Data Protection

Offices, official agencies, public institutions of the country as well as other legal entities subject to the supervision of the Liechtenstein National Administration (LLV) or third parties acting on behalf of the LLV process personal data. These institutions, hereinafter collectively referred to as public bodies, are subject to the provisions of the Liechtenstein Data Protection Act (DPA) as well as the requirements of the EU Data Protection Regulation (GDPR) in addition to the respective national special legislation, unless otherwise stipulated by law.

The Data Protection Officer for the National Administration ensures the implementation of and compliance with the data protection regulations by the above-mentioned public bodies.

Information in accordance with the requirements of the EU General Data Protection Regulation, in particular Art. 12 to 14 DSGVO:

Which of your data is processed in detail and how it is used depends largely on the relationship you have with one of the above-mentioned public bodies or which public body processes your data for which purpose.

In the following, you will find general information on data protection for all public bodies. This is followed by notes on the use of the website.

General information on data protection for all public bodies

Person responsible

The state administration is responsible for the use of the website of the state administration; the respective public body is responsible for data processing specific to that public body.

This data protection statement is valid for the entire Liechtenstein National Administration and its public offices:

Data Protection Officer for the National Administration

In addition to the responsible office, the Data Protection Officer for the National Administration can also answer questions about the personal data processed about you in the Liechtenstein National Administration.

Data Protection Office

Government Chancellery

Peter-Kaiser-Platz 1

PO Box 684

FL-9490 Vaduz

Telephone 00423 236 7308



Special information on essential terminology, data processing and legal basis as well as the rights of data subjects

Definition of personal data and sensitive data

Personal data is any information relating to an identified or identifiable natural person. No personal data is completely anonymized information. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (IP address) or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Personal data includes in particular information such as your (correct) name, address, or telephone number. This may also include your e-mail address, insofar as this contains your name and your identity can be determined from this. Information without any reference to your identity, e.g. only your age or gender, is not personal data.

Sensitive data is personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. Similarly, the category of sensitive data includes the processing of genetic data, biometric data uniquely identifying a natural person, health data, or data concerning a natural person's sex life or sexual orientation.

Data subject

Data subject means any identified or identifiable natural person whose personal data are processed by the controller.

Collection and processing of personal data

As a rule, you can use the website without actively providing any personal data. However, certain personal data is processed automatically. Details regarding automated data processing can be found below under the point: General information about visiting the website

The collection and processing of personal data by the Office of Social Services is carried out in accordance with the requirements of the EU General Data Protection Regulation (GDPR), the national data protection law and the respective national special law. The processing of personal data by a public body may be carried out, among other things, by collecting, storing, using, transmitting, linking, making available for retrieval or by deleting and destroying.

Legal basis

The activities of the official offices of the Liechtenstein National Administration are based on a respective legal mandate. The specific laws are usually listed on the website of the respective office or linked to the applicable regulations and laws. The legal bases for the processing of your personal data therefore arise at least from Article 6 (1) e) of the General Data Protection Regulation (GDPR) in conjunction with Article 4 of the Liechtenstein Data Protection Act (DPA). These legal bases allow the Liechtenstein National Administration to process your personal data, which is necessary for the fulfillment of the tasks incumbent upon it.

Disclosure of data to third parties

Data is only passed on to third parties within the framework of legal regulations. Services of third party providers can be used, which are then obligated as so-called order processors to comply with the data protection concerns and requirements. The processor is a natural or legal person, authority, institution or other body that processes personal data on behalf of the controller.

In certain circumstances, public bodies may also jointly determine data processing operations with other data controllers. In such cases, joint responsibility is also regulated in accordance with the requirements from the GDPR as well as the DPA.

Data transfer to a third country / outside the EU

If we transfer personal data to service providers outside the EU, this will only be done if the third country has been confirmed by the EU Commission to have an adequate level of data protection or if other appropriate data protection guarantees, e.g. EU standard contractual clauses, are in place. A list of third countries and international organizations with an adequate level of data protection can be found in Annex 1 of the Data Protection Regulation (DPA).

Duration of storage and deletion of personal data

After collection by the respective public body of the state administration, your data will be stored for as long as is necessary for the respective task fulfillment in compliance with statutory retention periods. An overview of the statutory retention periods can be found on the website of the supervisory authority, under the item Services.

The data stored by the state administration will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data of the data subjects are not deleted because they are required for other and legally permissible purposes, their processing will be restricted.

Your rights as a data subject

1 Right to information:

You have the right at any time, informally and without justification, to receive information about the data stored with regard to your person. This also applies to their origin as well as recipients and furthermore to the purpose of the storage. You will receive this information free of charge (Art. 15 DSGVO). Requests for information about your stored data should be addressed directly to the relevant public body or to the Data Protection Unit.

2 Correction, restriction of processing, deletion, complaint, revocation of consent:

In addition, you have further rights, such as the right to correct incorrect data, restriction of processing and deletion of your personal data (Art. 16 DSGVO, Art. 17 DSGVO, Art. 18 DSGVO). In the event of the assumption of unlawful data processing, you can file a complaint at any time with the supervisory authority responsible for us, the Data Protection Service (DSS), If you have given consent to the state administration, you may in principle revoke this consent at any time with effect for the future (Art. 7 DSGVO).

3 Right of objection:

Insofar as we process your personal data not on the basis of consent, but on the basis of a legal fact, such as Art. 6 (1) (e) DSGVO, you may object to the future processing of your personal data at any time for reasons arising from the existence of your particular situation (Art. 21 DSGVO). The existence of a special situation is subject to individual consideration.

If you make use of your above-mentioned rights, we will check whether the legal requirements for this are met.

General information about visiting the website

Voluntary personal data

Our processing of personal data of our users is limited to those data that are necessary for the provision of a functional website and our content and services. The processing of personal data of our users is only carried out for the purposes agreed with them or if there is another legal basis (in the sense of the DSGVO). Only such personal data is collected that is actually required for the implementation and processing of our tasks and services or that you have voluntarily provided to us. These are:

  • Contact data (e.g. mail address)

  • Content data (e.g. text input)

  • Usage data (e.g. websites visited, interest in content, access times)

  • Meta/communication data (e.g. device and browser information, IP address)

  • Data in connection with online forms (e.g. applications, notifications)

As soon as you access a page of our website as well as the online services embedded on our website, the IP address, the URL address of the accessed page, the date and time of access as well as information on the browser (program, version, PC or mobile, etc.) are stored on our web servers in so-called log files (web server log). These logs are used exclusively for technical purposes - e.g. to clarify technical problems - and for information security; they are neither evaluated in any other way nor linked to other data. This logging data is automatically deleted after 48 weeks.

Purpose of processing

Provision of the website in question, its functions and contents Answering contact requests and communication with users Providing the services described in the content Security measures Reach measurement and statistics

Relevant legal basis regarding the website

The legal basis for data processing in connection with our Internet presence are the provisions contained in Liechtenstein legislation for the fulfillment of the tasks of the Liechtenstein National Administration.

Deletion of data by visiting the website

The data processed by us will be deleted or restricted in its processing in accordance with Articles 17 and 18 DSGVO. Unless expressly stated within the scope of this privacy policy, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations.


We use cookies on our website in order to make our offer user-friendly. Cookies are small files that your browser automatically creates and that are stored on your terminal device (laptop, tablet, smartphone, etc.) when you visit our site. This allows us to recognize your browser the next time you visit.

If you do not wish this, you can set up your browser so that it informs you about the setting of cookies and you allow them in individual cases. However, we would like to point out that deactivation will mean that you will not be able to use all the functions of our website.

Mails sent to us

We draw your attention to the fact that - subject to an explicit agreement and configuration - mails sent to us are sent unencrypted.

If you wish to transmit confidential or sensitive information, please contact the appropriate office in advance to agree on a secure way to transmit the data.

Web analysis tool Matomo

We analyze the use of our website with the web analysis tool Matomo. This is used exclusively to optimize the website in terms of user-friendliness and to provide useful information about our services. A combination of this data with other personal data sources or disclosure to third parties does not take place.

The legal basis for the temporary storage of the data and the log files is Art. 6 para. 1 lit. f DSGVO.

No personal analysis takes place. The analyses are based on anonymized data records.

Questions on your part

If you have any questions or comments as a data subject regarding the processing of your personal data by the state administration, please contact the respective office or directly the data protection officer of the state administration using the contact details above.

Supervisory authority as complaint authority

In the event of a complaint to be submitted by you about the Liechtenstein National Administration, the Data Protection Authority is responsible as the supervisory authority and can be reached as follows:

Data Protection Authority Principality of Liechtenstein

Städtle 38

P.O. Box 684

FL-9490 Vaduz

T +423 236 60 90