Data protection declaration pursuant to Article 13 of the GDPR
Below you will find information on when we collect data on this website, what data we collect, and how we use it.
The Federal Foreign Office and the German missions abroad process personal data in line with the EU’s General Data Protection Regulation (GDPR), the Federal Data Protection Act and, where applicable, particular statutory rules. In order to inform you of our data processing policy and of your rights as well as to comply with our obligations under Articles 13 and 14 of the GDPR, the following declaration outlines how we process the personal data we receive when you use our website, contact us (via the contact form, per email, by telephone or post) or subscribe to one of our newsletters.
1.1 Controller and data protection commissioner
Under section 2 of the Foreign Service Act, the Federal Foreign Office (headquarters) and the German missions abroad form one single federal authority.
Under Article 4 (7) of the GDPR, responsibility for the processing of personal data lies with:
Werderscher Markt 1
Telephone: +49 (0)30 18 17-0 / help desk: +49 (0)30 18 17-2000
Fax: +49 (0)30 18 17-3402
The Federal Foreign Office Data Protection Commissioner can be contacted as follows:
Datenschutzbeauftragte/r des Auswärtigen Amtes
Werderscher Markt 1
Tel.: +49 (0)30 18 17-7099
Fax: +49 (0)30 18 17-5 7099
Contact the Data Protection Commissioner
If you have any questions on data protection, you can also get in touch with the contact person for data protection matters at a German mission abroad. We will tell you how to get in touch with the contact persons at the end of this article (see paragraph 8. Contact person for data protection matters at the German missions abroad).
1.2 Personal data
Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier (Article 4 (1) of the GDPR).
1.3 Legal basis for processing
We process your personal data on the basis of
- Article 6 (1) (a) of the GDPR, provided you have given your consent (e.g. if you have signed up for a newsletter),
- Article 6 (1) (b) of the GDPR, if processing is necessary for the performance of a contract or for a measure prior to entering into a contract,
- Article 6 (1) (c) of the GDPR, if processing is necessary to comply with a legal obligation to which we are subject,
- Article 6 (1) (d) of the GDPR , if processing is necessary to protect the vital interests of the person in question or of another natural person,
- Article 6 (1) (e) of the GDPR in conjunction with section 3 of the Federal Data Protection Act, if processing is necessary for the performance of a task assigned to us in the public interest or in the exercise of official authority (e.g. answering contact requests). Public relations and the provision of information on the Federal Republic of Germany abroad is one of the key official tasks of the Federal Foreign Office and of the German missions abroad (see section 1 of the Foreign Service Act (GAD)).
2. The data processed when you visit this Website
2.1 Data collection
Each time a user accesses this website or retrieves a file, data on this activity is temporarily stored and processed in a log file.
The tracking tool employed to analyse site use is configured to ensure that no personal data is collected.
User IP addresses are also anonymised, so that individual activity cannot be traced.
The tracking tool runs on our own servers in a secure network zone certified by the Federal Office for Information Security (BSI) to ensure that no tracking data can be accessed by third parties.
If you do not want your activity on the website to be registered or analysed, you can activate the Do Not Track setting on your browser. A browser variable is transmitted which tells the website whether the user wishes their activity to be tracked or not.
To find out how to do this with your browser, enter in a search engine, for example: “activate Do Not Track [browser name]”
- Request (file name), date and time of the request
- Browser type and version (e.g. Firefox 80.0.1)
- Browser language (e.g. German)
- Operating system used (e.g. Windows 10)
- Device type, model and make
- Screen resolution
- Plug-ins used (e.g. Flash, Java)
- Referrer URL (previous page accessed by the user)
- Anonymised IP address
- Country and region from which the request originated
- Number of forms sent (depending on the goals defined)
2.2 Session cookies
Accessing individual pages generates so-called transient cookies to facilitate navigation. These session cookies contain no personal data and are erased at the end of the session. Cookies are also used for the shopping cart. These also expire after use.
Technology which allows user access behaviour to be monitored is not used.
2.3 Use of social media plug-ins
We currently use the following social media plug-ins: Facebook, Twitter, Instagram and YouTube (Google). We use the two-click solution. This means that when you visit our site, no personal data is initially passed on to the providers of the plug-ins. Only if you click on the activation button on social media, will personal data be transferred from you to the respective plug-in provider and stored there (for US providers in the USA). We use the social media plug-ins to make the information we provide more interesting through interaction with you and other users.
We expressly point out that social networks store their users’ data (e.g. personal information, IP address etc.) in accordance with their own data usage guidelines and use this data for commercial purposes. You can find out more about how social networks process data by clicking on the following links:
Facebook, Twitter, Instagram, YouTube (Google)
The Federal Foreign Office has no influence on whether or what data is collected by social networks and how this data is used. We are unable to identify how much, where and for how long data is stored, to what extent the networks adhere to requirements to delete data, how the data is evaluated and linked, and with whom the data is shared.
We therefore ask you to check carefully which personal data you make available to the social networks when you use our site. If you do not want social networks to receive your personal data via your communication on our website, you should contact us in another way, for example by using the contact form on this website.
2.4 Google Maps
Google Maps is embedded into our website. When you use this service (by clicking on the map), Google processes personal data, in particular IP addresses and user location data, which however cannot be collected without your permission (usually via the settings on your mobile devices).
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Opt-out plugin: http://tools.google.com/dlpage/gaoptout?hl=en
3. Personal data processed when you contact us
When you contact us, your details (name, email address and possibly also your address, telephone and fax numbers) and the information provided (including personal data) are processed for the purpose of contacting you and handling your inquiry. The storage of this data is governed by the statutory periods for retaining records laid down in the Registry Directive, which complements the Joint Rules of Procedure of the Federal Ministries.
If we are not responsible for your inquiry, it may be forwarded to other Land and federal authorities without your prior consent but in compliance with data protection regulations, provided it can be assumed that forwarding your inquiry for the purpose of answering it is in your interest and no sensitive personal data is affected (Art. 6 (1) (e) of the GDPR in conjunction with section 3, section 25 (1) and section 23 (1) (1) of the Federal Data Protection Act).
You can subscribe to one of our newsletters to find out more about news and press releases from the Federal Foreign Office or travel and security information.
For subscriptions to our newsletters, we use the double opt-in procedure. This means that after you register, we send you an email to the specified e-mail address in which we ask you to confirm that you would like the newsletter to be sent. Only after you confirm the link in the email is your email address stored for the duration of the use of our newsletter offer. If you do not confirm your registration within 24 hours, your information is deleted automatically.
You can revoke your consent to receive the newsletter at any time and unsubscribe from the newsletter by clicking on the link provided in each newsletter email.
5. Ordering printed products
If you order brochures, leaflets and other printed products via our website, we require the following personal data to process your order:
- surname, first name
- street, house number
- postcode and town/city
- email address
If the order cannot be finally processed by us, the data you provide will be passed on to third parties (shipping company, if necessary other authorities or institutions if they are sending the material ordered). The legal basis for the processing of your data is your consent pursuant to Article 6 (1) a GDPR. If the aforementioned data is not available, the order cannot be processed.
The data you provide will be deleted 90 days after completion of the order.
6. Events, press and public relations work
As part of their remit, the Federal Foreign Office and the German missions abroad organise or co-organise various events.
If you are invited to or participate in an event, we process your personal data (name, address, etc). This can be done via various means of communication, for example by filling in a form, an online form, per email, per telephone or by handing over a business card.
Which personal data is shared with us can be ascertained from the relevant form or input mask as well as the information requested in a conversation.
6.1 Collection of the data of accompanying persons
In order to ensure that the event can be properly staged, the data of persons accompanying invited participants is also collected and processed. Just like any other individual affected by data collection, they have the rights listed in paragraph 7.
6.2 Data collection from publicly accessible sources
The Federal Foreign Office also collects and processes data from publicly accessible sources, for example the websites of the individuals concerned or publicly accessible lists.
6.3 Further procedures relating to data collection
Personal data is not shared with third parties without authorisation. Rather, it is stored and processed for our internal use and for the purpose of organising and staging events (for instance, drawing up guest lists, access checks, etc.). We may share data with one or more processors who use the personal data exclusively for an internal use attributable to us.
Depending on the type of event, we may organise it in collaboration with a partner. In such cases, we will share the data collected for the purpose of the event with our cooperation partners. However, these partners, too, may only use this data to ensure that the event can be staged properly. Which cooperation partners this may be in any given instance is made known separately within the scope of the organisation of the event.
The data is only stored for as long as this is necessary for the organisation and staging of events as well as for our remit in the public relations sphere.
As the recipient of a letter/invitation, you can ask at any time that no further letters/invitations be sent to you.
As part of the press and public relations work of the Federal Foreign Office and the German missions abroad, photographs are taken at events and meetings and subsequently published. You may appear in such images. You can object to being photographed or to the publication of the photographs. Please contact the photographer directly or use the abovementioned contact information to lodge your objection.
Please note that we have no influence on the use of photos/videos made by representatives of the press and other media. They themselves are controllers under the terms of the GDPR.
7. Your rights
7.1 In dealings with us, you have the following rights regarding your personal data:
- Right of access, Article 15 of the GDPR
- Right to rectification, Article 16 of the GDPR
- Right to erasure (right to be forgotten), Article 17 of the GDPR
- Right to restriction of processing, Article 18 of the GDPR
- Right to data portability, Article 20 of the GDPR
- Right to object to processing, Article 21 of the GDPR
If the processing of your personal data is based on your consent (e.g. a newsletter), you have the right to revoke this at any time without giving reasons. Withdrawing consent does not affect the lawfulness of any use based on your consent prior to its withdrawal (Article 7 (3) of the GDPR).
You also have the right to complain to a data protection supervisory authority about our processing of your personal data (Article 77 of the GDPR).
The supervisory authority responsible for the Federal Foreign Office and the German missions abroad is the:
Federal Commissioner for Data Protection and Freedom of Information
Graurheindorfer Straße 153
8. Contact person for data protection matters at the mission abroad
Data protection declaration for our Facebook page
German Embassy Kampala
Plot 15, Philip Road, Kololo
Information about the page
German Embassy Kampala uses the services of Meta Platforms Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland, which owns the Facebook platform, for the information service offered here.
German Embassy Kampala wishes to remind you that you use this Facebook page and its functions at your own risk. This applies, in particular, to the use of interactive functions (e.g. commenting, sharing, liking).
Legal basis for data processing
The legal basis for data processing following user interaction with the content of the Facebook page of der Botschaft/ des Generalkonsulats etc. is Article 6 (1) (e) of the General Data Protection Regulation (GDPR) in conjunction with section 3 of the Federal Data Protection Act and, if the users have given their consent, Article 6 (1) (a) of the GDPR.
Purposes of data processing
The Facebook page of the German Embassy Kampala is necessary for the purpose of providing information about the Federal Republic of Germany abroad. Your data is processed to this end when you visit this page.
This is data processing in the public interest within the meaning of Article 6 (1) (e) of the GDPR. According to the fourth indent of section 1 (2) of the Foreign Service Act, one of the tasks of the Foreign Service is to provide information about the Federal Republic of Germany abroad. The Foreign Service consists of the Federal Foreign Office (Head Office) and the missions abroad (section 2 of the Foreign Service Act). The missions abroad provide information about the Federal Republic of Germany on their Facebook pages.
Statistical studies have shown that media use and the way in which we deal with information is changing around the world. The number of people who get their information about everyday events from “traditional” information channels such as daily newspapers or TV programmes is declining. Media that operate exclusively or partly on the internet, above all social media platforms, are increasingly being used as sources of information. With its public relations work, German Embassy Kampala is seeking to reach as many population groups as possible and to provide them with information under its legal mandate.
The Federal Foreign Office and its missions abroad use Facebook alongside other essential media channels. For more information about these channels, visit our Homepage.
Processing of personal data by Meta
When you visit this Facebook page, Meta collects data including your IP address and other information saved on your PC in the form of cookies. This information is used to provide German Embassy Kampala as the owner of the Facebook page with anonymised statistical information about your use of the Facebook page. Facebook provides more information about this at the following link http://de-de.facebook.com/help/pages/insights.
The data collected about you in this context is processed by Meta Platforms Ireland Ltd. and may be transferred to countries outside the European Union. Meta describes the information it receives and how it is used in its data usage guidelines, in which you will also find information on how to contact Meta and on the settings options for advertisements. The data usage guidelines are available at the following link: www.facebook.com/privacy/center . You can find Meta’s complete Data Use Policy here: https://www.facebook.com/policy.php
When you access a Facebook page, the IP address assigned to your end device is transmitted to Meta. According to Meta, this IP address is anonymised. Meta also stores information about its users’ end devices (e.g. as part of the “login notification” function); this may enable Meta to assign IP addresses to individual users.
If you are currently logged in to Facebook as a user, a cookie with your Facebook ID will be located on your end device. This enables Meta to see that you visited this page and how you used it. This also applies to all other Facebook pages. Facebook buttons integrated into websites enable Meta to record your visits to these websites and assign them to your Facebook profile. Based on this data, content or advertising can be offered that is tailored to you.
To avoid this, you should log out of Facebook and disable the “stay signed in” feature, delete the cookies saved on your device, then close and restart your browser. Facebook information that can be used to identify you directly is thus deleted. This allows you to use our Facebook page without revealing your Facebook ID. When you access interactive features on the site (like, comment, share, messages, etc.), a Facebook login screen will appear. Once you have logged in, Facebook will identify you as a user once again. Information on how to manage or delete existing information about you can be found on the following Facebook support pages: www.facebook.com/privacy/center
Meta states that it stores data until it is no longer needed to provide its services and products or until the user’s account has been deleted, whichever happens first. This depends on the circumstances of the individual case, in particular the type of data, why it is collected and processed, and the relevant legal or operational storage needs. For more information about data storage, go to: www.facebook.com/privacy/center
Facebook Page Insights
Meta processes a range of page visitors’ personal data in its Page Insights for its own purposes. Processing takes place regardless of whether visitors are logged into the Facebook platform or not and whether they are members of the Facebook network. Users who access Facebook pages without being registered or logged in to Facebook also have the option of influencing the scope of data processing with a cookie banner inserted by Facebook. For more information about Facebook cookies, go to: https://de-de.facebook.com/policies/cookies/
Page Insights are aggregate statistics that are created on the basis of specific “events” logged by Meta servers when people interact with pages and their associated content. Page owners themselves do not have access to the personal data processed as part of “events”, but only the aggregated, anonymised Page Insights. For more information, go to: https://www.facebook.com/legal/terms/page_controller_Addendum
Rights of the data subject
If users’ personal data is processed, they have the right of access, rectification, objection, portability and deletion of this data in accordance with the EU General Data Protection Regulation. Meta Platforms Ireland Ltd has undertaken, in accordance with the Page Insights Controller Addendum, to respond to requests from data subjects in accordance with Meta’s obligations under the Page Insights Controller Addendum (available at https://www.facebook.com/legal/terms/page_controller_addendum).
Requests from users regarding data processing when visiting a Facebook page will be forwarded by us to Meta in accordance with the Page Insights Controller Addendum. Users can find out more about their rights as data subjects at the following link: https://de-de.facebook.com/about/privacy
Alternative unconditional access to Information
Alternatively, you can access information on the topics presented on the Facebook page on our Website and at www.diplo.de.
Further processing of personal data
The German Embassy Kampala as the provider of the information service will not collect or process any further data from your use of our service.
Data protection information
You can find this data protection declaration in its current version under “Data Protection” on our Facebook page.
If you have any questions about our information service, you can contact the German Embassy Kampala via our contact form.
Information about Facebook and about other social networks and how you can protect your data can also be found on the webpages of the Federal Office for Information Security: https://bsi.bund.de/dok/sicherheitsoptionen