The protection of personal data is one of our top priorities. We would like our users to know when we process which data on what basis and for what purpose. In addition, we have taken technical and organisational measures to ensure that both we and our processors observe the data privacy regulations.
The Federal Ministry of Defence’s (FMoD) public duties also include public relations activities such as providing information to the public through this website. It is generally possible to use the bundeswehr.de website without disclosing personal data. We only process personal data to the extent that is necessary. Where it is necessary to process personal data, this will be done in accordance with the provisions of the European General Data Protection Regulation (EU GDPR) and the German Federal Data Protection Act (BDSG).
In the , you can select various options and set functions.
1. What constitutes personal data?
According to Article 4(1) of the EU GDPR, “‘personal data’ means any information relating to an identified or identifiable natural person”. An identifiable natural person is one who can be identified, directly or indirectly (in particular by reference to an identifier such as a name, an identification number, location data or an online identifier).
2. Data processing
a) Access to the website
Any time the website is accessed and any time a file is retrieved, data related to this process is processed in a log file for a limited time for statistical and backup purposes.
For information on the collection of data for statistical purposes, please see 4(a). Based on Article 6(1)(e) of the EU GDPR in conjunction with Section 5 of the German Act on the Federal Office for Information Security, we are also entitled to store data for protection against attacks on the internet infrastructure of the FMoD and the federal government’s communications technology even past the time of your visit. This data is used to initiate legal and criminal proceedings in the event of attacks on the communications technology.
Specifically, for every instance of access/data retrieval, the following data will be processed:
- Request (requested URL ) or name of the requested file
- Date and time of the request/query
- Referrer URL (referring website)
- IP address
- Data volume transferred
- Notification about success/failure of the access
The IP address is deleted automatically after 80 days.
b) Contact by e-mail
If you contact us by e-mail, the data you send (particularly your surname, first name and address, but at the very least your e-mail address and the information/personal data contained in the e-mail) will be processed in accordance with the guidelines for handling and managing records in the Federal Ministries. It is processed on the basis of Article 6(1)(e) of the EU GDPR in conjunction with Section 3 of the German Federal Data Protection Act. It is necessary to process the personal data you transmitted in order to contact you and respond to your request.
The IP address is also recorded. The IP address is used exclusively in the context of government law enforcement and hazard prevention measures in line with legal requirements.
c) Using the contact form
If you want to use the contact form, we will ask you for personal information so that we can respond to your request. It is necessary to enter your name and your e-mail address; without this data, we cannot process the message you send using the contact form. Further details are optional and make it easier for us to process your request. In addition, the date and time of your query and your IP address will be transmitted.
No automatic decisions will be made. Your information will be processed further by e-mail. The contents of the contact form will be transmitted via SMTP/TLS encryption. The contact e-mail address will store your data on secure servers in Germany. For technical reasons, encrypted transmission of a confirmation e-mail cannot be ensured. For this reason, you will only receive an anonymised confirmation message. Please note that communication via e-mail can always involve security gaps. For example, e-mails could be intercepted before they reach the intended recipient and accessed by other internet users.
Queries in electronic form are processed and stored in accordance with the guidelines for handling and managing records in the Federal Ministries.
d) Contact via the Citizens’ Helpline
If you contact us via the Citizens’ Helpline by calling +49(0)30/1824-24242, no personal data will be processed. Personal data will only be processed if you request a call back or a written message. In these cases, the statements in 2(c) regarding the processing of data will apply accordingly.
e) Contact by letter
If you write us a letter, the data you send (e.g. surname, first name and address) and any personal data you include in the letter will be processed in accordance with the guidelines for handling and managing records in the Federal Ministries for the purpose of contacting you and responding to your request. The data will be processed on the basis of Article 6(1)(e) of the EU GDPR in conjunction with Section 3 of the German Federal Data Protection Act.
3. Disclosure of personal data to third parties
If such disclosure is necessary in order to process your query, the personal data you transmit will be disclosed to the competent authority. If your data is disclosed externally for the same purpose, it will only be disclosed to processors in accordance with Article 4(8) of the EU GDPR. In addition, it may become necessary to transmit personal data to other public bodies of the federal government or state governments in the course of fulfilling public duties.
Data logged in connection with your access to our web presence will only be disclosed to third parties to the extent that we are legally bound to disclose it or that disclosure is required for purposes of legal proceedings or law enforcement in the event of attacks on the federal government’s communications technology. We will not disclose data under any other circumstances or merge it with other data sources.
a) Statistical analysis/web analytics
Within the scope of public relations and demand-oriented provision of information on the FMoD’s tasks, we evaluate usage information for statistical purposes on the basis of Article 6(1)(e) of the EU GDPR in conjunction with Section 3 of the German Federal Data Protection Act. We use Matomo for the statistical analysis of website visits. Data collected for this purpose is anonymised and used to analyse the use of the bundeswehr.de website and improve it.
Whenever details of our website are accessed, the following data is processed for statistical purposes:
- IP address of the accessing system in an anonymised form
- Website accessed
- Website through which the user accessed the website (“referrer”)
- Subpages accessed from the website that the user accessed originally
- Length of session on the website
- Access frequency
The data will be deleted as soon as it is no longer required.
You can prevent Matomo from collecting data by activating the “Do Not Track” function in your internet browser. Most browsers have this feature under “Settings -> Privacy”. You can use our website without restrictions with a “Do Not Track” feature enabled. Your browser will then simply inform Matomo that the user is not to be recorded. However, if the “Do Not Track” feature is enabled, there may be restrictions when using other websites.
Cookies are small files automatically created by the user’s browser that are stored on the terminal device when you visit our website. They store information in connection with the terminal device used, which does not, however, provide us with any information on the user’s identity.
Most browsers automatically accept cookies. However, browsers may be configured to never store cookies on the terminal device, to only store them for the duration of the current connection, or to always display a prompt notifying the user before a cookie is created. Completely disabling cookies may mean that you cannot use all the functions on our website.
Session cookies, which are only valid for the duration of your visit and deleted upon termination of the session, indicate whether the user has already visited individual pages on our website, and help us to continually optimise the user experience. Tracking cookies, on the other hand, are used for statistical analysis of use of the website; they are stored for 13 months and only passed on to Matomo (see 4(a)) in an anonymised form so that no conclusions can be drawn about the user. Finally, cookies are set that indicate how you got to our website. This cookie will be kept for six months.
c) Integration of third-party providers
Our online presence contains links to services of other providers. In the privacy settings, you can make adjustments and find information on the relevant services.
We take the ongoing discussion of privacy in social networks very seriously. There is currently no conclusive legal consensus on the extent to which all networks are offering their services in accordance with the European privacy regulations. We would therefore like to draw your attention to the fact that services such as YouTube, Facebook, Instagram and Twitter, which are also integrated into our web presence, store user data in accordance with their own data use policies and use such data for commercial purposes. We have no influence on whether these providers comply with the provisions of data protection legislation. We have no information on the scope, location or duration of data storage; the extent to which networks comply with obligations to delete data, how the data is evaluated and connected, or to which parties such data may be disclosed. You should therefore always check the relevant providers’ privacy policies.
5. Your rights
You have the right to withdraw your consent given in accordance with Article 6(1)(a) of the EU GDPR at any time and with future effect (for example when using the contact form), but without prejudice to the lawfulness of processing before your consent was withdrawn (Article 7(3) of the EU GDPR). Aside from the right to withdraw your consent, you have the following rights as a data subject: access to the personal data (Article 15, EU GDPR), the right to rectification (Article 16, EU GDPR), the right to erasure (Article 17, EU GDPR), the right to restriction of processing (Article 18, EU GDPR), the right to data portability (Article 20, EU GDPR), the right to object to processing (Article 21, EU GDPR) and the right to individual assessment (Article 22, EU GDPR).
6. Responsibility for data protection
The authority responsible for the bundeswehr.de website in terms of data privacy is the:
Federal Ministry of Defence
The relevant authority is responsible for privacy-related aspects of further processing of personal data (e.g. within the scope of contacting an agency).
7. Official data protection commissioner
For specific questions concerning the protection of your personal data, please contact the data protection commissioner:
Bundeswehr Commissioner for Data Protection
Federal Ministry of Defence