We believe it is important to protect your privacy. Please therefore take the time to read this privacy policy.
It provides you with information on how we process your personal data. It applies to all pages accessible at our address engagement-global.de including their sub-pages and web applications (hereinafter referred to collectively as 'website'). The legal foundations for data processing are contained in the General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).
The provider of this website in the legal sense is Engagement Global gGmbH – Service for Development Initiatives, represented by the Management, Dr. Jens Kreuter and Ingrid Arenz, Friedrich-Ebert-Allee 40, 53113 Bonn, Germany (hereinafter referred to as 'Engagement Global', 'we' or 'us').
Ziar Kabir, lawyer of SCO:CON-SULT GmbH, Hauptstraße 27, 53604 Bad Honnef, Germany, has been appointed Data Protection Officer.
Definition of terms
This privacy policy is based on terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). For your information the terms used are explained below.
Data subject
Any identified or identifiable natural person whose personal data are processed by the controller.
Processing
Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Restriction of processing
The marking of stored personal data with the aim of limiting their processing in the future.
Pseudonymisation
The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identified natural person.
Controller
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Processor
A natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Recipient
A natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients.
Third party
A natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
Consent
Consent of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
Information on data processing
We are glad to supply you with information on the processing of your personal data by Engagement Global and your rights under data protection law.
Purpose and scope of the processing of personal data
Our website users' personal data may only be used to the extent necessary to secure and operate a functioning website, to enable us to deliver the services we offer, to optimise our service offering and to fulfil the intended purpose.
Legal foundations for the processing of personal data
We process personal data of data subjects on the basis of these standards of authorisation:
- Consent (Article 6 paragraph 1 (a) of the GDPR)
- Performance of a contract or steps prior to entering into a contract (Article 6 paragraph 1 (b) of the GDPR)
- Legal obligation (Article 6 paragraph 1 (c) of the GDPR)
- Pursuit of a legitimate interest by us or by a third party, except where said interests are overridden by the interests or fundamental rights and freedoms of the data subject (Article 6 paragraph 1 (f) of the GDPR).
Data erasure and personal data retention period
The personal data of the data subject will automatically be erased or restricted once the purpose for which they were stored no longer applies. Data may continue to be retained beyond this time when the data controller is required under European or national legislation, regulations or other legal instruments to do so. Data may also be restricted or erased when a retention period set under one of the above named provisions expires, except where further retention of the data is necessary in order to conclude or fulfil a contract.
Recipients of personal data
In principle the only recipients of data subjects' personal data are the controller and the processor employed by the controller in accordance with data protection law. Data may be shared with third parties if the controller is authorised to do so by a permissive rule or is legally required to do so.
Transfer of data to third countries
Should data subjects' personal data be transferred to countries outside the European Union (EU) or outside the European Economic Area (EEA), this will take place only in the presence of an adequate level of protection (Article 45 of the GDPR) or appropriate safeguards (Article 46 of the GDPR) or under the conditions of Article 49 of the GDPR for derogations for specific situations.
Existence of automated decision-making
As a responsible company we do not have automated decision-making or profiling.
Hosting
As part of our outsourcing of data processing we commission a professional external service provider to make our website available. The service provider is required to comply with the legal regulations on data protection to the same extent as we are, and guarantee the reliable and secure management of the data associated with our online services. Data subjects' personal data collected through the website are stored on the servers of the Hetzner Online AG company in Gunzenhausen, Germany. The data are stored separately from other applications. The processor processes personal data only in accordance with the controller's instructions, and to the extent necessary in order to meet their obligations to provide services.
Access data
Each time our website is accessed, our system automatically records information from the accessing computer’s system. The following data are gathered:
- the browser type and version used
- the user's operating system
- the user's Internet service provider
- the user’s IP address
- the data and time of access
- websites from which the user's system arrives at our website
- websites accessed by the user's system via our website.
Access data are processed on the basis of our legitimate interest in transferring the content of the website and pursuant to Article 6 paragraph 1 (f) of the GPDR. Temporary processing of the user’s IP address by our system is required in order to deliver the website to the user’s computer. We may store the data for analytical and maintenance purposes. In that case, however, the accessing system's IP address is anonymised. Since these data are absolutely necessary in order to operate the website, as a user you are not able to object to their processing.
Cookies and similar technologies
Our website uses cookies. Cookies are text files generated when the browser views pages, in order to store data on the browser during and after a website visit. Unique character strings are then regularly stored in the cookie, by means of which a server can recognise a browser. Cookies can be stored by the website visited (first party) or by third parties whose services are embedded in the website visited.
If a third-party service is embedded in several websites, the third party can store information on user activities in cookies and track these across several sites. In the cookie the website domain from which the cookie originates is stored, and access is restricted to this domain. Cookies are valid either for the duration of a browser session (session cookies) or until a date contained within the cookie (persistent cookies).
Expired cookies are no longer loaded by the browser when visiting the site, and depending on the browser are immediately either deleted or overwritten. You can configure your browser such that no cookies are stored. However, it may then be that you are not able to use all the functions of our website in full.
To find out more about your browser's cookie settings click on 'help' in your browser or use these links:
Google Chrome
Mozilla Firefox
Safari
Internet Explorer
Opera
Data may be also kept for the same purposes in your browser's local storage or local session storage.
When you visit our website the following data may be stored on your device:
Name | Service | Domain | Type | Validity |
---|---|---|---|---|
PHPSESSID | Website | engagement-global.de | First-Party HTTP-Cookie | session |
_ga | Google Analytics | engagement-global.de | First-Party HTTP-Cookie | 2 years |
_gid | Google Analytics | engagement-global.de | First-Party HTTP-Cookie | 24 hours |
_gat | Google Analytics | engagement-global.de | First-Party HTTP-Cookie | 1 minute |
yt-player-bandwith | YouTube | youtube-nocookie.com | HTML Local Storage | permanent |
yt-player-headers-readable | YouTube | youtube-nocookie.com | HTML Local Storage | permanent |
yt-remote-connected-devices | YouTube | youtube-nocookie.com | HTML Local Storage | permanent |
yt-remote-device-id | YouTube | youtube-nocookie.com | HTML Local Storage | permanent |
yt-remote-fast-check-period | YouTube | youtube-nocookie.com | HTML Session Storage | session |
yt-remote-session-app | YouTube | youtube-nocookie.com | HTML Session Storage | session |
yt-remote-session-name | YouTube | youtube-nocookie.com | HTML Session Storage | session |
Session management
When you visit our website our system automatically stores a session cookie with an anonymous identifier in your browser (a 'session ID cookie'). This identifier enables our system to assign page views to a browser session. This is necessary in order to provide our services and keep logged in users logged in, due to the stateless Hypertext Transfer Protocol (HTTP). No personal data are stored in the session ID cookie.
Google services
Various services of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ('Google') are embedded in our website. To find out more please refer to the section headed 'Further information' below.
Google web fonts
When a user visits our website a connection is established with Google servers in order to load the required fonts. The visitor's IP address is transmitted to a Google server in the USA. As far as we are aware Google does not store the IP address of the accessing device required for data transmission, or amalgamate it with other Google services.
Our use of Google web fonts is based on a legitimate interest pursuant to Article 6, paragraph 1 (f) of the GPDR. We use the Google web fonts to present our content accurately and in a graphically appealing way on all browsers. This also constitutes our legitimate interest in processing personal data.
Google Tag Manager
We use Google Tag Manager to configure and manage other tracking services on which we provide information in this privacy policy.
When a user visits our website a connection is established with Google servers in order to load the script required for Google Tag Manager. The visitor's IP address is transmitted to a Google server in the USA. As far as we are aware Google does not store the IP address of the accessing device required for data transmission, or amalgamate it with other Google services. When Google Tag Manager itself is used no personal data are processed.
The legal foundation for using Google Tag Manager and transferring the IP address is Article 6 paragraph 1 (f) of the GDPR. We use the Google Tag Manager service to configure and manage other services we use based on our legitimate interest in order to analyse and optimise the use of this website. These purposes also constitute our legitimate interest in processing personal data.
Google Analytics
This website uses the web analysis service Google Analytics. When a user visits our website a connection is established with Google servers in order to load the script required for Google Analytics. The visitor's IP address is transmitted to a Google server in the USA. As far as we are aware Google does not store the IP address of the accessing device required for data transmission, or amalgamate it with other Google services.
Using Google Analytics means that when you visit our website cookies are stored on your computer that enable us to analyse how you use our website (see above). As a rule, the information on your use of this website generated by the cookie are transferred to a Google server in the USA and stored there. On our behalf Google will use this information to analyse the use of our website by users, compile results on website activity, and provide us with further services in connection with use of the website and Internet use.
This website anonymises IP addresses (a process referred to as 'IP masking'). This means that within member states of the European Union or countries that have signed the Agreement on the European Economic Area, Google abbreviates user IP addresses. This abbreviation anonymises your IP address.
The legal foundation for using Google Analytics is Article 6 paragraph 1 (f) of the GDPR. We task Google LLC to perform these analytical services on the basis of our interests in analysing and optimising the use of this website. These purposes also constitute our legitimate interest in processing personal data.
The data are automatically erased on a routine basis. Data whose retention period has expired are automatically erased once a month.
You can object to the collection of your data by Google Analytics by storing an opt-out cookie. Opt-out cookies prevent the future collection of your data when you visit this website. To prevent the collection of your data by Google Analytics, you must complete the opt-out procedure on all the devices/browsers that you use.
Please click on this link to deactivate tracking.
Please note that your decision applies only to this browser. However, should you intentionally or unintentionally delete this cookie, your objection to the storage and analysis will be invalidated. You can renew it via the aforementioned link. You can also prevent the storage of cookies by adjusting your browser settings accordingly, or by downloading and installing the relevant browser add-on from Google.
YouTube videos
This website uses plugins from YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA ('YouTube'), a subsidiary of Google. Video content from the platform youtube.com is shown using inline frames. The controller has no control over the delivery of the videos or the processing associated therewith.
When you visit one of our pages that embeds YouTube videos your browser connects with YouTube servers in the USA in order to load the video component/previews. When this happens the visitor's IP address and technical access data are transferred.
Furthermore, data are stored on the user's device (see above) that enable YouTube to recognise the browser used, and to aggregate data on the user's behaviour and recognise video views across several pages. YouTube can recognise that you have visited our website, possibly store this information in your personal YouTube account, and use collected data on your user behaviour for its own business purposes. YouTube videos are embedded on our website in extended data protection mode. This prevents the storage of cookies on your device.
The legal foundation for using YouTube plugins is Article 6 paragraph 1 (f) of the GDPR. We aim to provide interested visitors with information on our activities and services through videos. The service we use provides the necessary storage capacity, the needed bandwidth and the technical infrastructure for this.
Google reCAPTCHA
We use Google's reCAPTCHA service to determine whether a human individual or a computer is inputting data on our contact or newsletter forms. Google uses the following data to check whether you are a human user or a computer: IP address of the terminal used; the website of ours that you are visiting and in which reCAPTCHA is embedded; data and duration of visit; identification data of the browser used and type of operating system; Google account, if you are logged into Google; mouse movements on the reCAPTCHA interfaces, and tasks where you are required to identify images. The legal foundation for the data processing described is Article 6 paragraph 1 (f) of the GPDR. We have a legitimate interest in this processing in order to guarantee the security of our website and protect ourselves against automated input (attacks).
Further information
Contact
Our website specifies contact details such as addresses, telephone numbers and email addresses that enable you to get in touch with us quickly and communicate directly with us and our designated contact persons. A contact form is also provided on our website. When you contact us we will process the personal data you share with us, depending on the means of communication you select. This may include your full name, your address, the telephone number you use, the email address you use, and other personal data that you share with us in the course of communication. When you use the contact form we will also store your IP address as well as the date and time of submission.
The legal foundation for processing personal data in the course of communication is Article 6 paragraph 1 (f) of the GDPR. If you contact us with the aim of entering into a contract, an additional legal foundation for processing your data is Article 6 paragraph 1 (f) of the GDPR.
We process your data solely for purposes of contacting you, communicating with you and tracking communication that has taken place. When you submit the contact form we store your IP address for maintenance purposes and to protect against misuse. These purposes also constitute our legitimate interest in processing your data.
The data are erased or restricted once the purpose for which they were stored no longer applies. The general provisions on the retention period also apply.
Data subjects may object to the processing of their personal data. To contact us in this regard please use the specified contact details.
Subscription of press and event information
On our website you can subscribe to press and event information by email. Under an outsourced data processing arrangement, the CleverReach GmbH & Co. KG company, Schafjückenweg 2, 26180 Rastede, Germany acts as our service provider for sending and managing our email notifications.
When you register for press and event information, we collect the following data:
- title
- first (given) name
- family name
- email address (required)
- media/institution
These data are used first of all to send you a confirmation email (double opt-in procedure). You will not be included on the newsletter distribution list until you reconfirm. The newsletter contains technologies that enable us to see whether a newsletter has been opened, and how newsletters are used. When you open the newsletter information is automatically sent to us. This enables us to identify trends and improve our content. Your data are used exclusively for these purposes and are not shared with third parties.
When you register for the newsletter we will obtain your consent and draw your attention to this privacy policy. The legal foundation for processing the data you input and for analysing your user behaviour is Article 6 paragraph 1 (a) of the GDPR. You can cancel the subscription or revoke your consent at any time using the cancel option in the newsletter or by email, without stating reasons.
Registration for events
Interested persons can register for events via our website. For this purpose we provide a registration form on the event page. What personal data we collect varies depending on the type of event, and each form requests particular details. The minimum we require in order to be able to send you a confirmation email (double opt-in procedure) is your first name, family name and email address. In addition, your IP address is saved by the system when you send the form. We will use the data we collect solely for purposes of processing your registration and organising the event. Your data will automatically be deleted after use, unless a legal retention period precludes their deletion.
When you register for events we will obtain your consent and draw your attention to this privacy policy. The legal foundation for processing the data you input is Article 6 paragraph 1 (a) of the GDPR. You may revoke your consent at any time by email without stating reasons.
Integration of content from social media platforms
This website integrates content from servers of social media platforms. When you call up a page on our website where such content is embedded, your browser connects to the social media provider's server to load the embedded content. In doing so, your IP address and the page called up is transmitted to the server of the social media provider. A further processing of personal data is not known to us. On our website, content can be loaded from the following external sources:
Facebook Content Distribution Network
Twitter Content Distribution Network
Flickr Content Distribution Network
In order to protect our legitimate interest in the presentation of appealing content and to avoid potential copyright conflicts, the content is loaded directly from servers of the aforementioned providers. The processing of your IP address required for establishing the connection is carried out for these purposes on the basis of Art. 6 Para. 1 lit. f DSGVO.
Social media plug-ins
On our website we only use links to platforms of social media providers. Some of these links contain parameters that, depending on the platform, pass information to use interactive functions. Currently, our website contains interactive links to the platforms Facebook and Twitter.
When you click on a button labeled "share", your browser connects to servers at Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA ("Facebook").
If you click on a button labeled "tweet", your browser connects to servers at Twitter Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA ("Twitter").
Facebook or Twitter will then receive information that you have visited the appropriate subpage of our website, regardless of whether you are registered with or logged in to the service provider. If you are logged in with the respective service provider at the time of access, this information is assigned to your user account and, if applicable, displayed publicly. Furthermore, the service provider will process your IP address and may store cookies on your device. We have no influence on the type and scope of processing of personal data on the service provider's pages and only link to their offer.
You can find more information about the data protection regulations of the service providers here:
Rights of data subjects
Data subjects have the following rights vis-à-vis controllers:
- You can demand information as to what personal data concerning you from what source have been retained, and for what purpose. You must also be notified if your data are passed on to third parties. In this case you must be informed of the identity of the recipient or of the categories of recipient.
- If your personal data are incorrect or incomplete, you may demand that they be rectified or supplemented.
- You can object to the processing of your personal data for advertising purposes. For these purposes your data must then be restricted.
- You have the right to restrict processing if: you contest the correctness of the your personal data for a period that enables the controller to review the correctness of the personal data; the processing is unlawful and you object to the erasure of the personal data and instead demand restriction of the use of the personal data; the controller no longer requires the personal data for processing purposes, but you do require them in order to establish, exercise or defend legal claims, or if you have objected to the processing pursuant to Article 21 paragraph 1 of the GDPR and it has not yet been determined whether the controller's legitimate grounds override your reasons.
- You may demand that your data be erased. This is possible when the legal foundation for processing your data is lacking or has ceased to apply. It is also the case when the purpose of the data processing no longer applies either due to the passage of time or for other reasons. Please note that an erasure may be overridden by an existing retention period or other legitimate interest of our company. We would be glad to advise you of this upon request. If we have made your data public, we are then obliged to notify all recipients that you have requested the erasure of all links to these data or copies of these personal data. Should you wish to make use of this right, please send an email to:
- You also have a right to object if your legitimate interest due to a personal situation overrides our interest in processing. This does not apply if we are obliged to perform processing due to a legal regulation.
- Without prejudice to any other administrative or judicial remedy, you have the right to complain to a supervisory authority if you take the view that the processing of your personal data violates privacy.
- You have the right to obtain your personal data that you have provided to the controller in a structured, common and machine-readable format.
Amendment of this privacy policy
We reserve the right to amend this privacy policy so that it complies at all times with the current legal requirements, or to reflect changes in our services in the privacy policy. The new privacy policy will then apply the next time you visit our site.