Registration Information and Data Protection

German Council for Sustainable Development (RNE)
Office c/o GIZ GmbH
Potsdamer Platz 10
D-10785 Berlin, Germany
Internet: www.nachhaltigkeitsrat.de
info@nachhaltigkeitsrat.de
Online contact form

Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH
Registered offices
Bonn and Eschborn, Germany

Friedrich-Ebert-Allee 32 + 36
53113 Bonn
Phone: +49 228 44 60-0
Fax: +49 228 44 60-17 66

Dag-Hammarskjöld-Weg 1 – 5
65760 Eschborn
Phone: +49 6196 79-0
Fax: +49 6196 79-11 15
Internet: www.giz.de
E-Mail: info@giz.de

Registered at
Local court (Amtsgericht) Bonn, Germany: HRB 18384
Local court (Amtsgericht) Frankfurt am Main, Germany: HRB 12394

VAT no.: DE 113891176

Chairperson of the Supervisory Board:
Jochen Flasbarth, State Secretary in the Federal Ministry for Economic Cooperation and Development

Management Board:
Thorsten Schäfer-Gümbel (Chair)
Ingrid-Gabriela Hoven (Vice-Chair)
Anna Sophie Herken

Responsibility for content pursuant to section 55(2) German State Broadcasting Treaty (Rundfunkstaatsvertrag, RStV)
Dr Marc-Oliver Pahl
German Council for
Sustainable Development (RNE)
Office c/o GIZ GmbH
Potsdamer Platz 10,
D-10785 Berlin, Germany
Internet: www.nachhaltigkeitsrat.de
info@nachhaltigkeitsrat.de

Notice of liability
Despite careful monitoring of content, we assume no liability for the content of external links. The content of the linked pages is the sole responsibility of their respective operators. If you become aware of any misleading or unlawful content, please let the office of the Sustainability Council know so that the link in question can be removed.

Editorial team
Laura Schoen, Antonia Below, Stefanie Schmidl

System administrator
Rainer Jentgens
webmaster@nachhaltigkeitsrat.de

Copyright
Unless stated otherwise, all texts, PDF files and graphic elements are the copyright of the GIZ.

Photos
We use photos from own productions and the following portals: Unsplash.com (Mauro Mora, Chris Barbalis, Iva Rajović, Susan Yin, Jonas Tebbe, Alex Galperin, Tim Easley, Tim Gouw, Avantgarde Concept, Ryoji Iwata); Wikimedia Commons (Marek Heise); UN Photo; Pixabay.com; Pixelio.com.

Data Protection

The Council for Sustainable Development (RNE) c/o GIZ attaches great importance to the responsible and transparent handling of personal data.

Below you will find information about:

  • the available contact options on the subject of data protection at RNE;
  • what data is processed during a visit to the website;
  • what data is processed when you contact us or take advantage of other online services from RNE;
  • what options are open to you if you want to object to the storage of the data;
  • what rights you have with respect to us.

Controller and data protection officer

The controller for the processing of data is the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.

Address:
Friedrich-Ebert-Allee 32 + 36, 53113 Bonn, Germany
Dag-Hammarskjöld-Weg 1–5, 65760 Eschborn, Germany

Contact:
info@giz.de

German Council for Sustainable Development:
info@nachhaltigkeitsrat.de;
stefanie.schmidl@nachhaltigkeitsrat.de

If you have specific questions concerning the protection of your data, please contact the data protection officer at GIZ: datenschutzbeauftragter@giz.de.

Information about the collection of personal data

General

RNE c/o GIZ processes personal data exclusively in accordance with the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

Personal data includes, for example, name, address, email addresses, and user behavior. RNE only processes personal data as far as is necessary. What data is required and processed for what purpose and on what basis generally depends on the type of service you are using or the purpose for which the data is required.

Personal data collected during a visit to our website

You can visit our web pages without providing any personal information. Access data is stored in a log file (server log file) solely for the purpose of system security and to improve our online services. This data does not refer to individual people and includes, for example, your anonymized IP address, date and time of access, data volume transferred, notification of successful access, browser type and version, operating system used, the page you came from before your visit to us (referrer), or the name of the requested file/page. In each case, this data is stored until the end of the current calendar year and does not permit you to be identified personally.

The data for a given calendar year in the log file is only evaluated for the internal RNE statistical report and then deleted from the database by the end of January of the following year.

Cookies

Our website uses cookies. These are small text files that enable specific information relating to the user to be stored in the user’s browser while they visit the website and for them to be recognized as a returning user if they come back within a year. In particular, cookies enable the frequency of use and the number of users of a page to be ascertained and page-usage behavior to be analyzed. They also help make our online services more user-friendly and allow us to display page content tailored to the user’s preferences or optimized for the end device they use.

The content management system (CMS) we use, WordPress, sets what is known as a “session cookie” for optimum presentation. This technically necessary cookie identifies a “session” – i.e., a visit to our website – and is valid until the browser window is closed (cookie name: “PHPSESSID”).

The “Matomo” web analytics service (see section below) uses two cookies to analyze page use: a session cookie (cookie name: “_pk_ses.xxx”) valid for half an hour and a cookie that remains stored beyond the end of a browser session (cookie name: “_pk_id.xxx”) and that can be retrieved the next time the page is visited. This enables the frequency of use of our website during a 13-month period to be recorded.

On your first visit to our website, you will see a “cookie notice” intended to draw your attention of the use of cookies on this website and to give you the opportunity to configure your cookie settings for this website. There you can consent to Matomo recording and analyzing your specific visit to the website nachhaltigkeitsrat.de by clicking “Alle Cookies akzeptieren (inkl. Matomo)” (Accept all cookies (incl. Matomo)) or prohibit them from doing so by clicking “Nur technisch notwendige Cookies akzeptieren” (Only accept technically necessary cookies).

To save the cookie settings you have selected, a cookie with a term of three months is set (cookie name: “cookie_notice_accepted”). This means that the little information window is no longer displayed for visits during this period. At the end of the three months, you will again be asked to manage your cookie settings the next time you visit the website.

Information about objections

If you opt out of tracking by Matomo in the cookie settings, the recording and analysis of your website visit will be deactivated and the Matomo code removed from our website’s source code for three months. In that case, only the short-term session cookie (“PHPSESSID”) will be stored until the browser window is closed and the settings cookie “cookie_notice_accepted” will be stored for three months as described above, each as a technically necessary cookie.
If the “Do Not Track” option is activated in your browser, no Matomo cookie will be set as a rule and your website visit will not be registered and analyzed by Matomo. The technical “Do Not Track” option is respected regardless of the decision you make in the cookie settings.

All cookies set on our website are what are known as “first-party cookies”. This means they are set exclusively by our domain www.nachhaltigkeitsrat.de and can only be used by the German Council for Sustainable Development. No “third-party cookies” from third-party providers are used.

You can change the cookie settings you have selected in the information window at any time. Clicking the following link again displays the cookie notice with the corresponding selection options at the bottom of the screen.

Please note that the cookie settings you select will be removed if you delete cookies in your browser in between visits. In this case, the information window will be displayed again the next time you visit the website.

If you do not want cookies to be used, you should configure your internet browser to reject cookies – generally or for a specific period. Please note in this case that the “cookie notice” will also always be displayed on each individual page of our website.

“Matomo” and “Webalizer” analytics services (user analysis)

To analyze website use and to optimize its Internet services, the German Council for Sustainable Development deploys the open-source programs Matomo and Webalizer on this website. These enable an analysis of the website usage – known as “tracking” (Matomo) – or a statistical analysis of the server log files (Webalizer) to ensure compliance with data protection rules.

Matomo

Matomo uses temporary “cookies,” i.e. small text components that are stored in your browser for tracking purposes, i.e. to enable the Council to perform a user-based (albeit anonymized) analysis of the website visit.

The legal basis for the deployment of Matomo is Art. 6(1)(a) GDPR. You can find an explanation of the cookies used by Matomo and their storage duration above under the point “Cookies.”

The usage information that Matomo generates via the cookies, including your IP address, is stored in an anonymized form – i.e. with an IP address truncated by the last three digits – on the server of the Sustainability Council/GIZ in Germany until the end of the respective calendar year, analyzed for the internal statistical report of RNE and then deleted from the database by the end of January of the following year. The information is not used for any other purpose or shared with third parties.

Note on objections: an objection may be raised to the processing of user data for the purpose of analyzing user behavior. As a user, you can deactivate the collection of user data.

On this website, Matomo respects your browser’s “Do Not Track” option, which you can activate in the browser settings to prevent your website visits being analyzed at all. Similarly, the use of cookies can be deactivated completely or for specific cases in the browser settings.

Webalizer

The variant of the Webalizer web statistics program we use does not collect any data itself. The program analyzes data from the web server logfiles. The IP addresses are truncated by the last three digits before being used to analyze user behavior, so that individual people can no longer be identified and you as a user remain anonymous to us. The anonymized records are stored on our web server exclusively for statistical purposes until the end of the current calendar year, analyzed internally for statistical purposes only, and then deleted from our server by the end of January of the following year. At no point is this data shared with third parties.

Processing of personal data for contact purposes

When users contact us, the data provided is processed in order for the inquiry to be handled. The following contact options are available:

Contact via email

The RNE office or GIZ may be contacted via the email addresses provided. In this case, the user’s personal data transmitted with the email (such as surname, first name, address) and at least their email address along with the information contained in the email will be stored exclusively for the purpose of making contact and dealing with the matter at hand.

The legal basis for processing the data processed in the course of sending an email is Art. 6(1)(e) GDPR.

Regular deletion deadlines: participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that once the matter has been conclusively dealt with, this data needs to be stored unaltered and as anonymized as possible for up to ten years under rules regarding subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).

Contact via telephone

When making contact by telephone, personal data will be processed to the extent necessary to handle your inquiry.

The legal basis for processing the data processed in the course of a phone call is Art. 6(1)(e) GDPR.

Regular deletion deadlines: participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that once the matter has been conclusively dealt with, this data needs to be stored unaltered and as anonymized as possible for up to ten years under rules regarding subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).

Contact via letter

When contact is made by letter, the personal data transmitted (such as surname, first name, address) and the information contained in the letter will be stored for the purpose of making contact and dealing with the matter at hand.

The legal basis for processing the data processed in the course of sending a letter is Art. 6(1)(e) GDPR.

Regular deletion deadlines: participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that once the matter has been conclusively dealt with, this data needs to be stored unaltered and as anonymized as possible for up to ten years under rules regarding subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).

Contact form

Users can contact the RNE office via an online form. In order for RNE to deal with the inquiry, the user’s personal data transmitted with the form (such as surname, first name, email address) and the information contained in the email will be stored exclusively for the purpose of making contact and dealing with the matter at hand. The user may not access and alter the personal data after the online form has been sent. If a manual email request is sent to the RNE office, the office staff can an access WordPress (backend) via their editors’ rights, compile the stored data, and transmit it to the user. They can also amend or delete the data upon request. The deletion will be performed within 48 hours.

Regular deletion deadlines: participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that once the matter has been conclusively dealt with, this data needs to be stored unaltered and as anonymized as possible for up to ten years under rules regarding subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).

“Suggest an Event” form

To be able to suggest an event for our online event calendar, the user’s personal data transmitted with the form (such as surname, first name, email address) and the information contained in the email will be stored exclusively for the purpose of making contact and dealing with the matter at hand. The user may not access and alter the personal data after the online form has been sent. If a manual email request is sent to the RNE office, the office staff can an access WordPress (backend) via their editors’ rights, compile the stored data, and transmit it to the user. They can also amend or delete the data on request. The deletion will be performed within 48 hours.

Regular deletion deadlines: participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that, once the matter has been conclusively dealt with, this data needs to be stored unaltered and as anonymized as possible for up to ten years under rules regarding subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).

CGI Initiative contact form

Users have the option of contacting the CGI Chapter Germany via an online form. In order to process the enquiry, the user’s personal data transmitted with the form (for example: first name, name, address, email address) and the information contained in the email are stored exclusively for the purpose of establishing contact and providing information as part of the CGI initiative. It is not possible for the user to retrieve or change personal data independently after submitting the online form. By sending an email request to the RNE office, the office can compile the data stored in the climategovernance@nachhaltigkeitsrat.de inbox and in a manually maintained Excel membership list, send it to the user and change or delete the data on request. The deletion will then take place within 48 hours.

Regular deletion deadlines: participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that once the matter has been conclusively dealt with, this data needs to be stored unaltered and as anonymized as possible for up to ten years under rules regarding subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).

Processing of personal data when using social networks

On its website, the German Council for Sustainable Development (RNE) offers the opportunity to visit its company accounts on social media networks and platforms such as LinkedIn and Mastodon.

These online presences are operated in order to interact with the users active there and to provide information about projects and services. Clicking on the logo of a social network leads to the RNE presence on the respective network.

When visiting the platforms, no personal data is collected, used and stored by the RNE, but by the operators of the respective social network. This happens even if visitors themselves do not have a profile on the respective social network.

The individual data processing operations and their scope differ depending on the operator of the respective social network. The German Council for Sustainable Development has no influence on the data collection and its further use by the operators of the social networks. We have no comprehensive knowledge of the extent to which, where and for how long the data is stored, the extent to which the networks comply with existing deletion obligations, which evaluations and links are made with the data and to whom the data is passed on.

When accessing an RNE presence on social media, the terms of use and privacy policies of the respective operators apply. The RNE provides the contact addresses and links to the privacy policies of the social media in which the RNE has a presence.

RNE on social media

The privacy policy for the social network LinkedIn, operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA, can be found at https://www.linkedin.com/legal/privacy-policy?.

The privacy policy and contact details for the social network Mastodon, i.e. for the Mastodon server of the Federal Commissioner for Data Protection and Freedom of Information (BfDI), can be found at https://social.bund.de/privacy-policy (only in German). (social.bund.de is part of a decentralised social network powered by Mastodon)

The privacy policy for the social network YouTube, operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, can be found at https://www.gstatic.com/policies/privacy/pdf/20190122/f3294e95/google_privacy_policy_en_eu.pdf.

Share buttons

Normally, social plugins such as the LinkedIn share button mean that these services immediately record visitors’ IP address and that their further activities on the Internet are logged. This also happens even if the visitor does not click one of the social media buttons. The social media buttons on this website deploy the recognized “Shariff” system to protect your data. This means that direct contact is only made to the selected social media network if you actively click a share button.

Other web services such as event management by external agencies

Personal data needs to be entered for purposes of further processing when accessing additional web services from RNE, such as registering for events. In these cases, privacy policies tailored to the specific service apply.

In the context of the “REIHE N” digital event series, the RNE website forwards users to a registration process on the website https://reihe-n-nachhaltigkeitsrat.de/. The agency labconcepts is responsible for data processing carried out in the context of registration for REIHE N events, which it operates on behalf of RNE. Data is processed by the agency labconcepts for the “Reihe N” event series (data processing on behalf). RNE has entered into a data processing agreement with labconcepts.

The controller for data processing on the REIHE N website is therefore:

labconcepts GmbH
Bonner Talweg 64
53113 Bonn, Germany
Phone: +49 (0)228 24 98 110
E-Mail: info@labconcepts.de

For further details, please refer to the corresponding privacy policy of labconcepts in the context of REIHE N at https://reihe-n-nachhaltigkeitsrat.de/datenschutz/.

Provision of information (newsletter, press mailing lists)

Newsletters and a press mailing list are offered on the RNE website. The processing of personal data depends on the type of information provision.

The personal data collected in the context of the newsletter and press mailing lists is used to handle the process in question. Your data is not passed on to third parties. Your data is not processed or used for purposes of advising, advertising, or market research. If you unsubscribe from the newsletter or press mailing list, all personal data about you as an individual person will be deleted from our database.

This website uses CleverReach to send newsletters and press releases via two separate mailing lists. The provider is CleverReach GmbH & Co. KG, Mühlenstr. 43, 26180 Rastede, Germany. CleverReach is a service that enables the organization and analysis of newsletter and press-release mailouts. The data you enter for the purpose of receiving a newsletter or press release (e.g. email address) is stored on the servers of CleverReach in Germany or Ireland. CleverReach’s server sites are located exclusively in the EU.

Using CleverReach to send our newsletters and press releases enables us to analyze recipients’ behavior. For instance, we can analyze how many recipients opened the message and how often which link in the email was clicked. You can find further information on data analysis by CleverReach mails at: https://www.cleverreach.com/en/features/reporting-tracking/.

The data is processed on the basis of your consent (Art. 6(1)(a) GDPR). You may revoke this consent at any time by unsubscribing from the newsletter or press releases. This has no bearing on the lawfulness of any data processing already performed.

If you do not wish to be analyzed by CleverReach, you need to unsubscribe from the newsletter or the press mailing list. We provide a corresponding link for this purpose in every newsletter and every press release.

We will actively use the data you provide to us for the purpose of receiving the newsletter or press release until you unsubscribe from the respective mailing list and will automatically delete it from the CleverReach servers six months after you unsubscribe from the newsletter or press mailing list. This has no bearing on data stored by us for the other purposes (e.g. email addresses for the members’ area).

You can subscribe to the newsletter and/or press mailing list (via the website) and unsubscribe (via the website or an individual unsubscribe link at the end of each newsletter or press release) with immediate effect. When you unsubscribe, your subscription record will first be set to “inactive” and automatically and conclusively deleted from our CleverReach database after a period of six months.

Deletion deadlines following unsubscription: alternatively you can send an email to the RNE office requesting addition to or deletion from the CleverReach mailing list(s). In this case, the manual entry or deletion by the RNE office will be performed within 48 hours. In the intervening period, you may not access and alter your personal data yourself. You may send a manual email request to the RNE office asking them to compile and send you your data stored with CleverReach or request its deletion within 48 hours.

Further details can be found in CleverReach’s privacy policy at: https://www.cleverreach.com/en/data-security/.

Conclusion of a data processing agreement

We have entered into a data processing agreement (DPA) with CleverReach and implement in full the strict stipulations of the German data protection authorities in our deployment of CleverReach. The DPA with CleverReach says that CleverReach may process the personal data provided to it exclusively in the territory of the Federal Republic of Germany or in a member state of the European Union. The processing of personal data in a third country requires the prior consent of the principal and may only take place if the specific statutory prerequisites have been satisfied.

Regular deletion deadlines: participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that this data needs to be stored unchanged and as anonymized as possible following completion of the matter for up to ten years under rules concerning subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).

Sharing with third parties

RNE c/o GIZ does not share personal data with third parties unless it is legally obliged or permitted by law to do so.

Planned data transfer to third countries

No transfers to third countries are performed. Exceptions are possible where a specific legal basis applies. The use of social media is governed by the privacy policy of the respective provider.

Use, storage, duration, and deletion of data

Users’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods.

Your data that you have entered via our contact form when ordering information material or subscribing to the newsletter or press mailing list will be stored on our server and used exclusively for correspondence and to use the online services.

Postal address and email addresses that are entered in the context of inquiries or ordering information materials are used exclusively for correspondence or shipping.

Personal data is routinely deleted, no later than after six months, if it is no longer required to process inquiries and orders, no special consent has been provided by the data subject and no longer data storage period is required under statutory retention obligations and periods.

Personal data in our newsletter and press mailing lists is only stored during the active subscription. Upon unsubscription from the newsletter or press mailing list or upon revocation of the subscription, all associated data is directly deactivated and automatically deleted from the respective database after six months (see section on “Newsletter and press mailing list”).

IT security of user data

All technical and organizational security measures are implemented to protect the personal data that you provide to us against access by unauthorized third parties. A limited number of employees of the Council for Sustainable Development and the system administrator in charge of website operation have access to your personal data. Detailed data protection information about our newsletter can be found above in the section “Provision of information (newsletter, press mailing list)”.

We store your data on protected servers in Germany. Only a very small number of people with special authorization, who are tasked with technical server operation, have access to the data. We take precautions to guarantee the security of your personal data. Your data is conscientiously protected against loss, damage, falsification, manipulation, and unauthorized access or unauthorized disclosure.

Amendment of this Privacy Policy

We will update this Policy on the protection of your personal data from time to time. You should review this Policy occasionally to stay abreast of how we protect your data and constantly improve the content of our website. Should we make significant changes to the collection, use and/or sharing of your personal data that you provide to us, we will notify you accordingly via a clear and prominent note on the website. By using the website, you declare your agreement to the terms of this Policy for the protection of personal data.

In the event of questions concerning this Privacy Policy, please contact the controller specified above.
Personal data will only be collected if you volunteer it to us when registering to order information materials, via the contact form, or when subscribing to our newsletter. We will use the data provided by you solely to handle and complete your inquiry or order. Nothing will be passed to third parties without your consent.

The page uses SSL encryption (https) in accordance with section 13(7) German Telemedia Act (TMG), meaning that data sent via a form (login, registration, processing of projects, etc.) to the server is protected at a state-of-the-art level.

Note on rights of users

As a visitor to the RNE website you have the right

  • of access to information about the data about your visit stored by us (Art. 15 GDPR);
  • to demand rectification of data about your visit stored by us (Art. 16 GDPR);
  • to request erasure of data about your visit stored by us (Art. 17 GDPR);
  • to request restriction of processing of data about your visit stored by us (Art. 18 GDPR);
  • to object to the storage of data about your visit to the extent that personal data is processed on the basis of Art. 6(1)(1)(f) and (e) GDPR (Art. 21 GDPR);
  • to receive the data concerning your visit in a commonly used, machine-readable format from the controller in order to transmit them to another controller if need be (right to data portability, Art. 20 GDPR);
  • to revoke your consent if the processing of the data about your visit is based on consent (Art. 6(1)(a) GDPR). This has no bearing on the legality of the processing based on granted consent up to the point of receipt of the revocation.

If data is not being processed for reasons mandated in connection with the handling of a contract, you can revoke your previously granted consent to the storage of your personal data in writing with immediate effect (e.g. by email or fax). Your data will be deleted without undue delay, and by no later than within five working days.

In the event of any questions or complaints about this Privacy Policy or data processing, you can contact the GIZ data protection officer at the following email address: datenschutzbeauftragter@giz.de.

Additionally, users have the right to lodge a complaint with the competent data protection supervisory authority under Art. 77 GDPR. The competent authority is the Federal Commissioner for Data Protection and Freedom of Information (BfDI).