who is responsible for the processing of my data?

The controller responsible for the data processing is the City of Rinteln,

represented by:

Mayor Thomas Priemer

Klosterstraße 19, D-31737 Rinteln,

Tel: +49 5751 403-0,

E-mail: stadtverwaltung@rinteln.de


3.2  Which authority is responsible for control and compliance with data protection law?

Responsible data protection supervisory authority

The Niedersachsen Commissioner for Data Protection Prinzenstraße 5, D-30159 Hannover

Phone: +49 0511 120 45 00

E-Mail: poststelle@lfd.niedersachsen.de

3.3  How can I contact the data protection officer of the organization?

The data protection officer of our organization is Jörg Begemann. The data protection officer can be reached as follows: E-mail: datenschutz@rinteln.de


4.  Other important information

4.1  Why does the administration process my data?

You are fundamentally able to use our offerings without disclosing your identity. However, if you use online forms (e.g. order form, contact form), your data will be included unencrypted in an e-mail and sent to us. At these points you will be informed separately and you can decide freely whether you enter your data. We only pass on this information within the City of Rinteln to handle your inquiries or orders as well as to process your applications by the responsible offices. Without your explicit consent, we do not pass on data to third parties. Should data be passed on to service providers as part of order processing, they are bound by the European General Data Protection Regulation (GDPR) and any other data protection provisions (BDSG_neu 2018). Insofar as we are obliged to do so or by law or court order, we will forward your data to authorized offices.

The production of the anonymized data is carried out in standardized manner by our website provider, which currently cannot be deactivated by us.

4.2  Why is the administration allowed to process my data?

Insofar as we have obtained the consent of the data subject for the processing procedures on personal data, Art. 6 para. 1 lit. a of the EU Data Protection Reguation (GDPR) serves as the legal basis.

In processing personal data that are necessary to fulfill a contract to which the data subject is a contractual party, the legal basis is Art. 6 para. 1 lit. b GDPR. This also holds for processing procedures that are necessary to carry out precontractual measures.

Insofar as a processing of personal data is necessary to fulfill a legal obligation to which our institution is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

4.3.  What data is collected from me?

This data is collected in a standardized manner by our website provider. We are currently unable to deactivate this collection of data, but the data is not used or evaluated by us:


  • IP address in anonymous form is used to determine the location of access
  • Referrer (previously visited website)
  • Requested website or file
  • Browser type and browser version
  • Operating system used
  • Device type used
  • Time of access

4.4.  In which statistics is my data used?

Our website uses Piwik (http://en.piwik.org), an open-source software for the statistical evaluation of visitor access. Piwik uses so-called "cookies", small text files that are stored on your computer and that allow an analysis of your use of the website. The information generated by the cookie about your use of this website is stored on the server of our internet provider in Germany. The IP address is anonymized immediately after processing and prior to being saved. You can prevent the installation of cookies by setting your browser settings accordingly; however, please be aware that if you do this you may not be able to use the full functionality of this website. The following anonymous statistics are provided by our website provider. We do not use or evaluate the statistics, we cannot disable the statistics currently being generated:


  • Visitor figures: Visitors, sessions, page views, and search engine robots.
  • Visitor behavior: Duration per session, page views per session and bounce rate.
  • Page analysis: Start pages, exit pages, error pages, most visited pages, high bounce rate pages, and search terms.
  • Originating pages: All originating pages and referring pages.
  • Visitor locations
    • Browsers & Systems: Browser, browser versions, operating systems and operating system versions.

4.5  Who can receive data from me?

As part of the processing, your anonymized data can be viewed by our website provider, which is contractually bound. Further transfers are not made.

4.6  Will you transfer data from me to countries outside the European Union?

This is not planned by us.

4.7  Do I have to provide my data?

In order to achieve the reasons described in point 4.1, it is necessary that you provide us with your personal data.

For processing an order or a request from you, this is mandatory and required by law. In the case of non-provision we cannot process your request or request.

In the case of complaints, you can always contact the responsible supervisory authority. The regulatory authority named in point 3.2.is responsible for our organization. You have the right to have this judicially reviewed, according to Article 78 of the GDPR against a regulatory authority and, pursuant to Article 79 of the DS-BER against our administration.

4.8  Automated decision-making / profiling

Automatic decision-making / profiling does not take place.

4.9  Use of cookies

The internet pages partly use so-called cookies. Cookies do not harm your computer and do not contain viruses. Cookies serve to make our offerings more user-friendly, effective and secure. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are so-called "session cookies". They are automatically deleted after your visit.

Other cookies remain stored on your end-device until you delete them. These cookies allow us to recognize your browser the next time you visit.

You can set your browser so that you are informed about the setting of cookies and allow cookies only in individual cases, exclude the acceptance of cookies for certain cases or generally, or enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

4.10  Copyright

The operators of these sites endeavor to always observe the copyrights of others or to use self-created and license-free works.

The content and works on these pages created by the site operators are subject to German copyright law. Third party contributions are marked as such. The reproduction, processing, distribution and any kind of exploitation outside the limits of copyright require the written consent of the particular author or creator. Downloads and copies of this site are for private, non-commercial use only.


5.  Which rights do I have?

5.1  Note on your rights

As a data subject, under the General Data Protection Regulation you have the following rights among others (hereinafter also referred to as "Data Subject Rights"):


5.2  Right to information (according to Article 15 GDPR)

You have the right to request information about whether we process personal information about you or not. When we process personal information from you, you are entitled to learn


  • why we process your data (see also point 4.1);
  • what kinds of data we process from you;
    • which type of recipients receive or should receive data from you (see also point 4.3);
    • how long we will save your data; if it is not possible to give an indication of the storage duration, we must inform you of how the retention period will be determined (e.g. after expiry of statutory retention periods) (see also section 4.5);
    • that you have a right to rectification and deletion of the data concerning you, including the right to limit the processing and/or the possibility of objection (see also points 5.2, 5.3 and following);
    • that you have the right of appeal to a supervisory authority;
    • where your data comes from, if we did not collect it directly from you;
    • whether your data will be used for an automatic decision and, if so, what logic the decision is based on and what impact and scope the automated decision may have for you;
    • that, if data about you are transmitted to a country outside the European Union, you are entitled to information as to whether and, if so, by which guarantees an adequate level of protection is ensured on the part of the recipient;
      • that you have the right to request a copy of your personal data. Data copies are always provided in electronic form. The first copy is free of charge, additional copies may require a reasonable fee. A copy can only be provided if the rights of other persons are not affected by this.


5.3  Right to correction of data (according to Article 16 GDPR)

You have the right to require us to correct your data if it is incorrect and/or incomplete. This right also includes the right to completion by supplementary statements or communications. A correction and/or supplement must be made without culpable hesitation.

5.4  Right to erasure of personal data (according to Article 17 GDPR)

You have the right to demand deletion of your personal data from us if


  • the personal data are no longer required for the purposes for which they were collected and processed;
    • the data processing has taken place on the basis of your consent and you have revoked your consent; however, this does not apply if there is another legal permission for data processing;
    • you have lodged an objection to data processing, the legal authorization of which is in the so-called "legitimate interest" (referred to in Article 6 Para. 1 (e) or (f)); however no deletion is required if there are legitimate reasons for further processing;
    • you have lodged an objection to data processing for direct marketing purposes;
    • your personal data has been processed unlawfully;
    • The data of a child is concerned, which was collected for services of the information society (= electronic service) on the basis of consent (according to kind 8 exp. 1 GDPR).


A right to deletion of your personal data does not exist if


  • the right to freedom of expression and information conflicts with the request for deletion;
  • the processing of personal data is required


-  to fulfill a legal obligation (e.g. statutory retention obligations),

-      for the exercise of public duties and interests under applicable law (this includes the "publichealth ") or

- for archiving and / or research purposes;


  • the personal data are required to assert, exercise or defend legal claims.


The deletion must be carried out immediately (without culpable hesitation). If personal data has been made public by us (e.g. on the Internet), we must ensure, as far as is technically possible and reasonable, that other data processors are also informed about the deletion request, including the deletion of links, copies and/or replications.

5.5  Right to restriction of data processing (according to Article 18 GDPR)

You have the right to restrict the processing of your personal data in the following cases:


  • If you have contested the accuracy of your personal information, you may request that your data not be used for the duration of the verification of accuracy and thus that its processing is restricted.
  • In the case of unlawful data processing, you may request the restriction of data usage instead of data deletion;
  • If you need your personal data to assert, exercise or defend legal claims, but we no longer need your personal information, you may require us to limit the processing to the purposes of legal enforcement;
  • If you have objected to data processing (pursuant to Art. 21 Para. 1 GDPR) (see also point 5.7) and it is not yet clear whether our interests in processing outweigh your interests, you can require that for the duration of the examination the data not be used for other purposes and thus that their processing is restricted.


Personal data the processing of which has been restricted upon your request may, subject to storage – only be processed


  • with your consent,
  • be processed to assert, exercise or defend legal claims,
  • to protect the rights of other natural or legal persons, or
  • for reasons of important public interest.


If a processing restriction is lifted, you will be notified in advance.

5.6  Right to data portability (according to Article 20 GDPR)

You have the right to request the data that you have provided to us in a common electronic format (e.g. as a PDF or Excel document). You may also require us to transfer this information directly to another company (through you), if technically possible for us. The precondition that you have this right is that the processing is based on consent or execution of a contract (see point 4.2) and carried out with the help of automated procedures.

The exercise of the right to data portability does not impair the rights and freedoms of others.

If you exercise the right to data portability, you continue to have the right to data deletion under Article 17 of the GDPR.

5.7  Right to object to certain data processing (according to Article 21 GDPR)

If your data is processed for the purpose of performing tasks lying in the public interest or to observe legitimate interests (see 4.2), you may object to such processing. You must explain to us the reasons that arise from your particular situation for your opposition. This could be e.g. special family circumstances or legitimate interests in secrecy.


In the event of objection, we shall refrain from any further processing of your data for the purposes stated under point 4.1, unless


  • there are compelling, legitimate grounds for processing that outweigh your interests, rights and freedoms, or
  • the processing is necessary for the assertion, exercise or defense of legal claims.


You may object to the use of your data for the purpose of direct marketing at any time; this also applies to profiling insofar as it is associated with direct marketing. In the case of objection, we may no longer use your data for direct marketing purposes.

Direct marketing and/or profiling is never initiated or carried out by us.

5.8  Prohibition of automated decision-making/profiling (according to Article 22 GDPR)

Decisions by us that have a legal consequence or that significantly affect you must not be based solely on the automated processing of personal data. This includes profiling. This prohibition does not apply insofar as the automated decision


  • is required for the conclusion or fulfillment of a contract with you,
  • is permitted by law, if such legislation contains reasonable measures to protect your rights and freedoms and your legitimate interests, or
  • occurs with your express consent.


Decisions that are based exclusively on automated processing of special categories of personal data (= sensitive data) are only permitted if based on


  • your express consent or
  • there is a significant public interest in processing


and appropriate measures have been taken to protect your rights and freedoms and your legitimate interests.

5.9  Exercise of data subject rights

To exercise data subject rights please contact the offices mentioned under point 3. Requests that are submitted electronically are generally answered electronically. The information, communications and measures to be provided under the GDPR, including "the exercise of the data subject rights", are generally provided free of charge. Only in the case of manifestly unfounded or excessive claims are we entitled to levy an appropriate fee for the processing or to refrain from taking action (in accordance with Article 12 Para. 5 GDPR).

If there are reasonable doubts about your identity, we may request additional information from you for identification purposes. If an identification is not possible for us, we are entitled to refuse to process your request. We will – if possible – notify you separately about an inability to identify you (see Articles 12 Para. 6 and Article 11 GDPR).

Information and information requests are usually processed promptly, within one month of receipt of the request.

The period may be extended by a further two months insofar as this is necessary in consideration of the complexity and/or the number of requests; in the event of an extension, we will inform you of the reasons for the delay within one month of receipt of your request.

If we fail to act upon request, we will immediately notify you of the reasons for doing so within one month of receipt of the request, and you will be advised of the possibility to lodge a complaint with a regulatory authority or to seek judicial remedy. (see Article 12 Para. 3 and 4 GDPR).

For the area of ​​taxation procedures, data subject rights are specifically regulated by domain in §§ 32a et seq. of the new German Fiscal Law (AO-neu).

Please note that you can only exercise your data subject rights in the framework of restrictions and constraints imposed by the Union or the member states. (Article 23 GDPR).

5.10 Right of withdrawal

Should your personal data not be used for further contact or corrected and/or deleted, we will act accordingly at your request. Data that is absolutely necessary for processing is not affected by a termination or deletion.


6.  Data protection in connection with Facebook Social PlugIns

Our website uses social plugins ("plugins") of the social network facebook.com, which is operated by Facebook Inc., 1601 S. California Ave., Palo Alto, CA 94304, USA ("Facebook"). The plugins are marked with a Facebook logo or the addition "Facebook Social Plugin".

If you visit a website of our internet presence that contains such a plugin, your browser establishes a direct connection to the Facebook servers. The content of the plugin is transmitted by Facebook directly to your browser and incorporated by this into the website.

Through integration of the plugins Facebook receives the information that you have accessed the corresponding page of our website. If you are logged in to Facebook, Facebook can correlate the visit to your Facebook account. If you interact with the plugins, for example by pressing the "Like" button or leaving a comment, the corresponding information is transmitted from your browser directly to Facebook and stored there.

For the purpose and scope of data collection and the further processing and use of the data by Facebook, as well as your rights in this regard and possible settings for the protection of your privacy, please refer to the privacy policy of Facebook.

If you do not want Facebook to collect data about you via our website, you must log out of Facebook before visiting our website.


7.  Liability/changes

7.1  Liability for content

The contents of our pages were created with great care. However, we cannot assume any liability for the accuracy, completeness and timeliness of the content.

As a service provider we are responsible according to the German Telemedia Act for own content on these pages according to the general laws. However, service providers are under no obligation to monitor the third-party information you provide or store, or to investigate circumstances that indicate unlawful activity.

Obligations to remove or block the use of information under general law remain unaffected. A liability in this regard, however, is only possible from the date of knowledge of a specific infringement. If we become aware of such violations, we will remove this content immediately.

7.2  Changes

We will inform you here if changes to our data protection policy become necessary as part of the further development of our offerings.