Privacy Policy

We believe it is important to protect your privacy. Please therefore take the time to read this privacy policy. It provides you with information on how we process your personal data. It applies to all pages accessible at our address www.deutsch-afrikanisches-jugendwerk.de, including their sub-pages and web applications (hereinafter referred to collectively as 'website'). The legal foundations for data processing are contained in the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

The provider of this website in the legal sense is Engagement Global gGmbH – Service for Development Initiatives, represented by the Management, Dr. Jens Kreuter und Ingrid Arenz, Friedrich-Ebert-Allee 40, 53113 Bonn, Germany (hereinafter referred to as 'Engagement Global', 'we' or 'us').

Ziar Kabir, lawyer of SCO:CON-SULT GmbH, Hauptstraße 27, 53604 Bad Honnef, Germany, has been appointed Data Protection Officer.

Definition of terms
This privacy policy is based on terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). For your information the terms used are explained below.

Data subject
Any identified or identifiable natural person whose personal data are processed by the controller.

Processing
Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Restriction of processing
The marking of stored personal data with the aim of limiting their processing in the future.

Pseudonymisation
The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identified natural person.

Controller
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Processor
A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.

Recipient
A natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.

Third party
A natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.

Consent
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

Information on data processing
We are glad to supply you with information on the processing of your personal data by Engagement Global and your rights under data protection law.

Purpose and scope of the processing of personal data
Our website users' personal data may only be used to the extent necessary to secure and operate a functioning website, to enable us to deliver the services we offer, to optimise our service offering and to fulfil the intended purpose.

Legal foundations for the processing of personal data
We process personal data of data subjects on the basis of these standards of authorisation:

  • Consent (Article 6 paragraph 1 (a) of the GDPR)
  • Performance of a contract or steps prior to entering into a contract (Article 6 paragraph 1 (b) of the GDPR)
  • Legal obligation (Article 6 paragraph 1 (c) of the GDPR)
  • Pursuit of a legitimate interest by us or by a third party, except where said interests are overridden by the interests or fundamental rights and freedoms of the data subject (Article 6 paragraph 1 (f) of the GDPR).

Data erasure and personal data retention period
The personal data of the data subject will automatically be erased or restricted once the purpose for which they were stored no longer applies. Data may continue to be retained beyond this time when the data controller is required under European or national legislation, regulations or other legal instruments to do so. Data may also be restricted or erased when a retention period set under one of the above named provisions expires, except where further retention of the data is necessary in order to conclude or fulfil a contract.

Recipients of personal data
In principle the only recipients of data subjects' personal data are the controller and the processor employed by the controller in accordance with data protection law. Data may be shared with third parties if the controller is authorised to do so by a permissive rule or is legally required to do so.

Transfer of data to third countries
Should data subjects' personal data be transferred to countries outside the European Union (EU) or outside the European Economic Area (EEA), this will take place only in the presence of an adequate level of protection (Article 45 of the GDPR) or appropriate safeguards (Article 46 of the GDPR) or under the conditions of Article 49 of the GDPR for derogations for specific situations.

Existence of automated decision-making
As a responsible company we do not have automated decision-making or profiling.

Hosting
As part of our outsourcing of data processing we commission a professional external service provider to make our website available. The service provider is required to comply with the legal regulations on data protection to the same extent as we are, and guarantee the reliable and secure management of the data associated with our online services. Data subjects' personal data collected through the website are stored on the servers of the Hetzner Online AG company in Gunzenhausen, Germany. The data are stored separately from other applications. The processor processes personal data only in accordance with the controller's instructions, and to the extent necessary in order to meet their obligations to provide services.

Access data
Each time our website is accessed, our system automatically records information from the accessing computer’s system. The following data are gathered:

  • the browser type and version used
  • the user's operating system
  • the user's Internet service provider
  • the user’s IP address
  • the data and time of access
  • websites from which the user's system arrives at our website
  • websites accessed by the user's system via our website.

Access data are processed on the basis of our legitimate interest in transferring the content of the website and pursuant to Article 6 paragraph 1 (f) of the GPDR. Temporary processing of the user’s IP address by our system is required in order to deliver the website to the user’s computer. We may store the data for analytical and maintenance purposes. In that case, however, the accessing system's IP address is anonymised. Since these data are absolutely necessary in order to operate the website, as a user you are not able to object to their processing.

Cookies and similar technologies
Our website uses cookies. Cookies are text files generated when the browser views pages, in order to store data on the browser during and after a website visit. Unique character strings are then regularly stored in the cookie, by means of which a server can recognise a browser. Cookies can be stored by the website visited (first party) or by third parties whose services are embedded in the website visited.

If a third-party service is embedded in several websites, the third party can store information on user activities in cookies and track these across several sites. In the cookie the website domain from which the cookie originates is stored, and access is restricted to this domain. Cookies are valid either for the duration of a browser session (session cookies) or until a date contained within the cookie (persistent cookies).

Expired cookies are no longer loaded by the browser when visiting the site, and depending on the browser are immediately either deleted or overwritten. You can configure your browser such that no cookies are stored. However, it may then be that you are not able to use all the functions of our website in full.

To find out more about your browser's cookie settings click on 'help' in your browser or use these links:

Google Chrome
Mozilla Firefox
Safari
Internet Explorer
Opera

Data may be also kept for the same purposes in your browser's local storage or local session storage.

When you visit our website the following data may be stored on your device:

Cookies En

Session management
When you visit our website our system automatically stores a session cookie with an anonymous identifier in your browser (a 'session ID cookie'). This identifier enables our system to assign page views to a browser session. This is necessary in order to provide our services and keep logged in users logged in, due to the stateless Hypertext Transfer Protocol (HTTP). No personal data are stored in the session ID cookie.

Privacy policy with respect to the web analytics services Matomo and Webalizer
For the purposes of analysing website usage and to optimise its services, the RNE uses the open-source programs Matomo and Webalizer on this website. These make it possible to evaluate website usage – so-called tracking (Matomo) – and statistically process the server log files (Webalizer) in a manner compliant with data privacy regulations. For tracking, Matomo uses temporary cookies – small text components that are saved in the user’s browser – to allow the RNE to perform an exact, however never personally attributable analysis of a given website visit. The legal basis for use of Matomo is Sect. 6 Para. 1 lit. f GDPR. An explanation of the cookies used by Matomo and their storage duration can be found above under the item “Privacy policy with respect to cookies”.

The user information Matomo collects via its cookies, including the user’s IP address, is stored temporarily on the RNE’s/GIZ’s server in anonymised form, where it is evaluated and subsequently deleted. It is not used for any other purpose and is not transferred to third parties.

In addition, Matomo respects your browser’s ‘Do Not Track’ option on this website, which you can activate in your browser to prevent the analysis of your website visit. If desired, the usage of cookies can also be prohibited entirely or on a case-by-case basis in the browser settings.

Use of Webalizer
The version of the Webalizer web statistics program we use does not collect its own data. Rather, it analyses data from the log files on the web server. The last three digits of IP addresses are truncated before they are used for the analysis of usage behaviour, making it impossible for your identity to be determined and preserving your anonymity as a user. The anonymised data records are stored on our web server and are analysed exclusively for internal statistical purposes. At no time is this data shared with any third parties.

Google services
Various services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ('Google') are embedded in our website. To find out more please refer to the section headed 'Further information' below.

YouTube videos
This website uses plugins from YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA ('YouTube'), a subsidiary of Google. Video content from the platform youtube.com is shown using inline frames. The controller has no control over the delivery of the videos or the processing associated therewith.

When you visit one of our pages that embeds YouTube videos your browser connects with YouTube servers in the USA in order to load the video component/previews. When this happens the visitor's IP address and technical access data are transferred.

Furthermore, data are stored on the user's device (see above) that enable YouTube to recognise the browser used, and to aggregate data on the user's behaviour and recognise video views across several pages. YouTube can recognise that you have visited our website, possibly store this information in your personal YouTube account, and use collected data on your user behaviour for its own business purposes. YouTube videos are embedded on our website in extended data protection mode. This prevents the storage of cookies on your device.

The legal foundation for using YouTube plugins is Article 6 paragraph 1 (f) of the GDPR. We aim to provide interested visitors with information on our activities and services through videos. The service we use provides the necessary storage capacity, the needed bandwidth and the technical infrastructure for this.

Further information
Google Privacy Policy and Terms of Service
Information on the criteria for retention of collected data

Contact
Our website specifies contact details such as addresses, telephone numbers and email addresses that enable you to get in touch with us quickly and communicate directly with us and our designated contact persons. A contact form is also provided on our website. When you contact us we will process the personal data you share with us, depending on the means of communication you select. This may include your full name, your address, the telephone number you use, the email address you use, and other personal data that you share with us in the course of communication. When you use the contact form we will also store your IP address as well as the date and time of submission.

The legal foundation for processing personal data in the course of communication is Article 6 paragraph 1 (f) of the GDPR. If you contact us with the aim of entering into a contract, an additional legal foundation for processing your data is Article 6 paragraph 1 (f) of the GDPR.

We process your data solely for purposes of contacting you, communicating with you and tracking communication that has taken place. When you submit the contact form we store your IP address for maintenance purposes and to protect against misuse. These purposes also constitute our legitimate interest in processing your data.

The data are erased or restricted once the purpose for which they were stored no longer applies. The general provisions on the retention period also apply.

Data subjects may object to the processing of their personal data. To contact us in this regard please use the specified contact details.

Notifications when new features are released
The web platform Joint Action for Sustainable Development is continuously being developed and new features will continue to be added. People who have registered with the Joint Action for Sustainable Development will be notified by email when new features are released. If you would like to unsubscribe from these notifications please write an email to  gemeinschaftswerk-nachhaltigkeit@engagement-global.de

Registration for events
Personal data requested for registration for events via the Joint Action for Sustainable Development using a registration form (name, email address, organisation, function) will be stored exclusively for internal purposes of participant management, passed on to co-organisers of the respective event and stored on GIZ's internal servers for a period of 10 years. By registering for events via the Joint Action for Sustainable Development, you agree that you may be contacted by the Joint Action for Sustainable Development team and the respective co-organisers regarding event details. Furthermore, you agree that video recordings and photographs of you may be taken and used in the public relations work of the RNE in connection with the event (e.g. brochures, presentations, websites). The video recordings and photos will not be used commercially. The granted permission to use the personal data can be revoked at any time. The lawfulness of the processing until the time of revocation is unaffected. In case of revocation, participation in the respective event is not possible. Please give the revocation by email to: gemeinschaftswerk-nachhaltigkeit@engagement-global.de.

Newsletter
The personal data collected for the newsletter mailing list is used for processing purposes. Your data is not shared with any third parties. Your data is not processed or used for the purposes of advice, advertising or market research. When you unsubscribe from the newsletter, all your personal data is deleted from our database.

This website uses CleverReach for newsletter distribution. The provider is CleverReach GmbH & Co. KG, Mühlenstraße 43, 26180 Rastede, Germany. CleverReach is a service used to organise and analyse newsletter distribution. The data you provide in order to receive the newsletter (e.g. email address) is stored on CleverReach’s servers in Germany or Ireland.

The newsletters we distribute with CleverReach allow us to analyse the behaviour of newsletter recipients. Among other things, we can analyse how many recipients open a newsletter message and how frequently which links within a newsletter are clicked on. You will find more information on newsletter data analysis with CleverReach at: https://www.cleverreach.com/en/features/reporting-tracking/.

Your data is processed on the basis of your consent (Sect. 6 Para. 1 lit. a GDPR). You may revoke your consent at any time by unsubscribing from the newsletter. Your revocation does not affect the lawfulness of the data processing performed in the past.

If you do not wish for your data to be analysed by CleverReach, you must unsubscribe from the newsletter. We include an appropriate link for this in every newsletter.

The data you submit to us in order to receive the newsletter is stored by us until you are removed from the newsletter mailing list and is deleted from the CleverReach servers following cancellation of your newsletter subscription. This does not affect data stored by us for other purposes (e.g. email addresses for the members’ area).

For more details, please refer to CleverReach’s data security policy at: https://www.cleverreach.com/en/data-security/.

We have concluded a contract data processing agreement with CleverReach and implement the strict requirements of the German data protection authorities in full with regard to our use of CleverReach.

Integration of content from social media platforms
This website integrates content from servers of social media platforms. When you call up a page on our website where such content is embedded, your browser connects to the social media provider's server to load the embedded content. In doing so, your IP address and the page called up is transmitted to the server of the social media provider. A further processing of personal data is not known to us.

In order to protect our legitimate interest in the presentation of appealing content and to avoid potential copyright conflicts, the content is loaded directly from servers of the aforementioned providers. The processing of your IP address required for establishing the connection is carried out for these purposes on the basis of Art. 6 Para. 1 lit. f DSGVO.

Social media plug-ins
On our website we only use links to platforms of social media providers. Some of these links contain parameters that, depending on the platform, pass information to use interactive functions. Currently, our website contains interactive links to the platforms Facebook and Twitter.

When you click on a button labeled "share", your browser connects to servers at Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA ("Facebook").

If you click on a button labeled "tweet", your browser connects to servers at Twitter Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA ("Twitter").

Facebook or Twitter will then receive information that you have visited the appropriate subpage of our website, regardless of whether you are registered with or logged in to the service provider. If you are logged in with the respective service provider at the time of access, this information is assigned to your user account and, if applicable, displayed publicly. Furthermore, the service provider will process your IP address and may store cookies on your device. We have no influence on the type and scope of processing of personal data on the service provider's pages and only link to their offer.

You can find more information about the data protection regulations of the service providers here:
Instagram Privacy Policy
LinkedIn Privacy Policy

Rights of data subjects#
Data subjects have the following rights vis-à-vis controllers:

  • You can demand information as to what personal data concerning you from what source have been retained, and for what purpose. You must also be notified if your data are passed on to third parties. In this case you must be informed of the identity of the recipient or of the categories of recipient.
  • If your personal data are incorrect or incomplete, you may demand that they be rectified or supplemented.
  • You can object to the processing of your personal data for advertising purposes. For these purposes your data must then be restricted.
  • You have the right to restrict processing if: you contest the correctness of the your personal data for a period that enables the controller to review the correctness of the personal data; the processing is unlawful and you object to the erasure of the personal data and instead demand restriction of the use of the personal data; the controller no longer requires the personal data for processing purposes, but you do require them in order to establish, exercise or defend legal claims, or if you have objected to the processing pursuant to Article 21 paragraph 1 of the GDPR and it has not yet been determined whether the controller's legitimate grounds override your reasons.
  • You may demand that your data be erased. This is possible when the legal foundation for processing your data is lacking or has ceased to apply. It is also the case when the purpose of the data processing no longer applies either due to the passage of time or for other reasons. Please note that an erasure may be overridden by an existing retention period or other legitimate interest of our company. We would be glad to advise you of this upon request. If we have made your data public, we are then obliged to notify all recipients that you have requested the erasure of all links to these data or copies of these personal data. Should you wish to make use of this right, please send an email to: info@engagement-global.de
  • You also have a right to object if your legitimate interest due to a personal situation overrides our interest in processing. This does not apply if we are obliged to perform processing due to a legal regulation.
  • Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority if you take the view that the processing of your personal data violates privacy.
  • You have the right to obtain your personal data that you have provided to the controller in a structured, common and machine-readable format.

Amendment of this privacy policy
We reserve the right to amend this privacy policy so that it complies at all times with the current legal requirements, or to reflect changes in our services in the privacy policy. The new privacy policy will then apply the next time you visit our site.