Data Privacy Statement

The Federal Foreign Office and its German missions process personal data in line with the EU’s General Data Protection Regulation (GDPR), the Federal Data Protection Act (BDSG, Bundesdatenschutzgesetz) and, where applicable, particular statutory rules. In order to inform you about data processing and your rights and to comply with our duty to inform (Article 13 and 14 of the GDPR), please observe the information below regarding how personal data is processed in the Consular Services Portal of the Federal Foreign Office and its German missions.

The Consular Services Portal offers you direct access to all the online information and administrative services provided by German missions, as well as the possibility to directly use these services.

Under section 2 of the Foreign Service Act (GAD, Gesetz über den Auswärtigen Dienst), the Federal Foreign Office (headquarters) and the German missions together form one single federal authority. Under Article 4 (7) of the GDPR, responsibility for the processing of personal data lies with:

Federal Foreign Office
Werderscher Markt 1
10117 Berlin, Germany

Telephone: +49 (0) 30 18-17-0 / Help desk: +49 (0) 30 18-17-2000
Fax: +49 (0) 30 18-17-3402
Help desk contact form

You can reach the Federal Foreign Office Data Protection Commissioner:

Data Protection Commissioner of the Federal Foreign Office
Federal Foreign Office
Werderscher Markt 1
10117 Berlin, Germany

Telephone: +49 (0)30 18 17-7099
Fax +49 (0)30 18 17-5 7099
Data Protection Commissioner contact form

Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, either directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data or an online identifier (Art. 4 (1) GDPR).

Each time you access the website of the Consular Services Portal, the following data is recorded on our servers, which is technically necessary to display the web pages to you and to ensure the stability and security of the offer:

• The date and time you accessed the website
• The name and URL of the retrieved files as well as the size in bytes of the transferred file
• Request details and the message whether the request was successful (protocol version, HTTP method, HTTP status code)
• The website from which access is made
• The user agent (and thus mostly your computer operating system and the browser you are using)
• Your IP address
  

The data is automatically written to so-called log files (technical log files) and stored there for a period of three (3) months in line with section 5 of the Act on the Federal Office for Information Security (BSIG, Gesetz über das Bundesamt für Sicherheit in der Informationstechnik). Afterwards, this data is automatically deleted. Due to technical and organisational measures, access is only possible for a defined and identifiable group of appropriately instructed administrators in the Federal Foreign Office.

The web pages are transmitted using an encrypted HTTPS connection. The processing is based on Article 6 (1) (e) of the GDPR in conjunction with section 3 of the Federal Data Protection Act (BDSG, Bundesdatenschutzgesetz) and section 1 of the Foreign Service Act (GAD, Gesetz über den Auswärtigen Dienst) (the official tasks of the Federal Foreign Office include in particular public relations work and the provision of information on the Federal Republic of Germany abroad as well as providing assistance and support to Germans abroad).

To provide information on a needs basis and to optimise the contents and functions of the Consular Services Portal, user and visitor information can be collected and evaluated for statistical purposes if you consented to this on the ‘Note on user statistics’ banner. Using cookies and JavaScript (see 2.3), the following data is collected when the individual pages of the Consular Services Portal are accessed:

• Randomly generated user ID
• Time the visited page was viewed
• The user’s time zone
• The web page viewed (title, URL)
• The website from which the user accessed the website viewed (referrer)
• The sub-pages that are accessed via the web page viewed
• External websites clicked on (outlink)
• The length of stay on the web page
• The number of views of the web page
• The country and region from which viewing took place
• Page speed
• Browser type/version (user agent)
• Browser language (accept language)
• Device type, model, manufacturer
• Screen resolution of the device
• Device OS
• Files that have been clicked and downloaded
  

Web analysis is deactivated by default. You can use the following link to decide whether you wish to consent to the collection of the above data and its anonymous evaluation or to view and change your prior decision.

Enable/Disable User Statistics

You can also view or change your settings at any time by going to the ‘Web analysis settings’ link in the footer. If you have selected the ‘Do-Not-Track’ option in your browser, web analysis is automatically rejected.

If you make a selection, a cookie will be placed in your browser which remembers for a period of 12 months your decision regarding web analysis when you visit the Consular Service Portal. Only after this period will you be requested to make a decision again.

The legal basis for the processing of personal data is Article 6 (1) (e) of the GDPR in conjunction with section 3 of the Federal Data Protection Act (BDSG, Bundesdatenschutzgesetz) and section 1 of the Foreign Service Act (GAD, Gesetz über den Auswärtigen Dienst).

Cookies are small pieces of information that a website can store locally in the memory of your Internet browser on the computer you are using. They contain so-called identifiers (randomly generated identification numbers), which the server can use to uniquely assign requests originating from your access device. In this way, a request can also be assigned to a specific user. JavaScript is a scripting language for executing dynamic content on web pages that runs in your browser. This allows user actions to be interpreted and content to be adapted to the situation, generated or reloaded. Local storage is a file database of your browser where data/settings are stored after the browser session.

The Consular Services Portal website uses cookies and similar technologies in the following situations:

Technically necessary:

• Session-cookies
  Are set when the website of the Consular Services Portal is visited
  They ensure that all requests from the same device are forwarded to the same web server
  Validity period: Session
• Language setting in local storage
  To save the selected language setting for the Consular Services Portal
  Validity period: Deletion by the user
  

The technologies/information used are classified as technically necessary according to section 25 (2) of the Telecommunications Telemedia Data Protection Act (TTDSG, Telekommunikation-Telemedien-Datenschutz-Gesetz) and can therefore be stored or set on your device without your consent.

Web analytics:

• Visitor cookie name: _pk_id
  To recognise the user, among other things, via a unique visitor ID
  Validity period: 13 months
  
• Referral cookie name: _pk_ref
  To store attribute information of the referrer that was originally used to visit the website
  Validity period: 6 months
  
• Session cookie name: _pk_ses
  To temporarily store data for the visit
  Validity period: 30 minutes
  
• JavaScript
  To read out and evaluate client data (e.g.: device type, IP address, URL), viewed page count, …
  Validity period: Delivered new with each page
  
• Consent to user statistics/ Name: mtm_consent or Mtm_consent_removed
  To avoid asking for consent to user statistics again on every page
  Validity period: 30 days with consent, 12 months when denied
  

The cookies and similar technologies/information used within the scope of web analysis are only set or applied with your consent in accordance with section 25 (1) of the Telecommunications Telemedia Data Protection Act (TTDSG, Telekommunikation-Telemedien-Datenschutz-Gesetz).

The legal basis for the processing of personal data by the technologies used is Article 6 (1) (e) of the GDPR in conjunction with section 3 of the Federal Data Protection Act (BDSG, Bundesdatenschutzgesetz) and section 1 of the Foreign Service Act (GAD, Gesetz über den Auswärtigen Dienst).

You can use any Internet browser to see when cookies are set and what they contain. Depending on which browser you use, you can already set your browser to generally allow cookies, to accept only certain cookies or to reject all cookies. You can also usually see in your browser which cookies are stored on your access device, and you can then also delete them in whole or in part.

Using your browser’s development tools, you can also view, manage or delete the local storage entries for the Consular Services Portal.

2.4.1 If you register a user account in the Consular Services Portal, the following data will be processed with your consent:

• Your email address
• A password chosen by you
• A mobile phone number or second email address

To complete the registration successfully, an activation link will be sent to the email address you provided. If you do not click this link within 24 hours, the user account created will be automatically deleted and you will receive an email informing you of this.

2.4.2 The purpose of the processing is to create a user account to apply for and perform administrative services in the Consular Services Portal and to protect access (two-factor authentication) to the account.

You can edit or delete the data stored in your user account at any time. You can also delete the entire account itself, which is equivalent to revoking your consent (to do so, go to ‘Settings’ in your user account (cog icon) and click ‘Delete access’).

In addition, your account including all of its contents will be automatically deleted after three (3) months if the account is not used during this period (the period starts again after your last sign in). You will be informed automatically before deletion.

The processing of your data requested during registration and use of the user account is based on your consent within the meaning of Article 6 (1) (a) of the GDPR.

2.5.1 If you use the online passport service of the Consular Services Portal to apply for a passport, the following data will be processed in accordance with Article 6 (1) (e) of the GDPR in conjunction with sections 5 (2) and 9 (3) of the German Act on Identity Cards and Electronic Identification (PAuswG, Personalausweisgesetz) and sections 4 and 6 (2) of the German Passport Act (PassG, Passgesetz):

• Identity data
• Address data
• Contact details
• Gender
• Title
• Biometric data
• Your email address

There is a legal basis for processing the data fields which are also needed to implement the procedure and there is no milder means available to achieve the same purpose.

2.5.2 This data processing is carried out for the purpose of passport applications at selected German missions.

You can edit or delete the data stored in your user account at any time. You can also delete the entire account itself, which is equivalent to revoking your consent (to do so, go to ‘Settings’ in your user account (cog icon) and click ‘Delete access’).

In addition, your account, including all of its contents, will be automatically deleted after three (3) months if the account is not used during this period (the period starts again after your last sign in). You will be informed automatically before deletion.

2.6.1 If you use the Consular Services Portal to apply online for a visa (Blue Card – residence title for skilled workers from abroad), the following data will be collected in accordance with Article 6 (1) (e) of the GDPR in conjunction with sections 18 et seqq. of the German Residence Act in order to determine your eligibility:

• Identity data
• Address data
• Contact details
• Qualification data
• ID card data
• Travel dates
• Kinship data
• Reference data
• Health data
• Data regarding previous convictions
• Gender
• Title
• Biometric data

There is a legal basis for processing the data fields which are also needed to implement the procedure and there is no milder means available to achieve the same purpose.

2.6.2 This data is processed for the purpose of visa applications (Blue Card), preliminary review of the documents submitted as well as online support throughout the visa application process.

You can edit or delete the data stored in your user account at any time. You can also delete the entire account itself, which is equivalent to revoking your consent (to do so, go to ‘Settings’ in your user account (cog icon) and click ‘Delete access’).

In addition, your account, including all of its contents, will be automatically deleted after three (3) months if the account is not used during this period (the period starts again after your last sign in). You will be informed automatically before deletion.

You can find out how and on what basis your personal data is processed in the administrative services offered via the Consular Services Portal (for instance, a visa for entry to Germany) in the respective data protection declarations of the applications.

You can withdraw your application and the associated documents/attachments at any time up to conclusion of the so-called preliminary review. If you withdraw your application, the application and the associated documents/attachments will be deleted immediately from your user account and the Consular Services Portal. However, your user account in the Consular Services Portal will remain in place.

If you sign up to the electronic crisis prevention list, the ELEFAND online application will be used so that the local German missions can contact you quickly in a crisis and other exceptional situations and, if necessary, include you in crisis management measures.

For more details on processing, please refer to the ELEFAND Data Protection Declaration.

If you use the interactive map service to determine the mission responsible for your stay abroad, the Federal Foreign Office’s Consulate Finder will be used.

You can find the German mission responsible for you by entering the address, manually using the mouse on the map or via the location sharing function of your browser. The identified German mission can take over your travel data.

For more details on the processing by the Consulate Finder, please refer to the Consulate Finder Data Privacy Statement.

The Federal Foreign Office uses Bundesdruckerei GmbH, Kommandantenstraße 18 in 10969 Berlin, Germany, as a service provider for technical operation of ELEFAND within the scope of commissioned data processing. A contract has been concluded with this service provider in accordance with Article 28 (3) of the GDPR; the Federal Foreign Office remains responsible for data protection.