Statement on Data Protection
The Federal Ministry of Education and Research (BMBF) takes the protection of your personal data very seriously which is why personal data is only processed by us as necessary. What data is needed and processed for what purpose and on what basis depends on the type of service that you use and on the task for which we need it.
The term 'personal data' refers to any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier.
This statement on data protection provides you with detailed information on what data is collected for what purpose and on what basis, how you can contact the 'data controller' (the responsible entity) and the Data Protection Officer and what rights you have concerning the processing of personal data.
1. Data Controller and Data Protection Officer
The entity which has responsibility for the processing of personal data (the 'controller') is the
Bundesministerium für Bildung und Forschung /
Federal Ministry of Education and Research (BMBF)
53170 Bonn
Germany
Phone: +49 (0)228 9957-0
Fax: +49 (0)228 99578-3601
Email: bmbf@bmbf.bund.de
DE-Mail: poststelle@bmbf-bund.de-mail.de
If you have specific questions concerning the protection of your data, please contact the BMBF’s Data Protection Officer:
Bundesministerium für Bildung und Forschung
"Datenschutzbeauftragte/r"
53170 Bonn
Germany
Phone: +49 (0)228 9957-3369
Fax: +49 (0)228 9957-8-3369
Email: datenschutz@bmbf.bund.de
This statement provides you with an overview of how the BMBF ensures the protection of your data and what type of data is collected and for what purpose and on what basis.
2. Processing of data resulting from your visit to this website
This website is supported by Project Management Jülich, Forschungszentrum Jülich GmbH, on behalf of the BMBF and hosted on servers of Forschungszentrum Jülich.
Whenever a website is visited, certain data is collected and exchanged which is needed to provide the service requested The data concerned is:
- IP address
- your browser type and version
- the operating system used
- the web page accessed
- the page previously visited (referrer URL)
- the time of server request
This data is stored in log files on an external server at our service provider "Project Management Jülich, Forschungszentrum Jülich GmbH" even after your visit to the website and deleted after 14 days at the latest.
When using this general data and information, Project Management Jülich, Forschungszentrum Jülich GmbH, will not draw any conclusions regarding the person concerned. This information is required to (1) deliver content on our website correctly, (2) optimize content for delivery on our website, (3) ensure the permanent operability of our IT systems and website technology and (4) provide prosecuting authorities with the information necessary for prosecution in the event of a cyberattack. Server log file data is stored separately from all the personal data provided by any person concerned. The legal basis for data processing is Article 6 (1) (e) of the General Data Protection Regulation (GDPR) in conjunction with Section 3 of the German Federal Data Protection Act (BDSG) and Section 5 of the Act on the Federal Office for Information Security (BSIG).
3. Collection of personal data when contacting us
This website contains data which supports quick electronic contact and direct communication with us, including a general email address. If a person concerned enters into contact with the entity responsible for processing or the service provider by email or via a contact form, the personal data provided by that person will be stored automatically. Such data provided voluntarily by the person concerned to the entity responsible for processing will be stored for processing purposes or for contacting that person. The legal basis for this is Article 6 (1) (a) GDPR and Article 6 (1) (e) GDPR in conjunction with Section 3 of the German Federal Data Protection Act (BDSG).
The data you provide is stored for the sole purpose of responding to your enquiry and in accordance with the statutory and contractual requirements. If the staff of "Projektträger Jülich, Forschungszentrum Jülich" are unable to respond to your enquiry, it will be forwarded to the BMBF.
BMBF staff will only process the data communicated to the extent necessary to respond to your enquiry. The data is stored in these cases in accordance with the statutory periods for retaining records set out in the Registry Directive (Registraturrichtlinie, RegR), which supplements the Joint Rules of Procedure of the Federal Ministries (Gemeinsame Geschäftsordnung der Bundesministerien, GGO).
Where the enquiry involves a matter which concerns another service provider or funding recipient of the BMBF or which can only be answered by that service provider or funding recipient, the enquiry will be forwarded to that party together with the personal data required for responding to your enquiry. The service provider or funding recipient processes your data for the sole purpose of responding to your enquiry and in accordance with the statutory and contractual requirements.
In these cases, the data will be passed on in compliance with Article 6 (1) (e) of the General Data Protection Regulation (GDPR) in conjunction with Section 3 of the German Federal Data Protection Act (BDSG) for the purpose of fulfilling the BMBF’s tasks.
Furthermore, it may be necessary for the purposes of legal and operational supervision to disclose your personal data which has been supplied to us to those authorities supervised by us in connection with your enquiry. In such cases, the data will be forwarded in accordance with Section 25 (1) BDSG in conjunction with Section 23 (1) (6) BDSG.
Under Section 1 of the Act on the Powers of the Petitions Committee of the German Bundestag (Gesetz über die Befugnisse des Petitionsausschusses des Deutschen Bundestages, GGArt45cG), the BMBF is required to transmit your personal data to the Petitions Committee of the German Bundestag where it is necessary for the purpose of preparing decisions on complaints in accordance with Article 17 of the German Basic Law (Grundgesetz, GG).
4. Your rights
You have the following rights vis-à-vis the data controller concerning your personal data:
- right of access (Article 15 GDPR)
- right to rectification (Article 16 GDPR)
- right to erasure (Article 17 GDPR)
- right to restriction of processing (Article 18 GDPR)
- right to object to collection, processing and/or use (Article 21 GDPR)
- right to data portability (Article 20 GDPR)
- If the personal data is processed on the basis of your consent (in accordance with Article 6 (1) (a) GDPR), you can withdraw your consent at any time for the purpose in question. The lawfulness of processing your personal data on the basis of the consent provided by you remains valid until your withdrawal of consent has been received.
You may exercise the aforementioned rights by sending an email to bmbf@bmbf.bund.de or poststelle@bmbf-bund.de-mail.de.
You also have the right to submit a complaint to the supervisory authority under data protection law (Federal Commissioner for Data Protection and Freedom of Information).
You may also address any questions or complaints to the BMBF’s Data Protection Officer at datenschutz@bmbf.bund.de.