Data Protection

Information on the protection of personal data

Personal data are personal details or other information about identified or identifiable individuals, including data about their surfing and communication activities on the Internet. Anonymous data, i.e. information which cannot be linked to the identity of an individual (not even via a specific identification number such as an IP address), are not considered personal data (e.g. information on most frequently visited websites or the number of visitors to a website). The Fiscal Advisory Council processes personal data in line with the provisions laid down in the General Data Protection Regulation (GDPR) (EU) and the Austrian Data Protection Act (DSG).

Data security

The Fiscal Advisory Council takes all necessary technical and organizational security measures to protect your personal data against loss and misuse. Your data will be processed in the secure, state-of-the-art operating environment of the OeNB’s IT services (Article 1 para 17 Federal Act on the Establishment of the Fiscal Advisory Council). The OeNB’s IT infrastructure is certified under the international ISO 9001 and 27001 standards.

Access to the Fiscal Advisory Council’s websites is secured via HTTPS. This means that communication between your browser and the OeNB’s servers is encrypted. If you wish to contact the Fiscal Advisory Council or its employees by e-mail, please note that, given the technical configuration of e-mail protocols, the confidentiality of e-mail information cannot be guaranteed. The content of unencrypted e-mails can be viewed by third parties unless special security measures are taken. To transfer confidential information, we therefore recommend using only the contact form or any other secure mode of transfer.

Protection of your personal data when visiting the Fiscal Advisory Council’s websites

  • When you visit one of the Fiscal Advisory Council’s websites, the respective server records the following personal communication data:

  • Web server logging

    When Fiscal Advisory Council websites are accessed, the OeNB’s web server records the following data in a combined log format for the purpose of ensuring appropriate information and system security and saves these data for a period of three years: IP address, username (if required), date and time the site was accessed as well as technical information about the web object retrieved and the browser and operating system used.

    Additional personal information, such as your name, address, telephone number or e-mail address, is not recorded unless you have opted to provide this information in the space provided (e.g. when registering for a newsletter or requesting information via a contact form). The personal data you provide will be processed exclusively for the purpose of dealing with your request. These data will not be transferred to third parties. For the purpose of running the web server, these data are transferred to the OeNB, which acts as the processor (Article 1 para 17 Federal Act on the Establishment of the Fiscal Advisory Council). In case improper use is made of the Fiscal Advisory Council’s websites, log data will be forwarded to the authorities in charge.

  • E-mail alerts / newsletters

    If you register for the Fiscal Advisory Council’s e-mail alerts or newsletters, we will use the personal data you provided, in particular your e-mail address, exclusively for sending you the desired information and on the basis of previous consent (Article 6 para 1 lit a GDPR). You can unsubscribe at any time, either by using the link provided for this purpose in each e-mail alert or by canceling your subscription directly on our website. Your data will be saved until you unsubscribe and will be deleted thereafter. Your data will be transferred exclusively to the OeNB (Article 1 para 17 Federal Act on the Establishment of the Fiscal Advisory Council) and to EWORX CENTER, Hanriederstraße 25, 4150 Rohrbach-Berg, Austria, which, in their capacity as processors, use the data for the purpose of providing this e-mail service. Your data will not be transferred to third parties for them to use for their own purposes.

  • Use of Google Analytics

    Fiscal Advisory Council websites use Google Analytics, a web analysis service provided by Google LLC (“Google”). To provide this service, Google Analytics uses cookies. Cookies are small text files that are stored on your computer and allow the device you use to be identified. This way, website use can be analyzed, which in turn serves to improve website usability. It is not possible, as a rule, to trace data stored in cookies back to a specific person.

    The information generated by using Google Analytics (including your IP address) is transferred to a Google server. To protect your privacy, Google Analytics has been configured in such a way that your IP address will be anonymized immediately after it has been transferred to Google from within any EU or EEA country and that it will be stored by Google exclusively in its anonymized form (anonymizeIp=true). Only in exceptional cases is the full IP address sent to Google servers in the U.S.A. and shortened there.

    On behalf of the Fiscal Advisory Council, Google will use the information gathered to analyze visitors’ use of Fiscal Advisory Council websites and to compile reports on website activities. Google will not match the IP address transmitted from your browser for the purposes of Google Analytics with any other data held by Google.

    By using Fiscal Advisory Council websites you agree to the storage of cookies on your computer and the processing of your personal data as described above. You can prevent the storage of cookies by adjusting your browser settings accordingly; however, this could cause some website functions to become unavailable. Additionally, you can disable Google Analytics by downloading and installing the browser plug-in available at https://tools.google.com/dlpage/gaoptout?hl=en. More information on Google Analytics and on how it processes personal data can be found at https://support.google.com/analytics/answer/6004245?hl=en.

Protection of your personal data during e-mail correspondence with the Fiscal Advisory Council

  • For the purpose of ensuring an appropriate degree of information and system security as well as detecting and handling malware, the e-mail server generates log data on e-mail correspondence and stores them for three years. The e-mail server is operated by the OeNB, which acts as the processor (Article 1 para 17 Federal Act on the Establishment of the Fiscal Advisory Council). When you send an e-mail to a Fiscal Advisory Council or OeNB address, the following data are recorded: recipient’s e-mail address, IP address and hostname; number of recipients; sender’s e-mail address, IP address and hostname; subject, date and time when e-mail was received by server; file name of any attachments; size of message; risk classification for spam and delivery status. These data will not be transferred to third parties. In case improper use is made of the Fiscal Advisory Council’s websites, log data will be forwarded to the authorities in charge.

    E-mails are checked for spam and harmful content. Checking e-mails and filtering spam or malware is automated by default; only in suspicious cases or in case of doubt are individual e-mails scrutinized in more detail by dedicated specialists (in consultation with the recipient if necessary). Misappropriated e-mails or e-mails containing illegal content are forwarded to the authorities in charge. The Fiscal Advisory Council stores e-mails for up to ten years unless longer-term storage is required by the underlying purpose of the e-mail correspondence. For the purpose of providing the e-mail infrastructure, your data are transferred to the OeNB, which acts as the processor (Article 1 para 17 Federal Act on the Establishment of the Fiscal Advisory Council).

Use of photographs and videos by the Fiscal Advisory Council

  • The Fiscal Advisory Council processes photographs and videos of individuals to document its events and activities. With due regard to the rights of individuals shown in photographs and/or videos, the Fiscal Advisory Council makes selected photographs and/or videos available to newspapers and TV programs and/or uses them on its websites and in Fiscal Advisory Council information material. The Fiscal Advisory Council processes this visual material for the purposes of its legitimate interests according to Article 6 para 1 lit f GDPR. The Fiscal Advisory Council stores photographs and videos for archiving purposes in the public interest and deletes them if documentation is no longer required (Article 7 Data Protection Act).

Overview of your rights as a data subject

  • The information provided here refers to Articles 13 and 14 GDPR.

  • Your rights as a data subject

    In fulfillment of its mandate and in safeguarding its interests, the Fiscal Advisory Council frequently processes personal data. This page informs data subjects that are not Fiscal Advisory Council staff members on how their personal data are protected when subject to data processing by the Fiscal Advisory Council. Information on the purpose(s) and legal basis of processing operations, the type(s) of processed data and your rights under the data protection framework is made available below.

    To assert your rights as a data subject, write to the Office of the Austrian Fiscal Advisory Council, c/o Oesterreichische Nationalbank, Otto-Wagner-Platz 3, 1090 Vienna, AUSTRIA, or use the contact form. In doing so, please state, according to the list provided below, in what way your personal data are subject to data processing and clearly specify the details of your request. Moreover, please provide proof of your identity by enclosing a black-and-white copy of an official photo identification (e.g. your passport, driver’s license, identity card) or using a qualified electronic signature within the meaning of Article 3 (12) eIDAS Regulation to prevent improper requests by unauthorized third parties that might endanger the protection of your personal data. For the reasons outlined above, such requests must be made in writing. Should you consider your right to data protection infringed by any processing of your personal data by the Fiscal Advisory Council, you may lodge a complaint with the Austrian Data Protection Authority (DSB) or bring an action before the competent civil court.