The Privacy Notice provided below describes, as required by the EU Regulation 2016/679, the processing operations performed on the personal data of the users of the Services.
Using these Services may result into processing data relating to identified or identifiable natural persons.
Data Controller: Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH, Friedrich-Ebert-Allee 36 + 40, 53113 Bonn, Dag-Hammarskjöld-Weg 1–5, 65760 Eschborn. Email: firstname.lastname@example.org.
Data Controller’s Data Protection Officer (DPO): email@example.com.
When you use our Services we process and collect these categories of personal data:
Data Controller is a public-benefit federal enterprise for international cooperation so the personal data mentioned on this page are processed by the Data Controller in discharging its tasks that serve the public interest or are related to the exercise of its institutional functions. This includes the planning, the implementation and the execution of the Project. Personal Data are processed on the basis of Article 6, 1 lit. f) of the GDPR for the purpose of pursuing the controller’s legitimate interests, in this case to provide and improve the Services.
We may use the information collected for the limited purpose of providing the Services and related functionality. These limited purposes include circumstances where it is necessary to provide or fulfill Services requested by you or in your interest. The information is used to perform a variety of purposes, including to:
We use your data to produce and share aggregated insights that do not identify you. For example, we may use your data to generate aggregated statistics about your Team or its members to track their activity.
Staff: The personal data collected as above are also processed by the staff from the Data Controller, acting on specific instructions concerning purposes and arrangements of such processing. Data processors: The following entities are recipients of the data collected when you are using our Services. They have been appointed as data processors by the Data Controller pursuant to Article 28 of the Regulation:
Other third-parties: The personal data are not passed on to/ shared with third parties, except the Data Processor and its subcontractors, as above specified.
The Data Controller does not transfer your data to an extra-EU third country.
We retain your personal data until your account is in existence. Therefore personal data are deleted when:
You (formally the “Data Subject”) have the right to obtain from the Data Controller, where appropriate, access to your personal data as well as rectification or erasure of such data or the restriction of the processing concerning you, and to object to the processing (pursuant to Articles 15 to 22 of the Regulation). In particular, at any time you may exercise your rights:
Please contact the Data Controller's DPO to lodge all requests to exercise these rights.
Protecting your personal data is especially important to us. We use technical and organizational security measures to ensure that your data is protected against intentional and unintentional manipulation, deletion and unauthorized access. These measures are updated in line with technological developments and adjusted on an ongoing basis to account for risks. The servers containing your data are stored and managed in data centers in Germany. Our Services are based on web technology relying on Transport Layer Security (TLS) cryptographic protocol for the protection of the transmission of your content.