Le Gouvernement du Grand-Duché du Luxembourg
Skip to main content

Privacy Policy

When collecting data on our websites (https://www.bee-secure.lu and https://stopline.bee-secure.lu) all the rules on data protection are strictly complied with. Personal data protection is very important to us.

1. Purpose of the policy on data protection

Welcome to our website! This privacy policy is intended to inform you, pursuant to Articles 13 and 14 of EU Regulation No 679/2016 on the protection of data (hereinafter the “GDPR”), on the data processing process and the protection of personal data related to your visit to the website, our contents and services.
Personal data refers to any information that relates to an identified or identifiable natural person. An identifiable natural person is someone who can be identified directly or indirectly.
Personal information is only collected if you give your explicit consent to the “Service national de la Jeunesse”, i.e. the National Youth Service (hereinafter the “NYS”).

2. Data Controller and Data Protection Commissioner

2.1. Data Controller

The personal data controller is the coordinator of the BEE SECURE project of the NYS.

You can contact the data controller

  • via e-mail at gdpr@bee-secure.lu or
  • by way of a signed letter with a copy of your ID card for the attention of:

Service national de la Jeunesse
Annexe Forum Geesseknäppchen
40, boulevard Pierre Dupong
L-1430 Luxembourg

2.2. Data Protection Commissioner

If you have questions regarding the processing of your personal data or your rights regarding data protection, please contact the Data Protection Commissioner of the company at the address of the National Youth Service mentioned above, for the attention of the Data Protection, Commissioner  or at the following e-mail address  gdpr@bee-secure.lu.

3. Note on data protection

The NYS operates the website stopline.bee-secure.lu. The BEE SECURE Stopline is a registration office for the fight against illegal content (material involving the sexual abuse of minors, discrimination, racism and revisionism, as well as terrorism) on the Internet. We also support a public interest.
The NYS is responsible for the lawful use of your personal data in the context of a report on stopline.bee-secure.lu. The BEE SECURE Stopline and BEE SECURE Helpline are managed by the youth hotline Kanner-Jugendtelefon (KJT). Your data will be processed with the utmost care and in accordance with the principles of the GDPR.

3.1. Report illegal content

The following explanation gives you an overview of how we guarantee this protection. We explain to visitors of our website what data we collect and for what purposes, as well as how you can influence the way we process your personal data at any time.
The reporting of illegal content may, according to your wishes, be made anonymously or with an indication of your e-mail address. An online form is available for this purpose, in which you can specify the source or the exact URL (web address) of the reference and additional information at your discretion. Based on this information (known as “reported data”), we check the lawfulness of the published content. The personal data of persons who submit reports to us is treated as confidential and, if necessary, processed exclusively for the purpose of finding and checking illegal content. Such data will be deleted as soon as possible (see sections 4.1 and 4.2).
All data is processed exclusively by select employees who have undergone special training. No purpose other than monitoring and reporting possible illegal content on the Internet is pursued.
The only recipients of reported data are the competent authorities if the monitored content is found to be illegal, namely the Luxembourg Grand Ducal Police, the service providers involved and the respective members of the umbrella organisation INHOPE ((www.inhope.org).).

4. Collection and storage of personal data as well as the nature and purposes of its use

4.1 Log Files

Every time you access our website, the browser used on your device sends data to the server of our website and stores it in the server’s log files.  This data consists of information that relates to an identified or identifiable natural person, the website visitor. The following information is thus stored:

  • The IP address of your device,,
  • The date and time of access to the website (request to the hosting provider’s server),,
  • The name and URL of the retrieved file,
  • The URL of the website from which you accessed the website,
  • The browser type and version used,
  • The operating system you use and the name of your Internet Service Provider.

The aim of this processing is to make our website accessible from your device and allow proper display of our website on your device. The data will also be used to optimise the website and ensure the security and stability of our systems.
The legal basis of the processing is laid down by Article 6 subparagraph 1 point f) of the GDPR. We have a legitimate interest in providing you with a website that is adapted to your browser. You have the right to object, but the unavailability of data would prevent you, under certain circumstances, from using our website or using it in its entirety.
The processed information will only be kept for the time necessary or legally required for the purposes for which they were processed.
The data recipient is the active host server within the framework of a control data contract.

4.2. Cookies

We use cookies on our website. Cookies are text files that are automatically created by your browser and stored on your device when you visit our website.
The entries and settings of a website can be stored in cookies, so that you do not have to enter them each time you visit a website. Cookies contain a cookie ID, which classifies the device in which the cookie was stored.

  • Types of cookies

Session cookies that identify you or your device when you visit our website. These cookies are automatically deleted when you leave our website.
Statistik  (Matomo)
The aim of such processing is to ensure that you can use our website smoothly and to give you the opportunity to save your settings.
The legal basis of the processing is laid down by Article 6 subparagraph 1 point f) of the GDPR. We have a legitimate interest in presenting you a website that stores your personal settings and allows you to visit our website more easily.

  • Setting cookies

Most browsers accept cookies automatically. In your browser settings, you may however limit or completely prevent the installation of cookies. If you disable cookies completely, it may prevent you from using all of our website’s features. You can also get the cookies to be automatically deleted when you close the browser window.
To find out how to delete cookies in the most common browsers and modify cookie settings, check the following links:
Google Chrome: https://support.google.com/chrome/answer/95647
Mozilla Firefox: https://support.mozilla.org/de/kb/cookies-loeschen-daten-von-websites-entfernen
Apple Safari: https://support.apple.com/kb/PH21411?locale=de_DE
Microsoft Internet Explorer: https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies
In addition, we use cookies to record statistics about the use of our website and assess it in order to optimise our offer (see paragraph 4.3.). These cookies allow us to automatically recognise that an IP address was already on our website when you visit it again.

4.3. Analysis tool

This website uses functions of the “Matomo” open source web analytics service.
In addition, the Matomo tool collects data on users’ visits. Matomo analyses traffic on the website and helps us to optimise it. The user’s information (including the IP address, which is made anonymous) are collected and cookies are stored in your browser for 13 months. If you do not want to disclose your data for the Matomo tool, you can unsubscribe here.

4.4. Contact, registration form, filing a complaint

The processing of data in order to contact us is carried out in accordance with Article 6 subparagraph 1 point a) of the GDPR based on your voluntary consent and information you provided. Another legal basis is Article 6 subparagraph 1 point f) of the GDPR based on our legitimate interest in offering you the opportunity to contact us and respond to your enquiries.
The aim of data processing is to process the contact request and respond to it. Personal data will be erased once they are no longer needed to fulfil the purpose for which it was collected.

  • You can submit any question and request regarding your rights and personal data to the Data Protection Commissioners (see section 2.2).
  • The form used on the website complies with the principles of lawfulness, loyalty, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality. The form tells you the rights you can exercise with regards to data protection and in accordance with the legal provisions of the Data Protection Regulation. Data collection is restricted to what is absolutely necessary in order to achieve the stated purposes. Personal information (e.g. e-mail address) is provided voluntarily.

Valid and relevant contact information must be provided to confirm who sent the request and to be able to respond to it (with the exception of the registration form). Further information can be provided voluntarily.

4.5. Data storage period

Your personal data will be stored and processed until the purpose for which it was collected is achieved, as indicated on the form.

5. Data processing commands and data link

We work with the following analytical tools and web hosting providers:
Web hosting: Lusis (subcontractor) and Online SAS with the Scaleway Service (sub-contractor of Lusis),
Analysis tool: Matomo analytical tool.
Personal data will not be processed by us outside the EU.
The transfer and processing of personal data outside the EU are made on the basis of data protection measures listed in the respective data protection declarations (Google has an EU-US Privacy Shield certification – see https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI ).).
Your personal data will not be transmitted to third parties under the Data Protection Regulation or used for commercial purposes.
In exceptional cases, data may be disclosed to third parties. In this case, the data transfer is explicitly mentioned on the form.

6. Your rights

Under the circumstances set out in the GDPR, those concerned with data processing have certain rights. In principle, anyone concerned within the meaning of the GDPR has the following rights:

  • Right of access (Article 15 of the GDPR): you have the right to obtain information on the processing of your personal data and its main elements.
  • Right to rectification (Article 16 of the GDPR): you may request to rectify inaccurate data about you or an indication of incomplete data.
  • Right to object (Article 21 of the GDPR): if personal data is processed based on legitimate interests in accordance with Article 6 subparagraph 1 point f) of the GDPR, you have the right to object to such processing if there are grounds to do so in light of your individual circumstances (subject to our imperative reasons of protection) or to object to direct advertising. If you would like to exercise your right to object, you can send an e-mail togdpr@bee-secure.lu.  We will keep a file in which the relevant data of those who exercised their right to object will be processed in order to respect the will of the person who raised the objection. The data contained in the list of objections will be kept for 3 years before being erased.
  • Right to erasure (Article 17 of the GDPR): you have the right, under certain circumstances, to demand the deletion of your personal data we have stored, for example if they are no longer needed for the purposes for which they were collected or if you legally object to data processing. The right to erasure is not applicable in all circumstances, especially if the processing is necessary for the exercise of the right to freedom of expression and information, the implementation of a legal obligation, for reasons of public interest or to enforce, exercise or defend legal rights.
  • Right to restriction of processing (Article 18 and following of the GDPR): you have the right to request the restriction of the processing of your personal data under certain conditions. This right applies especially if you: question the accuracy of data; the processing is unlawful, but you refuse to delete data; the data is no longer necessary for us, but you need to enforce, exercise or legally defend your rights; or you are legally opposed to objections against data processing.
  • Right to data portability (Article 20 of the GDPR): in some cases set out by law, you can receive the personal data you provided in a format that is structured, common and machine readable or request to have it transmitted to another responsible third party.

In addition, we remind you that you may revoke your consent at any time. A revocation would result in the processing of data – which is based on such consent – no longer being able to be pursued in the future. The lawfulness of the processing performed on the basis of consent until the revocation is not affected.
We reserve the right to request information and documents asserting the identity of the applicant.
Any request or question regarding your rights can be sent to the Commissioner for Data Protection via e-mail at gdpr@bee-secure.lu or by mail to the above address (see point 2.2). If you think that the processing of your data does not comply with the GDPR, you have the right to file a complaint with the competent data protection supervisory authority (see www.cnpd.lu).).
In the event of a dispute, you can file a complaint at any time with the . National Data Protection Commission,

7. External links

Our website may contain links to other external websites. The processing of data on other websites is under the responsibility of third parties without us having any influence on the processing. You will find more information in the respective privacy policies of the external websites concerned.

8.  Data security

We protect our website and our other systems through appropriate technical and organisational measures against the loss, destruction, access, modification or dissemination of your data by unauthorised persons Despite these measures, full protection against all dangers is not possible, however, and is not guaranteed.
Information security is essential for data protection. As a result, the NYS is certified according to the ISO 27001 international standard in order to provide the greatest possible security.
If you have further questions about the use of your data, please contact the data protection commissioner (see point 2.2.).

9. Changes to privacy policies

Any changes to our internal processes or the law may require us to modify this privacy policy. You will be informed of any change in due course. Please check the applicable privacy statement when you visit our website.