Privacy Statement

The Point of Single Contact is contact and information point as well as procedural advisor for companies. In this role, he supports the recipients of economic services and the recognition of European professional qualifications. It shall carry out the tasks of the Single Point as defined in Part V Section 1a of the Administrative Procedure Act (German: Verwaltungsverfahrensgesetz) in conjunction with § 1 Section (1) of Berlin Administration Procedure Act (German: Gesetz über das Verfahren der Berliner Verwaltung). In this privacy policy we inform you about the confidential treatment of your data.

Our privacy policy informs you about the following points:

§ 1 Definitions
§ 2 Name and address of the controller
§ 3 Name and address of the data protection commissioner
§ 4 Rights of the data subject
§ 5 Information about the processing of personal data
§ 6 Legal basis for data processing
§ 7 Duration of data storage
§ 8 Recipients of data
§ 9 Registration on our website
§ 10 Processing of personal data when visiting our website
§ 11 Current status of the privacy statement

§ 1 Definitions

In order to ensure the comprehensibility of this privacy statement, the terms used, which are based on the European General Data Protection Regulation (GDPR), are explained in advance:

a) „personal data”

‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

b) „processing”

‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

c) „restriction of processing”

‘restriction of processing’ means the marking of stored personal data with the aim of limiting their processing in the future.

d) „profiling”

‘profiling’ means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

e) „pseudonymisation”

‘pseudonymisation’ means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

f) „filing system”

‘filing system’ means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.

g) „controller”

‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

h) „processor”

‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

i) „recipient”

‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

j) „third party”

‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

k) „consent”

‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

§ 2 Name and address of the controller

Responsible under Article 4 (7) of the General Data Protection Regulation is:

Senate Department for Economics, Energy and Public Enterprises
Point of Single Contact Berlin

Address:
Martin-Luther-Straße 105
10825 Berlin

E-mail: ea@senweb.berlin.de
Website: https://www.berlin.de/ea

§ 3 Name and address of the data protection commissioner

The data protection commissioner of the controller is:

Mr. Paßmann

Address:
Senate Department for Economics, Energy and Public Enterprises
The Data Protection Commissioner
Martin-Luther-Straße 105
10825 Berlin

E-mail: datenschutz@senweb.berlin.de

Any data subject can contact our data protection commissioner at any time with any questions or suggestions regarding data protection.

§ 4 Rights of the data subject

You have the following rights towards us with regard to the personal data concerning you:

  • Right to access
  • Right to rectification or erasure
  • Right to restriction of processing
  • Right to data portability
  • Right to object

If your personal data is processed based on point (e) or (f) of Article 6 (1) of the General Data Protection Regulation, you shall have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you in accordance with Article 21 of the General Data Protection Regulation.

If the processing of personal data is based on consent, you have the right to object your consent at any time. This does not affect the legality of the processing carried out on the basis of the consent until revocation.

If you wish to exercise your right of revocation and objection, please send an e-mail to: ea@senweb.berlin.de.

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

§ 5 Information about the processing of personal data

Below you will find information about the processing of personal data when using our website. It is important to differentiate between the mere informational use of our website and the submission of data and documents for the use of administrative services of the Point of Single Contact Berlin. For the use of the online portal of the Point of Single Contact Berlin, registration of the user is required for certain administrative services. Personal data is all data that are personally identifiable to you, e.g. name, address, e-mail addresses, user behaviour.

The personal data processed when using administrative services result from the respective input mask in which the data is collected. This includes, for example, data on the person concerned, such as name, address, date of birth and, in addition, other business-related information, such as company address, commercial activity, registration in the commercial register and other data required for the use of the specific service under the applicable legal provisions.

The requirement to provide personal data of the user of the online portal follows from the Law on the Point of Single Contact for the State of Berlin (German: Gesetz über den Einheitlichen Ansprechpartner für das Land Berlin) and serves the processing of the respective administrative procedure. Failure to provide the data will result in failure to process the administrative procedure.

When you contact us by e-mail or through a contact form, the information provided by you, such as the name, street, house number, zip code, city, telephone, e-mail address, subject and other information about your concern will be collected and stored by us to answer your questions. This data is not passed on to third parties. We delete the data that arises in this context after the storage is no longer required or limit the processing if statutory retention obligations exist.

By using our order form, you can order various publications and information materials from the Point of Single Contact Berlin. To process your order, data such as the reason of your order, your sender details (name, street, house number, zip code and city), and an e-mail address for any queries are collected and stored by us. This data is not passed on to third parties. We will delete the data associated with your order after the storage is no longer required or restrict processing if statutory retention obligations exist.

If we make use of contracted service providers for individual functions of our offer, we will inform you in detail about the respective procedures below. We also specify the storage duration or the defined criteria for the storage duration.

The feedback from the responsible authorities can be made via the Point of Single Contact Berlin. In this case, the (additional) personal data comes from the relevant body.

§ 6 Legal basis for data processing

The personal data of the data subject required for the performance and processing of the services offered on our website shall be collected, stored and processed in accordance with the statutory provisions of Article 6, Section 1, Sentence 1, Letter c) of the General Data Protection Regulation in connection with §§ 2 and 5 of the Law on the Point of Single Contact for the State of Berlin (EAG Bln), if this is required for the execution of the respective administration service. The personal data entered by the data subject may be used internally for statistical purposes for the legal purposes specified by law.

§ 7 Duration of data storage

The data we collect is stored in the database of the Point of Single Contact for retrieval by the data subject for a maximum of 180 days after completion of the administration service. Application data collected prior to the submission of the data subject’s application will be kept for a maximum of 90 days for further processing by the data subject and then automatically deleted.
Furthermore, your data will be stored by the recipients named under § 8.

§ 8 Recipients of data

The data collected by us are used to carry out the administrative service within the framework of the legal provisions to the respective competent authorities, such as, for example, public order offices and other authorities or relevant bodies in the on-going notification procedure (tax offices, DGUV, IHK, HWK, immigration office, customs, etc.), provided this is permitted and required by law. As a matter of principle, data is stored for an unlimited period of time at these offices within the legally permissible framework.

In addition, the data will be stored by the order processors commissioned by us for the operation of our online portal for a maximum period of time specified in § 7.

Personal data of a business report can be viewed publicly in accordance with § 14 (5) and (7) of the Industrial Code (German: Gewerbeordnung). On our website a corresponding electronic application (German: eAuskunft) is offered. Through this application, personal data can be viewed in accordance with the scope of the nationwide official notification forms from the Trade Registration Regulation (German: Gewerbeanzeigeverordnung):

When using the “e-payment” service, the data is forwarded directly to the website of the payment service provider. The name of the user is transmitted. The additional data collected there, such as credit card number, card verification number or IBAN, will never be processed by the responsible named under § 2.

§ 9 Registration on our website

The data subject has the option to register for certain administration services on our website by providing personal data. The personal data results from the respective input mask used for the registration. The personal data entered will be collected, processed and stored exclusively for internal use by the data controller and for personal use.

The purpose of registering the data subject by voluntarily providing personal data is to offer the data subject content or services which, by their very nature, can only be offered to registered users. This includes, for example, secure communication with the relevant bodies, a process tracking of the status of the administrative service to be provided or the billing of business information. Registered persons are free to modify the personal data given at registration at any time or to delete it completely from the database of the data controller.

§ 10 Processing of personal data when visiting our website

When you start using our website, even if you do not register or otherwise provide us with information, we store personal data that your browser transmits to our server or is logged by our web server. These are the following data that are technically necessary for us to display our website to you and to ensure its stability and security (legal basis is Article 6, Section 1, Sentence 1, Letter f) of the General Data Protection Regulation):

  • your IP-address
  • your device identification, i.e. the unique number of the terminal device used
  • content, date and time of the request
  • the time zone of the requesting device
  • the requested page
  • http status code
  • the amount of data transferred
  • website, from which the request was forwarded
  • browser-ID of your browser
  • language and version of the browser software
  • operating system of the terminal device used

The storage of this data takes place against the background that this is the only way to prevent misuse of our services and, if necessary, to enable us to investigate criminal offences committed. In this respect, the storage of this data is required to secure the controller. This data will not be passed on to third parties unless required to disclose it by law or if it is used for law enforcement purposes.

Our website uses so-called “cookies”, i.e. smaller files with text information that will be stored on your hard disk during the retrieval of the offer. A cookie stores information resulting in connection with the specific terminal device used. Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.

This website uses transient and persistent cookies, the scope and functionality of which are explained below:

  1. Transient cookies are automatically deleted when you close the browser. This includes in particular the session cookies. These store a so-called session ID, with which various requests from your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our website. Session cookies are deleted when you log out or close your browser.
  2. Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.

You can configure your browser settings according to your wishes, for example decline the acceptance of third-party cookies or all cookies. We point out that our website then works only limited or not at all.

We use transient and persistent cookies for the following purposes:

  1. Various cookies that are technically necessary to track a server-side web session of the user in the client (web browser) and to protect against specific client-side attack scenarios. If the web browser blocks these cookies, it will not be possible to use the application. These cookies are bound to the client-side session in the web browser and are automatically deleted by the web browser when the user closes it. The contents of these cookies are not stored permanently on the server side; after the associated server-side session has expired, it is no longer possible to identify the user account authenticated for the respective session or the data collected during the session, e.g. in a form.
  2. Various cookies in which user interface display states are stored, including whether the user has opened or closed help text in wizard-based forms, and whether they have opened or closed certain system and maintenance messages. If the web browser blocks these cookies, the application can not receive the display status of that information; however, use of the application is possible. These cookies are partly tied to the client-side session and are deleted from the web browser when the user closes them, sometimes they remain stored in the web browser for a certain amount of time. These cookies contain only the pure display status and do not allow any conclusion to the registered user or his account at any time.

§ 11 Current status of the privacy statement

This privacy statement is valid as of May 2018 and can be accessed and printed out on our website at any time (https://www.berlin.de/ea/en/privacy-statement/).