BfDI (Germany) - 16-536/007

From GDPRhub
BfDI - 16-536/007#0176-Verwarnung
Authority: BfDI (Germany)
Jurisdiction: Germany
Relevant Law: Article 58(2)(b) GDPR
Type: Investigation
Outcome: Violation Found
Started: 12.05.2022
Decided: 27.01.2023
Published: 22.05.2023
Fine: n/a
Parties: ITZBund
National Case Number/Name: 16-536/007#0176-Verwarnung
European Case Law Identifier: n/a
Appeal: Not appealed
Original Language(s): German
Original Source: (in DE)
Initial Contributor: Frank F

The use of Cloudflare violates Art. 44 DSGVO.

English Summary


he responsible party or processor used Cloudflare to secure the website for the Census2022.


The DPA believes that the transmission of data, in particular. - Date and time of access, - name of the requested file, - web page from which the file was requested, - access status {e.g. e.g. file transferred, file not found), - the web browser used and the operating system, - the lp address of the requesting device, - online identifiers (e.g. device identifiers, session lDs}. Unlawful and a violation of Art. 44 GDPR.


Share your comments here!

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the German original. Please refer to the German original for more details.

Instead of the usual external service providers, FragDenstaat uses the self-operated and therefore more data protection-friendly Matomo in order to obtain statistical evaluations of the use of the website without cookies. If you do not want this count, please click here and uncheck it. More information in our privacy policy.