Privacy policy
The Council for Sustainable Development (RNE) c/o GIZ and the Regional Hubs for Sustainability Strategies (RENN) attach great importance to the responsible and transparent handling of personal data.
Below you will find information about:
- the available contact options on the topic of data protection at GIZ/RNE and at RENN;
- what data is processed during a visit to the RENN website;
- what data is processed when you contact us or take advantage of other online services from RENN or RNE;
- what options are open to you if you want to object to the storage of the data; and
- what rights you have with respect to us.
Controller and data protection officer
Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH
Friedrich-Ebert-Allee 32 + 36, 53113 Bonn, Germany
Dag-Hammarskjöld-Weg 1–5, 65760 Eschborn, Germany
E info@giz.de
RENN Coordination Centre office:
German Council for Sustainable Development (RNE)
Office c/o GIZ GmbH, Potsdamer Platz 10, 10785 Berlin, Germany
E bodo.richter@nachhaltigkeitsrat.de
If you have specific questions concerning the protection of your data, please contact the data protection officer at GIZ: datenschutzbeauftragter@giz.de.
Information about the collection of personal data
General information
RNE/RENN processes personal data exclusively in accordance with the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
Personal data includes, for example: name, address, email addresses, and user behaviour. RNE only processes personal data as far as is necessary. What data is required and processed for what purpose and on what basis generally depends on the type of service you are using or the purpose for which the data is required.
Personal data collected during a visit to our website
You can visit our web pages without providing any personal information. Access data is stored in a log file (server log file) solely for the purpose of system security and to improve our online services. This data does not refer to individual people and includes, for example, your anonymised IP address, date and time of access, data volume transferred, notification of successful access, browser type and version, operating system used, the page you came from before your visit to us (referrer), or the name of the requested file/page. In each case, this data is stored until the end of the current calendar year and does not permit you to be identified personally.
The data for a given calendar year in the log file is only evaluated for the internal RNE statistical report and then deleted from the database by the end of January of the following year.
Cookies
Our website uses cookies. These are small text files that enable specific information relating to the user to be stored in the user’s browser while they visit the website and for them to be recognised as a returning user if they come back within a year. In particular, cookies enable the frequency of use and the number of users of a page to be ascertained and page-usage behaviour to be analysed. They also help make our online services more user-friendly and allow us to display page content tailored to the user’s preferences or optimised for the end device they use.
The content management system (CMS) we use, Typo3, sets what is known as a “session cookie” for this purpose, which is automatically deleted at the latest at the end of the browser session. This cookie identifies a “session” - i.e. a visit to our website - and is valid for half an hour (cookie name: “_pk_ses.xxx”).
The Typo3 CMS sets an additional cookie that remains stored beyond the end of a browser session (cookie name: “_pk_id.xxx”) and that can be retrieved the next time the page is visited. This enables the frequency of use of our website within 13 months to be recorded.
The “Matomo” web analytics service (see section below) uses two cookies to analyse page use: a session cookie (cookie name: “_pk_ses.xxx”) valid for half an hour and a cookie that remains stored beyond the end of a browser session (cookie name: “_pk_id.xxx”) and that can be retrieved the next time the page is visited. This enables the frequency of use of our website within 13 months to be recorded.
On your first visit to our website, you will see a “cookie notice” intended to draw your attention of the use of cookies on this website and to give you the opportunity to configure your cookie settings for this website. There you can consent to Matomo recording and analysing your specific visit to the website www.renn-netzwerk.de by clicking “Alle Cookies akzeptieren (inkl. Matomo)” (Accept all cookies (incl. Matomo)) or prohibit them from doing so by clicking “Nur technisch notwendige Cookies akzeptieren” (Only accept technically necessary cookies). Clicking the option to accept cookies sets a cookie with a term of twelve months (cookie name: “cookieconsent_accepted”). This means that the little information window is no longer displayed for visits during this period. At the end of the twelve months, you will again be asked to manage your cookie settings the next time you visit the website.
Information about objections
If you want to use Matomo’s objection function at the bottom of this page to deactivate the recording and analysis of your website visit, a cookie is set (cookie name: “mtm_consent_removed”) that is valid for 13 months and prevents tracking by Matomo during this period.
If the “Do Not Track” option is activated in your browser, no Matomo cookie will be set as a rule, and your website visit will not be registered and analysed by Matomo.
All cookies set on our website are what are known as “first-party cookies.” This means they are set exclusively by our domain www.renn-netzwerk.de and can only be used by the German Council for Sustainable Development. No “third-party cookies” from third-party providers are used.
Please note that the cookie settings you select will be removed if you delete cookies in your browser in between visits. In this case, the information window will be displayed again the next time you visit the website.
If you do not want cookies to be used, you should configure your internet browser to reject cookies – generally or for a specific period. Please note that in this case the “cookie notice” will also always be displayed on each individual page of our website.
“Matomo” and “Webalizer” analytics services (user analysis)
To analyse website use and to optimise its internet services, the German Council for Sustainable Development deploys the open-source programs Matomo and Webalizer on this website. These enable an analysis of the website usage—known as “tracking” (Matomo)—or a statistical analysis of the server log files (Webalizer) to ensure compliance with data protection rules.
Matomo
Matomo uses temporary “cookies,” i.e. small text components that are stored in your browser for tracking purposes, i.e. to enable the Council to perform a user-based (albeit anonymised) analysis of the website visit.
The legal basis for the deployment of Matomo is Art. 6(1)(a) GDPR. You can find an explanation of the cookies used by Matomo and their storage duration above under the point “Cookies.”
The usage information that Matomo generates via the cookies, including your IP address, is stored in an anonymised form—i.e. with an IP address truncated by the last three digits—on the server of the Sustainability Council/GIZ in Germany until the end of the respective calendar year, analysed for the internal statistical report and then deleted from the database by the end of January of the following year. The information is not used for any other purpose or shared with third parties.
Note on objections: an objection may be raised to the processing of user data for the purpose of analysing user behaviour. As a user, you can deactivate the collection of user data.
You can prevent Matomo’s tracking and analysis of your visit, in particular to the website www.renn-netzwerk.de, at any time below by objecting to the storage and use of the visit data with a mouse-click.
Please remove the check mark next to the specific notification under “Widerspruch” (Objection) (see below). In this case, an “opt-out” cookie is set that prevents the collection of data by Matomo. Please note that the opt-out cookie will also be removed if you delete cookies in your browser in between visits. In this case, you may need to activate your objection again.
On this website, Matomo respects your browser’s “Do Not Track” option, which you can activate in the browser settings to prevent your website visits being analysed at all. Similarly, the use of cookies can be deactivated completely or for specific cases in the browser settings.
If a “Do Not Track” option has already been set in your browser, you will see a notice to this effect below instead of the objection. In this case, no objection is necessary, as no web analysis of your visit is performed.
Objection
[Note: For technical reasons, the object/consent option for the “Matomo” analysis service can temporarily be found at the bottom of this page.]
Webalizer
The variant of the Webalizer web statistics programme we use does not collect any data itself. The programme analyses data from the web server logfiles. The IP addresses are truncated by the last three digits before being used to analyse user behaviour, so that individual people can no longer be identified and you as a user remain anonymous to us. The anonymised records are stored on our web server exclusively for statistical purposes until the end of the current calendar year, analysed internally for statistical purposes only, and then deleted from our server by the end of January of the following year. At no point is this data shared with third parties.
Processing of personal data for contact purposes
When users contact us, the data provided is processed in order for the inquiry to be handled. The following contact options are available:
Contact via email
Alternatively, the RENN Coordination Centre, the RNE office, or GIZ may be contacted via the email addresses provided. In this case, the user’s personal data transmitted with the email (such as surname, first name, address) and at least their email address along with the information contained in the email will be stored exclusively for the purpose of making contact and dealing with the matter at hand.
The legal basis for processing the data processed in the course of sending an email is Art. 6(1)(e) GDPR.
Regular deletion deadlines: Participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that this data needs to be stored unchanged and as anonymised as possible following completion of the matter for up to ten years under rules concerning subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).
Contact via telephone
When making contact by telephone, personal data will be processed to the extent necessary to handle your inquiry.
The legal basis for processing the data processed in the course of a phone call is Art. 6(1)(e) GDPR.
Regular deletion deadlines: Participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that this data needs to be stored unchanged and as anonymised as possible following completion of the matter for up to ten years under rules concerning subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).
Contact via letter
When contact is made by letter, the personal data transmitted (such as surname, first name, address) and the information contained in the letter will be stored for the purpose of making contact and dealing with the matter at hand.
The legal basis for processing the data processed in the course of sending a letter is Art. 6(1)(e) GDPR.
Regular deletion deadlines: Participants’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that this data needs to be stored unchanged and as anonymised as possible following completion of the matter for up to ten years under rules concerning subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).
Processing of personal data when using social networks
On the RENN website, RNE offers the direct opportunity to visit its company accounts on social media networks and platforms such as Facebook, Twitter, and YouTube. Normally, social plugins for sharing purposes - such as the Facebook or Twitter button - mean that these services immediately record visitors’ IP addresses and that their further activities on the internet are logged. This also happens even if a visitor does not click one of the social media buttons. The social media buttons on this website deploy a “double-click” solution to protect your data. This means that direct contact is only made to the selected social media network in a new browser window if you actively click a share button.
Twitter/X
Functions of the Twitter service are integrated into the RENN website. These functions are provided by Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA.
If you use the “Artikel teilen” (Share article) function on our pages, clicking the Twitter button causes the plugin to open a direct connection between your browser and the Twitter server in a new window. This notifies Twitter that you have visited our page with your IP address.
If you use the share function while you are logged into your Twitter account, you can link the content of our pages to your Twitter profile. By using Twitter and the “retweet” function, the websites you visit are linked to your Twitter account and made known to other users. Data is also transferred to Twitter in the process.
Please note that as the provider of the pages, we are not informed about the content of the data transferred or how it is used by Twitter. For further information on this topic, refer to Twitter’s Privacy Policy.
You can change your Twitter privacy settings in the account settings there.
YouTube
Videos from the YouTube platform, owned by Google, are embedded on the RENN website. This service is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
We have programmed a “double-click” solution to enable the integration of YouTube videos in accordance with data protection regulations. This guards against the unwanted transfer of IP addresses and cookies being set by Google:
When a page containing an embedded YouTube video is accessed, only the preview/title image is shown in the player. This image is available locally as a graphic file in the RENN website cache. No data connection is made to YouTube/Google at this point. Each preview image in the player contains a short text explaining that clicking the preview image will integrate an external video from YouTube.
This means that the video will only be integrated and played in a second step when the preview image in the video player is clicked to launch the film. At this point your IP address and any active user ID will be transferred to YouTube/Google.
Please note that as the provider of the pages, we are not informed about the content of the data transferred or how it is used by YouTube/Google. For further information on this topic, refer to Google’s Privacy Policy.
Other web services such as event management by RNE or external agencies
Our website uses the “Powermail” Typo3 extension to provide forms for straightforward event registration by our users. Personal data (such as your contact details, address and potential affiliation to an organisation or a company) needs to be input for further processing in order to organise the event.
The data entered voluntarily into the registration forms is transferred to the RENN website’s Typo3 content management system on the GIZ server and is usually also emailed to the respective event organisers and to the person submitting the form for information purposes.
The form data is stored in the database in order to track the current status of registrations and aggregated into an exportable format as an Excel or CSV text file if required.
Each registration form contains an obligatory request for the user to consent to the Privacy Policy as a mandatory field in the form of a radio button or a checkbox with an explanatory text note and link to the Privacy Policy. If this option is not selected, the registration form cannot be sent.
Under no circumstances is your data passed on to third parties without your express prior consent. Consent may be necessary if an external agency is commissioned to organise and carry out the event.
Regular deletion deadlines: Event attendees’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods. This means that this data needs to be stored unchanged and as anonymised as possible following completion of the event for up to ten years under rules concerning subsequent audits by internal and external bodies such as the audit department or the German Federal Audit Office (BRH).
Sharing with third parties
RNE c/o GIZ or RENN do not share personal data with third parties unless they are legally obliged or permitted by law to do so.
Planned data transfer to third countries
No transfers to third countries are performed. Exceptions are possible where a specific legal basis applies. The use of social media is governed by the privacy policy of the respective provider.
Use, storage, duration, and deletion of data
Users’ data will be stored for no longer than required for the purpose for which it is processed or is necessary under statutory retention periods.
Your data that you have entered in order to contact us will be stored on our server and used exclusively for correspondence and to use the online services. Postal address and email addresses that are entered in the context of inquiries or ordering information materials are used exclusively for correspondence or shipping.
Personal data is routinely deleted, no later than after six months, if it is no longer required to process inquiries and orders, no special consent has been provided by the data subject and no longer data storage period is required under statutory retention obligations and periods.
IT security of user data
All technical and organisational security measures are implemented to protect the personal data that you provide to us against access by unauthorised third parties. A limited number of employees of the Council for Sustainable Development and the system administrator in charge of website operation, as well as of the RITTWEGER and TEAM communication agency, have access to your personal data.
We store your data on protected servers in Germany. Only a very small number of people with special authorisation, who are tasked with technical server operation, have access to the data. We take precautions to guarantee the security of your personal data. Your data is conscientiously protected against loss, damage, falsification, manipulation, and unauthorised access or unauthorised disclosure.
Amendment of this Privacy Policy
We will update this Policy on the protection of your personal data from time to time. You should review this Policy occasionally to stay abreast of how we protect your data and constantly improve the content of our website. Should we make significant changes to the collection, use and/or sharing of your personal data that you provide to us, we will notify you accordingly via a clear and prominent note on the website. By using the website, you declare your agreement to the terms of this Policy for the protection of personal data.
In the event of questions concerning this Privacy Policy, please contact the controller specified above or in the “Note on rights of users” section below.
Personal data will only be collected if you volunteer it to us when making contact or subscribing to our newsletters. We will use the data provided by you solely to handle and complete your inquiry or registration. Nothing will be passed to third parties without your consent.
This website uses SSL encryption (https) in accordance with section 13(7) German Telemedia Act (TMG) for security purposes and in order to transfer confidential content, meaning that data sent via a form (login, registration, processing of profiles, etc.) to the server is protected at a state-of-the-art level.
You can identify an encrypted connection in that the browser address bar changes from “http://” to “https://” and a padlock icon is displayed in your browser bar. When the SSL encryption is activated, the data that you send to us cannot be intercepted by third parties.
Note on rights of users
As a visitor to the RENN website you have the right
- of access to information about the data about your visit stored by us (Art. 15 GDPR);
- to demand rectification of data about your visit stored by us (Art. 16 GDPR);
- to request erasure of data about your visit stored by us (Art. 17 GDPR);
- to request restriction of processing of data about your visit stored by us (Art. 18 GDPR);
- to object to the storage of data about your visit to the extent that personal data is processed on the basis of Art. 6(1)(1)(f) and (e) GDPR (Art. 21 GDPR);
- to receive the data concerning your visit in a commonly used, machine-readable format from the controller in order to transmit them to another controller if need be (right to data portability, Art. 20 GDPR);
- to revoke your consent if the processing of the data about your visit is based on consent (Art. 6(1)(a) GDPR). This has no bearing on the legality of the processing based on granted consent up to the point of receipt of the revocation.
If data is not being processed for reasons mandated in connection with the handling of a contract, you can revoke your previously granted consent to the storage of your personal data in writing with immediate effect (e.g. by email or fax). Your data will be deleted without undue delay, and by no later than within five working days.
Please communicate your objection by email or fax to:
Bodo Richter
Council for Sustainable Development
RENN Coordination Centre
Office c/o GIZ GmbH
Potsdamer Platz 10
10785 Berlin
Germany
P +49 (0)30 338424-279
F +49 (0)30 338424-22279
E bodo.richter@nachhaltigkeitsrat.de; info@renn-netzwerk.de
In the event of any questions or complaints about this Privacy Policy or data processing, you can contact the GIZ data protection officer at the following email address: datenschutzbeauftragte@giz.de.
Additionally, users have the right to lodge a complaint with the competent data protection supervisory authority under Art. 77 GDPR. The competent authority is the Federal Commissioner for Data Protection and Freedom of Information (BfDI).