Privacy policy
With this privacy policy we inform you about the protection of your personal data
- when processing your data at BSH and
- when using this website.
Data protection when processing your data at BSH
Personal data is any information relating to an identified or identifiable natural person (art. 4 para. 1 GDPR). At BSH personal data is processed in accordance with the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG). As the organisation responsible for data protection, the BSH processes your personal data for specific purposes or based on its legal obligations. This data protection policy provides information when we collect which type of personal data, how we use it and what rights you have in that regard.
Responsible person, data protection officer and supervisory authority
The organisation responsible according to art. 4 para.
7 GDPR is the
Federal
Maritime and Hydrographic Agency (BSH)
Bernhard-Nocht-Straße 78
D-20359 Hamburg
Phone: +49 40 3190-0
Fax: +49 40 3190-5000
Email: posteingang@bsh.de
Website: www.bsh.de
If you wish to exercise your rights as an affected person, please contact the
Federal
Maritime and Hydrographic Agency (BSH)
- Z1 -
Bernhard-Nocht-Straße 78
D-20359
Hamburg
You may also contact the official data protection officer appointed by us at any time. Please use the above address or send an email to datenschutz@bsh.de
The responsible data protection supervisory authority is the Federal Commissioner for Data Protection and
Freedom of Information (BfDI)
Graurheindorfer Str. 153
D-53117 Bonn
Phone:
+49 228 997799-0
Fax: +49 228 997799-5500
Email: poststelle@bfdi.bund.de
Contact
By email
Please contact the following email addresses:
- our central email address: posteingang@bsh.de,
- the personal business email addresses of employees, or
- various departmental email addresses.
Emails received at posteingang@bsh.de are forwarded to the
relevant departments. Within the departments, the data you have submitted (such as surname, first name,
address, phone number), the email address and the information contained in the email are stored for the
purpose of contacting you and processing your request. This also applies to emails sent directly to
individual employees or departmental email addresses.
The data processing is carried out
upon your request for the processing of your query (based on art. 6 para. 1 sen. 1
lit. e GDPR in
conjunction with para. 3 BDSG). If the email contact is aimed at
the agreement of a contract, the legal basis for processing is art. 6 para. 1 lit. b GDPR.
By telephone
If you contact the BSH via the central or a departmental telephone number, your telephone number is stored in a call log for 90 days.
Other personal data is only collected if you request a callback, a written communication or a written offer, or if we need the data to process your query. In these cases we process your data in order to be able to comply with your query (art. 6 para. 1 sen. 1 lit. e GDPR in conjunction with para. 3 BDSG). If the enquiry is aimed at the agreement of a contract, the legal basis for processing is art. 6 para. 1 lit. b GDPR.
Forwarding personal data to third parties
We only pass your personal data to third parties if
- you have explicitly approved (according to art. 6 para. 1 sen. 1 lit. a GDPR),
- it is necessary for the fulfilment of a contract with you (according to art. 6 para. 1 sen. 1 lit. b GDPR)
- there is a legal obligation for the transfer (according to art. 6 para. 1 sen. 1 lit. c GDPR).
Third parties are obliged to use data passed on exclusively for the purposes stated.
Rights as an affected person
In connection with the processing of your personal data you have the following rights. You can assert these rights in writing. In this case please use the contacts above.
Right of consent
You can revoke your consent to us at any time (art. 7 para. 3 GDPR). We may then no longer process your personal data in future, even if you had originally given your consent to do so.
Right to information
You can request information which personal data we process from you (art. 15 GDPR). In particular, you can request information about the following: purpose of processing, category of data, categories of recipients (to whom your data has been or will be disclosed), planned duration of storage, right to rectify, delete or limit processing, right to object, right of appeal, origin of your data (if it has not been collected by us).
Right of correction
You can immediately request that we correct or complete your personal data stored with us (art. 16 GDPR).
Right to deletion
You can request that we delete your personal data stored with us (art. 17 GDPR). This does not apply if the processing of your data is necessary for the following reasons: to exercise the right of freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.
Right to limit processing
You may request that we restrict the processing of your personal data (art. 18 GDPR) under one of the following conditions:
- you dispute the accuracy of the data
- the processing of the data is unlawful (you refuse to delete the data, but demand restriction of the use of personal data)
- we no longer need the personal data for the purposes of the processing, but you need it to assert, exercise or defend legal claims
- you have lodged an objection to the processing according to art. 21 GDPR.
Right to data transferability
You may receive your personal data that you have communicated to us in a structured, common and machine-readable format or request that it be transferred to another responsible party (art. 20 GDPR).
Right to complain
You may complain to the supervisory authority for data protection regarding the data processing of the BSH (art. 77 GDPR).
Right of objection
You may object to the processing of your personal data in a specific situation. If you object, we will no longer process your personal data. This does not apply if compelling reasons for processing worthy of protection conflict with your interests, rights and freedoms. Nor does it apply if the processing serves the assertion, exercise or defence of legal claims. The exceptions to this right regulated in para. 36 BDSG apply (art. 21 GDPR).
If your objection is directed against the processing of your data for direct advertising, we will immediately stop processing. In this case it is not necessary to specify a particular situation.
If you wish to exercise your right of objection, simply email datenschutz@bsh.de.
Data protection when using this website
Dealing with web access data
You can use our website without having to disclose your identity. The browser on your device merely sends
information automatically to the server of our website (such as date and time of access, name and URL of the accessed file).
This also includes
your IP address, which is anonymised after the end of use and
temporarily stored in a so-called log file. Log files are automatically and fully deleted after 183 days.
The IP address is processed for technical and
administrative purposes to establish and maintain a stable connection as well as the security and
functionality of our website and thus ensure that the results and documents from the site investigation are
provided timely and continuously, art. 6 para. 1
sen. 1 lit. c GDPR
in conjunction with sec. 10 para. 1, sec. 50 sen. 2 no. 7 of the Offshore Wind Energy Act (WindSeeG).
We cannot draw any direct conclusions about your identity from the processing of the IP address and other
information stored in the log file.
The results and documents from the site investigation are being hosted on servers provided by an external service provider (Microsoft Corporation). For further information please refer to the paragraph “External hosting”.
Use of cookies
Cookies are small text files that are stored locally within the cache of your web browser. The information stored in the cookie relates to your specific device. However, this does not give us direct knowledge of your identity.
Most browsers automatically accept cookies. However, you can adjust your browser settings so that no cookies are stored on your computer or that a message always appears before the creation of a new cookie. If you deactivate cookies completely, you may no longer be able to use all functions of our website.
This website only uses cookies which are necessary to maintain its operation. In particular, we use so-called session cookies to recognise that you have already visited individual pages of our website. These cookies are not passed on and are automatically deleted after leaving our site. The session cookies are used to maintain the operation of our website and thus ensure that the results and documents from the site investigation are provided timely and continuously, art. 6 para. 1 sen. 1 lit. c GDPR in conjunction with sec. 10 para. 1, sec. 50 sen. 2 no. 7 WindSeeG.
External hosting
The results and documents from the site investigation are being hosted on servers provided by an external service provider (Microsoft Corporation). The servers used are physically located inside the EU / EEA. When you download results and/or documents from the site investigation, your IP address is transmitted to Microsoft to establish the download connection. Please refer to Microsoft’s Privacy statement, available at: https://privacy.microsoft.com/en-gb/privacystatement.
Web analysis: AWStats
We use the web analysis software AWStats. This is a free web analysis software that uses log files for statistical analysis. Our servers create these files when you visit our website. No cookies are used for this purpose. You cannot be identified as a person or certain information cannot be linked to you as part of the statistical evaluation. No anonymous user profiles are created either. There is no consolidation with other data and the data is not transmitted to external servers. We use AWStats for the continuous optimisation of our website.
Data security
All of your personally transmitted data is encrypted using the safe and proven standard TLS (Transport Layer Security). This standard is also used for online banking. You can recognise a secure TLS connection by the letter s attached to http (i.e. https) in the address bar of your browser or by the lock symbol in the lower section of your browser. We also take appropriate technical and administrative security measures to protect your data from accidental or deliberate manipulation, partial or complete loss, destruction or unauthorised access by third parties. We continuously improve our security measures in accordance with technological developments.