Data Protection

The entity controlling the processing of personal data (the ‘controller’) is the

Federal Ministry of Education and Research (BMFTR)
53170 Bonn, Germany
Phone: +49 (0)228 9957-0
Fax: +49 (0)228 99578-3601
Email: bmftr@bmftr.bund.de
De-Mail: poststelle@bmftr-bund.de-mail.de

If you have specific questions concerning the protection of your data, please contact the BMFTR’s Data Protection Officer:

Federal Ministry of Education and Research (BMFTR)
Datenschutzbeauftragte/r
53170 Bonn, Germany 
Phone: +49 (0)228 9957-3369 
Fax: +49 (0)228 9957-3369
Email: datenschutz@bmftr.bund.de

The following statement provides you with an overview of how the BMFTR ensures the protection of your data and what type of data is collected for what purpose and on what basis.

Whenever a website is visited, data is collected and exchanged which is needed to provide the service in question. The data concerned is:

• IP address
• your browser type and version
• the operating system used
• the web page accessed
• the page previously visited (referrer URL)
• the time of the server request

This is known as log data (as defined in Section 2 (8a) of the Act on the Federal Office for Information Security (BSI-Gesetz)) which is stored in log files on an external server at our service provider Informationstechnikzentrum Bund (ITZBund) beyond the time of your your visit to the website.

In addition to this log data collected during the interaction with this website, protocol data (as defined in Section 2 (8) of the BSI-Gesetz) is also collected. Protocol data is information that is used and necessary for the data transfer / communication process (metadata).

This data (protocol and log data) is created in order to protect federal/BMFTR technical infrastructure and communications technology against attacks as well as to recognize, contain or remedy disruptions or problems and is stored and analysed beyond the time of your visit to the website. This data is processed in compliance with Article 6 (1) (c) and (e) of the EU General Data Protection Regulation (GDPR) in conjunction with Section 5 (1) sentence 4 and Section 5a sentence 2 of the BSI-Gesetz. The data is processed by the service providers ITZBund, BDBOS and BSI.

Web analytics

If you have given your consent in accordance with Article 6 (1) (a) of the GDPR, the BMFTR, together with its service provider contracted for support and development “ITZBund”, will analyse information on your use of our website for statistical purposes as part of public relations work and for the purpose of providing information on tasks within the BMFTR’s remit as needed.

It does so using the Matomo web analytics service.

The software uses permanent cookies to recognize visitors returning even after longer periods of time. This type of information is stored as a text file on the hard drive of the user’s computer. The cookie is valid for 1 month after which it deletes itself.

The software also uses session cookies. Session cookies are small information units that are stored by the provider of a website in the active memory of the visiting user’s computer. A randomly generated, unique ID number, a so-called session ID, is stored in a session cookie. A cookie also contains information on its origin and the period of time it is to be stored for. These cookies cannot store any other data. The software uses session cookies in order to be able to identify users unambiguously.

The following data is stored when individual pages of our website are accessed:

• two bytes of the IP address of the user’s retrieving system (anonymous)
• The accessed web page
• the website from which the user reached the accessed web page (referrer)
• the sub-pages loaded via the accessed web page
• the length of time spent on the web page
• how often the page was accessed

The software is configured in such a way that IP addresses are stored incompletely, with 2 bytes concealed (e.g. 192.168.xxx.xxx). This makes it impossible for the shortened IP address to be linked to the retrieving computer, meaning that you remain anonymous as the user.

The software runs only on the web servers of the service provider “ITZBund” on behalf of the BMFTR. This is the only place where information on your use of the website is stored. No data is disclosed to third parties.

If you want to modify your decision regarding use of the cookie for web analytics purposes and give your consent or withdraw it again, you can do this by changing your settings before continuing your visit. The default setting for web analytics is that they are disabled.

Handling cookies

You can control the use of cookies with all web browsers. Most browsers are set up to accept all cookies without asking the user for permission. However, by changing the settings in your browser you can deactivate or restrict the transfer of cookies. Cookies that have already been stored can be deleted at any time. This can also be done automatically.

Please set your browser to accept session cookies if you would like to make full use of the BMFTR’s shopping basket feature.

If you refuse all cookies:

• you cannot add various different publications to your shopping basket and
• you can only order one brochure at a time.

Reviewing your data

Any web browser can be set up to notify you if cookies are being placed, and what their contents are. Detailed information is available on the websites of the Federal Commissioner for Data Protection and Freedom of Information and the Federal Office for Information Security.

Various personal data is collected and processed depending on the method used to contact us.

Contact can be made by email, letter or telephone (hotline).

Where electronic communication (via email) takes place with the BMFTR, protocol and log data are also created in addition to the data mentioned in the relevant sections. Their purpose is to protect federal/BMFTR technical infrastructure and communications technology against attacks as well as to recognize, contain or remedy disruptions or problems and are stored and analysed even after your visit to the website. Protocol data (as defined in Section 2 (8) of the Act on the Federal Office for Information Security (BSI-Gesetz)) is information that is used and necessary for the data transfer / communication process (metadata). Log data (as defined in Section 2 (8a) of the BSI-Gesetz) contains information on technical events or situations within a system This data is processed in compliance with Article 6 (1) (c) and (e) of the EU General Data Protection Regulation (GDPR) in conjunction with Section 5 (1) sentence 4 and Section 5a sentence 2 of the BSI-Gesetz. The data is processed by the service providers ITZBund, BDBOS and BSI.

Means of contact, legal basis and purpose of processing

Contact via e-mail

You can contact the BMFTR via the e-mail address of individual staff members or the following central e-mail addresses:

• information@bmftr.bund.de
• info@bufi-geschaeftsstelle.de

If you use one of the e-mail addresses given above, the data communicated by you (e.g. surname, first name, address) or at least your e-mail address and the information contained in the e-mail (any personal data communicated by you) will be stored for the purpose of contacting you and responding to your enquiry.

Please note that the data will be processed in compliance with Article 6 (1) (e) of the General Data Protection Regulation (GDPR) in conjunction with Section 3 of the Federal Data Protection Act (BDSG) for the purpose of fulfilling the BMFTR’s tasks. In order to respond to your message, it is necessary to process the personal data you provide.

Note on contacting the BMFTR via the address information@bmftr.bund.de

Enquiries sent to the e-mail address information@bmftr.bund.de are dealt with by the staff of the BMFTR’s service provider contracted for this purpose, “Telemark Rostock – Kommunikations- und Marketinggesellschaft mbH”. The “Telemark Rostock – Kommunikations- und Marketinggesellschaft mbH” stores your data only for the treatment of your request and according to the legal and contractual defaults. If your request cannot be processed by the employees of “Telemark Rostock – Kommunikations- und Marketinggesellschaft mbH”, it will be forwarded to the BMFTR.

The employees of the BMFTR process the transmitted data only in connection with the processing of your request. If the data is forwarded to the BMFTR, it will be stored in accordance with the time limits for the storage of written records laid down in the Registration Directive (Registraturrichtlinie), which supplements the Joint Rules of Procedure of the Federal Ministries (GGO).

If the matter concerns a service provider of the BMFTR or can only be answered by this service provider, it will be forwarded to the responsible service provider. The employees of the service provider process the data only in connection with the corresponding request. The service provider stores your data only for the processing of your request and in accordance with the legal and contractual requirements.

Information on how to contact us via info@bufi-geschaeftsstelle.de

The processing of your request, which you communicate via the e-mail address info@bufi-geschaeftsstelle.de, is carried out by the employees of the service provider commissioned by the BMFTR “Office of the Federal Report on Research and Innovation, Berlin; Prognos AG, Berlin and DLR Project Management Agency, Bonn; c/o DLR Project Management Agency, Sachsendamm 61, D-10829 Berlin” stores your data only to process your request and in accordance with legal and contractual requirements. If your request cannot be processed by the staff of the Office of the Federal Report on Research and Innovation, it will be forwarded to the BMFTR.

The BMFTR staff will only process the transmitted data in connection with the processing of your request. If the data is forwarded to the BMFTR, it will be stored in accordance with the time limits for the storage of written records laid down in the Registry Directive (Registraturrichtlinie), which supplements the Joint Rules of Procedure of the Federal Ministries (GGO).

If the matter concerns a service provider of the BMFTR or can only be answered by this service provider, it will be forwarded to the responsible service provider. The employees of the service provider process the data only in connection with the corresponding request. The service provider stores your data only for the processing of your request and in accordance with the legal and contractual requirements.

Letters

If you write a letter to the editorial office of the Federal Report on Research and Innovation (address: Office of the Federal Report on Research and Innovation, Berlin; Prognos AG, Berlin and DLR Project Management Agency, Bonn; c/o DLR Project Management Agency, Sachsendamm 61, D-10829 Berlin), the data communicated by you (e.g. surname, first name, postal address) and the information contained in the letter (including any personal data communicated by you) will be stored for the purpose of contacting you and responding to your enquiry. The data from your enquiries will be deleted when the respective conversation has ended and the relevant facts have been conclusively clarified and legal, statutory or contractual retention periods have expired. All letters to the editorial office will be processed by the service provider  “Office of the Federal Report on Research and Innovation (Prognos AG, Berlin and DLR Project Management Agency, Bonn), c/o DLR Project Management Agency”, which is commissioned by the BMFTR.

Please note that the data will be processed in compliance with Article 6 (1) (e) GDPR in conjunction with Section 3 BDSG for the purpose of fulfilling the BMFTR’s tasks. In order to respond to your message, it is necessary to process the personal data you provide.

If the matter concerns only the BMFTR or the “Office of the Federal Report on Research and Innovation, Berlin; Prognos AG, Berlin and DLR Project Management Agency, Bonn; c/o DLR Project Management Agency” or can only be answered by them, it will be forwarded to the BMFTR or the “Office of the Federal Report on Research and Innovation, Berlin; Prognos AG, Berlin and DLR Project Management Agency, Bonn; c/o DLR Project Management Agency”. The employees of the BMFTR or the “Office of the Federal Report on Research and Innovation, Berlin; Prognos AG, Berlin and DLR Project Management Agency, Bonn; c/o DLR Project Management Agency” process the data provided by you (e.g. surname, first name, address), as well as the information contained in the letter (possibly personal data provided by you) for the purpose of establishing contact and processing your request. In this case, the storage periods at the BMFTR are based on the periods of the Registry Directive, which supplements the Joint Rules of Procedure of the Federal Ministries (GGO) and which apply to the storage of documents. In the “Office of the Federal Report on Research and Innovation, Berlin; Prognos AG, Berlin and DLR Project Management Agency, Bonn”, data from your inquiries will be deleted when the respective conversation has ended and the relevant facts have been conclusively clarified and legal, statutory or contractual retention periods have expired.

The following statement provides you with an overview of how the BMFTR ensures the protection of your data and what type of data is collected for what purpose and on what basis.

The website includes services and content from third parties, such as maps from Google Maps. As a result of this integration, third parties can see users’ IP addresses. The BMFTR has no control over whether third-party providers store IP addresses, for example, for statistical purposes.

You have the following rights vis-à-vis the data controller concerning your personal data:

Right of access (Article 15 GDPR)

This right includes the possibility for you to request access to your personal data that is being processed by us. In particular, you can request access to information regarding the purposes of the processing, the categories of personal data concerned, the categories of recipient to whom the personal data has been or will be disclosed, the envisaged period of storage, the existence of the right to rectification, erasure, restriction of processing or to object to processing, the right to lodge a complaint, information as to the source of your data where this has not been collected by us, as well as the existence of automated decision-making, including profiling and relevant meaningful information where appropriate.

Right to rectification (Article 16 GDPR)

This right includes the possibility for data subjects to obtain the rectification of inaccurate personal data concerning them.

Right to erasure (Article 17 GDPR)

The right to erasure encompasses the possibility for data subjects to obtain the erasure of data from the controller. However, this is only possible if, for example, the personal data concerning them is no longer necessary, is being unlawfully processed or consent on which the processing is based is withdrawn.

Right to restriction of processing, Article 18 GDPR

This right includes the possibility for data subjects to temporarily prevent the further processing of personal data concerning them. Such restriction mainly occurs in the period of verification regarding the exercise of other rights by the data subject.

Right to data portability, Article 20 GDPR

The right to data portability encompasses the possibility for data subjects to receive from the controller the personal data concerning them in a commonly used and machine-readable format in order to have it transmitted to another controller as required. In accordance with Article 20 (3) second sentence of the GDPR, this right does not apply to processing that is necessary for the performance of a task carried out in the public interest.

Right to object to collection, processing and/or use, Article 21 GDPR

You have the right to object, at any time, to the processing of your personal data on the basis of Article 6 (1) (e) and (f) GDPR for reasons pertaining to your particular situation. This personal data will then no longer be processed for these purposes, unless evidence can be provided of compelling legitimate reasons for processing the data which supersede your interests, rights and freedoms, or the processing is necessary for the assertion, exercise or defence of legal claims.

If the personal data is processed on the basis of your consent (in accordance with Article 6 (1) (a) GDPR), you can withdraw your consent at any time for the purpose in question. The lawfulness of processing your personal data on the basis of the consent provided by you remains unaffected until your withdrawal of consent has been received.

You can assert the above-mentioned rights, for example, by sending an email to BMFTR@BMFTR.bund.de or poststelle@BMFTR-bund.de-mail.de.

You also have the right to lodge a complaint with a data protection authority of your own choice. This also includes the supervisory authority responsible for us: Federal Commissioner for Data Protection and Freedom of Information, Graurheindorfer Str. 153, 53117 Bonn, Germany.

You may also address any questions or complaints to the BMFTR’s Data Protection Officer at datenschutz@BMFTR.bund.de.