Data protection

Information on the protection of personal data

Personal data are personal details or other information about identified or identifiable individuals, including data about their Internet surfing and communication activities. Anonymous data, i.e. information which cannot be linked to the identity of an individual (not even via a specific identification number such as an IP address), are not considered personal data (e.g. information on most frequently visited websites or the number of visitors to a website). The OeNB processes personal data in line with the provisions laid down in the General Data Protection Regulation (GDPR) and the Austrian Data Protection Act (DSG).

Data protection officer

The OeNB’s Data Protection Officer is Bernhard Horn. You can contact him via the Contact section below.

Data security

The OeNB takes all necessary technical and organizational security measures to protect your personal data against loss and misuse. Your data will be processed in a secure, state-of-the-art operating environment. The OeNB’s IT infrastructure is certified under the international ISO 9001 and 27001 standards.

Access to the OeNB’s websites is secured via HTTPS. This means that communication between your browser and the OeNB’s servers is encrypted. If you wish to contact the OeNB or its employees by e-mail, please note that, given the technical configuration of e-mail protocols, the confidentiality of e-mail information cannot be guaranteed. The content of unencrypted e-mails can be viewed by third parties unless special security measures are taken. We therefore recommend using only the contact form or any other secure mode of transfer (see to transmit confidential information.

Right to object

According Article 21 GDPR, you have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data carried out by the OeNB on the basis of its legal mandate, as laid down in the Federal Act on the Oesterreichische Nationalbank (Nationalbank Act; Article 6 para 1 lit e GDPR), or for the purposes of its legitimate interests (Article 6 para 1 lit f GDPR). For further details, please refer to the section “Your rights as a data subject”.

Right to withdraw your consent at any time

You have the right to withdraw your consent to any consent-based processing of your personal data at any time. Withdrawing your consent will be without prejudice to the lawful use of personal data collected up to the point of consent withdrawal (Article 7 para 3 GDPR).