Legal Notices
Responsible and transparent handling of personal data is very important to the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.
Below you will find information about
– which contact options exist at GIZ on the subject of data protection
– what data is processed when you visit the website
– what data is processed when you contact us, subscribe to newsletters or press releases or
use other GIZ online services.
– what options you have to object to the storage of your data.
– what rights you have vis-à-vis us.
- 1. Controller and data protection officer
The controller responsible for data processing is the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.
Address:
Friedrich-Ebert-Allee 32 + 36, 53113 Bonn
Dag-Hammarskjöld-Weg 1-5, 65760 Eschborn, Germany
Contact:
If you have specific questions about the protection of your data, please contact GIZ’s data protection officer: datenschutzbeauftragte@giz.de
- 2. Information on the collection of personal data
2.1 General information
GIZ processes personal data exclusively in accordance with the European General Data Protection Regulation (GDPR)[A1] and the German Federal Data Protection Act (BDSG).
Personal data includes, for example, names, addresses, email addresses and user behaviour.
Personal data is only processed by GIZ to the extent necessary. Which data is required and processed for what purpose and on what basis depends largely on the type of service you are using and the purpose for which it is required.
2.2 Collection of personal data when visiting our website
When you visit the Partnerschaften2030 website, the browser you use automatically transmits data that is stored in a log file. GIZ itself only processes the data that is technically necessary to display the website correctly and to ensure stability and security.
Among other things, the page accessed, the IP address of the accessing device, the page from which the user was redirected, and the date and time of access are stored for each access. A detailed list of the stored data can be found here.
Fields of the log file
| Feld | Dargestellt als | Beschreibung |
| Date | date | The date on which the activity occurred. |
| Time | time | The time, in coordinated universal time (UTC), at which the activity occurred. |
| Server IP Address | s-ip | The IP address of the server on which the log file entry was generated. |
| Client IP Address | c-ip | The IP address of the client that made the request. |
| HTTP Status Code | sc-status | The status code returned by the server (e.g., 200 for success, 404 for not found). |
| Request Method | cs-method | The HTTP method used for the request (e.g., GET, POST). |
| User Agent | cs(User-Agent) | Information about the client software making the request, such as browser type and version. |
| Error Message | message | Details about the error encountered by the server or script. |
| File Path | c-ip | The file path where the error occurred. |
| Event Type | event-type | The type of event recorded, such as system error, warning, or informational message. |
| Requested Resource | cs-uri-stem | The URL or file requested by the user |
| Referrer URL | cs(Referer) | The website that redirected the user to the current request. |
| Action | cs-action | Indicates the action performed by the user, such as UPLOAD, DOWNLOAD, or DELETE. |
| File | cs-file | Specifies the file that the user uploaded, downloaded, or modified. |
| User Query | Query | The SQL query submitted by he user to the database. |
| Query Errors | db-error | Displays errors that occur when users send invalid or incomplete queries. |
Further information on the storage and forwarding of data:
- GIZ is obliged to store the data beyond the time of the visit to ensure protection against attacks on GIZ’s Internet infrastructure and the Federal Government’s communication technology (basis: Art. 6 para. 1 lit. e GDPR in conjunction with Section 5 BSI Act). In the event of attacks on the communication technology, this data is analysed and used to initiate legal and criminal prosecution.
Data logged when accessing the GIZ website will only be passed on to third parties if there is a legal obligation to do so or if disclosure is necessary for legal or criminal prosecution in the event of attacks on the Federal Government’s communications technology. Data will not be passed on in other cases. This data is not merged with other data sources at GIZ.
Data logged when accessing the GIZ website will only be passed on to third parties if there is a legal obligation to do so or if disclosure is necessary for legal or criminal prosecution in the event of attacks on the Federal Government’s communications technology. Data will not be passed on in other cases. This data is not merged with other data sources at GIZ.
1.3. Cookies
When visiting our website, small text files, so-called cookies, are stored on the visitor’s computer. They are used to make the website more user-friendly and effective overall. Cookies cannot execute programmes or transfer viruses to your computer.
The GIZ website uses cookies that are automatically deleted as soon as the browser in which the page is displayed is closed (so-called temporary cookies or session cookies). This type of cookie makes it possible to assign various requests from a browser to a session and it is possible to recognise the browser when the website is visited again (session ID).
2.4 Matomo analysis service (user analysis)
GIZ uses the web analysis service ‘Matomo’, which is operated by InnoCraft Ltd from Wellington (New Zealand), to analyse usage data on its website. The data is stored and analysed completely anonymously.
The data generated with Matomo is processed and stored by Matomo on behalf of GIZ exclusively in Europe and New Zealand.
Further information on data protection at Matomo can be found here: Matomo Cloud Privacy Policy – Matomo Analytics.
Further information on the utilisation analysis
Matomo uses cookies that enable a statistical analysis of the use of the GIZ website. Matomo cookies do not contain any information that enables a user to be identified. Every time a user accesses the GIZ website and every time a file is retrieved, data about this process is temporarily stored and processed in a log file. Before being stored, each data record is anonymised by changing the IP address.
GIZ analyses usage information for statistical purposes as part of its public relations work and for the needs-based provision of information as part of its tasks (basis: Article 6(1)(e) GDPR in conjunction with § 3 BDSG).
Notes on objection
Users who do not agree to the completely anonymised storage and analysis of the data from their visit can object to the storage and use at any time with a click of the mouse.
The button can be found at the bottom of the page.
Further information on the objection
For this purpose, an opt-out cookie is stored on the end device, which prevents the collection of user data when visiting this website. For the objection to take effect, the cookie must be stored on every end device used. Since the cookie is stored in the respective browser (Internet programme), the cookie must be stored in each browser if several browsers are used on one end device (e.g. Microsoft Edge, Chrome, Mozilla Firefox).
If all cookies on a device are deleted, the opt-out cookie is also deleted and must be reactivated.
3. Processing of personal data when contacting us
When users contact us, the data provided is processed to deal with the enquiry. The following contact options are available:
By e-mail: info@partnerschaften2030.de
By telephone: +49 228 4460-3539
3.1 Contact by e-mail
Alternatively, you can contact GIZ via the e-mail addresses provided. In this case, the user’s personal data transmitted with the e-mail (for example: surname, first name, address), but at least the e-mail address, as well as the information contained in the e-mail will be stored exclusively for the purpose of contacting and processing the request.
The legal basis for the processing of the data processed while sending an e-mail is Art. 6 para. 1 lit. e GDPR.
3.2 Contacting us by telephone
When contacting us by telephone, personal data will be processed to the extent necessary to process your request.
The legal basis for the processing of data transmitted during a telephone call is Art. 6 para. 1 lit. e GDPR.
- 3. Newsletter
A free newsletter is offered on our website.
Personal data is used for the purpose of processing the respective newsletter. The data is processed and used exclusively for the purpose of sending the newsletter. When registering for the newsletter, the data from the input screen is transmitted to us.
After entering the email address, users receive an email with a confirmation link to confirm the authenticity of the address and the subscription (‘double opt-in’). If you do not confirm your registration using the link in this email, the data will be deleted immediately.
The legal basis for the processing of the data processed while sending the newsletter is your consent in accordance with Art. 6 para. 1 lit. a GDPR.
You can cancel your subscription to the newsletter at any time. If the subscription is cancelled, all personal data will be deleted from our database.
4. Processing of personal data in the context of the use of social networks
On its website, GIZ offers the opportunity to visit company presences on social networks and platforms such as YouTube.
These online presences are operated to interact with the users active there and to provide information about projects and services. Clicking on the logo of a social network takes you to GIZ’s presence on the respective network.
When visiting the platforms, no personal data is collected, used and stored by GIZ, but by the operators of the respective social network. This happens even if visitors themselves do not have a profile on the respective social network.
The individual data processing operations and their scope differ depending on the operator of the respective social network. GIZ has no influence on data collection and its further use by the operators of the social networks. We have no comprehensive knowledge of the extent to which, where and for how long the data is stored, the extent to which the networks comply with existing deletion obligations, which analyses and links are made with the data and to whom the data is passed on.
When accessing a GIZ presence on social media, the terms of use and privacy policies of the respective operators apply. Click here for the contact addresses and links to the privacy policies of the social media platforms on which GIZ has a presence.
Social media with GIZ appearances
The privacy policy for the social network YouTube, which is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, can be viewed at https://www.gstatic.com/policies/privacy/pdf/20190122/f3294e95/google_privacy_policy_de_eu.pdf.
5. Disclosure to third parties
GIZ does not pass on personal data to third parties unless it is legally obliged or authorised to do so by law.
6. Data transfers to third countries
GIZ does not transfer personal data to third countries. When using social media, the data protection provisions of the respective providers apply.
7. Duration of data storage
User data is not stored for longer than is necessary for the purpose for which it is processed or due to statutory retention obligations.
8. IT security of user data
The protection of personal data is an important concern for GIZ. For this reason, technical and organisational security measures ensure that data is protected against accidental and intentional manipulation, accidental deletion and unauthorised access. These measures are updated in line with technical developments and constantly adapted to the risks.
9. Reference to the rights of users
Visitors to the GIZ website have the right
- to obtain information about your data stored by us (Art. 15 GDPR),
- to request rectification of your data stored by us (Art. 16 GDPR),
- to request the erasure of your data stored by us (Art. 17 GDPR).
- to request restriction of the processing of your data stored by us (Art. 18 GDPR)
- to object to the storage of your data if data is processed based on Art. 6 para. 1 sentence 1 lit. f and e GDPR (Art. 21 GDPR),
- to receive the data concerning you in a commonly used, machine-readable format from the controller to have it transmitted to another controller (right to data portability, Art. 20 GDPR)
- to revoke your consent, provided that the processing of the data was based on consent (Art. 6 para. 1 a) GDPR). The lawfulness of the processing based on the consent given remains unaffected until receipt of the revocation.
- In accordance with Art. 77 GDPR, you have the right to lodge a complaint with the competent data protection supervisory authority. The competent authority for GIZ is the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
If you have any questions about the processing of your personal data, you can contact GIZ’s data protection officer at datenschutzbeauftragte@giz.de.