Jump to content

Data Protection

In order to fulfil its statutory remit, the Monopolies Commission also processes personal data in accordance with the provisions of the EU General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG), in particular to maintain contact with market participants, decision-makers and interested parties, exchange information, and publicise the Monopolies Commission’s reports and findings to a wide audience.

The Monopolies Commission attaches high priority to the responsible handling and protection of personal data. We want users of our website and interested parties who contact the Monopolies Commission to know when and what data is collected and processed by the Monopolies Commission. The Monopolies Commission has implemented technical and organisational measures to ensure that data protection regulations are observed both by the members and staff and by its external service providers.

Below you will find further information on how the Monopolies Commission handles personal data: 

  • Data Controller and Data Protection Officer

    The data controller is

    the Monopolies Commission, Kurt-Schumacher-Straße 8, 53113 Bonn
    +49 228 338882-0


    The Data Protection Officer can be contacted via the following email address: datenschutz@monopolkommission.bund.de
     

  • Processing of personal data on the Monopolies Commission’s website

    Cookies

    Cookies are small pieces of information that are stored in the visitor’s browser and can be read when they visit the website again. You can view which cookies have been set and what they contain using any internet browser. Most browsers are set to accept cookies automatically. However, users can disable or restrict the storage of cookies in their browser settings.

    When you visit our website for the first time, a cookie banner will appear, allowing you to actively consent to or refuse the use of cookies that are not technically necessary. Your decision will be saved so that you are not asked again on a subsequent visit. You can withdraw your consent at any time with future effect.

    We distinguish between the following categories of cookies:

    • Technically necessary cookies: These cookies are absolutely essential for the website to function properly (e.g. storing your cookie settings). They are set on the basis of Article 6(1)(e) of the GDPR in conjunction with Section 3 of the BDSG and do not require separate consent.
    • Analytics cookies (Matomo): These cookies are used for anonymised audience measurement and to improve our website. They are only set once you have given your explicit consent (Article 6(1)(a) of the GDPR in conjunction with Section 25(1) of the TDDDG).

    Go to cookie settings

    Hosting and data processing

    This website is hosted on servers belonging to the hosting provider Webmelone, Spießgasse 58b, 55232 Alzey. When you visit our website, connection data (e.g. IP address, time and duration of access, page visited) is processed for technical reasons; this data is necessary for the secure and stable operation of the website. The legal basis is Article 6(1)(e) of the GDPR in conjunction with Section 3 of the BDSG.

    The web analytics tool Matomo is also operated on the same servers. We have a contract with the hosting provider for data processing on our behalf in accordance with Article 28 of the GDPR, which ensures that personal data is processed exclusively in accordance with our instructions. No data is disclosed to any other third parties. The server is located in Germany.

    Disclaimer

    All content on this website and its associated sub-pages is researched and implemented with the utmost care. However, errors cannot be entirely ruled out. We cannot therefore guarantee the accuracy, completeness or timeliness of the content. Access to and use of this website is at the user’s own risk. The Monopolies Commission accepts no liability whatsoever for any damage arising from the direct or indirect use of this website.The Monopolies Commission accepts no responsibility for the content or availability of third-party websites accessed via external links on this website. Responsibility for such third-party content lies solely with the third party providing it.

    Users may save, share and reproduce information, and may also create links to the Monopolkommission’s homepage. However, the Monopolkommission insists that the relevant Monopolkommission webpage must be the sole content displayed in the browser window. Furthermore, the information must not be altered or misrepresented. When sharing or reproducing content, the Monopolkommission requests that the source be cited. 

    Where this website offers the option to enter personal or business data (email addresses, names, addresses), the submission of such data by the user is expressly on a voluntary basis.
      

  • Processing of personal data when contacting the Monopolies Commission

    The processing of personal data when contacting the Monopolies Commission depends on the method of contact used. Please note that the processing of data is carried out on the basis of Article 6(1)(a) or Article 6(1)(e) of the GDPR in conjunction with Section 3 of the BDSG. The processing of the personal data you provide is based on your consent, which you express when you make contact or submit an enquiry, and is necessary for the purpose of dealing with your matter. The processing of personal data is also necessary to enable the Monopolies Commission to carry out its tasks in the public interest.

    The processing of personal data in connection with an intended or already concluded contract is based on Article 6(1)(b) of the GDPR. The data will be stored for as long as is necessary to process your enquiry or fulfil the contract, or, if longer retention periods are stipulated by statutory or internal administrative regulations, until the expiry of the respective retention period.

    Contact via email or contact form

    You can contact the Monopolies Commission by email using the staff members’ personal work email addresses or via the central email addresses info@monopolkommission.bund.de and presse@monopolkommission.bund.de. You can also get in touch with us via the contact form on our website.

    In the case of staff members, the data you provide – at the very least your email address or the details entered in the form (at least your name and email address, as well as the content of your message) – and the information contained therein will be stored for the purpose of establishing contact and processing your enquiry. The same applies if you contact staff at the Monopolies Commission directly by email. The data will be deleted once your enquiry has been fully processed, provided there is no statutory obligation to retain it. 

    Contacting us in writing

    If you contact the Monopolies Commission in writing, the personal data you provide and the information contained in your letter will be processed by the relevant staff members for the purpose of establishing contact and dealing with your enquiry.

    Contact by telephone

    If you contact a member of staff at the Monopolies Commission by telephone, your personal data will be processed, where necessary, by the relevant staff members in order to deal with your enquiry.

  • Processing of personal data when subscribing to the newsletter

    If you subscribe to one of our newsletters via the Monopolies Commission’s website, the following personal data will be collected and processed:

    • Title
    • First name – optional
    • Surname
    • Email address
    • Field of activity (e.g. politics, media, academia, business) – optional
    • Areas of interest (e.g. energy, competition law, telecommunications)
    • Date and time of registration and confirmation

    This data is processed on the basis of your consent in accordance with Article 6(1)(a) of the GDPR, in order to send you information tailored to your needs regarding the Monopolies Commission’s work. The provision of your professional field and areas of interest serves solely to enable the targeted delivery of newsletter content relevant to these topics.

    Double opt-in procedure

    Registration takes place via the double opt-in procedure: following your registration, you will receive a confirmation message at the email address provided, containing a confirmation link to finalise your registration. Your data will only be permanently stored for the purpose of sending the newsletter once you have clicked this link. If you do not confirm your registration within 72 hours, the data you have provided will be automatically deleted.

    Service providers and data processing

    We use the CleverReach service (CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany) to send and manage our newsletters. The storage of registration data and the sending of newsletters take place via CleverReach’s servers. We have a data processing agreement with CleverReach in accordance with Article 28 of the GDPR, which ensures that your data is processed exclusively in accordance with our instructions and for the purpose of sending the newsletter. As CleverReach is based in Germany, no data is transferred to third countries outside the EU/EEA. Further information on data protection at CleverReach can be found at: https://www.cleverreach.com/de/datenschutz/

    We use the data provided exclusively for sending the newsletter and for statistical analyses of system performance (e.g. open and click-through rates on an aggregated basis). Your data will not be passed on to third parties who are not acting on our behalf.

    Unsubscribing and deletion

    You may withdraw your consent at any time with future effect and unsubscribe from our newsletters. You can unsubscribe via:

    Once you have unsubscribed, your personal data will be deleted, provided there is no legal obligation to retain it. Evidence of the consent given (date and time of registration and confirmation) may be retained for a reasonable period for documentation purposes.
     

  • Data protection when using social media

    The Monopolies Commission has a presence on the LinkedIn platform to provide information about its activities and to engage with interested parties. We would like to draw your attention to the fact that LinkedIn (LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland), as the operator of this platform, collects and processes data relating to visitors to our LinkedIn company page. The Monopolkommission has no influence over the scope, nature or purpose of this data processing by LinkedIn.

    Joint controllership: In operating our LinkedIn company page, the Monopolkommission and LinkedIn Ireland share joint controllership within the meaning of Article 26 of the GDPR, in particular with regard to the processing of page statistics (so-called ‘Page Insights’). LinkedIn has provided a joint controller agreement for this purpose, which can be viewed via the following link: https://www.linkedin.com/legal/l/page-controller-addendum. The Monopolkommission cannot assume any further data protection responsibilities for the data processing carried out by LinkedIn.

    Transfers to third countries: LinkedIn transfers data to the USA and other third countries outside the EU/EEA. In doing so, LinkedIn relies on the European Commission’s Standard Contractual Clauses as an appropriate safeguard within the meaning of Article 46 of the GDPR. Further information on this can be found in LinkedIn’s Privacy Policy.

    You can find out more about the processing of your data by LinkedIn via the following link: https://www.linkedin.com/legal/privacy-policy
     

  • Rights of data subjects in relation to the processing of personal data

    In the course of carrying out its public duties, the Monopolies Commission only transfers personal data to third parties to the extent necessary for the performance of contracts and communication with third parties (processing of addresses), as well as for the maintenance and security of its IT infrastructure.

    Both in the context of performing public duties and as a party to civil law contracts, the Monopolkommission is responsible for the processing of personal data. Data subjects therefore have the following rights under the GDPR:

    Right of access, Article 15 of the GDPR

    The right of access entitles data subjects to comprehensive insight into the data concerning them and certain other important information, such as the purposes of processing or the duration of storage. The exceptions to this right set out in Section 34 of the Federal Data Protection Act (BDSG) apply.

    Right to rectification, Art. 16 GDPR

    The right to rectification gives data subjects the opportunity to have inaccurate personal data concerning them corrected.

    Right to erasure, Article 17 of the GDPR

    The right to erasure entitles data subjects to have data erased by the controller. However, this is only possible if the personal data relating to the data subject is no longer necessary, is being processed unlawfully, or consent to such processing has been withdrawn. The exceptions to this right set out in Section 35 of the Federal Data Protection Act (BDSG) apply.

    Right to restriction of processing, Art. 18 GDPR

    The right to restriction of processing gives data subjects the option to prevent further processing of their personal data for the time being. A restriction applies, in particular, during the assessment phase of other rights exercised by the data subjects.

    Right to data portability, Article 20 of the GDPR

    The right to data portability gives data subjects the option to receive their personal data from the controller in a commonly used, machine-readable format, so that they may, if necessary, have it transferred to another controller. However, pursuant to Article 20(3), second sentence, of the GDPR, this right does not apply where the processing of data is carried out for the performance of a public task.

    Right to object, Article 21 GDPR

    The right to object entitles data subjects, in specific circumstances, to object to the further processing of their personal data, insofar as this is justified by the performance of public tasks or by public or private interests. Pursuant to Section 36 of the Federal Data Protection Act (BDSG), this right does not apply if a public body is obliged to process the data by law.

    Right to withdraw consent

    Where data processing is carried out on the basis of Article 6(1)(a), the data subject may withdraw their consent at any time, without this affecting the lawfulness of the processing carried out on the basis of that consent prior to its withdrawal.

  • Right to lodge a complaint with the Federal Data Protection Commissioner

    Any person affected may lodge a complaint with the

    Federal Commissioner for Data Protection and Freedom of Information
    Graurheindorfer Str. 153
    53117 Bonn
    +49 228 997799-0

    www.bfdi.bund.de
     

Cookies