The Federal Ministry of Education and Research (BMBF) takes the protection of your personal data very seriously which is why personal data is only processed by us as necessary. What data is needed and processed for what purpose and on what basis depends on the type of service that you require or on what task we need it for.
The term 'personal data' is used here to refer to any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier.
This statement on data protection provides you with detailed information on what data is collected for what purpose and on what basis, how you can contact the 'data controller' (the responsible entity) and the Data Protection Officer and what rights you have concerning the processing of personal data.
1. Data Controller and Data Protection Officer
The entity which has responsibility for the processing of personal data (the 'controller') is the
If you have specific questions concerning the protection of your data please contact the BMBF's official Data Protection Officer:
Federal Ministry of Education and Research (BMBF)
53170 Bonn, Germany
Phone: +49 (0)228 9957-2539
Fax: +49 (0)228 9957-8-2539
This statement on data protection provides you with an overview of how the Federal Ministry of Education and Research (BMBF) ensures the protection of your data and what types of data are collected and for what purpose and on what basis.
2. Processing of data resulting from your visit to this website
Whenever a website is visited, certain data is collected and exchanged which is needed to provide the necessary service, namely:
- IP address
- your browser type and version
- the operating system used
- the web page accessed
- the page previously visited (referrer URL)
- the time of server request
After your visit to the website, this data is stored in log files on an external server at our service provider Net-Build® GmbH
In accordance with Article 6 (1) (c) and (e) of the EU General Data Protection Regulation (GDPR) in conjunction with Section 5 of the Act on the Federal Office for Information Security (BSI-Gesetz), we are also required to store data past the time of your visit in order to protect the internet infrastructure against attacks and to recognize, contain or remedy disruptions to or problems with federal/BMBF communications technology. This data is analysed and, in case of attacks on the communications technology, needed to initiate legal and criminal proceedings.
Data logged during access to the BMBF's website is only disclosed to third parties in so far as we are legally obliged to do so or if disclosure is required for criminal or other prosecution in the case of attacks on federal communications technology. Data will not be disclosed to others in any other cases. The BMBF does not merge this data with other data sources.
The BMBF, together with its service providers contracted for support and development, "bringe Informationstechnik GmbH" and "informedia GmbH", analyse user information for statistical purposes on the basis of Article 6 (1) (e) of the GDPR in conjunction with Section 3 of the Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG) as part of its public relations work and for the purpose of providing information on tasks within the BMBF's remit as needed.
It does so using the Matomo web analytics service.
The software uses permanent cookies to recognize visitors returning even after longer periods of time. This type of information is stored as a text file on the hard drive of the user's computer. The cookie is valid for 13 months after which it deletes itself.
The software also uses session cookies. Session cookies are small information units that are stored by the provider of a website in the active memory of the visiting user's computer. A randomly generated, unique ID number, a so-called session ID, is stored in a session cookie. A cookie also contains information on its origin and the maximum period of time it is to be stored on a computer. These cookies cannot store any further types of data. Their purpose is to distinguish between the number of clicks and unique visitors to our site. This means that the session cookie identifies you as the same unique visitor regardless of the number of your clicks. If your session cookies are deactivated, every single click on the site will list you as a new visitor. The session cookies used by the BMBF are deleted as soon as you end a session.
The following data is stored when individual pages of our website are accessed:
- two bytes of the IP address of the user's retrieving system (anonymous)
- the web page accessed
- the website from which the user reached the accessed web page (referrer)
- the sub-pages loaded via the accessed web page
- the length of time spent on the web page
- how often the page has been accessed
The software is configured so that IP addresses are stored incomplete with 2 bytes concealed (e.g. 192.168.xxx.xxx). This makes it impossible for the shortened IP address to be linked to the retrieving computer, meaning that you remain anonymous as the user.
The relevant software runs only on the web servers of our service providers "bringe Informationstechnik GmbH" and "informedia GmbH" on behalf of the BMBF. These are the only servers where user information is stored. No data is disclosed to third parties.
If you do not wish to have your session data stored and analysed, you can click on the box below to withdraw your consent at any time.
In this case, a so-called "opt-out cookie" will be placed on your browser which will prevent Matomo from collecting any session data.
You may choose not to have a unique web analytics cookie identification number assigned to your computer to avoid the aggregation and analysis of data collected on this website. To make that choice, please click below to receive an opt-out cookie.
Note: If you delete the cookies on your computer, you will also delete your opt-out cookie. In that case you will have to set a new one.
3. Transfer of personal data
Your data will only be transferred from the browser to the web server following encryption. We use a SSL-certificate for this.
The following data will be collected for the transmission of the FONA newsletter, keeping you informed of FONA news and events in Europe:
- e-mail address
- data of registration
- acceptance of data collection
- knowledge of the data privacy statement
Your data will be collected by means of the double-opt-in procedure, which means that your data will only be saved and used in the system if you agree to the registration by clicking a confirmation link in an e-mail. Otherwise, the data that you have entered will be deleted after 24 hours.
The data will be processed by the software webEdition and the newsletter is sent via the software webEdition. You can cancel the newsletter at any time.
The collected data will only be used to send out the FONA newsletter, it will not be forwarded to third parties for either commercial or non-commercial purposes. The data will be stored until such time as the user objects to its storage or the purpose of the data storage announced during the registration process is no longer given.
5. Contact form
The data will be transferred to the web server in an encrypted way. However, the data will not be stored on the web server, but will be sent automatically from the web server via e-mail to the editorial staff of the website. The data will only be stored until this no longer becomes necessary.
6. Right of access
Users have the right to receive– free of charge – information about their personal data that has been saved. Furthermore, they have the right under statutory regulations to request that their personal data be rectified, blocking and erased.
7.1 What are cookies and how do we use them?
Cookies are small text modules which are transferred from the Internet to your computer together with the required data. This data will be saved on your computer and will be kept for later visits.
So-called "session-cookies" are necessary, particularly for the registration process, because we use a so-called single-sign-on concept for reasons of user-friendliness during the authentication and access control to the different areas of our portal.
This comprises the establishment of a "session" between the client and the server which allows you to move through the entire portal without having to re-register for each area. This session is represented by a cookie, in which a randomly generated number is saved.
In addition, your login information (user name, user rights and validity of the session) is saved in a further cookie to control your access. Think of this as substitute login information. Instead of asking you to re-enter your login information, the cookie is sent to the server and accepted as proof of your identity.
7.2 Validity of cookies
The validity of both cookies is limited to the time of your visit to our portal. They will be deleted automatically when you close the browser. They are not linked to personal data and no conclusions can be drawn about the user's activities.
Most browsers are configured to automatically accept cookies. However, you can deactivate the storage of cookies at any time or you can adjust the browser to inform you as soon as cookies are used.
8. Twitter, Facebook, Google Plus, LinkedIn
The embedded links on our website to Twitter, Facebook, Google Plus and LinkedIn are not embedded via the respective social plugins. The embedded graphic only contains an http-link. This means that if you visit our website, no direct connection will be established to the servers of the social media providers.
9. Legal basis and time of storage
The legal basis for data processing pursuant to the preceding paragraphs is point f) in Article 6 (1) of the European General Data Protection Regulation. Our interest in data processing is, in particular, to ensure the operation and security of the website, the analysis of the way visitors use the website as well as the simplification of the use of the website.
Unless otherwise specified, we only save personal data as long as is necessary for the fulfillment of the respective purposes.
10. Your rights
You have the following rights vis-à-vis the data controller concerning your personal data:
- right of access (Article 15 GDPR)
- right to rectification (Article 16 GDPR)
- right to erasure (Article 17 GDPR)
- right to restriction of processing (Article 18 GDPR)
- right to object to collection, processing and/or use (Article 21 GDPR)
- right to data portability (Article 20 GDPR)
- If the personal data is processed on the basis of your consent (in accordance with Article 6 [a] GDPR), you can withdraw your consent at any time for the purpose in question. The lawfulness of processing your personal data on the basis of the consent provided by you remains valid until your withdrawal of consent has been received.
You also have the right to submit a complaint to the supervisory authority under data protection law (Federal Commissioner for Data Protection and Freedom of Information, BfDI).
Questions and complaints may also be addressed to the BMBF's Data Protection Officer email@example.com.