Privacy policy
Introduction
Responsible handling of personal data is a priority for the Federal Ministry for Economic Affairs and Climate Action (“the Ministry”). We want our users to know when the Federal Ministry for Economic Affairs and Climate Action is collecting what data and for what purpose.
We do not process personal data beyond what is necessary. What data we will need and process on what basis and for what purpose will much depend on the type of service you are using, and on the purpose for which the data is required.
We have taken technical and organisational measures to ensure that both we as well as external service providers comply with the provisions governing data protection.
The processing of personal data at the NCP is handled in accordance with the European General Data Protection Regulation (GDPR) (in German) and the Federal Data Protection Act (in German).
Basic information
1.1 Responsibility and Data Protection Officer
Responsibility for the processing of personal data lies with the
Federal Ministry for Economic Affairs and Climate Action
Scharnhorststr. 34-37
10115 Berlin
Postal address: 11019 Berlin
Email: info@bmwk.bund.de
Website: www.bmwk.de
Phone: +49 (0)30 18615 0
If you have any specific questions about the protection of your data at the Federal Ministry for Economic Affairs and Climate Action, please contact the Ministry’s Data Protection Officer:
Data Protection Officer for the Federal Ministry for Economic Affairs and Climate Action
Scharnhorststr. 34-37
10115 Berlin
Email: datenschutzbeauftragte@bmwk.bund.de
1.2 Personal Data
"Personal data" is any information relating to an identified or identifiable natural person. An identifiable natural person is someone who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, and/or an online identifier.
1.3 Protection of minors
Children and persons under 16 years of age should not transmit any personal data to us without the consent of their parents or legal guardians.
Should it happen that persons under 16 years of age do contact the Federal Ministry for Economic Affairs and Climate Action by email, contact form, letter etc., Points 3.1, 3.3 through 3.5 shall apply.
1.4 Legislation governing the processing of personal data
The Federal Ministry for Economic Affairs and Climate Action processes personal data as it carries out the tasks of public interest that are assigned to it. These public duties particularly include public relations work, which also involves providing information for the public on this website. The processing of personal data in this context is based on Art. 6 (1) (e) General Data Protection Regulation (GDPR) in conjunction with the relevant national or European standards, or in conjunction with Section 3 of the Federal Data Protection Act. Insofar as the processing of personal data is, in individual cases, required in order to fulfil a legal obligation, this is based on Article 6 (1) (c ) GDPR in conjunction with the relevant legal provisions under which the legal obligation arises.
Insofar as we obtain the consent of the data subject to process his/her personal data, this is based on Art. 6 (1) (a) GDPR.
In individual cases, the processing of personal data required for the performance of a contract to which the data subject is a party is based on Art. 6 (1) (b) GDPR. This also applies to processing operations necessary for the implementation of pre-contractual measures.
In the event that vital interests of the data subject or another natural person make it necessary to process personal data, this is based on Art. 6 (1) (d) GDPR.
2. Data processing in connection to visits to this website
2.1 Data capturing
Whenever a user accesses our website and whenever a file is accessed, data relating to this is temporarily processed in a log file. More specifically, the following data is stored for every single access/download:
- Date and time (time stamp), IP address of the device or server used
- Details of the request and target address (log version, HTTP method, referrer, user-agent string),
- Name of the file accessed, volume of data transferred (URL including query string, file size in byte) and
- confirmation as to whether the request was successful (HTTP status code).
We are obliged under Article 6 (1) (e) GDPR in conjunction with Section 5 Federal Office for Information Security Act to store data that is necessary to protect the Ministry’s internet infrastructure and the federal communications technology system from attack; data must be stored beyond the time of your visit. This data is analysed and may be used for legal and criminal proceedings in the event of an attack on the communications technology system. The data will be deleted as soon as it is no longer needed for the intended purpose.
Data collected from visits to the Ministry’s web resources and stored on log files is transmitted to third parties only when required by law, or if attacks on the federal communications technology system make it necessary to forward such data for purposes of legal action or criminal prosecution. Data will not be transferred for any other reason. The Ministry does not compile this data with data from other sources.
2.2 Session cookies
We use session cookies. Session cookies are valid for the duration of your visit to the website. Article 6 (1) (e) GDPR in conjunction with Section 3 Federal Data Protection Act provides the legal basis for the use of these session cookies as part of the ministries PR activities, which are designed to meet the demand for information about the Ministry’s work in the areas entrusted to it.
Session cookies are small information units that a provider stores in the active memory of the visiting user’s computer. A randomly generated, unique ID number – known as a session ID – is stored in a session cookie. Cookies also contain information regarding their origin and the period of time for which they are to be stored on a computer. This type of cookie cannot store any other data.
Session cookies are deleted as soon as you end your session.
You can use any internet browser to be informed whenever a cookie is set and to see what information is stored in them. For more detailed information, visit the websites of the Federal Commissioner for Data Protection and Freedom of Information and of the Federal Office for Information Security.
There are also persistent cookies, which allow a provider to remember visitors even if they do not return until after a longer period of time. These cookies are stored as a text file on the hard drive of the user’s computer. We use this type of cookies for the management of your personal watch list/favourites list for exhibitors and product entries. If you reject all cookies, you will not be able to use the functions of the watch list / favourites list.
Most browsers’ default settings will result in cookies being accepted automatically. It is, however, possible to disable the use of cookies or to change your browser settings to ‘session cookies only’, which means that all cookies are deleted as soon as you disconnect from the internet.
2.3 Web analysis
As part of its PR work and for the purposes of meeting demand for information about the work entrusted to the Ministry, the Ministry conducts use analyses for statistical purposes and in line with Article 6 (1) (e) GDPR in conjunction with Section 3 Federal Data Protection Act.
It does so using the Matomo web analytics service.
The following data is stored when individual pages of our website are accessed:
- two bytes of the IP address of the user’s retrieving system (anonymous)
- the web page accessed
- the website from which the user reached the accessed web page (referrer)
- the sub-pages loaded via the accessed web page
- the length of time spent on the web page
- how often the page has been accessed
The software is configured so that IP addresses are stored incomplete with 2 bytes concealed (e.g. 192.168.xxx.xxx). This makes it impossible for the shortened IP address to be linked to the retrieving computer, meaning that you remain anonymous as the user.
The relevant software runs only on the web servers of our service providers „leapfrog solutions gmbh“ and der „wohlgemuth + team gmbh“ on behalf of the Ministry. These are the only servers where user information is stored. No data is disclosed to third parties.
If you do not wish to have your session data stored and analysed, you can click on the box below to withdraw your consent at any time.
In this case, a so-called “opt-out cookie” will be placed on your browser which will prevent Matomo from collecting any session data. Note: If you delete the cookies on your computer, you will also delete your opt-out cookie. In that case you will have to set a new one.
You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.
3. Processing of personal data of those contacting the ministry
The ways in which personal data is processed depend on the channel of communication used, i.e. whether the Ministry is contacted by email, by mail or by telephone (hotline).
3.1 Contacting the Federal Ministry for Economic Affairs and Climate Action by email
In addition to contacting staff at their personalised official email addresses, or by writing to one of the various office mail boxes, it is also possible to contact the Ministry at: info@bmwk.bund.de, our central inbox. In the latter case, the sender’s IP address will be recorded alongside the date and time of the query. The personal data sent to this central inbox and stored by the unit responsible for forwarding messages to the recipient responsible for the matter in hand will be deleted one year after the message is forwarded. For queries made to our Citizens’ Dialogue and our Visitor Services teams, please note the information in 3.3 and 3.4 below.
The units will store the data transmitted by you (e.g. name, first name, address), and at least your email address and all information contained in your email (including any personal data you transmit in this way) for the purpose of contacting you and answering your query. The data will be stored in accordance with the statutory time limits for retaining written records as per the Registry Directive, which applies in conjunction with the Joint Rules of Procedure of the federal ministries.
We would like to inform you that data is processed in line with Article 6(1) (e) GDPR in conjunction with Section 3 Federal Data Protection Act. We need to process the data you transmit so that we can answer your query.
3.2 External email addresses
The Ministry’s website also lists third party email addresses for various fields of expertise. These are email addresses that do not end in “@bmwk.bund.de”. Should you choose to write to any of these email addresses, please note that the ministry has no responsibility regarding the processing of personal data transmitted to these addresses. If you have any questions about the way in which your personal data is handled by the relevant third party, please contact them.
3.3 Contacting the Ministry by post
If you write a letter to the Ministry, the data transmitted by you (e.g. name, first name, address), and all information contained in your letter (including any personal data you transmit in this way) will be stored for the purpose of contacting you and answering your query. The data will be stored in accordance with the statutory time limits for retaining written records as per the Registry Directive, which applies in conjunction with the Joint Rules of Procedure of the federal ministries.
We would like to inform you that data is processed in line with Article 6(1) (e) GDPR in conjunction with Section 3 Federal Data Protection Act. We need to process the personal data you transmit so that we can answer your query.
3.4 Contacting the Ministry by phone
If you call the Ministry by phone, personal data will be processed to the extent that this is necessary for processing your query. We would like to inform you that data is processed in line with Article 6(1) (e) GDPR in conjunction with Section 3 Federal Data Protection Act.
3.5 Contacting our Citizens’ Dialogue team
Should you call our Citizens’ Dialogue team at +49 30 18615 0 or +49 30 18615 6187, your name (including the first name should you indicate this, your telephone number, and the date of your call will be recorded. Your postal address and/or email address will only be recorded if this is necessary for further communication and for processing your query.
The data you provide by fax will be stored for the purposes of contacting you and processing your query. This data will be stored in accordance with the statutory time limits for retaining written records as per the Registry Directive, which applies in conjunction with the Joint Rules of Procedure of the federal ministries. We would like to inform you that data is processed in line with Article 6(1) (e) GDPR in conjunction with Section 3 Federal Data Protection Act.
4. Processing of personal data as part of social media use
By using the web-services of german-pavilion.com, the Ministry is active on Twitter, LinkedIn, and Instagram.
As part of its editorial duties within these social networks, the Ministry processes data of people who interact with the Ministry. This requires data to be stored temporarily by a service provider. The data is stored on a server located in the European Union and extends to the following: name of profile and account, content of the query, number of followers and profiles following the profile, latest tweets. This data is stored for the duration of six months.
We would like to inform you that data is processed in line with Article 6(1) (e) GDPR in conjunction with Section 3 Federal Data Protection Act. We need to process the personal data you transmit so that we can answer your query.
We also explicitly draw your attention to the fact that the services used by the Federal Ministry for Economic Affairs and Climate Action store user data (e.g. personal information, IP address etc.) in line with their own guidelines on data usage and use it for commercial purposes. The Federal Ministry for Economic Affairs and Climate Action has no influence on the collection and use of data by social networks. We are unable to ascertain the extent, the location and the duration of the data capture, the extent to which the networks meet obligations to delete data, what evaluations and links pertaining to the data are made, and to whom data is forwarded.
For information about the type of data processed by Twitter and for what purposes, consult their Privacy Policy (in German).
For information about the type of data processed by Instagram and for what purposes, consult their Privacy Policy (in German).
For information about the type of data processed by LinkedIn and for what purposes, consult their Privacy Policy (in German).
As some of these companies are based outside the European Union with only one European office in Ireland, their legal interpretation is that they are not bound by European or German data protection rules. This also affects your right of information, the right to have data blocked or deleted, or the possibility to object to your user data being used for advertising purposes.
5. Processing of personal data when contacting exhibitors
You can use the contact form to contact the exhibitors listed on the german-pavilion.com portal. For this purpose, the following information is required as a minimum:
- Your name
- Your email address
- Your message
The sender’s IP address will be recorded alongside the date and time of your query. By ticking the box and dispatching the contact form, you declare your consent as per Article 6 (1) (a) GDPR to the transmission and storing of your personal data and your IP address.
Your personal data is transmitted via an encrypted https connection. Your personal data will be processed and stored for the purpose of answering your query. The only use of the IP address would be in the unlikely event of public prosecution under criminal law and to combat threats in line with the applicable legislation.
After sending, the contact form content including the contact data you entered, but without the IP address, will be forwarded to the respective exhibitor by e-mail for processing. The processing of your request, which you have communicated to us via the contact form, will be carried out by the exhibitor's staff.
If we receive a message from you via the contact form, we assume that the exhibitor addressed is entitled to reply by e-mail. Otherwise, you must expressly indicate a different channel of communication.
If you do not wish to have your data processed, you can terminate the process of contacting us at any time prior to submitting your request. In this case, your data will not be stored. You can withdraw your consent. Any processing of data that takes place on the basis of your consent until receipt of the revocation continues to be lawful.
6. Processing of personal data when using the service area “My German Pavilion”
You can register on our website in order to use additional features on the “My German Pavilion” site. The mandatory data requested during registration must be provided in full; otherwise we will refuse your registration. All registered users can log in to their user accounts using their usual username and password, in order to access the following functions:
- Management of your favourites list/watch list (exhibitors, products and trade fair participations)
- Management of your personal user profile and your personal settings
- E-mail notification about German companies participating in future trade fairs under the foreign trade fair programme of the Federal Ministry for Economic Affairs and Climate Action
The personal data to be transferred to the data controller can be seen in the respective input mask. By registering for “My German Pavilion”, you agree that we may save your data and use them for the performance of the contract (Article 6 (1) (a) GDRP and Article 6 (1) (b) GDPR). We will only store your data whilst you are a registered user.
You can withdraw your consent at any time. All you have to do is send us an informal e-mail (support@german-pavilion.com). Any processing of data already carried out continues to be lawful in spite of your revocation.
You can delete your user account at any time. To do this, log in to the “My German Pavilion” section. In your personal settings (menu item “Settings”) you will find a link that leads you to delete your user account. If you delete your user account, all stored data will be deleted immediately and irrevocably.
7. Your rights
You have the following rights with regard to the personal data concerning your person:
- Right of access, Art. 15 GDPR
- The right of access confers on the data subject a comprehensive right of access to the data concerning his/her person and to certain important information-related criteria, such as the purposes for which it is processed or the duration for which it will be stored. The exceptions to this right regulated in Section 34 Federal Data Protection Act apply.
- Right to rectification, Art. 16 GDPR
- The right of rectification includes the possibility for the data subject to have inaccurate personal data corrected.
- Right to erasure, Art. 17 GDPR
- The right to erasure includes the possibility for the data subject to have data deleted by the party responsible. However, this is only possible if the personal data concerning his/her person are no longer needed, are processed unlawfully or if the relevant consent has been revoked. The exceptions to this right regulated in Section 35 Federal Data Protection Act apply.
- Right to restriction of processing, Art. 18 GDPR
- The right to restrict the processing includes the possibility for the data subject to prevent further processing of personal data concerning his/her person for the time being. A restriction particularly occurs pending verification of the exercise of other rights of the data subject.
- Right to object to collection, processing and/or use, Art. 21 GDPR
- The right to object includes the possibility for data subjects to object, in a particular situation, to the further processing of their personal data, insofar as this is justified by the exercise of public functions or of public or private interests. The exceptions to this right regulated in Section 36 Federal Data Protection Act apply.
- Right to data portability, Art. 20 GDPR
- The right to data portability includes the possibility for the data subject to obtain the personal data concerning his/her person from the person responsible in a standard, machine-readable format, in order to be able to forward them to another person responsible if necessary. According to Art. 20 (3) sentence 2 GDPR, however, this right does not apply if the data processing serves the performance of public tasks.
- Right to revoke consent, Art. 13 and 14 GDPR
If personal data is processed on the basis of consent, the data subject may revoke such consent at any time for the purpose for which it was given. The lawfulness of the processing undertaken on the basis of this consent remains unaffected until receipt of the revocation.
You can assert the aforementioned rights in writing using the contact details set out in Section 1.1.
Pursuant to Art. 77 GDPR, you also have the right to appeal to the data protection supervisory authority: the Federal Commissioner for Data Protection and Freedom of Information (in German).
You can also contact the Ministry’s Data Protection Officers under Section 1.1 if you have any questions or complaints.