Data protection declaration pursuant to Article 13 of the GDPR
Below you will find information on when we collect data on this website, what data we collect, and how we use it.
The Federal Foreign Office and the German missions abroad process personal data in line with the EU’s General Data Protection Regulation (GDPR), the Federal Data Protection Act and, where applicable, particular statutory rules. In order to inform you of our data processing policy and of your rights as well as to comply with our obligations under Articles 13 and 14 of the GDPR, the following declaration outlines how we process the personal data we receive when you use our website, contact us (via the contact form, per email, by telephone or post) or subscribe to one of our newsletters.
1.1 Controller and data protection commissioner
Under section 2 of the Foreign Service Act, the Federal Foreign Office (headquarters) and the German missions abroad form one single federal authority.
Under Article 4 (7) of the GDPR, responsibility for the processing of personal data lies with:
Werderscher Markt 1
Telephone: +49 (0)30 18 17-0 / help desk: +49 (0)30 18 17-2000
Fax: +49 (0)30 18 17-3402
The Federal Foreign Office Data Protection Commissioner can be contacted as follows:
Datenschutzbeauftragte/r des Auswärtigen Amtes
Werderscher Markt 1
Tel.: +49 (0)30 18 17-7099
Fax: +49 (0)30 18 17-5 7099
Contact the Data Protection Commissioner
If you have any questions on data protection, you can also get in touch with the contact person for data protection matters at a German mission abroad. We will tell you how to get in touch with the contact persons at the end of this article (see paragraph 8. Contact person for data protection matters at the German missions abroad).
1.2 Personal data
Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier (Article 4 (1) of the GDPR).
1.3 Legal basis for processing
We process your personal data on the basis of
- Article 6 (1) (a) of the GDPR, provided you have given your consent (e.g. if you have signed up for a newsletter),
- Article 6 (1) (b) of the GDPR, if processing is necessary for the performance of a contract or for a measure prior to entering into a contract,
- Article 6 (1) (c) of the GDPR, if processing is necessary to comply with a legal obligation to which we are subject,
- Article 6 (1) (d) of the GDPR , if processing is necessary to protect the vital interests of the person in question or of another natural person,
- Article 6 (1) (e) of the GDPR in conjunction with section 3 of the Federal Data Protection Act, if processing is necessary for the performance of a task assigned to us in the public interest or in the exercise of official authority (e.g. answering contact requests). Public relations and the provision of information on the Federal Republic of Germany abroad is one of the key official tasks of the Federal Foreign Office and of the German missions abroad (see section 1 of the Foreign Service Act (GAD)).
2. The data processed when you visit this Website
2.1 Data collection
Each time a user accesses this website or retrieves a file, data on this activity is temporarily stored and processed in a log file.
The tracking tool employed to analyse site use is configured to ensure that no personal data is collected.
User IP addresses are also anonymised, so that individual activity cannot be traced.
The tracking tool runs on our own servers in a secure network zone certified by the Federal Office for Information Security (BSI) to ensure that no tracking data can be accessed by third parties.
If you do not want your activity on the website to be registered or analysed, you can activate the Do Not Track setting on your browser. A browser variable is transmitted which tells the website whether the user wishes their activity to be tracked or not.
To find out how to do this with your browser, enter in a search engine, for example: “activate Do Not Track [browser name]”
- Request (file name), date and time of the request
- Browser type and version (e.g. Firefox 80.0.1)
- Browser language (e.g. German)
- Operating system used (e.g. Windows 10)
- Device type, model and make
- Screen resolution
- Plug-ins used (e.g. Flash, Java)
- Referrer URL (previous page accessed by the user)
- Anonymised IP address
- Country and region from which the request originated
- Number of forms sent (depending on the goals defined)
2.2 Session cookies
Accessing individual pages generates so-called transient cookies to facilitate navigation. These session cookies contain no personal data and are erased at the end of the session. Cookies are also used for the shopping cart. These also expire after use.
Technology which allows user access behaviour to be monitored is not used.
2.3 Use of social media plug-ins
We currently use the following social media plug-ins: Facebook, Twitter, Instagram and YouTube (Google). We use the two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. Only if you click on the activation button on social media, will personal data be transferred from you to the respective plug-in provider and stored there (for US providers in the USA). We use the social media plug-ins to make the information we provide more interesting through interaction with you and other users.
We expressly point out that social networks store their users’ data (e.g. personal information, IP address etc.) in accordance with their own data usage guidelines and use this data for commercial purposes. You can find out more about how social networks process data by clicking on the following links:
Facebook, Twitter, Instagram, YouTube (Google)
The Federal Foreign Office has no influence on whether or what data is collected by social networks and how this data is used. We are unable to identify how much, where and for how long data is stored, to what extent the networks adhere to requirements to delete data, how the data is evaluated and linked, and with whom the data is shared.
We therefore ask you to check carefully which personal data you make available to the social networks when you use our site. If you do not want social networks to receive your personal data via your communication on our website, you should contact us in another way, for example by using the contact form on this website.
2.4 Google Maps
Google Maps is embedded into our website. When you use this service (by clicking on the map), Google processes personal data, in particular IP addresses and user location data, which however cannot be collected without your permission (usually via the settings on your mobile devices).
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=en
3. Personal data processed when you contact us
When you contact us, your details (name, email address and possibly also your address, telephone and fax numbers) and the information provided (including personal data) are processed for the purpose of contacting you and handling your inquiry. The storage of this data is governed by the statutory periods for retaining records laid down in the Registry Directive, which complements the Joint Rules of Procedure of the Federal Ministries.
If we are not responsible for your inquiry, it may be forwarded to other Land and federal authorities without your prior consent but in compliance with data protection regulations, provided it can be assumed that forwarding your inquiry for the purpose of answering it is in your interest and no sensitive personal data is affected (Art. 6 (1) (e) of the GDPR in conjunction with section 3, section 25 (1) and section 23 (1) (1) of the Federal Data Protection Act).
You can subscribe to one of our newsletters to find out more about news and press releases from the Federal Foreign Office or travel and security information.
For subscriptions to our newsletters, we use the double opt-in procedure. This means that after you register, we send you an email to the specified e-mail address in which we ask you to confirm that you would like the newsletter to be sent. Only after you confirm the link in the email is your email address stored for the duration of the use of our newsletter offer. If you do not confirm your registration within 24 hours, your information is deleted automatically.
You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter by clicking on the link provided in each newsletter email.
5. Ordering printed products
If you order brochures, leaflets and other printed products via our website, we require the following personal data to process your order:
- surname, first name
- street, house number
- postcode and town/city
- email address
If the order cannot be finally processed by us, the data you provide will be passed on to third parties (shipping company, if necessary other authorities or institutions if they are sending the material ordered). The legal basis for the processing of your data is your consent pursuant to Article 6 (1) a GDPR. If the aforementioned data is not available, the order cannot be processed.
The data you provide will be deleted 90 days after completion of the order.
6. Events, press and public relations work
As part of their remit, the Federal Foreign Office and the German missions abroad organise or co-organise various events.
If you are invited to or participate in an event, we process your personal data (name, address, etc). This can be done via various means of communication, for example by filling in a form, an online form, per email, per telephone or by handing over a business card.
Which personal data is shared with us can be ascertained from the relevant form or input mask as well as the information requested in a conversation.
6.1 Collection of the data of accompanying persons
In order to ensure that the event can be properly staged, the data of persons accompanying invited participants is also collected and processed. Just like any other individual affected by data collection, they have the rights listed in paragraph 7.
6.2 Data collection from publicly accessible sources
The Federal Foreign Office also collects and processes data from publicly accessible sources, for example the websites of the individuals concerned or publicly accessible lists.
6.3 Further procedures relating to data collection
Personal data is not shared with third parties without authorisation. Rather, it is stored and processed for our internal use and for the purpose of organising and staging events (for instance, drawing up guest lists, access checks, etc.). We may share data with one or more processors who use the personal data exclusively for an internal use attributable to us.
Depending on the type of event, we may organise it in collaboration with a partner. In such cases, we will share the data collected for the purpose of the event with our cooperation partners. However, these partners, too, may only use this data to ensure that the event can be staged properly. Which cooperation partners this may be in any given instance is made known separately within the scope of the organisation of the event.
The data is only stored for as long as this is necessary for the organisation and staging of events as well as for our remit in the public relations sphere.
As the recipient of a letter/invitation, you can ask at any time that no further letters/invitations be sent to you.
As part of the press and public relations work of the Federal Foreign Office and the German missions abroad, photographs are taken at events and meetings and subsequently published. You may appear in such images. You can object to being photographed or to the publication of the photographs. Please contact the photographer directly or use the abovementioned contact information to lodge your objection.
Please note that we have no influence on the use of photos/videos made by representatives of the press and other media. They themselves are controllers under the terms of the GDPR.
7. Your rights
7.1 In dealings with us, you have the following rights regarding your personal data:
- Right of access, Article 15 of the GDPR
- Right to rectification, Article 16 of the GDPR
- Right to erasure (right to be forgotten), Article 17 of the GDPR
- Right to restriction of processing, Article 18 of the GDPR
- Right to data portability, Article 20 of the GDPR
- Right to object to processing, Article 21 of the GDPR
If the processing of your personal data is based on your consent (e.g. a newsletter), you have the right to revoke this at any time without giving reasons. Withdrawing consent does not affect the lawfulness of any use based on your consent prior to its withdrawal (Article 7 (3) of the GDPR).
You also have the right to complain to a data protection supervisory authority about our processing of your personal data (Article 77 of the GDPR).
The supervisory authority responsible for the Federal Foreign Office and the German missions abroad is the:
Federal Commissioner for Data Protection and Freedom of Information
Graurheindorfer Straße 153
8. Contact person for data protection matters at the mission abroad
Contact regarding data protection matters:
German Embassy London
Contact person for data protection matters
Embassy of the Federal Republic of Germany in London
23 Belgrave Square
(Please do not address consular enquiries to the data protection contact form.)
Consulate General Edinburgh
Contact person for data protection matters
Consulate of the Federal Republic of Germany
16 Eglinton Crescent