Registration Information and Data Protection

German Council for Sustainable Development (RNE)
Office c/o GIZ GmbH
Potsdamer Platz 10,
D-10785 Berlin, Germany
Internet: www.nachhaltigkeitsrat.de
info@nachhaltigkeitsrat.de
Online contact form

Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH
Registered offices
Bonn and Eschborn, Germany

Friedrich-Ebert-Allee 32 + 36
53113 Bonn
Phone: +49 228 44 60-0
Fax: +49 228 44 60-17 66

Dag-Hammarskjöld-Weg 1 – 5
65760 Eschborn
Phone: +49 6196 79-0
Fax: +49 6196 79-11 15
Internet: www.giz.de
E-Mail: info@giz.de

Registered at
Local court (Amtsgericht) Bonn, Germany: HRB 18384
Local court (Amtsgericht) Frankfurt am Main, Germany: HRB 12394

VAT no.: DE 113891176

Chairperson of the Supervisory Board:
Jochen Flasbarth, State Secretary in the Federal Ministry for Economic Cooperation and Development

Management Board:
Tanja Gönner (Chair of the Management Board)
Ingrid-Gabriela Hoven
Thorsten Schäfer-Gümbel

Responsible for content as per Sect. 55 Para. 2 of the Interstate Broadcasting Treaty (RStV)
Dr Marc-Oliver Pahl
German Council for
Sustainable Development (RNE)
Office c/o GIZ GmbH
Potsdamer Platz 10,
D-10785 Berlin, Germany
Internet: www.nachhaltigkeitsrat.de
info@nachhaltigkeitsrat.de

Notice of liability
Despite careful review of all content provided, we assume no liability for the content of external links. The content of all externally linked pages is the sole responsibility of the respective operator of the page in question. Should misleading or illegal content appear, the Office of the Sustainability Council would be pleased to be informed briefly, so that it may remove the link concerned.

Editorial team
Marijke Eschenbach, Antonia Below, Stefanie Schmidl

System administrator
Rainer Jentgens
webmaster@nachhaltigkeitsrat.de

Copyright
Unless stated otherwise, all texts, PDF files and graphic elements are the copyright of the GIZ.

Photos
We use photos from own productions and the following portals: Unsplash.com (Mauro Mora, Chris Barbalis, Iva Rajović, Susan Yin, Jonas Tebbe, Alex Galperin, Tim Easley, Tim Gouw, Avantgarde Concept, Ryoji Iwata); Wikimedia Commons (Marek Heise); UN Photo; Pixabay.com; Pixelio.com.

Data Protection

The German Council for Sustainable Development (RNE) c/o Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH attaches great importance to responsible and transparent management of personal data.

Below we provide users with information as to

  • who they can contact at RNE c/o GIZ on the subject of data protection
  • what data is processed when they visit the website
  • what data is processed when users contact us, subscribe to newsletters or press releases or use other RNE online services
  • how they can opt out of the storage of data
  • what rights they have with respect to us

Data controller and data protection officer

Data processing is the responsibility of Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.

Address:
Friedrich-Ebert-Allee 32 + 36, 53113 Bonn, Germany
Dag-Hammarskjöld-Weg 1–5, 65760 Eschborn, Germany

Contact:
info@giz.de

German Council for Sustainable Development:
info@nachhaltigkeitsrat.de;
stefanie.schmidl@nachhaltigkeitsrat.de

Please contact GIZ’s data protection officer if you have questions specifically about how your data are protected: datenschutzbeauftragter@giz.de.

Information on the collection of personal data

General

RNE c/o GIZ processes personal data exclusively in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG).

Personal data are, for example, name, address, email addresses and user behaviour. RNE only processes personal data to the extent necessary. Which data is required and processed for which purpose and on what basis is largely determined by the type of service you use or the purpose for which the data is required.

Collection of personal data when visiting our website

You can visit our pages without disclosing any personal information. For the purposes of system security and to improve our services, we log only non-personal access data, such as your anonymised IP address, the date and time of the website access, the volume of data transmitted, notification of successful access, the browser type and version, your operating system, the page from which you came to us (referrer) or the name of the file/page requested; this data is stored in a server log file for a period of six months. Nothing regarding you personally can be inferred from this data.

Cookies

Our website uses cookies. These are small text files that allow specific, user-related information to be logged in the user’s browser while they use the website and make it possible for the user to be recognised if they visit the website again within a year. In particular, cookies make it possible to determine how often pages are visited and by how many people and to analyse people’s usage behaviour, and also to make our pages more user-friendly and make the page contents match the user’s preferences or be optimally rendered on the device they use.

The content management system (CMS) we use, WordPress, uses a so-called “session cookie” for the purpose of optimised presentation. This technically necessary cookie identifies a “session” – i.e. a visit to our website – and is valid until the browser window is closed (name of the cookie: “PHPSESSID”).

The web analytics platform we use, Matomo (see below), uses two cookies for page use analysis: a session cookie (cookie name: “_pk_ses.xxx”) with a validity of half an hour and a cookie that remains stored beyond the end of a browser session (cookie name: “_pk_id.xxx”) and which can be retrieved when the page is visited again. This enables us to track the frequency of use of our website over a period of 13 months.

When you first visit our website, a so-called “cookie notice” appears, bringing your attention to the use of cookies on the website. The notice window gives you the option of specifying the cookie settings for this website. There you can either allow the recording and analysis of your visit on the website nachhaltigkeitsrat.de using Matomo by clicking on “Accept all cookies (including Matomo)”. You might as well prevent the Matomo tracking by clicking on the button “Only accept technically necessary cookies”.

In order to save the cookie settings you have selected, a cookie which is valid for three months is set (name of the cookie: “cookie_notice_accepted”) to prevent the small notice window from being shown again during this time. After the three months have passed, you will be asked to re-edit your cookie settings when you visit the website again.

If you decide against tracking by Matomo in the cookie settings, the recording and analysis of your website visit will be deactivated and the Matomo code will be removed from the source code of our website for three months. As technically necessary cookies, only the short-term session cookie (“PHPSESSID”) will then be stored until the browser window is closed, as well as the settings cookie “cookie_notice_accepted” for three months as described above.

If the ‘Do Not Track’ option is activated in your browser, no Matomo cookies will be installed generally and your website visit will not be registered and analysed by Matomo. The technical “Do Not Track” option will be respected regardless of your decision made in the cookie settings.

All cookies used on our website are so-called “first party cookies”. They are therefore set exclusively by our domain www.nachhaltigkeitsrat.de and can only be used by the German Council for Sustainable Development (RNE). No “third party cookies” from third party providers are used.

You can change the cookie settings you selected in the information window at any time. By clicking on the following link, the cookie notice appears again at the bottom of the screen with the corresponding selection options.

Please note that your chosen cookie settings will also be removed if you delete cookies in your browser program in the meantime. The information window would then appear again the next time you visit the website.

If you do not want cookies to be used, you should adjust your Internet browser settings so that cookies are rejected, either generally or for a specified period. Please note that under these circumstances the cookie notice will appear every time you visit one of the pages of our website.

User analysis: Matomo, Webalizer

For the purposes of analysing website usage and to optimise its services, the RNE uses the open-source programs Matomo and Webalizer on this website. These make it possible to evaluate website usage – so-called tracking (Matomo) – and statistically process the server log files (Webalizer) in a manner compliant with data privacy regulations. For tracking, Matomo uses temporary cookies – small text components that are saved in the user’s browser – to allow the RNE to perform an exact, however never personally attributable analysis of a given website visit. The legal basis for use of Matomo is Sect. 6 Para. 1 lit. f GDPR. An explanation of the cookies used by Matomo and their storage duration can be found above under the item “Privacy policy with respect to cookies”.

Matomo

The user information Matomo collects via its cookies, including the user’s IP address, is stored temporarily on the RNE’s/GIZ’s server in anonymised form, where it is evaluated and subsequently deleted. It is not used for any other purpose and is not transferred to third parties.

In addition, Matomo respects your browser’s ‘Do Not Track’ option on this website, which you can activate in your browser to prevent the analysis of your website visit. If desired, the usage of cookies can also be prohibited entirely or on a case-by-case basis in the browser settings.

Webalizer

The version of the Webalizer web statistics program we use does not collect its own data. Rather, it analyses data from the log files on the web server. The last three digits of IP addresses are truncated before they are used for the analysis of usage behaviour, making it impossible for your identity to be determined and preserving your anonymity as a user. The anonymised data records are stored on our web server and are analysed exclusively for internal statistical purposes. At no time is this data shared with any third parties.

Processing of personal data when contacting us

When users contact us, the data provided is processed in order to be able to respond to the enquiry. The following contact options are available:

Contact form

Users have the option of contacting the RNE office via an online form. In order to be able to process the enquiry, the personal data of the user (e.g. surname, first name, e-mail address) transmitted with the form and the information contained in the e-mail are stored exclusively for the purpose of contacting and processing the request. Independent retrieval and modification of personal data by the user after submitting the online form is not possible. By manual e-mail request to the RNE office, the latter can compile the stored data via editorial access to WordPress (backend) and transmit it to the user and change or delete the data on request. The data will then be deleted within 48 hours.

Standard deletion periods: Participants’ data will not be kept longer than is necessary for the purpose for which it is processed or due to legal retention obligations. Due to requirements with regard to subsequent audits by internal and external bodies such as auditors, BRH, this data must be kept unchanged and anonymised as far as possible for up to 10 years after completion.

“Suggest an Event” form

In order to be able to propose an appointment for our online appointment calendar, the personal data of the user (e.g. surname, first name, email address) submitted with the form as well as the information contained in the email are stored exclusively for the purpose of contacting and processing the request. Independent retrieval and modification of personal data by the user after submitting the online form is not possible. By manual e-mail request to the RNE office, the latter can compile the stored data via editorial access to WordPress (backend) and transmit it to the user and change or delete the data on request. The data will then be deleted within 48 hours.

Standard deletion periods: Participants’ data will not be kept longer than is necessary for the purpose for which it is processed or due to legal retention obligations. Due to requirements with regard to subsequent audits by internal and external bodies such as auditors, BRH, this data must be kept unchanged and anonymised as far as possible for up to 10 years after completion.

Order form for print materials

This function will soon be discontinued and with it the associated data processing.

In order to be able to order print media from the RNE via our order form, the personal data of the user (e.g. surname, first name, address, town, postcode, e-mail address) transmitted with the form and the information contained in the e-mail are stored exclusively for the purpose of contacting and processing the request. Independent retrieval and modification of personal data by the user after submitting the online form is not possible. By manual e-mail request to the RNE office, the latter can compile the stored data via editorial access to WordPress (backend) and transmit it to the user and, if desired, change or delete the data. The data will then be deleted within 48 hours.

Standard deletion periods: Participants’ data will not be kept longer than is necessary for the purpose for which it is processed or due to legal retention obligations. Due to requirements with regard to subsequent audits by internal and external bodies such as auditors, BRH, this data must be kept unchanged and anonymised as far as possible for up to 10 years after completion.

Contact by email

Alternatively, it is possible to contact RNE via the email addresses provided. In this case, at least the email address but also any other personal user data transmitted with the email (e.g. family and given name, address) as well as the information contained in the email are stored solely for the purpose of contacting the user and processing the request.

The legal basis for the processing of data in connection with email communication is Article 6 (1) e GDPR.

Standard deletion periods: Participants’ data will not be kept longer than is necessary for the purpose for which it is processed or due to legal retention obligations. Due to requirements with regard to subsequent audits by internal and external bodies such as auditors, BRH, this data must be kept unchanged and anonymised as far as possible for up to 10 years after completion.

Contact by letter

When contacting us by letter, the personal data transmitted (e.g. family and given name, address) and the information contained in the letter is stored for the purpose of establishing contact and processing the enquiry.

The legal basis for the processing of data in connection with communication by letter is Article 6 (1) e GDPR.

Standard deletion periods: Participants’ data will not be kept longer than is necessary for the purpose for which it is processed or due to legal retention obligations. Due to requirements with regard to subsequent audits by internal and external bodies such as auditors, BRH, this data must be kept unchanged and anonymised as far as possible for up to 10 years after completion.

Contact by phone

When contacting us by phone, personal data will be processed to the extent necessary in order to handle the enquiry.

The legal basis for the processing of data in connection with communication by phone is Article 6 (1) e GDPR.

Standard deletion periods: Participants’ data will not be kept longer than is necessary for the purpose for which it is processed or due to legal retention obligations. Due to requirements with regard to subsequent audits by internal and external bodies such as auditors, BRH, this data must be kept unchanged and anonymised as far as possible for up to 10 years after completion.

Processing of personal data in connection with social network use

On its website, RNE invites users to visit its company presence on social networking sites and platforms, such as Twitter. Social media plug-ins, such as the Twitter button, usually result in the IP address of a visitor to a website immediately being recorded and their online activities being logged by these services. This is the case even if the website visitor does not click on a social media button. The social media buttons on this website feature the recognised system Shariff to protect your data. This ensures that there is no direct contact with the chosen social media network until you actively click on a share button.

Twitter

This website features Twitter service functions. These functions are offered by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. When you use Twitter and the Retweet function, the websites you have visited are connected to your Twitter account and are made known to other users. Data is also transferred to Twitter.

Please note that as the provider of the web pages we have no knowledge of the contents of the data transmitted or how it is used by Twitter. More information on this can be found in the Twitter privacy policy.

You can change your Twitter data privacy settings in the account settings.

Further web offers e.g. event management by external agenciess

Within the framework of the digital event series “REIHE N”, users are redirected via the RNE website to the website https://reihe-n-nachhaltigkeitsrat.de/ for registration. The agency labconcepts, which operates the website on behalf of the RNE, is responsible for the data processing carried out there in the context of registration for REIHE N events. For the event series “REIHE N”, data is processed by the agency labconcepts. The RNE has concluded an order data processing contract with labconcepts.

The responsible party for data processing on the REIHE N website is therefore:

labconcepts GmbH
Bonner Talweg 64
53113 Bonn, Germany
Phone: +49 (0)228 24 98 110
E-Mail: info@labconcepts.de

For further details, please refer to the corresponding privacy policy of labconcepts in the context of REIHE N at https://reihe-n-nachhaltigkeitsrat.de/datenschutz/.

Provision of information (newsletter, press mailing lists)

Newsletters and a press mailing list are offered on the RNE website. The processing of personal data depends on the type of information provided.

The personal data collected for the newsletter and press mailing lists is used for processing purposes. Your data is not shared with any third parties. Your data is not processed or used for the purposes of advice, advertising or market research. When you unsubscribe from the newsletter or press list, all your personal data is deleted from our database.

This website uses CleverReach for newsletter and press release mailings via two separate distribution lists. The provider is CleverReach GmbH & Co. KG, Mühlenstraße 43, 26180 Rastede, Germany. CleverReach is a service used to organise and analyse the distribution of mailings like newsletters and press releases. The data you provide in order to receive the newsletter or press relase mailings (e.g. email address) is stored on CleverReach’s servers in Germany or Ireland. CleverReach’s server locations are exclusively in the EU.

The newsletter and press release mailings we distribute with CleverReach allow us to analyse the behaviour of recipients. Among other things, we can analyse how many recipients open a message and how frequently which links within a newsletter or press release are clicked on. You will find more information on mailing data analysis with CleverReach at: https://www.cleverreach.com/en/features/reporting-tracking/.

Your data is processed on the basis of your consent (Sect. 6 Para. 1 lit. a GDPR). You may revoke your consent at any time by unsubscribing from the newsletter or press mailing list. Your revocation does not affect the lawfulness of the data processing performed in the past.

If you do not wish for your data to be analysed by CleverReach, you must unsubscribe from the newsletter and press mailing lists. We include an appropriate link for this in every newsletter and press release.

The data you submit to us in order to receive the newsletter or press release is stored by us until you are removed from the newsletter or press mailing list and is deleted from the CleverReach servers following cancellation of your mailing subscription. This does not affect data stored by us for other purposes (e.g. email addresses for the members’ area).

You can subscribe to the newsletter and/or press distribution list (via the website) and unsubscribe (via the website or via an individual unsubscribe link at the end of each newsletter or press release) yourself with immediate effect. The data record of your subscription is initially set to “inactive” when you unsubscribe and is automatically permanently deleted from the CleverReach database after a period of six months.

Deletion periods after revocation: Alternatively, you can send an email to the RNE office requesting to be added to the CleverReach distribution list(s) or deleted from the CleverReach distribution list(s). In this case, the manual entry or deletion by the RNE office will take place within 48 hours. It is not possible to retrieve and change your personal data in the meantime. By sending a manual e-mail request to the RNE office, the latter can compile your data stored at CleverReach and transmit it to you or, if you wish, delete it within 48 hours.

For more details, please refer to CleverReach’s data security policy at: https://www.cleverreach.com/en/data-security/.

Conclusion of a contract data processing agreement

We have concluded a contract data processing agreement (AuV) with CleverReach and implement the strict requirements of the German data protection authorities in full with regard to our use of CleverReach.

The AuV with CleverReach states that CleverReach may process the personal data provided to it exclusively in the territory of the Federal Republic of Germany or in a member state of the European Union. The processing of personal data in a third country requires the prior consent of the client and may only take place if the specific legal requirements are met.

Standard deletion periods: Data from participants will not be kept longer than is necessary for the purpose for which it is processed or due to legal retention obligations. I.e. due to requirements with regard to subsequent audits by internal and external bodies such as auditors, BRH, this data must be kept unchanged and anonymised as far as possible for up to 10 years after completion.

Disclosure to third parties

RNE c/o GIZ does not pass on personal data to third parties unless it is legally obliged or entitled to do so by law.

Transfer of data to countries outside Germany

RNE c/o GIZ does not transfer personal data to third countries. When using social media, the privacy policies of the respective providers apply.

Use, storage and deletion of personal data

The personal data provided by you in our contact form, when ordering informational materials or when subscribing to the newsletter is stored on our server and is used exclusively for correspondence and for use of the website.

Postal addresses and email addresses that are provided within the scope of requesting or ordering informational materials are used exclusively for correspondence purposes and for sending the requested documents.

Personal data is routinely deleted, at the latest after six months, when it is no longer needed for the processing of enquiries and orders, when the persons in question have not granted their specific approval of their data being kept and when the statutory record retention obligations and periods do not prescribe extended data retention.

Personal data in our newsletter and press mailing lists are only stored during the active subscription. When unsubscribing from the newsletter or press mailing list or when cancelling the subscription, all associated data is deleted from the respective database (see section “Provision of information (newsletter, press mailing lists)”).

IT security of user data

All the available technical and organisational safety measures are applied to ensure that the personal data you provide us with is safeguarded from being accessed by unauthorised third parties. A limited number of employees of the RNE and of the website’s system administrator have access to your personal data. You will find detailed data protection information regarding our newsletter above under the heading “Provision of information (newsletter, press mailing lists)”.

We store your data on secure servers in Germany. Access to the servers is only afforded to a handful of authorised persons who are responsible for overseeing them technically. We take precautions to ensure that your personal data is secure. Your data is diligently protected from loss, destruction, falsification, manipulation and unauthorised access or disclosure.

Amendment of these data protection provisions

We will update these guidelines from time to time in order to protect your personal data. You should review these guidelines occasionally in order to remain up to date regarding how we protect your data and how we are constantly improving the contents of our website. If we make significant changes to how we collect, use and/or share the personal data made available to us by you, we shall bring this to your attention by means of an unambiguous and clearly visible notice on the website. By using the website, you consent to the conditions of these guidelines regarding the protection of your personal data.

If you have any questions regarding this privacy policy, please contact the controller listed above.

Personal data shall only be collected if voluntarily submitted by you while registering to order informational materials, via the contact form or when subscribing to our newsletter. We shall use the data provided by you solely to satisfy your enquiry or process your order. No data shall be shared with any third parties without your consent.

The website uses SSL encryption (https) in accordance with Sect. 13 Para. 7 of Germany’s Telemedia Act (TMG). As such, data submitted to the server in a form (log-in, registration, project processing, etc.) is protected to the latest technological standards.

Reference to user rights

Visitors to the RNE c/o GIZ website have the right

  • To obtain information about their data stored by us (Article 15 GDPR)
  • To have their data stored by us rectified (Article 16 GDPR)
  • To have their data stored by us erased (Article 17 GDPR)
  • To obtain restriction of processing of their data stored by us (Article 18 GDPR)
  • To object to the storage of their data if personal data are processed on the basis of the first sentence of Article 6 (1) 1 f and e GDPR (Article 21 GDPR)
  • To receive their personal data in a commonly used and machine-readable format from the controller such that they can be potentially transmitted to another controller (right to data portability, Article 20 GDPR)
  • To withdraw their consent to the extent that the data has been processed on the basis of consent (Article 6 (1) a GDPR). The lawfulness of the processing on the basis of the consent given remains unaffected until receipt of the withdrawal.

Insofar as there are no reasons necessitating contract data processing, you may at any time revoke the consent you previously granted to your personal data being stored in writing (e.g. by email or fax) with immediate effect. Your data shall be deleted without undue delay and at the latest within five working days.

If you have any questions or complaints about this statement or the processing, you can contact the GIZ Data Protection Officer at the following email: datenschutzbeauftragter@giz.de.

Users also have the right in accordance with Article 77 GDPR to lodge a complaint with the competent data protection supervisory authority. The competent authority is the Federal Commissioner for Data Protection and Freedom of Information (BfDI).