Data protection ,
Privacy Policy
General principles
The Federal Office for Migration and Refugees (BAMF) respects your privacy and is therefore committed to data protection and freedom of information. Of course, this also applies to your visit to our website.
We are providing this statement to inform you of our data protection provisions and measures, and specifically to inform you of what steps we take to protect your data and what data we collect.
We are committed to protecting the data of visitors to our website. This also applies to our external service providers within the scope of the tasks they perform for the BAMF.
Children and other individuals younger than 18 should not submit personal data to us without the consent of their parents or guardians. We ask parents and guardians to take an active part in their children’s online activities and interests.
The BAMF does not request personal data from children, nor does it collect such data or transfer it to third parties.
Controller
The controller pursuant to Article 4 No. 7 of the GDPR is the Federal Office for Migration and Ref-ugees (BAMF), represented by its president, Dr Hans-Eckhard Sommer.
Data protection officer
The designated data protection officer (Articles 37-39 of the GDPR) of the BAMF is Mr Albert Wittke.
Access and storage
Every time our website is accessed and every time a file is retrieved, the following information is saved automatically:
- browser type and version
- user’s operating system
- user’s internet service provider
- date and time of retrieval
- websites from which the user’s system reached our website
- websites that the user’s system accessed from our website
- HTTP status code
The processing of browser data is necessary for technological reasons and is carried out in pursuit of our interest in displaying our website to you properly and ensuring its stability and security.
Article 6 (1) (f) of the GDPR provides the legal basis for the processing of these data.
We save browser data in server log files for a period of six months for the purpose of, and in our interest of, resolving cases of abuse or fraud.
Browser data are not saved together with other data related to you. Browser data which must be retained for the purposes of evidence are exempted from deletion until the case in question has been fully resolved.
Article 6 (1) (f) of the GDPR provides the legal basis for the processing of these data.
For the purpose of providing the websites, we make use of the Federal Information Technology Centre (ITZ Bund) and of the services of a web host with whom we have concluded an agreement on third-party data processing in accordance with Article 28 (3) of the GDPR.
Use of the website
... session cookies
Session cookies can be used when web pages are visited. Cookies are small text files which are stored in the browser cache. These cookies provide support for the site over the course of the session and are deleted after the session ends. You can deactivate the use of cookies in your browser.
For the use of our website, however, it is necessary for you to consent to our use of essential cookies. Essential cookies are necessary for the basic functions and proper operation of the website.
Beyond this, cookies may be used for the statistical analysis of visitors to the website and to design the platform in a user-friendly way.
These cookies make it possible to recognise a browser on subsequent visits to the website. These cookies can only be stored for 30 days.
They do not store any personal data or IP addresses. They record information anonymously and help us to understand how our visitors use the site.
The first time you visit our website, a window is displayed to you which informs you of the use of the cookies mentioned, and asks for your consent.
... YouTube videos
YouTube videos are embedded in this website. This requires that YouTube know the IP address of users visiting the website, as it cannot send video content to the user’s browser without the IP address. The IP address is thus necessary in order to display this video content. For further information, please refer to YouTube’s privacy policy, which is available at https://www.google.de/intl/en/policies/privacy/
The videos are embedded in enhanced data protection mode, which means that no data about you as a user are transmitted to YouTube if you do not play the videos. When you click on the videos, your browser data are transmitted to YouTube, as is the fact that you accessed the corresponding page of our website. YouTube is also informed that you are watching the video.
If you are logged into YouTube, this information is also linked to your user account. You can prevent this by logging out of YouTube before accessing the video. We have no influence on data transmission to YouTube or further data processing by YouTube. YouTube also processes your personal data in the United States and is subject to the EU-US Privacy Shield.
Article 6 (1) (f) of the GDPR provides the legal basis for the processing of these data.
... Matomo web analytics software (previously Piwik)
The BAMF uses the web analytics software Matomo (Tracking) for the statistical analysis of visitors to the website. This software anonymously analyses user behaviour on the platform. It is not possible for it to connect "users" and "participants" with their identities. The information is used to improve the platform and develop it further.
No cookies are saved on your computer for these analyses; rather, the analysis uses browser data. The last two blocks of your IP address are removed and it is then encoded. This makes it impossible to identify you. The IP address transmitted by your browser via Matomo will not be combined with other data collected by us.
Article 6 (1) (f) of the GDPR provides the legal basis for the processing of data.
Sie können sich hier entscheiden, ob in Ihrem Browser ein eindeutiger Webanalyse-Cookie abgelegt werden darf, um dem Betreiber der Website die Erfassung und Analyse verschiedener statistischer Daten zu ermöglichen. Wenn Sie sich dagegen entscheiden möchten, wählen Sie bitte die entsprechende Option, um den Matomo-Deaktivierungs-Cookie in Ihrem Browser abzulegen.
... external links
Our website may contain links to other websites. If you click on these links, you will leave our website. We have no control over these external sites, and they may not adhere to the same standard of data protection. We are not responsible for any information or content provided on third-party websites. Our privacy policy does not cover your disclosure of personal data to third-party providers that are not associated with Federal Office for Migration and Refugees.
We recommend reading the privacy policy of each company carefully before you disclose personal data to them. Under certain circumstances, third-party providers may disclose your personal data to the Federal Office for Migration and Refugees. These transfers will be subject to the privacy policy of the relevant third-party provider.
Data collection and processing
When you contact us, we process the personal data provided by you in our own interest and for the purpose of processing your message, responding to it, and/or contacting you in regard to it.
Contacting us through the contact form
If you use the BAMF contact form to communicate, it is helpful if you include a form of address, your full name, and your email address, because without these data we cannot process your request adequately or cannot process it at all.
When you use the contact form, the data you transmit to us are stored. At the time when your message is sent via the contact form, the following data are stored:
- the IP address of the computer from which the form is submitted
- the date and time of the submission
If we receive a message from you via the contact form, we assume that we are entitled to respond via email. If not, please specifically indicate how you wish to communicate with us.
Information submitted using the contact form is transmitted only to the relevant divisions of the BAMF. By submitting the form, you agree in accordance with Article 6 (1) (f) GDPR to have your personal data and IP address transmitted and stored. The processing and temporary storage of your personal data serve the purpose of responding to your message in the framework of Article 17 of the Basic Law (Grundgesetz).
The data are deleted as soon as they are no longer required to achieve the purpose for which they were collected. For the personal data entered into the contact form, this is the case once the con-versation with the user has ended. The conversation is considered to have ended when it is evident from the circumstances that the matter at hand has been fully resolved.
If the staff responsible for responding to your message are unable to do so, it will be forwarded to the appropriate body. By submitting an enquiry, you agree that your message may be forwarded to third parties if this is necessary to answer your question.
If you do not consent to the processing of your data, you can cancel the process at any time and your message will not be submitted.
Contacting us via email
It is also possible to contact the BAMF via email using the email addresses of departments or the central email addresses service@bamf.bund.de, poststelle@bamf.bund.de and pressestelle@bamf.bund.de.
Personal data that are sent to the central email addresses and stored by the organisational unit responsible for distributing email are deleted in accordance with the applicable statutory provisions and upon request.
The data you send (such as first and last name, address) and at least your e-mail address and the information contained in your message (including any personal data you provide) will be saved by the relevant organisational unit for the purpose of contacting you and responding to your message.
Article 6 (1) (e) of the GDPR provides the legal basis for processing data that are transmitted when you send an email.
For us to respond to your message, we must process the personal data you provide.
If you contact us by email, we will assume that we are authorised to reply by email. If not, please specifically indicate how you wish to communicate with us.
The user can withdraw their consent to the processing of personal data at any time. If the user has contacted us via email, they can object to the storage of their personal data at any time. If they do so, the conversation cannot be continued.
In this case, all personal data that has been stored through your contact with us is deleted.
Contacting us by post
If you write a letter to the BAMF, the data you send (such as your first and last name and address) and the information contained in your letter (including any personal data you provide) will be saved by the relevant organisational unit for the purpose of contacting you and responding to your message.
Article 6 (1) (e) GDPR in conjunction with section 3 of the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) provides the legal basis for processing data.
Rights of data subjects
Right of access
Every person has the right to obtain from the BAMF confirmation of whether the BAMF is pro-cessing personal data relating to the person. If such processing is occurring, the person has the right to obtain information about all data processed.
Rectification / completion
If it is demonstrated that personal data processed by the BAMF are inaccurate or incomplete, these data will be corrected and completed without delay as soon as the BAMF becomes aware that this is the case.
Deletion
If it is demonstrated that personal data have been processed unlawfully, the deletion of the data will be arranged immediately. Data are also deleted when they are no longer needed to complete a task.
Right to withdraw consent
If data are processed on the basis of the consent of the data subject, this consent can be withdrawn at any time with effect for the future and without having to provide reasons. Any processing that took place before the withdrawal of consent shall not be affected.
Right to lodge a complaint
Data subjects have the right to contact the German Federal Commissioner for Data Protection and Freedom of Information (Graurheindorfer Str. 153, 53117 Bonn, Germany) if they believe that the processing of data related to them violates the GDPR.