Below, we provide information about the processing of your personal data on the City of Wiesbaden’s collaboration platform, which is based on Nextcloud, as well as the rights and entitlements you have under data protection regulations. 

The controller within the meaning of the General Data Protection Regulation (GDPR) and other national data protection laws of the Member States, as well as other data protection regulations, is  

With regard to data processing in connection with the registration and operation of Nextcloud by the State Capital of Wiesbaden: 

City of Wiesbaden
, represented by the City Council

Office for Innovation, Organization & Digitalization
Organizational Unit: 150230
Hasengartenstraße 21
65189 Wiesbaden
Phone: 0611 314163
Email: appservicewiesbadende 

Regarding the storage of personal data contained within the shared files and their transmission by the City of Wiesbaden:

The respective offices and departments of the State Capital of Wiesbaden
Schlossplatz 6
65183 Wiesbaden
Phone: 0611 310
Email: buergerreferatwiesbadende 

To the extent that external parties upload data via Nextcloud, they are responsible under data protection law for the transmission of such data to the City of Wiesbaden. The same applies with regard to the further use of data received via Nextcloud. 

Data Protection Officer for the State Capital of Wiesbaden
Data Protection Officer for the State Capital of Wiesbaden
Wilhelmstraße 32
65183 Wiesbaden
Phone: 0611 313083
Email: datenschutzwiesbadende

The Information Security Officer for the State Capital of Wiesbaden
Hasengartenstraße 21
65189 Wiesbaden
Phone: 0611 31780
Email: it-sicherheitwiesbadende

The platform, based on the open-source application Nextcloud (hereinafter referred to as "Nextcloud"), is a central cloud storage service with integrated additional features for storing and sharing documents. It is available to all employees of the City of Wiesbaden and is used for digital collaboration within the administration as well as with external partners. Selected external individuals are granted access to the City of Wiesbaden’s Nextcloud-based collaboration platform for this purpose, enabling them to exchange project-related files and collaborate.

The "Nextcloud" system, featuring the "Nextcloud Files" module, is used for storing and sharing files and is available to all employees of the City of Wiesbaden. The technological foundation is the open-source software "Nextcloud" from the German company Nextcloud GmbH.

The provision and technical operation of Nextcloud are handled by WIVERTIS GmbH in the city’s data center. Employees of the Office for Innovation, Organization, and Digitalization, IT Management Division, of the City of Wiesbaden are responsible for the technical support of the system.

The "Keycloak" application is responsible for user authentication and authorization and is used in conjunction with Nextcloud. It serves in particular for the authentication and authorization of external user accounts as well as for identity management.  

Your data is processed in Nextcloud for the following official purposes:

• Storing files for official collaborative use within the administration of the State Capital of Wiesbaden.
• Sharing files across departments and agencies.
• Temporary sharing of files with external service providers or cooperation partners of the State Capital of Wiesbaden.
• Management of access rights for files shared with external parties or for sharing within the city administration.
• Ensuring the security and functionality of all services necessary for the operation of the system.

When using the "Nextcloud" applications, the following types of data are required or generated as a result of using the application.

a. Inventory and authentication data:

• Username: the identifier (internal) and the email address (external) used to make changes to files;
• User group: only for LHW employees;
• Contact information (work-related) (e.g., email address, phone number) or (private/external) (e.g., email address);
• Personal data: First and last name:
• Role and team affiliation: Organizational unit for LHW employees;
• Data entered on a voluntary basis in Nextcloud’s personal information (phone number, location, date of birth, language, locale, first day of the workweek, website, X-handle, online name in the Fediverse, profile picture).

b. Administrative data:

Every access to a page of the "Nextcloud" application and every retrieval of a stored file is logged by a web server in log files. The storage serves internal and system-related purposes. The following is logged:

• which file was requested;
• the name of the file;
• the date and time of the request;
• the amount of data transferred;
• the access status (file not found, file transferred, etc.).

c. Technical data:

• the IP address of the accessing device (both external and internal) on the web server/web proxy;
• the type of web browser used;
• Date of login;
• Start of session;
• Technical usage data (e.g., cache contents, generated index data, versions, error messages, log files);
• Technical data in the database (e.g., login date, session start time), which is read directly from the municipal AD (Active Directory) or other AD-like systems (e.g., Keycloak). No storage takes place within the process or on the involved systems.
• Cookies: On the internal site: https://cloud.wiesbaden.de (opens in a new tab) and the external site https://ext.cloud.wiesbaden.de/login (opens in a new tab), only cookies that are absolutely necessary for the use of Nextcloud are used. You can find further information about cookies at the following link: https://docs.nextcloud.com/server/latest/admin_manual/gdpr/cookies.html (opens in a new tab)

d. Content data and special categories of personal data:

• Content and communication data generated by internal and external users (e.g., documents, graphics, images, audio and video files, notes, and comments).
• The content of the documents stored in Nextcloud is indirectly affected. It cannot be technically ruled out that the stored documents contain personal data. Furthermore, it is possible that these documents or other content files contain sensitive, confidential, or personal information within the meaning of Article 4(1) of the GDPR. This includes, in particular, data subject to special protection under Article 9(1) of the GDPR, as well as information about vulnerable natural persons, in particular children. There is no automatic detection or processing of such content.

The processing of personal data of city employees is based on their employment contracts or is carried out to fulfill official duties as part of their daily work.

The responsibility under data protection law for the processing (in particular storage and transmission) of the personal data contained in the documents uploaded by the city lies with the respective departments and offices. In particular, these must ensure that there is a legal basis for data transmission via Nextcloud. The same applies to the storage and further processing of data uploaded by external individuals.

The legal basis for data processing is:

• Art. 6(1)(a) GDPR, provided that the processing is based on the data subject’s consent.
• Art. 6(1)(b) GDPR, provided that the processing is necessary for the performance of a contract to which the data subject is a party, or for the implementation of pre-contractual measures taken at the data subject’s request.
• Art. 6(1)(c) GDPR in conjunction with a provision of EU or national law, provided that the processing is necessary for compliance with a legal obligation;
• Art. 6(1)(e) GDPR in conjunction with a legal basis under EU or national law, provided that the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

For the aforementioned purposes, it is absolutely necessary to collect and process the specified personal data, as the individual process steps build upon one another. Only the data necessary for creating a profile and for the smooth technical operation of the software is processed. 

As a general rule, we process and store your personal data only for as long as is necessary to fulfill the purpose of processing.

Unless a specific retention period is stated below, your data will be deleted or blocked as soon as the purpose for which it was stored no longer applies. 

The personal data of city employees is stored for the duration of their employment and their affiliation with the city administration. This is particularly the case:

• when actively using Nextcloud,
• while employed by an office, department, or division of the State Capital of Wiesbaden (LHW),

Upon leaving the organization, personal data in Nextcloud is automatically deleted.

User data for external users without a user account is stored for as long as at least one of the following conditions is met:

• There are active shares of folders or files by city employees.
• There is a legal retention requirement.
• The expiration date defined as part of the sharing has not yet been reached.

Once all of the above conditions no longer apply, the user data will be deleted, provided there are no other legal reasons preventing deletion.

User data for external users with a user account is stored in the same way as data for external users without a user account. In addition, the following user data is collected for external user accounts:

• Personal data of external users is collected and stored only to the extent necessary for creating a user account with full access to the external Nextcloud instance.
• The administration and assignment of permissions is handled by the support team in the relevant department via a separate external user interface.
• External user accounts are deactivated after three months of inactivity and deleted after a defined retention period.
• Reactivation of deactivated external user accounts is possible exclusively through the support team at the department responsible for managing external user administration.

Once all of the above requirements no longer apply, the user data will be deleted, provided there are no other legal grounds preventing such deletion.

• Within the Nextcloud interface, users can voluntarily provide personal information (e.g., profile information).
• This information can be deleted at any time by the user.
• Unless manually deleted, the voluntarily provided data is automatically removed when the respective user account is deleted.

Personal data is deleted in accordance with data protection requirements. This process is determined by the specific purpose of use, organizational responsibilities, and the technical capabilities of the system.

Deletion of Documents

• Administrators generally do not delete documents at the system level.
• The responsibility for deleting content and communication data (e.g., files in group or project folders) lies with the respective users. They have the option at any time to delete content they have created on their own.
• Documents stored in the personal folders of city employees are deleted after they leave the service in accordance with the guidelines of the user management process.

Deletion and Modification of User Permissions

• The modification or deletion of user permissions, as well as the adjustment of group memberships, is carried out as part of the standardized municipal user management process. The deletion of personal content occurs automatically upon the removal of the user account when the user leaves the city administration.
• This process is established both organizationally and technically and is continuously monitored by the responsible departments.
• The processes and deadlines for deleting external user accounts are included in the privacy policy of the “Keycloak” application.

Log Data

• The log files generated during system use are securely stored on all relevant systems of WIVERTIS GmbH for approximately 30 days.
• The deletion of this log data occurs through a rolling process: old data is automatically overwritten by new data.
• An evaluation or consolidation of the log information takes place exclusively as part of an error analysis, to the extent that this is technically necessary.
• A direct personal reference is generally not possible; there is no systematic linking to other data sets.
• No further storage or analysis of the logs takes place.

However, storage may also occur in the event of an (imminent) legal dispute with you or other legal proceedings, or if storage is required by legal regulations to which we, as the controller, are subject. The data will also be blocked or deleted when a retention period prescribed by the aforementioned standards expires, unless further storage by us is necessary and there is a legal basis for it.

Personal data of city employees is integrated into Nextcloud exclusively via the city’s Active Directory. Personal data of external users with an external user account is stored exclusively in the “Keycloak” application. Beyond this, no further personal data is currently collected or stored in Nextcloud.

The log files generated are limited to the minimum technically necessary and are securely stored for approximately 30 days on all WIVERTIS GmbH systems involved in the processing. They are then overwritten through an automated, rolling process. The login and logout times of municipal users are not stored. Any analysis or consolidation of the information contained therein takes place exclusively as part of a necessary error analysis. It is not possible to identify individual persons, and no further storage or merging with other data takes place.

Documents in group or project folders are not deleted at the administrative level. Users have the option at any time to independently delete content and communication data they have generated. Documents stored in the personal folder are deleted accordingly when the municipal employee leaves the organization or when the external user account is deleted.

Data shared by the City of Wiesbaden via Nextcloud is transmitted to the recipients of the shared files. Otherwise, the data we store is generally not disclosed to third parties.

However, in order to fulfill our tasks and obligations, it may be necessary for us to disclose the personal data stored about you to natural and legal persons, authorities, institutions, or other entities. 

The following categories of recipients are particularly relevant in this context:

Within the municipal IT service provider WIVERTIS GmbH, all Nextcloud administrators have access to all data pertaining to all individuals. WIVERTIS GmbH acts as a data processor for the City of Wiesbaden pursuant to Article 28 of the GDPR.

WIVERTIS GmbH does not use any sub-processors for the operation of Nextcloud and therefore does not disclose any data to third parties in the context of technical operations.

Within the city’s offices, departments, divisions, and specialized units, access to data in connection with the use of Nextcloud is governed by the rights and roles framework.

Use of the service is subject to a differentiated role and authorization concept that regulates access to data and functions based on the assigned role. City employees are granted basic access to official and personal folders relevant to them.

Extended administrative permissions for managing project folders, groups, or for technical system administration are reserved exclusively for specialized roles such as project, department, or system administrators. External users may be granted access to content explicitly shared with them, either temporarily via public links without their own account or permanently via a separate user account with access to the web interface.

Every user is obligated to use the service exclusively within the scope of their assigned role and the associated permissions.

External individuals accessing Nextcloud from outside the municipal network are granted access to data only if there is a legal basis for disclosing the data or if consent has been obtained.

As a general rule, the data we store is not transferred to entities in third countries or to international organizations. This may occur only in specific exceptional cases, subject to the conditions set forth in Articles 44 et seq. of the GDPR.

If your personal data is processed, you are a data subject within the meaning of the GDPR and you have the following rights vis-à-vis the controller:

You can request information about your personal data processed by us in accordance with Art. 15 GDPR. In your request for information, you should specify your request in order to make it easier for us to compile the necessary data. Please note that your right to information is restricted by the provisions of Sections 24 (2), 25 (2), 26 (2) and 33 HDSIG.

If the information concerning you is not (or no longer) correct, you can request a correction in accordance with Art. 16 GDPR. If your data is incomplete, you can request that it be completed.

You can request the erasure of your personal data under the conditions of Art. 17 GDPR and Section 34 HDSIG. Your right to erasure depends, among other things, on whether the data concerning you is still required by us to fulfill our legal duties.

Within the framework of the provisions of Art. 18 GDPR, you have the right to request that the processing of data concerning you be restricted.

In accordance with Art. 21 GDPR, you have the right to object to the processing of data concerning you at any time for reasons arising from your particular situation. However, we cannot always comply with this, e.g. if a legal provision obliges us to process data within the meaning of Section 35 HDSIG as part of our official duties.

If the data processing is based on your consent (Art. 6(1)(a) GDPR, Art. 9(2)(a) GDPR), you have the right to withdraw this consent at any time with future effect. Please note that the withdrawal does not affect the lawfulness of the data processing carried out on the basis of your consent prior to the withdrawal; in other words, such processing does not become unlawful retroactively as a result of the withdrawal. 

The data protection supervisory authority responsible for us is:
The Hessian Commissioner for Data Protection and Freedom of Information
Gustav-Stresemann-Ring 1
65189 Wiesbaden
Phone: 0611 14080
Email: poststelledatenschutz.hessende