Privacy statement

Privacy notice for the website

Welcome to the official website of the Federal Government’s Corona-Warn-App.

1. Controller and data protection officer

The so-called controller responsible for processing your personal data in accordance with the provisions of the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG) when you visit this website is:

Robert Koch-Institut (RKI)
Nordufer 20
13353 Berlin
Represented by the President

Robert Koch-Institut
Press and Public Relations
Nordufer 20
13353 Berlin
Phone: +49 30 18754 0
Fax: +49 30 18754 2328


If you have any questions or concerns regarding data protection, you are welcome to send them to the RKI’s data protection officer by post to: Robert Koch-Institut, FAO the data protection officer, Nordufer 20, 13353 Berlin, or by emailing: .

The RKI takes the protection of your personal data very seriously. Personal data means any information relating to an identified or identifiable person. This includes information that allows conclusions to be drawn about your identity. Further definitions of the terms used here (e.g. “processing”) can be found in Art. 4 GDPR. As a federal authority, the RKI is subject to the provisions of the GDPR and the BDSG. Below you will find the necessary information on how your personal data is pro-cessed when using this website.

2. Visiting the website

Each time you call up the website, your browser automatically transmits data so that you can visit the website. This access data includes:

  • IP address
  • Date and time of the request
  • Time zone difference from Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status / HTTP status code
  • Volume of data transferred in each case
  • Website from which the request comes
  • Browser
  • Operating system and its interface
  • Browser software version and language

The legal basis of the processing is Art. 6(1) Sentence 1(e) GDPR in conjunction with Sect. 3 BDSG. The processing is necessary in order to inform the public about the duties for which the RKI is responsible.

3. Your data protection rights (rights of the data subject)

If the RKI processes your personal data, you have the following data protection rights in accordance with the legal requirements:

  • The right to obtain access to your personal data, and information about its processing, at any time (Art. 15 GDPR)
  • The right to have inaccurate data rectified or incomplete data completed (Art. 16 GDPR)
  • The right to have data erased or its processing restricted (e.g. if you withdraw your consent or the processing is unlawful) in accordance with the legal requirements (Art. 17, 18 GDPR)
  • In the case of data processing based on consent, the right to withdraw your consent at any time with effect for the future (Art. 7(3) GDPR)
  • The right to data portability (you can have an overview of your data provided in an electronic format) (Art. 20 GDPR)
  • The right to object to data processing which, based on a legitimate interest of the RKI, is carried out for the performance of public tasks or in the exercise of official authority (Art. 21 GDPR)
  • The right to contact the RKI’s data protection officer and raise your concerns (Art. 38(4) GDPR) and
  • The right to lodge a complaint with a supervisory authority for data protection (e.g. the Federal Commissioner for Data Protection and Freedom of Information, Graurheindorfer Str. 153, 53117 Bonn, +49 228 997799 0, E-Mail: , (Art. 77(1) GDPR).

Last amended: 25 April 2024