This data protection declaration of the City of Bonn is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be easy to read and understand for the public. To ensure this, we would like to explain the terms used in advance.

We use the following terms, among others, in this privacy policy

• (a) personal data
  Personal data is any information relating to an identified or identifiable natural person (hereinafter "data subject"). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
• b) Data subject
  Data subject is any identified or identifiable natural person, whose personal data is processed by the controller responsible for the processing.
• c) Processing
  Processing is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
• d) Restriction of processing
  Restriction of processing is the marking of stored personal data with the aim of limiting its future processing.
• e) Profiling
  Profiling means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.
• f) Controller or controller responsible for the processing
  Controller or controller responsible for the processing is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
• g) Processor
  Processor is a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
• h) Recipient
  Recipient is a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
• i) Third party
  A third party is a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
• j) Consent
  Consent is any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

The controller within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is the

City of Bonn
Citizens' Services
Registry Office Department
Thomas-Mann-Str. 2-4
53111 Bonn (home address)
53103 Bonn (postal address)
Telephone 0228 77-0
E-mail  heiratenbonnde
Website:  www.bonn.de (opens in a new tab)

The address of the data protection officer of the controller is

City of Bonn
Data Protection Office
Bertha-von-Suttner-Platz 2
53111 Bonn
Telephone 0228 77-3465
E-mail  datenschutzbeauftragterbonnde

Any data subject can contact our data protection officer directly at any time with any questions or suggestions regarding data protection.

The City of Bonn uses the online wedding calendar (TKO) as a browser-based web application and is a product of it.x Informationssysteme GmbH, Line-Eid-Str. 1, 78467 Konstanz, Germany. https://www.  tko-online.de/tko/ (opens in a new tab)

With this online service, citizens can book appointments for marriages online. By using the online wedding calendar, you will also receive an automatic email reminder that you need to register your marriage at the registry office in Bonn.

The City of Bonn has concluded an order data processing contract with the company it.x Informationssysteme GmbH in accordance with Art. 28 GDPR. The hosting of this web application is realized by the company Hetzner Online GmbH as a subcontractor.

The personal data entered is encrypted (SSL-encrypted - recognizable by the "https" in front of the Internet address called up) and transmitted to the responsible employees of the registry office of the City of Bonn. Your data will not be forwarded to third parties.

After you have completed the reservation form, you will be redirected to the payment page of our payment service provider. Here you have the option of paying for your reservation by Paypal, direct debit or Giropay. Only once you have done this will your application be successfully submitted and you will receive a reservation confirmation in your mailbox on the service portal.

If you use the online wedding calendar, you consent to data processing for the stated purpose. The data processing is therefore based on your consent (Art. 6 para. 1 lit. a GDPR).

The personal data you provide will be anonymized 30 days after the wedding ceremony and permanently deleted after 24 months.

The applicable data protection law grants you the data subject rights listed below:

- Right to information in accordance with Art. 15 GDPR:

In particular, you have a right to information about your personal data processed by us, the purposes of processing, the categories of personal data processed, the recipients or categories of recipients to whom your data has been or will be disclosed, the planned storage period or the criteria for determining the storage period, the existence of a right to rectification, erasure, restriction of processing, objection to processing, complaint to a supervisory authority, the origin of your data if it was not collected by us from you, the existence of automated decision-making including profiling and, if applicable, meaningful information on the logic involved and the scope and intended effects of such processing on you, as well as your right to be informed of the guarantees pursuant to Art. 46 GDPR if your data is transferred to third countries;

- Right to rectification pursuant to Art. 16 GDPR:

You have a right to immediate rectification of incorrect data concerning you and/or completion of your incomplete data stored by us;

- Right to erasure pursuant to Art. 17 GDPR:

You have the right to demand the erasure of your personal data if the requirements of Art. 17 para. 1 GDPR are met. However, this right does not apply in particular if the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defense of legal claims;

- Right to restriction of processing pursuant to Art. 18 GDPR:

You have the right to request the restriction of the processing of your personal data for as long as the accuracy of your data, which you dispute, is being verified, if you refuse to have your data erased due to unlawful data processing and instead request the restriction of the processing of your data, if you require your data for the establishment, exercise or defense of legal claims after we no longer need this data after the purpose has been achieved or if you have lodged an objection for reasons relating to your particular situation, as long as it is not yet clear whether our legitimate reasons prevail;

- Right to information in accordance with Art. 19 GDPR:

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to notify all recipients to whom the personal data concerning you have been disclosed of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort. You have the right to be informed about these recipients.

- Right to withdraw consent granted pursuant to Art. 7 para. 3 GDPR:

You have the right to withdraw your consent to the processing of data at any time with effect for the future. In the event of revocation, we will delete the data concerned immediately, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal;

- Right to lodge a complaint pursuant to Art. 77 GDPR:

If you believe that the processing of personal data concerning you infringes the GDPR, you have the right to lodge a complaint with a supervisory authority.

The competent supervisory authority for data protection is the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia:

Kavalleriestr. 2-4
40213 Düsseldorf
Telephone: 0211 38424-0
Fax: 0211 38424-10
E-mail:  poststelleldinrwde