Data privacy policy

last update on 16.11.2020

As a political dialogue platform, we have a high responsibility in dealing with your particularly sensitive data on political attitudes and opinions. We want to explain to you openly and comprehensibly which data we collect and how we handle it securely. This fulfils our duty to provide information when collecting personal data at openPetition in accordance with Article 13 of the General Data Protection Regulation (GDPR).

Server in Germany and encrypted transmission

Your data is stored on servers in ISO/IEC 27001 certified data centers in Germany. The data transfer to our servers is encrypted with SSL throughout.

What personal information do we collect?

  • name, address
  • Age (only in Austria)
  • Telephone number (if specified)
  • E-mail address (if specified)
  • Profile picture (if specified)
  • "About me" text (if specified)
  • Representative of an organization (if specified)
  • Language, determined from the browser language or the set language
  • IP address
  • launched petitions
  • Widgets created for a petition
  • Signed petitions related to a region and category
  • Comments, urgency and concern for signatories (if specified)
  • Debate contributions, assessments of debate contributions
  • Mandates are created by the user and verified by openPetition or researched directly by openPetition.
  • Statements for public elected representatives
  • Salutation (for elected representatives, if indicated)
  • Transparency declaration for public elected representatives (if indicated)
  • User linking for surveys, so that each user can only participate once

How do we use your data?

  • We use your address to determine the assigned administrative levels and constituencies at all levels.
  • We use age (only in Austria) to ensure petitioners and supporters meet the minimum age requirement
  • We use your address to recommend petitions from the administrative levels assigned to you.
  • We use the category of your last signed petition to recommend petitions with similar topics.
  • We represent public signatures with name, place and country.
  • We show the distribution of signatures on geographical maps with the maximum resolution of the postal code districts.
  • We show you signatures of neighbours in your area who have signed the same petition. Via a contact form we enable networking among each other. The e-mail address of the recipient of a message is hidden from the sender. The e-mail address of the sender of a message is visible to the recipient.
  • We allow the petitioner to contact his supporters via our platform (if you have agreed).
  • We will send you recommendations of petitions (if you have agreed) signed in your neighbourhood.
  • We will send you newsletters about the work of openPetition (if you have agreed).
  • We occasionally send you petition recommendations from cooperating partner NGOs (provided you have given your consent).
  • We enable the petitioner to generate and download signature lists with all signatures and collective forms.

Who can see what of your data and for how long?

  • Petent: The petitioner must provide the full name, address and a valid e-mail address. Only the name and location of the petitioner is publicly visible on the website and to search engines. One year after the petition is closed, the name of the petitioner will be made anonymous on the website.
  • Supporters: As a supporter of a petition by a signature, the full name and full address must be provided. In order to stay informed about the petition, the specification of a valid e-mail address is required. If a pro or a contra argument is created for the petition debating room, the supporter must enter a valid email address. Supporters of public signatures only show the name and location of the website. Three days after signing, the last name for search engines is shortened to one letter. Six months after the end of the subscription, the data of supporters are no longer publicly available. Five years after completing the petition, the signatures will be deleted.
  • Supporters of non-public signatures are at no time publicly visible on the website or to search engines.
  • Petitioners and Petitionsempfänger see from all supporter data, including non-public signatures the name, the age (only in Austria), the post code, the city and a reduced to 4 characters street and house number and possibly the comment
  • Signature lists and questionnaires may not be forwarded by the petitioner, except to the petitioner, to anyone.
  • After the petition has been handed over, the petitioner is obliged to destroy all signature data made available to him in digital or printed form.
  • After the decision on a petition request, the petitioner is obliged to destroy all signature data made available to him digitally or in printed form.
  • Cooperating partner NGOs that collect signatures on their own page using the openPetition widget can export their signature data and contact you directly (if you have agreed). We have no influence over the frequency and content with which the cooperating partner NGO contacts you.
  • Profile pictures and profiles of mandate holders are publicly visible on the website and to search engines.
  • Statements are publicly visible on the website and to search engines with the name of the mandate holder, the name of the political group/party and the time of the statement or the last processing of the statement.
  • Profile pictures and profiles of petitioners are visible to the public on the website and not visible to search engines.
  • Profile pictures and profiles of supporters are visible on the website through a hidden link. Profiles are never visible to search engines.
  • Comments from supporters of public signatures are visible with name and location on the website, but not to search engines.
  • Comments from supporters of non-public signatures are only visible with the location on the website, but not to search engines.

How can you determine your data?

  • If you have entered an e-mail address, you can have a confirmation link sent to you. Confirm your email address and you will become a confirmed supporter.
  • You will be recognized as a confirmed supporter by a cookie. You can enter a password to log in to openPetition at any time.
  • As a confirmed supporter, you can edit the visibility of your signatures or revoke your signature during the subscription period.
  • You can register at any time with your signature email to be able to process your signature.
  • As a confirmed supporter or registered user you can edit your profile.
  • As a confirmed supporter or registered user, you can edit your notification settings.
  • As a petitioner, you can transfer your petition to a new spokesperson (see FAQ).
  • As a mandate holder, you can edit your mandates and resign prematurely if necessary.
  • As a mandate holder, you can take on mandates already created by openPetition or proposed by users after you have verified yourself to openPetition as a mandate holder.

No spying on other people's e-mail addresses

With openPetition it is not possible to determine whether the owner of this e-mail address has an account on openPetition or has signed a petition by entering a different e-mail address.

e-mail double-opt-in

openPetition only sends newsletters and other e-mails to people who have actively agreed to receive them. We check every stored e-mail address by a so-called double opt-in procedure. We will send you a confirmation e-mail. Only after you have activated the confirmation link contained therein will we use the e-mail address for further communication with you. In this way we effectively ensure that we do not send unsolicited e-mails to people.

Forward email

Users have the opportunity to recommend petitions to friends by e-mail. As a recipient you will only ever receive the first recommendation mail for each petition.
The recipient can permanently block the further receipt of recommendation mails for all petitions by means of a unsubscribe link in the recommendation mail.


The social media buttons on openPetition are simple share links or links to the openPetiton pages of the respective portal.


We integrate videos on our pages which are available on the YouTube platform (embedded content). YouTube is a service of YouTube LLC, a subsidiary of Google Inc, and is governed by Google's privacy policy.

However, it is possible to associate information with you if you are signed in to YouTube or another Google service. If you don't want to, please sign out of your Google Account before clicking an embedded video to play.

Google search

This website uses "Google Custom Search". When using the search box on the Search page, the data in the search box will be passed to Google. Google' s Privacy Policy applies.


The Google reCAPTCHA Version 3 feature helps us to identify malicious attacks on our website and our services. Therefore, this feature found in some of our sites, in particular in forms. There are ending for this test device and application data to Google, but not the information entered on the form. Under no circumstances collected data will be used for advertising purposes. Which are privacy policy Google .


Cookies are small files that are stored on a visitor's hard drive. They allow information to be held for a certain period of time and to identify the visitor's computer. For better user guidance we use permanent cookies. We also use session cookies, which are automatically deleted when you close your browser. You can set your browser so that it informs you about the placement of cookies.

Mozilla Firefox:
Google Chrome:
Internet Explorer:

We only use technically necessary cookies. We do not use cookies for tracking or analyzing user behavior.

local storage

For local caching of form input, openPetition uses the local storage of your web browser. The form entries are protected in the local storage against accidental deletion until the form is sent or you log off.

Matomo (formerly Piwik)

Our website uses the web analysis service Matomo, which openPetition uses to analyze the use of the website. With the help of Cookies , general usage information is transmitted to our server. No personal usage behavior is saved. Your IP address will be anonymized.

Storing the IP address

For reasons of legal security, the IP address of the visitor in combination with the date and time is stored whenever he or she participates in the content of openPetition. As a rule, the visitor's Internet provider can be inferred from the IP address. The identity of the connection owner can be inferred from the Internet provider at any time. In accordance with the German Data Storage Act (Vorratsdatenspeichergesetz, VDS), connection holders can be identified retroactively on the basis of their IP address for up to 10 weeks.

duty to give information

According to §14 paragraph 2 TMG, we will provide information on personal data in individual cases by order of the responsible authorities, insofar as this is necessary for the purposes of criminal prosecution, for the prevention of danger by the police authorities of the Länder, for the fulfilment of the legal tasks of the Federal and State Office for the Protection of the Constitution, the Federal Intelligence Service or the Military Counter-Intelligence Service or for the enforcement of intellectual property rights.

server logfiles

Every time you visit the openPetition platform or pages containing an openPetition banner or petition widget, visitor browser information is automatically forwarded to us. This includes information on browser type, operating system, IP address, time and the last previously visited page (referrer). With openPetition, this data is not assigned to specific persons. The log files are statistically evaluated and help to ensure error-free operation of the pages.


For our online donation option we use the FundraisingBox service. FundraisingBox guarantees complete data protection and legally compliant data storage. FundraisingBox takes over the payment processing for us. The data of the donation transactions are transmitted securely encrypted via SSL at any time and stored in European data centers. Further information on data protection at FundrainsingBox can be found here:

Facebook company page

We operate an official Facebook page under the URL on the basis of Art. 6 para. 1 lit. f GDPR. We do not collect, store or process personal data of our users on this site at any time. Furthermore, no other data processing is carried out or initiated by us. The data you enter on our Facebook page, such as comments, videos or pictures, will never be used or processed by us for any other purpose.

Facebook uses so-called web tracking methods on this page. Please be aware that Facebook may use your profile information to evaluate your habits, personal relationships or preferences. We have no influence on the processing of your data by Facebook.

Twitter company page

We operate at the url an official Twitter page based on Art. 6 Para. 1 lit. f GDPR. We do not collect, store or process personal data of our users on this website at any time. Furthermore, no other data processing is carried out or initiated by us. The tweets you enter on Twitter are published by Twitter and are never used or processed by us for any other purpose.

Twitter uses so-called web tracking methods on this site. Please be aware that Twitter may use your profile information to evaluate your habits, personal relationships or preferences. We have no influence on the processing of your data through Twitter.

Your rights as a user

right to information: You have the right to request confirmation as to whether personal data concerning you are being processed; if this is the case, you have a right of access to this personal data and to the information specified in Article 15 of the GDPR. Start data inquiry

Right to correction: You have the right to immediately request the correction of incorrect personal data concerning you and, if necessary, the completion of incomplete personal data.

Right of deletion: You have the right to request that personal data concerning you be deleted immediately if one of the reasons listed in Art. 17 GDPR applies in detail, for example if the data are no longer required for the purposes pursued. Delete openPetition account

Right to limitation of processing: You have the right to request a restriction on processing for the duration of any examination if one of the conditions listed in Art. 18 GDPR is met, for example, if you have filed an objection to the processing.

Right to data transferability: In certain cases, which are detailed in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transmission of this data to a third party.

Right of objection: If data are collected on the basis of Art. 6 para. 1 lit. f (data processing to protect legitimate interests), you have the right to object to the processing at any time for reasons arising from your particular situation. We will then no longer process the personal data unless there are demonstrably compelling reasons worthy of protection for the processing which outweigh the interests, rights and freedoms of the data subject, or the processing serves to assert, exercise or defend legal claims. Revoke a given consent

Right of appeal to a supervisory authority: According to Art. 77 GDPR, you have the right of appeal to a supervisory authority if you believe that the processing of data concerning you violates data protection regulations. The responsible supervisory authority for data protection issues is the Berliner Beauftragter für Datenschutz und Informationsfreiheit.

Legal basis for the processing of personal data

Insofar as we obtain the consent of the data subject for the processing of personal data, Art. 6 para. 1 lit. a EU General Data Protection Regulation (GDPR) serves as the legal basis for the processing of personal data.

In the processing of personal data required for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

Insofar as the processing of personal data is required to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c GDPR serves as the legal basis.

In the event that the processing is necessary for the performance of a task in the public interest or in the exercise of official authority, which has been entrusted to the controller, Art. 6 para. 1 lit. e DSGVO as legal basis.

If processing is necessary to safeguard a legitimate interest of our company or a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 para. 1 lit. f GDPR serves as the legal basis for processing.


This data protection declaration applies to all content on our pages and It does not include the websites linked on our site.


New technical developments and developments on the Internet make adjustments or additions to the openPetition data protection declaration necessary from time to time. You will be informed about the new features at this point.


The "Last update" indicator at the top of the privacy policy indicates when the privacy policy was last revised. Changes will take effect when we publish the revised Privacy Policy on our platform.

Responsible authority

Responsible body is the natural or legal person who alone or together with others decides on the purposes and means of processing personal data.

Responsible for data processing on this website is:
openPetition gGmbH
Haus der Demokratie und Menschenrechte
Greifswalder Str. 4
10405 Berlin

Represented by:
Geschäftsführer Jörg Mitzlaff
Haus der Demokratie und Menschenrechte
Greifswalder Str. 4
10405 Berlin


If you want to exercise your rights as a user or have further questions about data protection at openPetition, please contact us at the e-mail address

current petitions

show all petitions

Help us to strengthen citizen participation. We want to support your petition to get the attention it deserves while remaining an independent platform.

Donate now