Data protection statement for participants of the HLPF side event “Germany’s VNR 2021: Taking Stock and Looking Forward at the beginning of the Decade of Action and Delivery for the SDGs” for the storage and processing of personal data by GIZ.
The Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH attaches great importance to responsible and transparent management of personal data. Therefore, we herewith provide users with information on what data is stored and processed for which purpose, who can be contacted at GIZ on the subject of data protection and what rights they have with respect to us.
1 Responsible entity (data controller and data protection officer)
The Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH ist he responsible entity fort he processing of data.
Friedrich-Ebert-Allee 36 + 40, 53113 Bonn
Dag-Hammarskjöld-Weg 1 – 5, 65760 Eschborn
Please contact GIZ’s data protection officer if you have questions specifically about how your data are protected: email@example.com
2 Purpose, legal basis, extent, necessity of data processing
2.1 When using the registration form, personal data (title, surname, first name, email address, position / function and company or organizational affiliation) are processed. The data collected as part of the registration is used exclusively for the purpose of registration or participation in the virtual HLPF side event “Germany’s VNR 2021: Taking Stock and Looking Forward at the beginning of the Decade of Action and Delivery for the SDGs”, stored on GIZ servers and used, for example, to coordinate technical capacities; any other use is always made dependent on renewed consent.
2.2 The processing takes place on the legal basis of Art. 6 Para. 1 a) EU GDPR. Based on the given consent to the processing of data subject personal data for the specific purpose. The transmission to GIZ takes place via an SSL-encrypted connection, so that unauthorized access is made much more difficult.
2.3 GIZ accords great importance to protecting personal data. For this reason, technical and organisational security measures ensure that data is protected against accidental and intentional manipulation and unintended erasure as well as unauthorised access. These measures are updated accordingly based on technical developments and adapted continuously in line with the risks. Access to personal data is restricted to those GIZ employees within the SDG-RI project (5 persons in total) who have to process this data in accordance with the above-mentioned purposes and handle it properly and confidentially.
2.4 The data will only be used for the purposes described in the declaration; any other use is always made dependent on renewed consent.
2.5 For the purpose of preparing the event, information on title, name and organization of registered participants will be shared with the co-organizing Federal Ministry for the Environment, Nature Conservation and Nuclear Safety and the Federal Ministry for Economic Cooperation and Development.
2.6 As part of the virtual event, K.I.T. Group GmbH, Kurfürstendamm 71, 10709 Berlin, has been commissioned to carry out the registration and the necessary, dedicated data processing. An order processing agreement has been concluded with the service provider to establish and maintain the appropriate technical and organizational measures.
2.7 With the exception of abovementioned co-organizers and the companies commissioned by us to hold the event, with whom we have concluded an order processing agreement in accordance with Art. 28 GDPR, the data will not be passed on to third parties and not used for advertising purposes.
3 User rights
You have the right to object to data processing, to ask about your personal data and its processing, to have it corrected if necessary, or to request that processing be restricted or the data deleted. The data will then be deleted. Permission to use personal data can also be revoked at any time. This does not affect the legality of the processing up to the point in time of the revocation.
If you withdraw your consent, participation in the virtual event is not possible.
Please send your revocation by email to: firstname.lastname@example.org
If you have any questions or complaints about this declaration or processing, you can contact GIZ’s data protection officer at the following email address: email@example.com
Users also have the right in accordance with Article 77 GDPR to lodge a complaint with the competent data protection supervisory authority. The competent authority is the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
When you visit the GIZ website, small text files known as ‘cookies’ are stored on your computer. They are used to make the online presence more user-friendly and effective overall. Cookies cannot run programs or infect your computer with viruses.
Most of the cookies we use are so-called “session cookies”. They are automatically deleted after your visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognize your browser the next time you visit.
You can configure your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when you close the browser. If cookies are deactivated, the functionality of this website may be restricted.
Cookies that are required to carry out the electronic communication process or to provide certain functions you require are stored on the basis of Art. 6 (1) e GDPR. The website operator is processing data processing as necessary for the performance of a task carried out in the public interest in the storage of cookies for the technically error-free and optimized provision of its services. If other cookies (e.g. cookies for analyzing your surfing behavior) are stored, these will be treated separately in this data protection declaration.
5 Disclosure to third parties
GIZ does not pass on personal data to third parties unless it is legally obliged or entitled to do so by law. Data is not used for commercial purposes.
6 Duration of data retention
User data will not be kept any longer than is necessary for the purpose for which it is processed or as required by law.