Data Protection Statement
Introduction
Responsible handling of personal data is a priority for the Federal Ministry for Economic Affairs and Climate Action (BMWK). We want our users to know when the Federal Ministry for Economic Affairs and Climate Action is collecting what data and for what purpose.
We have taken technical and organisational measures to ensure that both we as well as external service providers comply with the provisions governing data protection.
The processing of personal data at the BMWK is carried out in accordance with the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
1. General Information
1.1 Controller and data protection officer
The controller responsible for processing personal data is the
Bundesministerium für Wirtschaft und Klimaschutz
Scharnhorststr. 34-37
10115 Berlin
Postanschrift: 11019 Berlin
E-Mail: ed.dnub.kwmb@ofni
Internet: www.bmwk.de
Telefon: +49 (0)30 18615 0
If you have specific questions about how your privacy is protected, please contact the BMWK data protection officer:
Beauftragte für den Datenschutz im BMWK
Scharnhorststr. 34-37
10115 Berlin
E-Mail: ed.dnub.kwmb@etgartfuaebztuhcsnetad
1.2. Personal data
The term “personal data” means all information related to an identified or identifiable natural person. Natural persons are considered identifiable if they can be identified directly or indirectly, in particular by linking them to an identifier such as a name, identification number, location data or an online reference number.
In principle, the web services provided by the Federal Ministry for Economic Affairs and Climate Action are accessible to you without the need for disclosing your identity.
1.3 Legal basis for processing personal data
The BMWK processes personal data in carrying out its assigned responsibilities in the public interest. Its public responsibilities include in particular informing the public and thus making information available to the public through its website. The legal basis for processing in this case is Article 6 (1) (e) of the EU’s General Data Protection Regulation in conjunction with the relevant national or European law and with Section 3 of the BDSG. If personal data must be processed in the individual case to meet a legal obligation, Article 6 (1) (c) of the GDPR applies as well, in conjunction with the relevant legal provision on which the legal obligation is based.
If we obtain consent from the data subject to process personal data, Article 6 (1) (a) GDPR serves as the legal basis.
2. Data processing related to visiting this website
2.1 Data Collection
Every time someone accesses our website and retrieves a file, data are temporarily saved in a log file.
Specifically, the following data are stored:
- date and time of retrieval (time stamp) and the IP address of the device or server requesting access
- details of the request and destination (log version, HTTP method, referrer, user agent string)
- name of the file retrieved and amount of data transferred (requested URL and query string, size in bytes)
- whether the request was successful (HTTP status code)
According to Article 6 (1) (e) GDPR in conjunction with Section 5 of the Act on the Federal Office for Information Security (BSI-Gesetz), we are also required to store data past the time of your visit in order to protect against attacks on the BMWK’s Internet infrastructure and federal communications technology. These data are analysed and, in case of attacks on the communications technology, needed to initiate legal and criminal proceedings. These data are deleted as soon as they are no longer needed for official purposes.
Data logged when the BMWK website is accessed are shared with third parties only if we are legally obligated to do so, or if needed for legal or criminal proceedings in case of attacks on federal communications technology. Otherwise these data are not shared with third parties. The BMWK does not combine these data with other data sources.
2.2 Session Cookies
Cookies are used on the web pages where banners are displayed. These cookies are valid for the time you visit our website. They are needed for displaying the banners and managing the language of the website.
Cookies are used on the basis of Article 6 (1) (e) GDPR in conjunction with Section 3 BDSG in the context of informing the public in order to provide information on the BMWK’s assigned tasks as needed.
Session cookies are small units of information which a website provider saves to the random access memory of the visitor’s computer. A session cookie contains a randomly generated, unique identification number, known as a session ID. A cookie also contains information on its origin and how long it may be saved. These cookies are unable to store any other data.
Session cookies are deleted when you end the session, by closing your browser window or leaving the web page.
Every Internet browser can show you when cookies have been stored on your computer and what they contain. The websites of the Federal Commissioner for Data Protection and Freedom of Information and the Federal Office for Information Security offer more detailed information.
2.3 Web analysis / Data capturing
As part of its PR work and for the purposes of meeting demand for information about the work entrusted to the Ministry, the Ministry conducts use analyses for statistical purposes and in line with Article 6 (1) (a) GDPR in conjunction with section 3 Federal Data Protection Act.
We use the open source software tool Matomo (previously PIWIK) on our website to analyse the way our users visit our website. It is an open source web analysis tool. Using Matomo does not transmit any data to servers outside the control of the Federal Ministry for Economic Affairs and Climate Action. Matomo does not collect any session data without your consent.
Matomo uses cookies. These text files are stored on your computer and enable the Federal Ministry for Economic Affairs and Climate Action to analyse how its website is used. For this purpose, the information captured by the cookie about the use is sent to the server of the Federal Ministry for Economic Affairs and Climate Action and stored there so that usage patterns can be evaluated. As we only use parts of your IP address, it is technically impossible for us to identify you as a registered user. You remain anonymous as a user.
The Federal Ministry for Economic Affairs and Climate Action regards this analysis as part of its internet service. It would like to use it to further improve the website and adapt it even more closely to the needs of its users.
If you consent to the web analysis by Matomo, the following data are collected when you visit individual pages of our website:
- two bytes of the IP address of the user’s system opening the page (anonymous)
- the visited page
- the website from which the user was directed to the page (referrer)
- the sub-pages which are visited from the page
- the time spent visiting the page
- the frequency of visits to the page
These data are processed by Federal Ministry for Economic Affairs and Climate Action only if you consent to the processing or activate the web analysis.
You can decide here whether a web analysis cookie is allowed to be stored in your browser in order to enable the Press and Information Office of the Federal Government to capture and analyse statistical data.
Note: Please note that deletion of your cookies means that the opt-out cookie is also deleted, and may have to be reactivated by you.
2.4 Overview of the cookies used
Strictly necessary
Name: statistics-agree
Purpose: Stores whether the user has agreed in the cookie banner to the downloading of statistics cookies.
Duration: 1 month
Type: HTTP cookie
Name: _icl_visitor_lang_js
Purpose: Stores the language used by the user for this website. Examples: DE or EN.
Duration: 1 day
Type: HTTP cookie
Name: technical-agree
Purpose: Stores whether the user has agreed in the cookie banner to the downloading of strictly necessary cookies.
Duration: 1 month
Type: HTTP cookie
Name: wp-wpml_current_language
Purpose: Guides the user of this website straight to the appropriate multilingual content on the basis of the browser language.
Duration: 1 month
Type: Session
Name: wpml_browser_redirect_test
Purpose: Checks whether a browser redirection has been attempted. This is a session-based cookie which will only run again during the next visit.
Duration: 1 month
Type: Session
Web analysis
Name: _pk_id#
Purpose: Collects statistics about visits by the user to the website, e.g. the number of visits, average time spent on the website, and which pages were read.
Duration: 1 year
Type: HTTP cookie
Name: _pk_ses#
Purpose: Is used by Matomo to trace page visits by the user during the session.
Duration: 1 day
Type: HTTP cookie
3. Processing personal data when you contact us
Personal data are processed differently depending on how you contact us.
3.1 Contacting the ministry via e-mail and contact form on this website
If you send us a message using the contact form or an e-mail, your data will be used for correspondence with you. Contact requests via the contact form for specific groups are forwarded directly and unencrypted by e-mail to our subcontractors (training centers).
If we receive a message from you via the contact form or an e-mail, we assume that we are entitled to reply by e-mail. Otherwise, you must expressly inform us of another form of communication.
The data you send (such as first and last name, address) and at least your e-mail address and the information contained in your message (including any personal data you provide) will be saved by the relevant organizational unit for the purpose of contact and responding to your message in accordance with the time limits for record retention given in the Registry Directive, supplemental to the Joint Rules of Procedure of the Federal Ministries (GGO).
Please note that the data will be processed in compliance with Article 6 (1) (e) GDPR in conjunction with Section 3 BDSG. To respond to your message, it is necessary to process the personal data you provide.
Communication via email is vulnerable to security risks. It is possible, for instance, that emails sent to the Federal Ministry for Economic Affairs and Climate Action may be stopped and viewed by skilled internet users.
Whenever the contact form is being used, the Federal Ministry for Economic Affairs and Climate Action receives not only the information inserted in the data fields, but also the sender’s IP address. In principle, the same is true whenever a normal email is sent. Before the contact form is sent, you will be asked to agree to having your IP address transmitted and stored. The IP address will only be used for the purpose of public prosecution under criminal law and to combat threats in line with the applicable legislation.
Enquiries from the general public, both in paper and electronic form, are stored in accordance with the statutory time limits for retaining written records established by the Registry Directive (Registraturrichtlinie), which complements the Joint Rules of Procedure of the Federal Ministries (Gemeinsame Geschäftsordnung der Bundesministerien, GGO).
We only store your data for as long as we need it for the specified use. For example, your data will be deleted if you cancel a subscription to a newsletter or once we have sent you the requested information.
In addition to this, we store data for statistical and security purposes whenever our servers are accessed. More specifically, the IP address submitted by the internet service providers, the data and time when our server was accessed, and the specific target addresses are stored for the duration of seven days. This data is used for the sole purpose of improving the web services provided by the Federal Ministry for Economic Affairs and Climate Action and is not traced back to individual users. Notwithstanding this, the Federal Ministry for Economic Affairs and Climate Action reserves the right to make use of certain data sets to arrive at personal data in cases of serious violations of our terms of use and in cases of unauthorised access or attempted unauthorised access to our servers.
3.2 E-mail addresses of third parties
The BMWK website also provides e-mail addresses of third parties regarding specific topics. T addresses do not end in @bmwk.bund.de. If you send a message to one of these addresses, the BMWK is not responsible for processing your personal data. If you have any questions about how these third parties deal with your personal data, please contact them directly.
3.3 Contacting the ministry by mail
If you write a letter to the ministry, the data you send (such as first and last name, address) will be stored and the information contained in your letter (including any personal data you provide) will be saved for the purpose of contact and responding to your letter in accordance with the time limits for record retention given in the Registry Directive, supplemental to the Joint Rules of Procedure of the Federal Ministries (GGO).
Please note that the data will be processed in compliance with Article 6 (1) (e) GDPR in conjunction with Section 3 BDSG. To respond to your message, it is necessary to process the personal data you provide.
3.4 Contacting the ministry by telephone
If you contact a ministry staff member by telephone, your personal data will be processed as far as necessary respond to your concern
4. Processing personal data when using social networks
As part of its editorial duties within these social networks, the Ministry processes data of people who interact with the Ministry. This requires data to be stored temporarily by a service provider. The data is stored on a server located in the European Union and extends to the following: name of profile and account, content of the query, number of followers and profiles following the profile, latest tweets. This data is stored for the duration of six months.
We would like to inform you that data is processed in line with Article 6(1) (e) GDPR in conjunction with Section 3 Federal Data Protection Act. We need to process the personal data you transmit so that we can answer your query.
We also explicitly draw your attention to the fact that the services used by the Federal Ministry for Economic Affairs and Climate Action store user data (e.g. personal information, IP address etc.) in line with their own guidelines on data usage and use it for commercial purposes.The Federal Ministry for Economic Affairs and Climate Action has no influence on the collection and use of data by social networks. We are unable to ascertain the extent, the location and the duration of the data capture, the extent to which the networks meet obligations to delete data, what evaluations and links pertaining to the data are made, and to whom data is forwarded.
5. Your rights
You have the following rights with regard to the personal data concerning your person:
- Right of access, Art. 15 GDPR
The right of access confers on the data subject a comprehensive right of access to the data concerning his/her person and to certain important information-related criteria, such as the purposes for which it is processed or the duration for which it will be stored. The exceptions to this right regulated in Section 34 Federal Data Protection Act apply. - Right to rectification, Art. 16 GDPR
The right of rectification includes the possibility for the data subject to have inaccurate personal data corrected. - Right to erasure, Art. 17 GDPR
The right to erasure includes the possibility for the data subject to have data deleted by the party responsible. However, this is only possible if the personal data concerning his/her person are no longer needed, are processed unlawfully or if the relevant consent has been revoked. The exceptions to this right regulated in Section 35 Federal Data Protection Act apply. - Right to restriction of processing, Art. 18 GDPR
The right to restrict the processing includes the possibility for the data subject to prevent further processing of personal data concerning his/her person for the time being. A restriction particularly occurs pending verification of the exercise of other rights of the data subject. - Right to object to collection, processing and/or use, Art. 21 GDPR
The right to object includes the possibility for data subjects to object, in a particular situation, to the further processing of their personal data, insofar as this is justified by the exercise of public functions or of public or private interests. The exceptions to this right regulated in Section 36 Federal Data Protection Act apply. - Right to data portability, Art. 20 GDPR
The right to data portability includes the possibility for the data subject to obtain the personal data concerning his/her person from the person responsible in a standard, machine-readable format, in order to be able to forward them to another person responsible if necessary. According to Art. 20 (3) sentence 2 GDPR, however, this right does not apply if the data processing serves the performance of public tasks. - Right to revoke consent, Art. 13 and 14 GDPR
If personal data is processed on the basis of consent, the data subject may revoke such consent at any time for the purpose for which it was given. The lawfulness of the processing undertaken on the basis of this consent remains unaffected until receipt of the revocation.
You can assert the aforementioned rights in writing using the contact details set out in Section 1.1.
Pursuant to Art. 77 GDPR, you also have the right to appeal to the data protection supervisory authority: the Federal Commissioner for Data Protection and Freedom of Information (in German).
You can also contact the Ministry’s Data Protection Officers under Section 1.1 if you have any questions or complaints.