Here you can find detailed information about what data is collected from visitors to the official websites of the City of Heidelberg, and about what happens to this data. The information is constantly updated, for example to reflect changes in the law.
Below you will also find some information about how you yourself can contribute to the security of your data.
You should bear in mind that this website contains links to other sites on the internet. The City of Heidelberg can accept no responsibility or liability for third-party websites, nor does it have any way of ensuring that the operators of these third-party websites will adhere to the relevant data privacy regulations.
Data privacy obligations
The City of Heidelberg is committed to protecting the privacy of everyone who entrusts it with their data. As a public authority, the City of Heidelberg is subject to far-reaching data privacy regulations based on laws such as the Baden-Württemberg Data Protection Act (LDSG) and the German Telemedia Act (TMG).
Storage of personal data
The City of Heidelberg does not track or gather personal data without the user’s knowledge. We only electronically store personal data that you deliberately transmit to us during a transaction. We maintain rigorous procedural and technical systems to ensure that data gathered from visitors to the City of Heidelberg's websites is afforded particular protection.
Measures taken by users to prevent their personal data from being stored without their knowledge (e.g. blocking cookies or hiding the HTTP referrer or the requesting IP address – see below for more details) will never impair the functionality of this website as a source of information, although these measures may affect the functionality of some of the online citizens’ services.
Use of personal data
We only use your personal data for the purposes for which you transmitted it to us, or about which we previously informed you. In particular, be assured that data will never be passed on to third parties for commercial use unless you have expressly consented to this.
Storage of usage data
Information is automatically collected when a user visits the websites of the City of Heidelberg. This logging of usage data is standard and takes place on every site on the internet. It is not specific to www.heidelberg.de or other websites (e.g. microsites) of the City of Heidelberg.
What data is stored?
The following information is stored each time a page is viewed:
- 1. Name of the file viewed
- 2. Date and time the file was viewed
- 3. Volume of data transmitted
- 4. Notification of whether or not the page was successfully opened
- 5. Operating system used
- 6. IP address of the requesting computer
- 7. Web browser used
- 8. If the file was accessed via a link: the address of the page on which the link was located (called the ‘HTTP referrer’)
The storage of this information does not allow us to build profiles for individual users.
All usage data stored is deleted after no more than 90 days.
Usage data is stored to ensure the smooth functioning of the website, by allowing us to locate errors on the site and take appropriate remedial action.
We want to keep improving our websites and making them more attractive to users. We can only tailor the web content optimally to our users’ needs if we know which parts of the city's websites are viewed most frequently.
To enable us to do this, we use the web analytics program Piwik. Piwik is configured to anonymize IP addresses (by setting the final byte to 0) before storing them. We carry out the web analytics on our own servers, and do not pass the data on to third parties or link it to other databases.
Piwik uses ‘cookies’ – text files saved by your browser to your computer. The cookies gather usage information (including your anonymized IP address), which is transmitted to our server and used for analyzing usage of the website, on the basis of which we can then optimize it. Your IP address is immediately anonymized to ensure that your identity remains unknown to us. The information generated by the cookie about your use of this website is not transmitted to any third parties. You may refuse the storage of cookies by selecting the appropriate settings on your browser, however if you do this you may not be able to use the full functionality of the website. If you do not consent to the storage and evaluation of data about your visit, with a single click you can deny us permission to store and use your data. This places an ‘opt-out cookie’ on your device that prevents Piwik from collecting any usage data.
Important: If you delete the cookies from your computer, the opt-out cookie will also be deleted and you may need to save it again.
Click here if you do not wish for your visit to be logged
When used as described above, Piwik is privacy-compliant, in contrast to similar products from other suppliers.
Cookies on the websites of the City of Heidelberg
The following cookies are used on the websites of the City of Heidelberg:
- A cookie for saving the user’s preferred language when they view pages that are available in several languages. If this cookie is not present, the German version will be displayed as standard.
- Cookie for web analytics
- Other cookies are only used on pages restricted to registered users.
All cookies on www.heidelberg.de originate exclusively from the domain www.heidelberg.de.
All of the latest browsers can be configured not to accept cookies. If absolute anonymity is important to you, you should decline cookies. www.heidelberg.de can be used without cookies, apart from a few exceptions in online citizens’ services.
Protection of usage data
When handling your data we use a secure transmission method called SSL (Secure Sockets Layer). Before it is sent to us, every piece of information is encrypted using this secure method.
The Internet is a public, unsecured network. When you send data over the internet, it passes through a large number of nodes. At any one of these nodes, the data can be viewed by third parties without great difficulty. Data sent over the internet is as easy to access by third parties as, for example, a postcard sent by post.
Encryption is the only way to protect transmission paths through public networks. Encryption means making data unrecognizable (‘encrypting’ it) by a previously-agreed method so that only the intended recipient can read it. The more complex the encryption method, the more secure the connection.
Both the recipient and the sender of the data bear responsibility for ensuring that it is securely encrypted. If you want to convey information securely to the City of Heidelberg, from our point of view that is possible. However, the confidentiality of the data also depends on the security of your software – specifically, your browser. Each individual has a part to play in keeping their own data secure.
How does SSL work?
SSL is a method that was developed by the US company Netscape and is used by most browsers. It is particularly suitable for ensuring the security of point-to-point connections. Following the authentication of the computers involved, and once suitable encryption methods and keys have been agreed, the data are transmitted in both directions in encrypted form. In modern browsers all of this takes place largely unnoticed, without your actively needing to do anything.
Is SSL secure?
SSL is simply a procedure for allowing two computers to agree on how to communicate with one another securely. How they communicate greatly depends on the encryption methods that the two computers are familiar with, and the complexity of the key that they agree to use.
Provided your browser is SSL-compatible, the necessary encryption methods will already be integrated in it. Older browsers do not offer sufficient encryption strength, so it is important that you use one of the more recent browser versions (Netscape version 4.74 or later, MS Internet Explorer version 5.5 or later, Opera 3.5, Konqueror 1.0).
In some cases, online citizens’ services are subject to additional regulations, details of which can be found on the individual web page.
Rights of individuals
By law, users are entitled to demand information about, or ask to see, the personal data held about them. The City’s Data Protection Officer will be glad to help anyone wishing to exercise this right.
Where the data held about you is incorrect, you can demand that it be corrected. Users are additionally entitled to ask for the data held about them to be deleted or blocked.
Data privacy in social media
Social media have established themselves as an integral part of the internet. To make its web presence attractive to as many people as possible, the City of Heidelberg therefore also has pages on YouTube, Twitter and Facebook. Click here for more information about data privacy on social media.
About Google Maps
On some websites, the city of Heidelberg uses Google Maps to visualize geographic information. When using Google Maps, Google also collects, processes and uses data about the use of the map functions by visitors.