Privacy Policy

The Federal Ministry of Defence’s (FMoD) public duties also include public relations activities such as providing information to the public through this website. It is generally possible to use the bundeswehr.de website without disclosing personal data. We only process personal data to the extent that is necessary. Where it is necessary to process personal data, this will be done in accordance with the provisions of the European General Data Protection Regulation (EU GDPR) and the German Federal Data Protection Act (BDSGBundesdatenschutzgesetz).

In the privacy settings, you can select various options and set functions.

1. What constitutes personal data?

According to Article 4(1) of the EU GDPR, “‘personal data’ means any information relating to an identified or identifiable natural person”. An identifiable natural person is one who can be identified, directly or indirectly (in particular by reference to an identifier such as a name, an identification number, location data or an online identifier).

2. Data processing

a) Access to the website

Any time the website is accessed and any time a file is retrieved, data related to this process is processed in a log file for a limited time for statistical and backup purposes.

For information on the collection of data for statistical purposes, please see 4(a). Based on Article 6(1)(e) of the EU GDPR in conjunction with Section 5 of the German Act on the Federal Office for Information Security, we are also entitled to store data for protection against attacks on the internet infrastructure of the FMoD and the federal government’s communications technology even past the time of your visit. This data is used to initiate legal and criminal proceedings in the event of attacks on the communications technology.

Specifically, for every instance of access/data retrieval, the following data will be processed:

• Request (requested URLUniform Resource Locator ) or name of the requested file
• Date and time of the request/query
• Referrer URLUniform Resource Locator (referring website)
• IP address
• Browser
• Data volume transferred
• Notification about success/failure of the access

The IP address is deleted automatically after 80 days.

b) Contact by e-mail

If you contact us by e-mail, the data you send (particularly your surname, first name and address, but at the very least your e-mail address and the information/personal data contained in the e-mail) will be processed in accordance with the guidelines for handling and managing records in the Federal Ministries. It is processed on the basis of Article 6(1)(e) of the EU GDPR in conjunction with Section 3 of the German Federal Data Protection Act. It is necessary to process the personal data you transmitted in order to contact you and respond to your request.

The IP address is also recorded. The IP address is used exclusively in the context of government law enforcement and hazard prevention measures in line with legal requirements.

c) Using the contact form

If you want to use the contact form, we will ask you for personal information so that we can respond to your request. It is necessary to enter your name and your e-mail address; without this data, we cannot process the message you send using the contact form. Further details are optional and make it easier for us to process your request. In addition, the date and time of your query and your IP address will be transmitted.

You must accept this privacy policy in order to use the form. By ticking the box and submitting the form, you consent to the processing of your personal data, of the content, which may also contain personal data you have entered, and of the IP address. This data will be processed on the basis of Article 6(1)(a) of the EU GDPR for the purpose of responding to your query. The IP address is used exclusively in the context of government law enforcement and hazard prevention measures in line with legal requirements. If you do not consent, the process will be cancelled. In this case, the contact form will not be submitted. If you contact us by means of the contact form, we will assume that we are authorised to respond by e-mail or phone (if specified). If you do not wish to receive a response by e-mail/phone, kindly suggest another form of communication in the text box of the contact form.

No automatic decisions will be made. Your information will be processed further by e-mail. The contents of the contact form will be transmitted via SMTP/TLS encryption. The contact e-mail address will store your data on secure servers in Germany. For technical reasons, encrypted transmission of a confirmation e-mail cannot be ensured. For this reason, you will only receive an anonymised confirmation message. Please note that communication via e-mail can always involve security gaps. For example, e-mails could be intercepted before they reach the intended recipient and accessed by other internet users.

Queries in electronic form are processed and stored in accordance with the guidelines for handling and managing records in the Federal Ministries.

d) Contact via the Citizens’ Helpline

If you contact us via the Citizens’ Helpline by calling +49(0)30/1824-24242, no personal data will be processed. Personal data will only be processed if you request a call back or a written message. In these cases, the statements in 2(c) regarding the processing of data will apply accordingly.

e) Contact by letter

If you write us a letter, the data you send (e.g. surname, first name and address) and any personal data you include in the letter will be processed in accordance with the guidelines for handling and managing records in the Federal Ministries for the purpose of contacting you and responding to your request. The data will be processed on the basis of Article 6(1)(e) of the EU GDPR in conjunction with Section 3 of the German Federal Data Protection Act.

3. Disclosure of personal data to third parties

If such disclosure is necessary in order to process your query, the personal data you transmit will be disclosed to the competent authority. If your data is disclosed externally for the same purpose, it will only be disclosed to processors in accordance with Article 4(8) of the EU GDPR. In addition, it may become necessary to transmit personal data to other public bodies of the federal government or state governments in the course of fulfilling public duties.

Data logged in connection with your access to our web presence will only be disclosed to third parties to the extent that we are legally bound to disclose it or that disclosure is required for purposes of legal proceedings or law enforcement in the event of attacks on the federal government’s communications technology. We will not disclose data under any other circumstances or merge it with other data sources.

4. Statistical analysis, use of cookies, and integration of third-party services

a) Statistical analysis/web analytics

Within the scope of public relations and demand-oriented provision of information on the FMoD’s tasks, we evaluate usage information for statistical purposes on the basis of Article 6(1)(e) of the EU GDPR in conjunction with Section 3 of the German Federal Data Protection Act. We use Matomo for the statistical analysis of website visits. Data collected for this purpose is anonymised and used to analyse the use of the bundeswehr.de website and improve it.

Whenever details of our website are accessed, the following data is processed for statistical purposes:

• IP address of the accessing system in an anonymised form
• Website accessed
• Website through which the user accessed the website (“referrer”)
• Subpages accessed from the website that the user accessed originally
• Length of session on the website
• Access frequency

The data will be deleted as soon as it is no longer required.

You can prevent Matomo from collecting data by activating the “Do Not Track” function in your internet browser. Most browsers have this feature under “Settings -> Privacy”. You can use our website without restrictions with a “Do Not Track” feature enabled. Your browser will then simply inform Matomo that the user is not to be recorded. However, if the “Do Not Track” feature is enabled, there may be restrictions when using other websites.

b) Use of cookies

Within the scope of public relations activities and demand-oriented provision of information on the FMoD’s tasks, we use cookies on our website on the basis of Article 6(1)(e) of the EU GDPR in conjunction with Section 3 of the German Federal Data Protection Act.

Cookies are small files automatically created by the user’s browser that are stored on the terminal device when you visit our website. They store information in connection with the terminal device used, which does not, however, provide us with any information on the user’s identity.

Most browsers automatically accept cookies. However, browsers may be configured to never store cookies on the terminal device, to only store them for the duration of the current connection, or to always display a prompt notifying the user before a cookie is created. Completely disabling cookies may mean that you cannot use all the functions on our website.

Session cookies, which are only valid for the duration of your visit and deleted upon termination of the session, indicate whether the user has already visited individual pages on our website, and help us to continually optimise the user experience. Tracking cookies, on the other hand, are used for statistical analysis of use of the website; they are stored for 13 months and only passed on to Matomo (see 4(a)) in an anonymised form so that no conclusions can be drawn about the user. Finally, cookies are set that indicate how you got to our website. This cookie will be kept for six months.

c) Integration of third-party providers

Our online presence contains links to services of other providers. In the privacy settings, you can make adjustments and find information on the relevant services.

We take the ongoing discussion of privacy in social networks very seriously. There is currently no conclusive legal consensus on the extent to which all networks are offering their services in accordance with the European privacy regulations. We would therefore like to draw your attention to the fact that services such as YouTube, Facebook, Instagram, X, Mastodon and Bluesky, which are also integrated into our web presence, store user data in accordance with their own data use policies and use such data for commercial purposes. We have no influence on whether these providers comply with the provisions of data protection legislation. We have no information on the scope, location or duration of data storage; the extent to which networks comply with obligations to delete data, how the data is evaluated and connected, or to which parties such data may be disclosed. You should therefore always check the relevant providers’ privacy policies.

5. Your rights

You have the right to withdraw your consent given in accordance with Article 6(1)(a) of the EU GDPR at any time and with future effect (for example when using the contact form), but without prejudice to the lawfulness of processing before your consent was withdrawn (Article 7(3) of the EU GDPR). Aside from the right to withdraw your consent, you have the following rights as a data subject: access to the personal data (Article 15, EU GDPR), the right to rectification (Article 16, EU GDPR), the right to erasure (Article 17, EU GDPR), the right to restriction of processing (Article 18, EU GDPR), the right to data portability (Article 20, EU GDPR), the right to object to processing (Article 21, EU GDPR) and the right to individual assessment (Article 22, EU GDPR).

6. Responsibility for data protection

The authority responsible for the bundeswehr.de website in terms of data privacy is the:

Federal Ministry of Defence
Stauffenbergstrasse 18
10785 Berlin

The relevant authority is responsible for privacy-related aspects of further processing of personal data (e.g. within the scope of contacting an agency).

7. Data protection commissioner

For specific questions concerning the protection of your personal data, please contact the data protection commissioner:

Federal Ministry of Defence
Fontainengraben 150
52123 Bonn

E-Mail: DSBGBBMVg@bmvg.bund.de

8. Responsible data processor

The ITInformationstechnik service provider is the responsible processor under data protection law in accordance with Article 4 No. 8 GDPR and Article 28 GDPR.

BWI GmbHGesellschaft mit beschränkter Haftung
Auf dem Steinbüchel 22
53340 Meckenheim