Determine relevance of §8 section 1 OZG for Neo iOS app (Legal bases for data processing)

Problem

• According to §8 section 1 OZG, to determine the identity of the user of a citizen-account (Bürgerkonto), the following data may be processed to the extent necessary:
  • Data is covered under § 18 (3) PAuswG: Family name (surname), birth name (if different), given name(s), academic title/doctoral degree (if any), date of birth, place of birth, photograph (portrait/photo), signature, address (residence), nationality, card serial number/document number, machine-readable data zone (MRZ), biometric data (stored on the chip), e.g. fingerprints (when stored).
  • eID UId, or EU Id UId, and main box reference.
• When logging in with an identity card, eID card, or residence permit, the service- and card-specific identifier and address are transmitted. If a notified European eID service or other electronic service of identification is used, only the unique identifier of this service is transmitted.
• How does §8 section 1 OZG affect the Neo iOS app's data processing?

Goal

As data will be processed in the app, check relevance of §8 section 1 OZG for iOS Neo app.

ACs

• Determine if/ which of the in the § 18 (3) PAuswG describe data will be processed within the Neo iOS app.
• If any in § 18 (3) PAuswG defined allowed data to be processed are relevant within the Neo context, document how to best address this in #356 .

Notes/ resources

• See:
  • OZG_19 in Req-Documentation / Nextcloud

Who needs to be involved / informed

• reviewers:
• involved:
• informed: