+49 176 214 575 84

Privacy Policy

Data Protection in Focus: Our Privacy Policy for Maximum Security

Our strict data protection principles ensure your security. In our comprehensive privacy policy, we explain how we process, store, and protect your personal data so that you can feel safe when using our services.

Name and Address of the Controller

The controller within the meaning of the GDPR and the Federal Data Protection Act (BDSG – new) is:

Federal Press and Information Office

Vitali Maier
Luheweg 36
30851 Langenhagen
Phone: 0176 21 457 584
E-Mail: info@mp-innovativbau.de
Website: mp-innovativbau.de


I. Name and Address of the Data Protection Officer

Vitali Maier
Luheweg 36
30851 Langenhagen
Phone: 0176 21 457 584
E-Mail: info@mp-innovativbau.de
Website: mp-innovativbau.de


II. General Information on Data Processing

  1. Scope of Processing Personal Data
    We process personal data of our users only to the extent necessary for providing and optimizing a functioning website as well as our content and services. The processing of personal data of our users typically takes place only with your consent. An exception applies in cases where processing is permitted by legal requirements.
  2. Legal Basis for Processing Personal Data
    This website offering by the Federal Press and Information Office (BPA) and its individual services are part of the BPA’s public relations work. The legal basis is Art. 6 Para. 1 Lit. e GDPR in conjunction with § 3 BDSG. In case of consent: Art. 6 Para. 1 Lit. a GDPR. In case of contract: Art. 6 Para. 1 Lit. b GDPR.
  3. Data Deletion and Storage Duration
    Your personal data will be deleted or blocked as soon as the purpose for storing ceases to exist.

III. Provision of the Website and Creation of Log Files

  1. Description and Scope of Data Processing
    When our website is accessed, the following data is recorded automatically:
    • Browser type and version
    • Operating system
    • IP address (stored for 90 days for security reasons)
    • Time, URL, method, status code, data volume
    • Request header origin
    • Referrer (originating website)
  2. Legal Basis
    Art. 6 Para. 1 Lit. e GDPR in conjunction with § 3 BDSG (new).
  3. Purpose
    Operation and protection of the website, especially against attacks.
  4. Storage Duration
    90 days.
  5. Objection
    No objection possible, as it is technically necessary.

IV. Use of Cookies

Cookies serve to optimize the website. The legal basis is Art. 6 Para. 1 Lit. f GDPR.

a) Description and Scope of Data Processing

We use cookies to enable you to use our website optimally. Cookies necessary for the operation of the site are set.

These are specifically the following cookies:

  • CM_SESSIONID – CoreMedia session cookie: session identifier for reassigning the session when reloading the page.
  • cart – shopping cart cookie: stores session number, items, and quantities. Set when adding an item to the cart.
  • cookie-allow-necessary – stores the “Necessary Cookies Only” setting.
  • cookie-banner – prevents the cookie banner from being shown again.
  • cookie-allow-tracking – stores the user’s interaction with the banner.
  • mtm_consent_removed – contains the information that no tracking is allowed (default on first visit).
  • mtm_consent – is set when a statistics cookie is permitted. Removes mtm_consent_removed.
  • INGRESSCOOKIE – stores inputs in forms (e.g., contact form, shopping cart).
  • enodia – used for DDoS protection and website security.
  • SERVERID – enables faster loading of the website.

b) Legal Basis for Data Processing

The legal basis for processing personal data through the use of cookies is Art. 6 Para. 1 Lit. e GDPR in conjunction with § 3 BDSG (new), or Art. 6 Para. 1 Lit. a GDPR for consent-based cookies.

c) Purpose of Data Processing

Technically necessary cookies enable optimal use of the website. The data collected by technically necessary cookies are not used to create user profiles.

d) Storage Duration, Right to Object, and Deletion

Cookies are stored on the user’s computer and transmitted from there to our site. As a user, you have full control over the use of cookies. By changing your internet browser settings, you can disable or restrict the transmission of cookies. Already stored cookies can be deleted at any time – even automatically.

Matomo is deactivated when you visit our website. Only if you actively consent will your usage behavior be collected anonymously.


V. Web Analytics with Umami

1. Scope of personal data processing

We use the open-source analytics tool Umami Analytics (https://umami.is) on our website to anonymously analyze user behavior. Unlike other analytics platforms, Umami does not use cookies and does not collect personal data.

Umami does not store IP addresses, browser fingerprints, user-agent strings, or precise location data. All information is processed in aggregated form and is not shared with third parties.

The following anonymized data may be collected:

  • Visited pages
  • Referrer URL
  • Device type (desktop or mobile)
  • General browser and OS information

This data helps us understand which content is popular and how to improve site navigation.

2. Legal basis

Article 6(1)(f) GDPR – legitimate interest.

3. Purpose of data processing

The purpose of Umami analytics is to optimize our website, content structure, and user experience. The anonymity of the data respects the principles of data protection.

4. Retention period

Aggregated statistical data is stored for a limited time and is not tied to individual users. Only website administrators have access to the data.

5. Right to object and delete

Since Umami does not use cookies or store personal data, no user consent is required.

You may additionally block analytics data transmission by enabling your browser’s “Do Not Track” feature.

More information on Umami privacy: https://umami.is/docs/privacy

You have the right to access, correct, or delete your data in accordance with Articles 16, 17, and 21 GDPR. See Section XI for more.


VI. Newsletter

1. Description and Scope of Data Processing

On our website, you can subscribe to free newsletters. When registering, your email address and preferred format are collected.

Additionally, the following data is collected:

  • IP address of the requesting device
  • Date and time of registration

Your consent is obtained during the registration process. No data is shared with third parties.

2. Legal Basis

Art. 6 Para. 1 Lit. a GDPR (consent) and Art. 6 Para. 1 Lit. b GDPR (contract).

3. Purpose of Data Processing

The email address is used to deliver the newsletter. Additional data is used to prevent misuse.

4. Data Retention Duration

The data is deleted when it is no longer needed. The email address is stored as long as the subscription is active. Other data is deleted after seven days.

5. Right to Object and Deletion

The subscription can be canceled at any time via a link in the newsletter. This also revokes consent to store personal data. You can also change your stored data.


VII. Contact Forms, Accessibility Feedback Form, Email, Postal, and Telephone Contact

1. Description and Scope of Data Processing

Our website features a contact form and an accessibility feedback form. When used, the following data is transmitted and stored:

  • Subject
  • Message
  • Salutation, First and Last Name
  • Email address
  • Street, House Number, Postal Code, City

Additionally, when submitting:

  • User’s IP address
  • Date and time

Alternatively, you may contact us via email, post, or phone. When calling the numbers 030 18 272 2720 or 030 18 272 0, the phone number may be temporarily stored.

No data is shared with third parties.

2. Legal Basis

Art. 6 Para. 1 Lit. e GDPR and, if intended for contractual purposes, also Art. 6 Para. 1 Lit. b GDPR.

3. Purpose of Data Processing

Processing inquiries, preventing misuse, and ensuring technical security.

4. Data Retention Duration

  • Contact form data: up to three years
  • Additional submitted data: up to seven days
  • Phone numbers: up to one month

5. Right to Object and Deletion

Users can withdraw their consent at any time. If you object, the data will not be further processed and will be deleted.


VIII. Visitor Service Registration Form

1. Scope and Purpose of Data Processing

When using the visitor service form, the following information is required:

  • Name, First Name
  • Institution
  • Email address
  • Telephone number

Additionally: IP address, date, and time. The request is processed exclusively for event purposes (on-site or digital via Webex).

2. Legal Basis

Art. 6 Para. 1 Lit. e GDPR in conjunction with § 3 BDSG – data is encrypted via HTTPS during transmission.

3. Data Retention Duration

Data is stored for processing and in compliance with legal requirements. Deletion occurs after the purpose is fulfilled.

4. Rights of the Data Subject

Affected individuals can request information, correction, deletion, restriction, and objection. Upon withdrawal, data is deleted unless another legal basis applies.


IX. Federal Publications Portal

1. Description and Scope of Data Processing

When ordering via the publications portal, the following data is encrypted and transmitted to service providers:

  • Salutation, Name, Company
  • Street, House Number, Postal Code, City, Country
  • Email address

Additionally: IP address, date, and time.

Service providers:

  • IBRo Versandservice GmbH, Kastanienweg 1, 18184 Roggentin
  • GVP Gemeinnützige Werkstätten Bonn GmbH, Pfaffenweg 27, 53227 Bonn

No further sharing with third parties occurs.

2. Legal Basis

Art. 6 Para. 1 Lit. b GDPR

3. Purpose of Data Processing

Execution of the ordering and shipping process, abuse prevention, and IT security.

4. Data Retention Duration

  • Order data: three months after shipping is complete
  • Submitted data: at most seven days

5. Right to Object and Deletion

Consent can be withdrawn at any time. In that case, placing an order may no longer be possible. The data will then be deleted.


X. Federal App

The app uses push services from the operating systems (Apple/Google). An anonymized device ID is used. Conclusions about individuals are excluded.

Use can be deactivated in the app or system settings.

The app also uses Matomo (see Section V) as well as functions from Section VI (newsletter), Section VII (contact forms), and Section VIII (publications portal).


XI. Information on Your Rights

When personal data about you is processed, you are a data subject under the GDPR. You have the following rights against the controller:

1. Right to Access – Art. 15 GDPR

You have the right to request confirmation from us as to whether personal data concerning you is being processed. If such processing exists, you have the right to access your personal data stored with us under Art. 15 GDPR. This includes, in particular, information about the purposes of processing, the categories of personal data, the categories of recipients to whom your data has been disclosed or will be disclosed, the planned storage duration, and the origin of your data if it was not collected directly from you.

2. Right to Rectification – Art. 16 GDPR

You have the right to have incorrect data concerning you corrected or to have incomplete data completed without delay under Art. 16 GDPR.

3. Right to Erasure – Art. 17 GDPR

You have the right to have your data deleted that is stored with us under Art. 17 GDPR, unless statutory or contractual retention periods or other legal obligations prevent deletion. Right to Restrict Processing You have the right to request restriction of the processing of your personal data if one of the conditions in Art. 18 Para. 1 Lit. a–d GDPR is met:

  • If you contest the accuracy of the personal data concerning you for a period that allows the controller to verify its accuracy;
  • If processing is unlawful and you object to the deletion of the personal data, instead requesting restriction of its use;
  • If the controller no longer needs the personal data for the purposes of processing, but you require it for legal claims;
  • If you have objected to processing under Art. 21 Para. 1 GDPR and it is not yet clear whether the controller’s legitimate grounds override yours.

4. Right to Data Portability – Art. 20 GDPR

You have the right to receive your personal data concerning you that is stored with us in a structured, commonly used, and machine-readable format, or to request transmission to another controller under Art. 20 GDPR.

5. Right to Object – Art. 21 GDPR

You have the right to object to processing at any time if grounds arise from your particular situation. In that case, your data may no longer be processed unless compelling legitimate grounds of the controller override your interests.

6. Right to Withdraw Consent – Art. 7 Para. 3 GDPR

You have the right to withdraw your consent at any time. The lawfulness of processing up to the withdrawal remains unaffected.

7. Right to Lodge a Complaint – Art. 77 GDPR

You have the right to lodge a complaint with a supervisory authority if you believe your data is being processed unlawfully. You can contact the authority in the EU member state of your residence, workplace, or the place of the alleged infringement.

8. Data Security

To protect all personal data transmitted to us and to ensure that our data protection regulations and those of our external service providers are complied with, we have implemented suitable technical and organizational security measures. Among other things, all data between your browser and our server is transmitted via a secure SSL connection.

Source: Sample Privacy Policy from JuraForum.de