Data Protection

The Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH attaches great importance to responsible and transparent management of personal data.

Below we provide users with information as to

  • who they can contact at GIZ on the subject of data protection
  • what data is processed when they visit the website
  • what data is processed when users contact us or subscribe to newsletters
  • how they can opt out of the storage of data
  • what rights they have with respect to us

Information on the collection of personal data

General

GIZ processes personal data exclusively in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG). Personal data are, for example, name, address, email addresses and user behaviour.

GIZ only processes personal data to the extent necessary. Which data is required and processed for which purpose and on what basis is largely determined by the type of service you use or the purpose for which the data is required.

Data controller and data protection officer

Please contact GIZ’s data protection officer if you have questions specifically about how your data are protected:

datenschutzbeauftragter@giz.de

Friedrich-Ebert-Allee 32+36, 53113 Bonn
Dag-Hammarskjöld-Weg 1–5, 65760 Eschborn
Telephone: +49 228 44 60-0

Data processing is the responsibility of Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.

Collection of personal data when visiting our website

When visiting the CATAL1.5°T website, the browser used automatically transmits data that is saved in a log file. GIZ itself processes only the data that is technically required in order to display the website correctly and to ensure its stability and security. The following information is stored for each page you view and each file you download:

  • The type and version of browser used
  • The used operating system
  • Referrer URL
  • The hostname of the accessing computer
  • The time of the website visit

Your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a request for deletion or revoke your consent to data processing, your data will be deleted.

Cookies

When you visit the CATAL1.5°T Initiative website, small text files known as ‘cookies’ are stored on your computer. They are used to make the online presence more user-friendly and effective overall. Cookies cannot run programs or infect your computer with viruses.

The CATAL1.5°T website uses cookies that are automatically deleted as soon as the browser on which the page is displayed is closed (referred to as temporary cookies or session cookies). This type of cookie makes it possible to assign various requests from a browser to a session and to recognise the browser when the website is visited again (session ID).

Matomo analytics service

This website uses the open source web analytics service Matomo. Matomo uses so-called “cookies”. These are text files that are stored on your computer and that allow an analysis of the use of the website by you. For this purpose, the information generated by the cookie about the use of this website is stored on our server. The IP address is anonymized before it is stored.

Matomo cookies remain on your device until you delete them.

The storage of Matomo cookies is based on Art. 6 (1) f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize its website.
The information generated by the cookies about your use of this website will not be disclosed to third parties. You can prevent these cookies being stored by selecting the appropriate settings in your browser. However, we wish to point out that doing so may mean you will not be able to enjoy the full functionality of this website.

Information on opting out

If you do not agree with the storage and use of your data, you can disable this feature by clicking on the button located at the bottom of this page.

For this purpose, what is known as an opt-out cookie is stored on the device, preventing user data from being collected when the user visits the website in question. In order for the opt-out to take effect, the cookie must be stored on every device used. As the cookie is stored in specific browsers (programs for internet access), the cookie must be stored in each browser used on each device (e.g. Internet Explorer, Chrome, Mozilla Firefox).
When all cookies on a device are deleted, the opt-out cookie is also deleted and must be reactivated.

Collection of personal data when contacting us via e-mail or the contact form

It is possible to contact CATAL1.5°T Initiative via the email addresses and the contact form provided. In this case, at least the email address but also any other personal user data transmitted (e.g. family and given name, address) as well as the information contained in the email or contact request are stored solely for the purpose of contacting the user and processing the request.

The legal basis for the processing of data in connection with email communication or the contact form is Article 6 (1) e GDPR.

Processing of personal data when subscribing to our newsletters [SMG1]

Personal data is collected for the purpose of processing the subscription to each respective newsletter. The data is processed and used exclusively for sending the newsletter.

After entering the email address, users receive an email containing a link for confirming the authenticity of the address and the subscription (‘double opt-in’). If users do not confirm the registration by clicking on the link contained in the email, the data is deleted immediately.

The legal basis for the processing of data in connection with the dispatch of newsletters is their consent in accordance with Article 6 (1) a GDPR.

The newsletter subscription can be cancelled at any time. If the subscription is cancelled, all personal data is deleted from our database.

This website uses Brevo for the sending of newsletters and aggregating your data when contacting the CATAL1.5°T Initiative. The provider is the Sendinblue GmbH,

Köpenicker Straße 126,

10179 Berlin, Germany.

Brevo services can, among other things, be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter are archived on servers of Sendinblue GmbH in Germany.

Data analysis by Brevo

Brevo enables us to analyze our newsletter campaigns. For instance, it allows us to see whether a newsletter message has been opened and, if so, which links may have been clicked. This enables us to determine, which links drew an extraordinary number of clicks.

Moreover, we are also able to see whether once the e-mail was opened or a link was clicked, any previously defined actions were taken (conversion rate). This allows us to determine whether you have made a purchase after clicking on the newsletter.

Brevo also enables us to divide the subscribers to our newsletter into various categories (i.e., to “cluster” recipients). For instance, newsletter recipients can be categorized based on age, gender, or place of residence. This enables us to tailor our newsletter more effectively to the needs of the respective target groups.

If you do not want to permit an analysis by Brevo, you must unsubscribe from the newsletter. We provide a link for you to do this in every newsletter message. Moreover, you can also unsubscribe from the newsletter right on the website.

For detailed information on the functions of Brevo please follow this link:

https://www.brevo.com/de/newsletter-software/.

Legal basis

The data is processed based on your consent (Art. 6(1)(a) GDPR). You may revoke any consent you have given at any time by unsubscribing from the newsletter. This shall be without prejudice to the lawfulness of any data processing transactions that have taken place prior to your revocation.

Storage period

The data deposited with us for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter or the newsletter service provider and deleted from the newsletter distribution list after you unsubscribe from the newsletter. Data stored for other purposes with us remain unaffected.

After you unsubscribe from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist, if such action is necessary to prevent future mailings. The data from the blacklist is used only for this purpose and not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6(1)(f) GDPR). The storage in the blacklist is indefinite. You may object to the storage if your interests outweigh our legitimate interest.

For more details, please consult the Data Protection Regulations of Brevo at:

https://www.brevo.com/de/daten... and

https://www.brevo.com/de/legal/privacypolicy/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Disclosure to third parties

GIZ does not pass on personal data to third parties unless it is legally obliged or entitled to do so by law.

Transfer of data to countries outside Germany

GIZ does not transfer personal data to third countries.

Duration of data retention

User data will not be kept any longer than is necessary for the purpose for which it is processed or as required by law.

IT security of user data

GIZ accords great importance to protecting personal data. For this reason, technical and organisational security measures ensure that data is protected against accidental and intentional manipulation and unintended erasure as well as unauthorised access. These measures are updated accordingly based on technical developments and adapted continuously in line with the risks.

Reference to user rights

Visitors to the CATAL1.5°T Initiative website have the right

  • To obtain information about their data stored by us (Article 15 GDPR)
  • To have their data stored by us rectified (Article 16 GDPR)
  • To have their data stored by us erased (Article 17 GDPR)
  • To obtain restriction of processing of their data stored by us (Article 18 GDPR)
  • To object to the storage of their data if personal data are processed on the basis of the first sentence of Article 6 (1) 1 f and e GDPR (Article 21 GDPR)
  • To receive their personal data in a commonly used and machine-readable format from the controller such that they can be potentially transmitted to another controller (right to data portability, Article 20 GDPR).
  • To withdraw their consent to the extent that the data has been processed on the basis of consent (Article 6 (1) a GDPR). The lawfulness of the processing on the basis of the consent given remains unaffected until receipt of the withdrawal.

Users also have the right in accordance with Article 77 GDPR to lodge a complaint with the competent data protection supervisory authority. The competent authority is the Federal Commissioner for Data Protection and Freedom of Information (BfDI).