Privacy Policy


1. Collection of personal data

This privacy policy aims to inform you about the collection of personal data during the use of our website. Personal data means all data that relate to you personally, such as name, address, email address, usage behaviour.


2. Name and address of the data controller

The controller as per Art. 4 (7) EU General Data Protection Regulation (GDPR) is the German Federal Ministry of Transport and Digital Infrastructure (Bundesministerium für Verkehr und Digitale Infrastruktur, BMVI), Invalidenstraße 44, D-10115 Berlin, Telephone: +49 (0)30 18 300-0, Email: (see our Imprint).


3. Contact details of the data protection officer

You can reach out to our data protection officer by sending an email to or a letter to our postal address for the attention of the "Datenschutzbeauftragter". Any data subject can contact our data protection officer with questions or comments regarding data protection directly at any time.


4. Your rights

a) You have the following rights regarding the personal data relating to you:

  • Right of access to information (Art. 15 GDPR),
  • Right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR),
  • Right to restriction of processing (Art. 18 GDPR),
  • Right to object to the processing (Art. 21 GDPR),
  • Right to data portability (Art. 20 GDPR).

b) Moreover, you have the right to lodge a complaint with a data protection supervisory authority regarding our processing of your personal data. The competent data protection supervisory authority for the BMVI is the German Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte für Datenschutz und Informationsfreiheit, BfDI).


5. Collection of personal data during visits to our website in general

Where your use of our website is purely for information purposes, i.e. if you do not register or otherwise send us information, we only collect data that your browser sends to our server. When you choose to view our website, we collect the following data, which we require for technical reasons in order to display our website to you and to ensure stability and security (the legal basis for this is Art. 6 (1) (f) GDPR):

  • IP address
  • Date and time of your request
  • Time zone difference to GMT
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Volume of data transferred in each case
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Language and version of the browser software.


6. Cookies

In addition to the data mentioned above, when you use our website, cookies are stored on your computer. Cookies are small text files which are stored on your hard drive and associated with the browser you use and through which certain information flows to the entity which sets the cookie (in this case us). Cookies cannot run any programmes or transfer viruses to your computer. Their purpose is to make the website more user friendly and improve its efficiency (the legal basis for this is Art. 6 (1) (f) GDPR).

a) This website uses the following types of cookie, the extent and mode of functioning of which are explained below:

  • Transient cookies (see b) below)
  • Persistent cookies (see c) below)

b) Transient cookies are automatically deleted when you close your browser. They include, in particular, session cookies. Session cookies store a so-called session ID, which allows different requests from your browser to be attributed to the same session. This enables your computer to be recognised if you return to our website. Session cookies are deleted when you log out or close your browser.

c) Persistent cookies are deleted automatically after a preset period of time, which can differ from cookie to cookie. You can delete these cookies using the security settings of your browser.

d) You can tailor your browser settings to your preferences and, for example, accept or reject third-party cookies or all cookies. We would like to note that by blocking cookies you may not be able to use all of the functions of this website.


7. Collection of personal data when you contact us by email or via the User Helpdesk

When you contact us by email or using our "User Helpdesk" contact form, the data you provide (name and email address) as well as your message is stored by us to enable us to answer your questions. We delete the data collected in this context once it is no longer necessary for us to store it, or we restrict the processing where statutory data retention periods exist.

If the request is based on rights of the data subject under the German Freedom of Information Act (Informationsfreiheitsgesetz) or on other rights of access to information under public law, the legal basis for the processing is Art. 6 (1) (c) GDPR. If this is not the case, but the processing still serves a task which is carried out in the public interest, the legal basis is Art. 6 (1) (e) GDPR. Other requests which are not answered as part of the fulfilment of tasks in the public interest, will be answered at the request of the data subject and constitute a service of the BMVI; the legal basis for the aforementioned data processing is, in this case, Art. 6 (1) (f) GDPR.


8. Setting up a user account

a) You may voluntarily set up a user account in order to receive full access to CODE-DE as well as, based on that, seek membership with the AGRO-DE project group, other project groups or access to additional data or the processing function of CODE-DE. If you register on our website, we collect and store your first name and surname, your email address as well as the industry and area in which you work. In addition, we are able to determine when you last modified your user information, when you last logged in and to which user groups you belong.

b) We store the aforementioned data for the purposes of contacting you in the event of problems, of compliance with the "German Act for the Protection of the Security of the Federal Republic of Germany Against Endangerment by the Distribution of Highly Detailed Terrestrial Satellite Data" (Gesetz zum Schutz vor Gefährdung der Sicherheit der Bundesrepublik Deutschland durch das Verbreiten von hochwertigen Erdfernerkundungsdaten, SatDSiG) as well as for statistical purposes in connection with user management.

c) We collect, store and process the data mentioned above on the basis of Art. 6 (1) (e) and (f) GDPR.

d) The data is stored for as long as the user retains its CODE-DE user account. If the user demands the deletion of the CODE-DE user account, the account will first be deactivated and then stored for a maximum of one month. After expiry of this one-month time period, within which the user can have the account reactivated, the CODE-DE user data is deleted.


9. General information on the duration of storage of personal data

We process and store personal data of the data subject only for the period necessary to achieve the purpose of the storage or the period stipulated by law (e.g. mandatory information retention periods under tax law and commercial law, to the extent such periods apply). If the purpose of storage ceases to exist or upon expiry of the stipulated storage period, the personal data is routinely blocked or deleted according to the relevant statutory provisions.


10. TLS encryption

The website uses TLS1.2 encryption. The purpose of this encryption is to provide security and protection for the transmission of confidential data. For instance, this encryption is activated when you send us an enquiry via our website.


11. Processing of data in non-EU/EEA countries

The processing and use of data takes place exclusively in the territory of Germany, in a Member State of the European Union or in another country, which is a party to the Agreement on the European Economic Area.


12. Use and disclosure of personal information

Any use of personal data occurs only for the aforementioned purposes and to the extent necessary to achieve these purposes. The data is used solely by the Space Administration of the German Aerospace Center (Raumfahrtmanagement des Deutschen Zentrums für Luft- und Raumfahrt e.V.) as part of the performance of its duties for the BMVI, as well as by the BMVI. For the provision of this Copernicus Data and Exploitation Platform - Germany (CODE-DE) the BMVI has contracted a technical service provider with which it has entered into a processor agreement as per Art. 28 GDPR. The data will not be passed on to any other third parties. A transmission of personal data to other state institutions and authorities will only occur to the extent permitted under the relevant laws.


Open the Privacy Statement as PDF here.