Personal Data

What Is Personal Data?

According to the State Commissioner for Data Protection and Freedom of Information in NRW, personal data includes "individual details about the personal or factual circumstances of a specific or identifiable natural person."1 Individual details include:

  • Name, age, marital status, date of birth
  • Address, phonenumber, email address
  • Bank account numbers credit card number
  • Motor vehicle number, registration plate
  • Identity card number, social insurance number
  • Prior convictions
  • Genetic and medical data
  • value judgements (e.g. certificats)

Why Should Personal Data Be Protected?

According to German law, every citizen has the right to informational self-determination. That means he or she may decide if her or his personal data is allowed to be published or used. The Federal Constitutional Court demands "the protection of the individual against indefinite collection, recording and processing of his or her personal data (...) under the circumstances of modern data processing"2 for free evaluation of their personality. Collection, recording and processing of personal data is granted only if the German Data Protection Law (Bundesdatenschutzgesetz, BDSG) or another legal regulation or the data subject provides the permission to do so (see §4 I BDSG). This means, as the data subject you should think carefully about giving your permission to do so. For anyone who is in charge of the collection, recording or processing of data by duty, it means to act responsibly. 

The IT Security Management Team ensures the technical, organisational safety measures according to §9 BDSG are satisfied. If you are in doubt that the current safety measures do satisfy the protective purpose you may contact the IT Security Management Team or the Data Protection Officer.


1) Landesdatenschutzbeauftragter NRW: Personenbezogene Daten (Stand 27. September 2012).
2) BVerfG, verdict of 12/15/1983, Article 1. (Stand 27. September 2012, german).

  • Recommendations

    • Be aware of what data you are giving away to others.
    • Data which has been uploaded to the Internet will stay in the Internet. Removing and deleting information from this network is a really challenging and time consuming task.
    • Make use of backup-strategies and data encryption. This ensures the availability of your data in cases of faults and proetects the data against unauthorized views in cases of theft.
    • Be sceptical towards free-to-use-services. In a lot of cases your payment will be your personal data.