Information - Data protection - Impressum


About Arcinsys - Data protection - Impressum

Information about Arcinsys

The archival information system Arcinsys is a web-based application. It can be used from any computer connected to the Internet with an up-to-date browser without the local installation special software.

Both external users and archives employees access the same system. Different information is displayed according to the function of the person using the system. The earlier division between acquisition software and web presentation is no longer required. This web-based application facilitates the joint use of the archival information system by an associated group of several archives.

Arcinsys was developed as Version 2 of the previous Hessian Archive Documentation and Information System HADIS. The Arcinsys modules Navigator (navigating research, description) and Search (full-text search, identifier search) are based on HADIS components. In addition, Arcinsys has the following modules: Order (memo list, order function), Request (requests for access, approval administration), Access (issuing, accessing, reading room administration), Transfer (advice for authorities, appraisal, access administration), Management (index planning, inventory maintenance), Storage (stacks management), Administration.

Arcinsys uses the representation model for analogue and digital archival material. Each archival item description thus describes an information object as a logical unit rather than as a physical unit. An archival item can have several physical representations associated with it, – e.g. the original on paper, its microfiche image and the digital copy for access. For objects that are originally digital, several representations can reproduce different migration levels. The user orders an archival item for access; the archives provides a representation for access.

Arcinsys uses exclusively freely reusable software components. Other archives can therefore reuse the software without third-party licence restrictions.

Data protection in the archival information system

Arcinsys uses a differentiated authorisation model in order to protect personal data as well as possible. The personal data saved in the system are description data contained in the archival material on the one hand. On the other hand, personal data of the system users and thus also of the archival employees, are processed.

Described data for archival material

Storing and publishing personal data from the description of archival material is subject to the General Data Protection Regulation of the EU and to the applicable archival law (federal, state, and archival acts and regulations: Landesarchivgesetz, Bundesarchivgesetz, Archivsatzung, etc.). As a rule, archival material can be viewed and analysed after a period of protection that is laid down in the respective regulation. If a period of protection is still valid, Arcinsys will notify you of it. In this case, the archival item can normally not be ordered and accessed. The description data (metadata) for such an archival item can nevertheless be visible in Arcinsys even before the period of protection has expired if such publication does not disclose information that is to be protected. Description data containing personal data that is protected, however, can only be accessed in Arcinsys by the employees responsible at the repository archives.

User data

The protection of the personal data of the users of Arcinsys is subject to the applicable data protection law (in particular the General Data Protection Regulation of the EU and the applicable state data proection act "Landesdatenschutzgesetz"), the provisions of which are implemented as follows:

Arcinsys can be used without prior log in. It is possible to conduct research in the published described data. No personal data will be stored if you use Arcinsys in such a manner.

The application uses cookies for optimal performance. Cookies are small data files stored on the users computer by the browser. The cookies are automatically deleted at the end of the session or when the browser is closed. By using the application, you consent to our cookies.

The operator of this application collects protocol data on each access (so-called server logfiles). These protocol files ensure the technical functions and security of the application. The provider reserves the right to subsequently check the protocol files if there is reasonable suspicion based on concrete evidence of an unlawful use. The protocol files are deleted regularly after brief intervals.

Users who register and create a user account in Arcinsys store their personal data themselves. The mandatory details are a self-selected, unique username, last and first name, an e-mail address, and the date of birth. These data are stored in the application to offer the user customised access to certain additional features of the programme. Logged-in users can keep an individual memo list and submit requests for access at archives. When they are logged in, they can change the data they entered in the registration process at any time under the menu item "My data". Only the username cannot be changed.

The username and the password are necessary for logging in to Arcinsys. Instead of the password, a checksum value is created and saved in the database so that the password cannot be accessed or viewed even by the technical administrators of the application. The e-mail address collected with registration is used exclusively for enabling the user to reset a forgotten password. The e-mail address is not forwarded to the archives. If a user is to be assigned to an archives in Arcinsys with the status of an employee, she or he discloses her or his personal data (last name, first name, and username) to the archival administrator for the purpose of unique identification prior to authorisation.

Further details (e.g. address data) can be stored in addition to the mandatory fields when registering. The stored details are automatically adopted to later requests for access, thus serving for more user friendliness. Archives only receive these data from registration and user account when a request for access is submitted. The data adopted from registration can be changed (corrected) when filling out the request for access. Non-mandatory data (such as the e-mail address) can also be removed from the form. After a request for access has been submitted and the page closed, these data can no longer be changed. The data are made accessible to the contacted archives by submitting the request.

The data in requests and in approvals for access, as well as information about submitted and accessed archival items can be viewed by the user herself or himself and by authorised employees of the archives of access. It is permissible to process the data in the described manner as this is necessary for the lawful fulfillment of the archival duties.

Only the owner of a user account herself or himself can make entries into her or his memo list and access the memo list. Even when a request for access has been submitted, the archives cannot access these data. Saving items to a memo list is only required temporarily for sending orders to an archives. After transmitting the order, the user herself or himself can delete the data from the memo list.

Information in accordance with the EU General Data Protection Regulation

The following specifications pertain both to personal data relating to a data subject that are collected from the data subject (Article 13) and to personal data that have not been obtained from the data subject (Article 14).

The personal data provided by you are processed for the purpose of handling your registration, your request, and your access according to the applicable archival regulations and for statistical purposes. The legal basis for processing the data from your registration and from your request for access is Article 6, paragraph 1, point b GDPR (performance of a contract or steps prior to entering into a contract).

The controllers processing the personal data from registrations, user accounts, and memo lists can be found here.

The controllers processing the personal data from requests for access, orders of archival items, accesses to archival items, and the improvement function in Arcinsys can be found on the Arcinsys detail page of the particular archives where the request was submitted or where the archival items were ordered or accessed. The link to the particular detail page can be determined via the page "Participating archives"(

The responsible data protection officers can also be contacted via the addresses listed there.

The period for which the personal data will be stored is described below in the subsection "Deletion of data".

Data subjects have the right to request from the controller information on, access to, and, where applicable, rectification of the personal data concerning them. Under certain conditions, they have the right to erasure of personal data or restriction of processing of personal data concerning them, or to object to such processing, as well as the right to data portability.

Data subjects have the right to withdraw consent at any time to the processing of their data. The processing of data based on consent before its withdrawal remains lawful.

Data subjects have the right to lodge a complaint with the state officer for data protection.

Personal data collected from the data subject for registration, in the user account, or for requests for access, orders of archival items, and accesses to archival items, are required for being able to access archival items according to the applicable archival law. There is no legal obligation to provide such data. Failure to provide the data will usually make it impossible to gain access to archival material.

The recipient of the collected data is either the provider of the application or the particular archives. The subsection "User data" above explains in detail who has access to which data.

If the data are not obtained from the data subject, the archives will collect the data from its own findings in order to document approvals for access and issuing of archival items.

Employee data

It is necessary to store personal data of archival employees together with their assigned roles and authorisations in order to be able to reproduce the statutory duties in the system. The employees can only access those personal data that are in their range of authorisation. Storing personal data of employees is required for conducting internal organisational functions and it is therefore admissible. The data cannot be used for unlawful behaviour or performance monitoring. The name of an employee is only linked to an action when the employee approves or dismisses a request for access.

Deletion of data

Insofar as not prescribed otherwise by regulations, user account data will be automatically deleted by the system 5 years after their last use. User data relating to a specific intent of access and to a specific archives will, however, not be automatically deleted. These data will be deleted from the system by the respective archives after expiration of the storage period as laid out by regulations.


Provider according to the German telemedia act §5 Telemediengesetz and the state treaty on broadcasting and telemedia §55 Para. 1 Staatsvertrag über Rundfunk und Telemedien (Rundfunktstaatsvertrag - RStV):

Landesarchiv Schleswig-Holstein
24837 Schleswig, Germany
Phone: +49 (0)4621 8618 - 00

Responsible: Prof. Dr. Dr. Rainer Hering, President

Contact person

Wulf Pingel, Landesarchiv Schleswig-Holstein


Technical operation


Copyright and third-party rights

Some of the contents on this Internet site are protected by copyright. Images, diagrams, texts, marks or other works and services may wholly or partly be subject to third-party rights.

Liability disclaimer

1. Content of the website

The author assumes no responsibility for the topicality, correctness, completeness or quality of the information. Liability claims against the author based on material or immaterial damages, which were caused by the use or non-use of the presented information or by the use of faulty and incomplete information, are generally excluded, insofar as neither intentional nor grossly negligent behaviour on the part of the author is involved.

All offers are non-binding and without obligation. The author expressly reserves the right to change, amend, delete or cease parts of the pages or the entire publication temporarily or permanently without giving prior notice.

2. References and links

Where there are direct or indirect references to external websites ("links") that lie outside of the authors area of responsibility, an obligation to assume liability shall solely enter into force in the event that the author had knowledge of the contents and if it would have been technically possible and reasonable for him to prevent usage in the event of illegal content.

The author hereby expressly declares that there was no illegal content to be found on the linked websites at the time the link was placed. The author has no influence on the current and future design, contents or authorship of the linked websites. For this reason, he hereby expressly distances himself from all contents of all linked websites that were changed after the placement of the link. This statement applies to all links and references within the own website and to third-party entries in guest books, discussion forums and mailing lists set up by the author. Solely the provider of the website to which the link was provided shall be liable for illegal, erroneous or incomplete content and particularly for damages arising from the use or non-use of such presented information, and not the party that merely refers to the respective publication by way of the links.

3. Copyright and trade mark law

The author shall make every effort to observe the copyrights of the used graphics, sound documents, video sequences and texts in all publications, to use graphics, sound documents, video sequences and texts created by himself, or to use licence-free graphics, sound documents, video sequences and texts.

All brands and trade marks named at the website and possibly protected by third parties shall be subject to the provisions of the respectively valid trade mark law and the ownership rights of the respectively registered owners without limitations. Solely the mere naming of trade marks should not lead to the conclusion that trade marks are not protected by the rights of third parties.

The copyright for published objects created by the author himself shall remain solely with the author of the website. Duplication or use of such graphics, sound documents, video sequences and texts in other electronic or printed publications is not authorised without the explicit consent of the author.

4. Legal validity of this disclaimer

This liability disclaimer is to be regarded as part of the internet publication from which you were referred. If sections or individual formulations of this text are not or no longer or not completely legal or correct, the content or validity of the other parts remain unaffected by this fact.

Choice of law

The laws of the Federal Republic of Germany apply.


Arcinsys-Version: 22.2 (30.09.2019)