Name and contact details of the data controller and responsible entity:
Federal Minister of the Interior
Herrengasse 7
1010 Vienna
Telephone: +43 1 53 126-0
Telefax: +43 1 531 26-108613
Email: post@bmi.gv.at
Herrengasse 7,
1010 Vienna
Telephone +43 1 53 126-0
Email: bmi-datenschutzbeauftragter@bmi.gv.at
With the help of the Check-AT app, the following data can be read from the QR code on the ID card: Photograph, name, gender, citizenship, date of birth, issuing state, type of document, ID card number and period of validity.
When the app is started, certificates and test steps are checked for topicality and re-downloaded if necessary. In the course thereof, the IP address and the user agent (name and version of the app) are also logged. No cookies, no sessions and no market research data are collected.
No cookies, no sessions and no market research data are collected.
The purpose of the app is to verify the authenticity of the new Austrian ID card by comparing the identity data read from the QR code with the data printed on the ID card.
The authenticity of the QR code is verified using certificates. The technical protocol is produced to ensure data security and availability of the service.
Section 3 Passport Act, BGBl. No. 839/1992 as amended in conjunction with PassV, BGBl. No. 861/1995 as amended. Art. 32 GDPR.
The identity data is displayed in the app until the user closes the app. Technical log data (incl. IP address and user agent) are deleted after 30 days.
Processor: Österreichische Staatsdruckerei GmbH, Akenes SA - Exoscale; Zammad GmbH; and youniqx Identity AG (for maintenance and support).
Rights of the data subject:
A right of appeal to the Austrian Data Protection Authority (1030 Vienna, Barichgasse 40-42,
Telephone: +43 1 52 152-0, email: dsb@dsb.gv.at) exists in accordance with Section 24 (1) Austrian Data Protection Act (DSG).
The right to the disclosure of information exists in accordance with Art. 15 GDPR.
The right to rectification exists in accordance with Article 16 GDPR.
The right to deletion exists in accordance with Art. 17 GDPR.
A right of objection exists in accordance with Art. 21 GDPR.
The right to the restriction of processing exists in accordance with Art. 18 GDPR.