Data privacy information

Personal data is any information relating to an identified or identifiable natural person. An identifiable person is a natural person who can be identified directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data or an online identifier.

1. Information on Personal Data Collection

Responsible pursuant to Art. 4 (7) of the General Data Protection Regulation (GDPR) is the

Federal Office for Migration and Refugees (BAMF), represented by the President,
Dr Hans-Eckhard Sommer.

Frankenstraße 210
90461 Nürnberg

Tel: +49 (0)911 943-0
Email: Write Message

In the event of any questions regarding the protection of your personal data, please contact the Data Protection Officer (Art. 37-39 GDPR) at the BAMF, Mr Albert Wittke.

Beauftragte/r für den Datenschutz
Bundesamt für Migration und Flüchtlinge

Frankenstraße 210
Telephone: +49 (0)911 943-0


Acting as a service processor for the BAMF:

Presse- und Informationsamt der Bundesregierung (BPA)
11044 Berlin
Tel.: +44 (0)30 (0) 8118 272 -0

2. Collection and Storage of Personal Data and Type and Purpose of Use

a) When Accessing the Website

Every time you access the website, our system automatically collects data and information from the computer system of the requesting computer. The following data is logged:

  • information about the browser type and installed version,
  • the user’s operating system,
  • the user’s IP address,
  • date and time of access,
  • websites from which the user's system accesses our website (stored as referrer).

The temporary storage of the IP address by the system is necessary to enable delivery of the website to the user's computer. For this purpose, the user's IP address must remain stored for the duration of the session.

For statistical analysis, this website also uses ‘Matomo’ (formerly ‘PIWIK’). This is an open source tool for web analysis. Matomo does not transmit data to servers that are outside the control of the website provider. Matomo is deactivated when you access the website. Your usage behaviour is recorded anonymously only if you actively consent to it.

Matomo uses so-called cookies. These are text files that are stored on your computer and make it possible to analyse the use of this website. For this purpose, the information on usage obtained by the cookie is transmitted to the website server and stored so that usage behaviour can be evaluated. Your IP address is immediately anonymised to ensure that you remain anonymous as a user. The information generated by the cookie about your use of this website is not passed on to third parties. This analysis is considered part of the internet service. We use it to further improve the website and adapt it even more to the needs of the users.

If you agree to web analysis using Matomo, the following data is collected when individual pages of the website are accessed:

  • 2 bytes of the IP address of the user's accessing system,
  • the web page accessed,
  • the website from which the user accessed the requested website (referrer),
  • the sub-pages accessed from the requested web page,
  • the length of time spent on the website,
  • the frequency of access to the website.

The software runs exclusively on the servers of the website. Personal data of users is only stored there. No data is passed on to third parties. More information on the privacy settings of the Matomo software is available at the following link: .

Some cookies are necessary to provide you with the basic functions of this website and therefore cannot be disabled. In detail, these are the following cookies:

  • CM_SESSIONID – CoreMedia Session Cookie: This cookie is a session identifier and helps the server to assign the user to the correct session after reloading the page. Even if the page is opened in another tab, the server can assign the session number. This is a standard cookie of the CoreMedia product. 
  • cookie-allow-necessary – A cookie to save the setting ‘Only necessary cookies’. Standard setting when accessing the website.
  • cookie-banner – Cookie to hide the cookie banner. Prevents the banner from being displayed again after the page has been loaded.
  • cookie-allow-tracking – This cookie stores the user’s interaction with the banner.
  • INGRESSCOOKIE – This cookie stores information in forms, such as contact forms, and changes in the shopping cart.
  • enodia – This cooke protects the website against DDoS attacks and thus is important for site security.
  • SERVERID – This cookie allows the website to load faster.

b) Contact via Contact Form

On this website you can use a form to contact the editorial office of The transmission of the contents of the contact form takes place via an encrypted https connection.

If you use the contact form for communication, it is necessary to provide a title, your first and last name and your email address. Your request sent via the contact form cannot be processed without this data. Providing your address is optional and enables us to process your request by post, if you so wish. In addition, the date and time of your request will be transmitted to us.

If we receive a message from you via the contact form or an email, we assume that we can reply to you by email in the same way. If you do not wish this, you must expressly request us to reply by another means of communication (for example, by letter or fax). The processing of the data transmitted with the contact form and the content (which may contain personal data transmitted by you) is carried out based on Art. 6 (1) (a) GDPR for the purpose of processing your request. This processing of the personal data transmitted by you is necessary for the purpose of processing your request.

c) Contact by Email or Letter

You can contact the editorial office of or the BAMF by email using the email addresses  and . The personal data sent to the central email addresses and stored in the organisational unit responsible for central message distribution will be deleted in accordance with the legal requirements and upon request.

The organisational units process and store the data you provide (e.g. surname, first name, address), but at the very least the email or postal address, as well as the information contained in the email or letter (including any personal data you may have provided) for the purpose of contacting you and processing your request. This processing of the personal data transmitted by you is necessary for the purpose of processing your request.

If we receive an email from you, we assume that we are authorised to reply by email. Otherwise, you must expressly inform us of another form of communication.

The user has the option of revoking their consent to the processing of personal data at any time. If the user contacts us by email, they can object to the storage of personal data at any time. In such a case, the conversation cannot be continued.

All personal data stored in the course of contacting us will be deleted in this case.

d) When Using the App

The open source software tool Matomo is applied when using the app (see Item 2.a). Matomo is deactivated when you access the app. Your usage behaviour is recorded anonymously only if you actively consent to it. In addition, the provisions in 2.b (Contact Form) and 2.c (Contact by Email or Letter) also apply to the app.

e) Contact by Telephone

Where you contact a member of staff by telephone, your personal data will be processed to the extent necessary to deal with your request.

No personal data will be stored if you contact the Service Centre using the telephone number (+49) 0911-943-0. Personal data will only be stored in cases where you request a callback or a written message.

f) Using the online survey tool LamaPoll

Our website links to the online survey tool LamaPoll where applicable. LamaPoll is a product of Lamano GmbH & Co. KG, Berlin. The data collected via the survey is recorded anonymously. Therefore, no data processing of participants takes place. The full privacy policy of Lamano GmbH & Co. KG is available at .

3. Legal Basis for the Processing of Personal Data

The BAMF processes personal data in the performance of its tasks which are in the public interest. The legal basis for the processing is Art. 6 (1) (e) GDPR in conjunction with Section 3 Bundesdatenschutzgesetz (BDSG, Federal Data Protection Act). Insofar as the processing of personal data should be necessary in individual cases for the fulfilment of a legal obligation, Art. 6 (1) (c) GDPR is the legal basis in conjunction with the corresponding legal provision from which the legal obligation arises. If your personal data is processed based on your consent, this processing is based on Art. 6 (1) (a) GDPR.

Data logged when accessing the BAMF website is only passed on to third parties if we are legally obliged to do so or if the transfer is necessary for legal or criminal prosecution in the event of attacks on the Federal Government's communication technology. Data will not be passed on in other cases. The BAMF does not combine this data with other data sources, for example to create user profiles.

4. Storage Period

The IP address is stored on the delivery servers for 60 days. This is to ensure operation and protection against attacks. 

Cookies are stored on the user's computer and transmitted from it to our site. You therefore have full control over the use of cookies. You can disable or restrict the transmission of cookies by changing the settings in your internet browser. Previously stored cookies can be deleted at any time. This can also be automated. Matomo is deactivated when you access our website. Your usage behaviour is recorded anonymously only if you actively consent to it.

The data is deleted as soon as it is no longer required to achieve the purpose for which it was collected. Regarding the personal data from the input screen of the contact form or if you write us an email or a letter, this is the case when the respective conversation with the user has ended. The conversation is ended when it is clear from the circumstances that the matter in question has been conclusively resolved.

5. Protection of Minors

Persons under the age of 16 should not submit any personal data to us without the consent of their parents or legal guardians.

6. Your Rights

You have the following rights towards the BAMF regarding your personal data:

  • Right of Access, Art. 15 GDPR
    The right of access provides the data subject with a comprehensive insight into the data concerning them and some other important criteria such as the purposes of processing and the duration of storage. The exceptions to this right regulated in Section 34 BDSG (Federal Data Protection Act) apply.
  • Right to Rectification, Art. 16 GDPR
    The right to rectification includes the possibility for the data subject to have inaccurate personal data relating to them corrected.
  • Right to Erasure, Art. 17 GDPR
    The right to erasure includes the possibility for the data subject to have data deleted by the data controller. However, this is only possible if their personal data is no longer necessary, is being processed unlawfully or if their consent has been revoked. The exceptions to this right regulated in Section 35 BDSG (Federal Data Protection Act) apply.
  • Right to Restriction of Processing, Art. 18 GDPR
    The right to restriction of processing includes the possibility for the data subject to prevent further processing of their personal data for the time being. A restriction occurs primarily in the examination phase of other rights exercised by the data subject.
  • Right to Object to the Collection, Processing and/or Use, Art. 21 GDPR
    The right to object includes the possibility for data subjects to object to the further processing of their personal data in a specific situation, insofar as this is justified by the performance of public tasks or public and private interests. The exceptions to this right regulated in Section 36 BDSG (Federal Data Protection Act) apply.
  • Right to Data Portability, Art. 20 GDPR
    The right to data portability includes the possibility for the data subject to receive their personal data in a common, machine-readable format from the controller in order to have it transferred to another controller, if necessary. However, according to Art. 20 (3) (2) GDPR, this right is not available if the data processing serves the performance of public tasks.
  • Right to Withdraw Consent, Art. 7 (3) GDPR
    Insofar as the processing of personal data is based on consent, the data subject may revoke this consent for the corresponding purpose at any time. The lawfulness of the processing based on the consent given remains unaffected until receipt of the revocation.

You can assert the aforementioned rights in writing using the contact details listed under Item 1 or via the contact form.

Under Art. 77 GDPR, you also have the right to lodge a complaint with the data protection supervisory authority, the Federal Commissioner for Data Protection and Freedom of Information (BfDI), Graurheindorfer Str. 153, 53117 Bonn, Germany, telephone: +49 (0)228 997799-0,

You can also contact the above-mentioned data protection officer at the BAMF at any time with questions and complaints: Write Message

Privacy settings


Back to guide