Data privacy statement
Personal data are personal details or other information about identified or identifiable individuals, including data about their surfing and communication activities on the Internet. Anonymous data, i.e. information which cannot be linked to the identity of an individual (not even via a specific identification number such as an IP address), are not considered personal data (e.g. information on most frequently visited websites or the number of visitors to a website). The OeNB processes personal data in line with the provisions laid down in the General Data Protection Regulation (GDPR) (EU) and the Austrian Data Protection Act (DSG).
Data protection officer
The OeNB’s Data Protection Officer is Bernhard Horn, please find the contact details below.
The OeNB takes all necessary technical and organizational security measures to protect your personal data against loss and misuse. Your data will be processed in a secure, state-of-the-art operating environment. The OeNB’s IT infrastructure is certified under the international ISO 9001 and 27001 standards.
Access to the OeNB’s websites is secured via HTTPS. This means that communication between your browser and the OeNB’s servers is encrypted. If you wish to contact the OeNB or its employees by e-mail, please note that, given the technical configuration of e-mail protocols, the confidentiality of e-mail information cannot be guaranteed. The content of unencrypted e-mails can be viewed by third parties unless special security measures are taken. To transfer confidential information, we therefore recommend using only the contact form or any other secure mode of Transfer.
Protection of your personal data when visiting the OeNB’s websites
When you visit one of the OeNB’s websites, the respective server records the following personal communication data:
Web server logging
When OeNB websites are accessed, the web server records the following data in a combined log format for the purpose of ensuring appropriate information and system security: IP address, username (if required), date and time the site was accessed as well as technical information about the web object retrieved and the browser and operating system used. For further details, see the corresponding documentation under “Processing of personal data by the OeNB” below.
Additional personal information, such as your name, address, telephone number or e-mail address, is not recorded unless you have opted to provide this information in the space provided (e.g. when registering for a newsletter or requesting information via a contact form). The personal data you provide will be processed exclusively for the purpose of dealing with your request. These data will not be transferred to third parties. In case improper use is made of the OeNB’s websites, log data will be forwarded to the authorities in charge.
Social media plug-ins
Many OeNB websites connect to social media networks via social media plug-ins. These plug-ins are initially deactivated when the respective OeNB website is accessed, which means they do not transfer any data to these social media services. Personal data will be transferred to the selected service only if you activate a plug-in by clicking on the corresponding control icon (“two-click solution”). The selected service will then receive the information that you have visited an OeNB website from your IP address. If you click on the plug-in while logged in to the selected service, you can share content from the respective OeNB websites on your profile. This allows the service to assign your visit to the OeNB’s websites to your user account. Please note that, as website operator, the OeNB does not receive any information about the content of the transferred data or on how these data are used by the service in question.
By activating and using a social media plug-in, you agree to the subsequent transfer of personal data to the selected service. More information on how the respective services use your personal data can be found in the data privacy statements provided by the selected service(s):
- Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland
- Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA
- Twitter International Company, The Academy, 42 Pearse Street, Dublin 2, Ireland
Use of Google Analytics
The information generated by using Google Analytics (including your IP address) is transferred to a Google server. To protect your privacy, Google Analytics has been configured in such a way that your IP address will be anonymized immediately after it has been transferred to Google from within any EU or EEA country and that it will be stored by Google exclusively in its anonymized form (anonymizeIp=true). Only in exceptional cases is the full IP address sent to Google servers in the U.S.A. and shortened there.
On behalf of the OeNB, Google will use the information gathered to analyze visitors’ use of the OeNB’s websites and to compile reports on website activities. Google will not match the IP address transmitted from your browser for the purposes of Google Analytics with any other data held by Google.
By using OeNB websites you agree to the storage of cookies on your computer and the processing of your personal data as described above. You can prevent the storage of cookies by adjusting your browser settings accordingly; however, this could cause some website functions to become unavailable. Additionally, you can disable Google Analytics by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=en. More information on Google Analytics and on how it processes personal data can be found at https://support.google.com/analytics/answer/6004245?hl=en.
Protection of your personal data during e-mail correspondence with the OeNB
For the purpose of ensuring an appropriate degree of information and system security as well as detecting and handling malware, the OeNB e-mail server generates log data on e-mail correspondence and stores it for three years. When you send an e-mail to an OeNB address, the following data are recorded: recipient’s e-mail address, IP address and hostname; number of recipients; sender’s e-mail address, IP address and hostname; subject, date and time when e-mail was received by server; file name of any attachments; size of message; risk classification for spam and delivery status. These data are not transferred to third parties. In case improper use is made of OeNB websites, log data will be forwarded to the authorities in charge.
E-mails are checked for spam and harmful content. Checking e-mails and filtering spam or malware is automated by default; only in suspicious cases or in case of doubt are individual e-mails scrutinized in more detail by dedicated specialists (in consultation with the recipient if necessary). Misappropriated e-mails or e-mails containing illegal content are forwarded to the authorities in charge. The OeNB stores e-mails for up to ten years unless longer-term storage is required by the underlying purpose of the e-mail correspondence
Use of photographs and videos by the OeNB
The OeNB processes photographs and videos of individuals to document its events and activities. With due regard to the rights of individuals shown in photographs and/or videos, the OeNB makes selected photographs and/or videos available to newspapers and TV programs and/or uses them on its websites, in OeNB information material and in the social media, e.g. on Facebook, Twitter or YouTube. The OeNB processes this visual material for the purposes of its legitimate interests according to Article 6 (1) (f) GDPR. The OeNB stores photographs and videos for archiving purposes in the public interest and deletes them if documentation is no longer required (Article 7 DSG).
Overview of your rights as a data subject
The information provided here refers to Articles 13 and 14 GDPR.
Your rights as a data subject
In fulfillment of its mandate and in safeguarding its interests, the OeNB frequently processes personal data. This page informs data subjects that are not OeNB staff members on how their personal data are protected when subject to data processing by the OeNB. Information on the purpose(s) and legal basis of processing operations, the type(s) of processed data and your respective rights under the data protection framework is made available below. (OeNB staff members will find the relevant information on the OeNB’s intranet.)
To assert your rights as a data subject, send a letter to “Oesterreichische Nationalbank, Abteilung ITS/Datenschutz, Otto-Wagner-Platz 3, 1090 Vienna, AUSTRIA” or an e-mail to email@example.com stating, according to the list provided below, in what way your personal data are subject to data processing by the OeNB, and clearly specifying the details of your request. Moreover, please provide proof of your identity by enclosing a black-and-white copy of an official photo identification (e.g. your passport, driver’s license, identity card) or using a qualified electronic signature within the meaning of Article 3 (12) eIDAS Regulation to prevent improper requests by unauthorized third parties that might endanger the protection of your personal data. For the reasons outlined above, such requests must be made in writing. Should you consider your right to data protection violated by any processing of your personal data by the OeNB, you may file a complaint with the Austrian Data Protection Authority (DSB) or bring an action before the competent civil court.
Processing of personal data by the OeNB
The following documents provide detailed information on the different ways the OeNB processes personal data. Currently, the documents are only available in German, the translation is in progress.
- Anrufprotokollierung Sicherheitsdienst (PDF), 71 kB
- Aus- und Weiterbildungsverwaltung (PE-Tool) (PDF), 107 kB
- Bankhistorisches Archiv (PDF), 99 kB
- Bargeldschulung (PDF), 107 kB
- Bargeldtausch (PDF), 105 kB
- Bürokommunikation und Kontaktverzeichnisse (PDF), 111 kB
- Datenbank für sonstige Zuwendungen an Dritte (PDF), 122 kB
- Dokumentation geldpolitischer Geschäfte (PDF), 76 kB
- Ein- und Verkaufsmanagement (PDF), 138 kB
- Falschgelddatenbank (Setra) (PDF), 91 kB
- Fotos und Videos (PDF), 83 kB
- Gemeinsame Datenbank der FMA und der OeNB für bankaufsichtliche Analysen (PDF), 73 kB
- Gesprächsprotokollierung FRONT (PDF), 65 kB
- JVI-Aufsicht und -Kursmanagement (PDF), 108 kB
- Kontaktplattform CESEE (PDF), 96 kB
- Management- und Beteiligungsdokumentation (PDF), 118 kB
- Museumsverwaltung (PDF), 101 kB
- Newsletter (PDF), 94 kB
- OeNB-Jubiläumsfonds (PDF), 138 kB
- Rechnungswesen und Controlling (PDF), 133 kB
- Statistik-Hotline Ticketsystem (PDF), 87 kB
- Teilnahme an Gewinnspielen (PDF), 88 kB
- Veranstaltungsmanagement (PDF), 100 kB
- Videoüberwachung (PDF), 85 kB
- Visiting Research Program (PDF), 82 kB
- Zugriffsberechtigungsverwaltung - myOeNB-Portal (PDF), 94 kB