Erscheinung:25.05.2018, Stand:updated on 23.09.2020 | Topic Compliance Information on data processing regarding the membership and the application for positions in international bodies
The Federal Financial Supervisory Authority (Bundesanstalt für Finanzdienstleistungsaufsicht – BaFin) processes personal data to meet its legal and (pre-)contractual obligations. This also includes data which BaFin collected on you. To promote your awareness regarding data processing and your rights as well as to comply with our duty to provide information in accordance with Article 13 and Article 14 of the EU General Data Protection Regulation (GDPR), BaFin informs you as follows:
1. Contact details for BaFin and BaFin’s Data Protection Officer
Bundesanstalt für Finanzdienstleistungsaufsicht
Graurheindorfer Str. 108
53117 Bonn
Postfach 1253
53002 Bonn
Phone: 0228 / 4108 – 0
Fax: 0228 / 4108 – 1550
E-mail: poststelle@bafin.de oder De-Mail: poststelle@bafin.de-mail.de
BaFin’s Data Protection Officer can be reached at: datenschutz@bafin.de
2. Purpose of processing
Internal and external communication
3. Legal basis for the collection of data
Art. 6 para. 1 lit. e GDPR in connection with sec. 4e para. 1 sentence 1 FinDAG (Act Establishing the Federal Financial Supervisory Authority)
4. Categories of processed personal data
The personal data held about you consist of contact details (membership) as well as contact details and CV data (for applications).
5. Intention to transfer the personal data to recipients in a third country or to an international organisation
BaFin does not intend to transfer your data to a recipient in a third country (non-EU member states and countries outside the European Economic Area) or to an international organisation.
6. Recipient of data
BaFin
7. Time period for storing your data
Data are continually updated. As soon as a membership ends, the personal data are erased. Data from applications will be erased after five years.
8. Your rights as a data subject
In principle, as a data subject, you have the rights of access to personal data (Article 15 of the GDPR), the right to rectification (Article 16 of the GDPR), erasure (Article 17 of the GDPR) and restriction of processing (Article 18 of the GDPR), the right to data portability (Article 20 of the GDPR) and the right to object to the processing (Article 21 of the GDPR). Moreover, you have a right to lodge a complaint with the data protection authority competent for BaFin, i.e. the Federal Commissioner for Data Protection and Freedom of Information (Bundesbeauftragte(r) für den Datenschutz und die Informationsfreiheit).
9. Automated individual decision-making, including profiling
There is no automated individual decision-making.
10. Source of personal data
The committees, bodies and secretariats report their members themselves and for this they transmit personal data concerning these members.
11. Basis for the provision of your data and consequences in the event of failure to provide your personal data
Without contact details and CV data the membership as well as the application for positions in international bodies is not possible.