Privacy policy
Offices, public agencies, public institutions of the country and other legal entities subject to the supervision of the Liechtenstein National Administration or third parties process personal data on behalf of the Liechtenstein National Administration. These institutions, hereinafter collectively called public bodies, are subject to the provisions of the Liechtenstein Data Protection Act (DPA) and the requirements of the EU General Data Protection Regulation (GDPR) in addition to the respective national special legislation, unless otherwise stipulated by law.
The Data Protection Officer for the National Administration ensures implementation of and compliance with data protection regulations by the aforementioned public bodies.
Information pursuant to the provisions of the EU General Data Protection Regulation, in particular Art. 12 to 14 GDPR:
Which of your specific data is processed and how it is used depends largely on the relationship you have with one of the above-mentioned public bodies or which public body processes your data and for what purpose.
Below you will find general information on data protection for all public bodies. Remarks about the use of the LLV.li website are also listed.
General information on data protection for all public bodies
Data Controller
The National Administration is responsible for the use of the LLV.li website of the National Administration; the respective public agency is responsible for the data processing specific to the agency.
This Privacy Notice applies to the entire Liechtenstein National Administration and its offices:
Data Protection Officer for the National Government
Questions about the personal data processed about you by the Liechtenstein National Administration can be answered not only by the competent public agency but also by the Data Protection Officer for the National Administration.
Competence Center Data Protection (Fachstelle Datenschutz)
Regierungskanzlei, Peter-Kaiser-Platz 1, PO Box 684, FL-9490 Vaduz, Tel. 00423 236 7308, e-mail: Datenschutz@regierung.li, Website: www.fds.llv.li
Special information concerning essential terminology, data processing and the legal basis as well as the rights of data subjects
Definition of personal data and sensitive data
Personal data means all information relating to an identified or identifiable natural person. Fully anonymised information is not considered to constitute personal data. A natural person is considered identifiable if they can be directly or indirectly identified, in particular through attribution to an identifier such as a name, a reference number, locational data, an online reference identifier (IP address) or one or more special characteristics that express the physical, physiological, genetic, psychological, economic, cultural or social identity of these natural persons.
Personal data includes, in particular, information such as your (correct) name, address or telephone number. This may also include your e-mail address, insofar as it contains your name and this can be used to determine your identity. Information that does not contain any reference to your identity, e.g. only age or gender, does not constitute personal data.
Sensitive data constitutes personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership. Similarly, the category of sensitive data includes the processing of genetic data, biometric data uniquely identifying a natural person, health data or data concerning a natural person’s sex life or sexual orientation.
Data subject
The data subject is any identified or identifiable or natural person whose personal data is processed by the data controller responsible for the processing.
Collection and processing of personal data
As a rule, you can use the LLV.LI website without actively providing personal data. However, certain personal data is processed automatically. Details regarding automated data processing can be found below in the section: General information about visiting the website LLV.li.
Sooner or later, all citizens or all natural persons approach a public office of the National Administration with a request. As a rule, the public office will then need to process personal data to process the respective request. The collection and processing of personal data by individual public bodies is performed in accordance with the requirements of the EU General Data Protection Regulation (GDPR), the national Data Protection Act and the respective national special legislation. The processing of personal data by a public office may be performed, inter alia, by collecting, storing, using, transmitting, linking, making available for retrieval or by erasing and destroying.
Legal principles
The activities of the public agencies of the Liechtenstein National Administration are based on their respective legal mandates. The specific laws are usually listed on the website of the respective public agency or linked to the applicable regulations and laws. The legal basis for the processing of your personal data is therefore at least Article 6 Para. 1 e) of the General Data Protection Regulation (GDPR) in conjunction with Article 4 of the Liechtenstein Data Protection Act (DPA). These legal bases allow the Liechtenstein National Administration to process your personal data that is necessary for the fulfilment of the tasks incumbent upon it.
Transfer of data to third parties
Data will be passed on to third parties only within the framework of the statutory provisions. Third-party services may be used, which are then obligated as so-called processors to comply with the data protection concerns and requirements. The processor is a natural person or legal entity, public authority, institution or another body that processes personal data on behalf of the Data Controller.
Under certain circumstances, public bodies may also jointly determine their data processing operations with other data controllers. In such cases, joint responsibility is also regulated in accordance with the provisions of the GDPR and the DPA.
Data transfer to a third country / outside the EU
If we transfer personal data to service providers outside the EU, this will only be done if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other appropriate data protection guarantees, e.g. standard EU contractual clauses, are in place. A list of third countries and international organisations with an adequate level of data protection can be found in Appendix 1 of the Data Protection Ordinance (DPO).
Duration of the storage and erasure of personal data
Following collection by the respective public body of the National Administration, your data will be stored for as long as is necessary for the respective fulfilment of tasks, taking statutory retention periods into account. An overview of the statutory retention periods can be found on the website of the supervisory authority, www.datenschutzstelle.li in the Services section.
The data saved at the National Administration will be deleted as soon as this is no longer required for its original purpose and this is compatible with statutory retention obligations. Insofar as data of the data subject is not erased because it is required for other purposes permitted by law, its processing shall be limited.
Your rights as a data subject
1. Right to request information:
You have the right at any time, informally and without providing grounds, to obtain information about the data stored about you. This also applies to their origin as well as recipients and furthermore to the purpose of the storage. This information will be provided free of charge (Art. 15 GDPR). Requests for information about your stored data should be addressed directly to the relevant public body or to the Competence Center Data Protection.
2. Rectification, restriction of processing, erasure, complaint, withdrawal of consent, data transmission:
In addition, you have other rights, such as the right to correct inaccurate data, to restrict processing and to erase your personal data (Art. 16 GDPR, Art. 17 GDPR, Art. 18 GDPR), as well as data transmission, provided that the requirements are met (Art. 20 GDPR).
In the event of the assumption of unlawful data processing, you can file a complaint with the supervisory authority responsible for us, the Data Protection Authority (Datenschutzstelle – DSS), www.datenschutzstelle.li, at any time. If you have given your consent to the National Administration, you can revoke this consent at any time with effect for the future (Art. 7 GDPR).
3. Right to object:
Insofar as we process your personal data not on the basis of consent but instead on the basis of a legal circumstance such as e.g. Art. 6 Para. 1 e) GDPR, you may object to the future processing of your personal data for reasons arising out of the existence of your particular situation at any time (Art. 21 GDPR). The existence of a special situation is subject to individual consideration.
If you wish to exercise your aforementioned rights, we shall examine whether the statutory preconditions for this have been fulfilled.
General information about visiting the website LLV.li
Voluntary personal details
Our processing of the personal data of our users is limited to the data that is required to provide a properly functioning website as well as our contents and services. We process personal data of our users only for the purposes agreed with you or if another legal basis (within the meaning of the GDPR) exists. We collect only the personal data that is actually required to perform and carry out our tasks and services or that you have made available to us voluntarily. These are:
· Contact data (e.g. e-mail address)
· Content data (e.g. text entries)
· Usage data (e.g. websites visited, interest in content, access times)
· Meta/communication data (e.g. device and browser information, IP address)
· Data in connection with online forms (e.g. applications, notifications)
As soon as you access a page of our website as well as the online services embedded in our website, the IP address, the URL address of the accessed page, the date and time of access as well as information on the browser (program, version, PC or mobile, etc.) are stored on our web servers in so-called log files (web server log). These logs are used exclusively for technical purposes – e.g. to clarify technical problems – and for information security; they are neither evaluated in any other way nor linked to other data. This logging data is automatically deleted after 48 weeks.
Purpose of the processing
· Provision of this website, its functions and contents
· Responding to contact requests and communicating with users
· Rendering the services described in the contents
· Security measures
· Reach measurement and statistics
Relevant legal basis regarding website
The legal basis for data processing in connection with our website are the provisions contained in Liechtenstein legislation for the fulfilment of the tasks of the Liechtenstein National Administration.
Erasure of data generated by visiting the website LLV.li
Data processed by us shall be erased or subject to restricted utilisation pursuant to Arts. 17 and 18 GDPR. Unless expressly specified within the context of this Privacy Notice, the data saved by us will be deleted as soon as this is no longer required for its original purpose and this is compatible with statutory retention obligations.
Cookies
We use cookies on our website in order to make our services more user-friendly. Cookies are small computer files that your browser automatically creates and are saved on your device (laptop, tablet, smartphone etc.) when you visit our website. This enables us to identify your browser the next time you visit.
If you do not want this to happen, you may use browser settings to inform you about the use of cookies, enabling you to permit this on a case-by-case basis. We wish to point out, however, that deactivation will mean you cannot use all of the functions of our website.
Matomo - Web Analysis
We use Matomo, formerly "Piwik", for web analysis. This is an open source web analysis tool that creates evaluations using cookie technologies. These are text files that are stored on your end device (laptop, tablet, smartphone, etc.) and transmit and store information obtained back to us or our processor. This enables us to evaluate and analyze your usage behavior when visiting and using our website. The hosting of the Matomo database is outsourced to our processor, Ops One AG, based in Switzerland. The information generated by means of cookies about your use of our website is not passed on to third parties.
To protect your data, we have made additional configurations in Matomo, your IP address is recorded exclusively shortened, the processing of your personal usage data is thus anonymized. We cannot draw any conclusions about your person.
We understand the evaluations and analyses as part of our Internet service and thus follow our public mandate from Art. 6 (1) e) DSGVO, Art. 4 DSG as well as from the EU Regulation 2018/1724 on the single digital gateway to procedures, etc. Our goal is to constantly improve our website and adapt it to the needs of our visitors. If you do not wish web analytics using your data, you can independently disable the storage of cookies in your browser. However, this may mean that you can no longer use some functions of our website that require identification, e.g. newsletter registration.
If you are interested in further information on the terms of use of Matomo and the corresponding data protection regulations, you will find it on the following website: https://matomo.org/privacy/ .
Search field
The search function built into our website is a service provided by Elasticsearch BV (“Elasticsearch”). This means, inter alia, that your IP address and the search query you enter in this search box will be forwarded to Elasticsearch. You acknowledge and agree that the Privacy Notice of Elasticsearch (under https://www.elastic.co/legal/privacy-statement) applies to your use of the search field.
Feedback function
When you access the feedback function on our website, an e-mail is created. Information about the sub-page from which you accessed the feedback function, as well as the browser you are using and the associated components (e.g. .NET version) are recorded in the subject line. This information is used exclusively to clarify technical problems in connection with your request that you send us via the feedback function. All other information in your e-mail will only be used to process your request.
e-mails sent to us
We draw your attention to the fact that – subject to an explicit agreement and configuration – e-mails to us are sent without encryption.
If you wish to transmit confidential or sensitive information, please contact the relevant office in advance to agree on a secure method to transmit the data.
Newsletter
Entering the salutation, last name and first name is voluntary when registering for one of the newsletters of the Liechtenstein National Administration, and serves merely to address the recipient in the newsletter.
By entering the e-mail address and, if applicable, the salutation, last name and first name, as well as selecting one or more newsletters and transmitting this information to us, you consent to the storage of this information (including the date of registration) on our systems; Art. 6 Para. 1 letter a GDPR. We only use this information for the administration and sending of the newsletters you have chosen.
Each newsletter contains information about how to unsubscribe from the newsletter. If you unsubscribe from a newsletter, the entry of your e-mail address in the relevant newsletter distribution list will be changed to the status “deactivated”. If you are no longer registered for a newsletter, your e-mail address will be deleted from the newsletter system.
Our newsletters do not contain any visible or concealed counters, third-party advertising or links to third-party websites that are not directly linked to the content of our newsletter.
Online forms
All data that you enter in online forms that is transmitted electronically is stored permanently on our systems after selection of the “Send” function, including the date and time of submission. The data entered in online forms is always transmitted in encrypted form (https).
Your details will be processed by the relevant office for the purpose of processing your enquiry and handling it on the basis of Art. 6 Para. 1 Letter e GDPR. Data transmitted to us in the course of contacting us will be processed exclusively for the purpose of processing your enquiry.
This data is used exclusively for the purpose arising out of the online form, as well as for clarifying technical problems and for information security; it is neither evaluated in any other way nor linked to other data.
Electronic identification (lilog/lisign)
All activities that you carry out in connection with electronic identification using lilog or lisign (e.g. registration, logging in, incorrect password entry, changing the user account, etc.) are recorded and permanently stored. Sensitive data such as the username or password are stored in encrypted form and cannot be read by us.
This data is used exclusively for the purpose of electronic identification and to clarify technical problems and for information security.
Privacy notice within the context of the Internal Market Information System IMI
EU single market rules give individuals and businesses the right to move freely around the European Economic Area for work, study, business or other purposes. Where our authorities are involved in the implementation of these regulations, information is shared with competent authorities in other countries as appropriate. Details about the Internal Market Information System IMI are available under the website of the European Commission under the following link: https://ec.europa.eu/internal_market/imi-net/index_de.htm.
Your questions
If you have any questions or comments as a data subject regarding the processing of your personal data by the National Administration, please contact the respective public agency or the Data Protection Officer of the National Administration directly using the above-specified contact details.
Supervisory authority as complaints instance
In the event of a complaint to be submitted by you about the Liechtenstein National Administration, the Data Protection Authority is the competent supervisory authority and can be contacted as follows:
Datenschutzstelle / Data Protection Authority of the Principality of Liechtenstein
Städtle 38, PO Box 684, FL-9490 Vaduz, Tel: +423 236 60 90, e-mail: info.dss@llv.li
Website:www.datenschutzstelle.li .