Data Protection


The development partnership Strategic Alliance on Climate Risk Transfer Solutions with Swiss Reinsurance Company (Swiss Re) is part of the develoPPP.de program that the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH implements on behalf of the German Federal Ministry for Economic Cooperation and Development (BMZ). In charge of this website and its data processing is the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.

The Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH is a worldwide active non-profit service company for international cooperation. As a private-sector company organized by the federal government, it works for the development goal of improving the living conditions of people worldwide and preserving the natural foundations of life. Responsible editor for the contents of this website is Daniela Weinberger (daniela.weinberger@giz.de) for any questions related to GIZ data protection please contact the GIZ Data Protection Officer (datenschutzbeauftragter@giz.de).

 The protection of personal data (such as names, email addresses or telephone numbers) is of particular importance to the GIZ GmbH. Our data protection practice complies with the provisions of the German Federal Data Protection Act [Bundesdatenschutzgesetz] as well as the general data protection regulation (GDPR).


Data Collection and Use


You are able to use our internet site without providing your personal data.

a) Webserver log files

Every time our internet pages are accessed, information transmitted from your browser is automatically saved in webserver log files. In particular, this information includes the name of your provider, your anonymized IP address, your browser type and your operating system, internet sites you have previously used and the server request time. We use this information to improve our online presence.

b) Cookies

We use "cookies" on our internet pages. "Cookies" are text files that are stored on your computer and they help to increase the ease of use, performance and safety of our internet service. You can also use our internet site without cookies. Most browsers are set up so that cookies are automatically accepted. However, the user is able to deactivate the storage of cookies or set their browser so that it informs them as soon as cookies are sent.

In the cookies we use, we store:

  • an anonymous session id
  • a token preventing cross site request forgery

c) Web Analysis Service

We do not use the web analytics software Google Analytics to track our users. We run our own web analytics software, based on PIWIK, on our own server to gather usage statistics. This data is stored on a server in Germany. We anonymize your IP address and no data is handed to third parties. If you wish not to be tracked by our web analytics software, you can opt-out at the end of this page and we respect the Do-Not-Track setting of your browser.


Contact

We value your trust. Therefore, please do not hesitate to contact us with any additional queries related to the processing of your personal data. Please send your queries to:


webmaster@climate-risk-insurance.org


 



Data Protection at climate-risk-transfer.org
GDPR Compliance in Detail


The following declaration provides you with an overview as to how we ensure data protection regulations. According to the General Data Protection Regulation (GDPR) you have various rights which you can assert in relation to us. This includes, among others, the right to withdraw consent to the processing of data that is highlighted typographically.

Name and contact details of the person responsible for processing and the data protection officer


This Privacy Policy applies to the processing of data by


Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH

Registered offices
Bonn and Eschborn, Germany

Friedrich-Ebert-Allee 36 + 40
53113 Bonn, Germany
Phone: +49 228 44 60-0
Fax: +49 228 44 60-17 66

 

Dag-Hammarskjöld-Weg 1-5
65760 Eschborn
Germany

Phone: +49 61 96 79-0
Fax: +49 61 96 79-11 15


The GIZ Data Protection Officer can be contacted by e-mail: datenschutzbeauftragter@giz.de


Purpose of data processing, legal basis, and legitimate interests that are pursued by climate-risk-transfer.org or a third party, and categories of recipients


Surfing on this website


climate-risk-transfer.org gathers and automatically stores log file information in its server, which your browser deposited with us while you were surfing. Examples of information that we gather and analyze include the Internet Protocol Address (IP), which connects your computer with the Internet, as well as acknowledgments of receipt and reading confirmations of emails, logins, email addresses, passwords, information about the computer and connection to the Internet such as type of browser, browser version and number, operating system and platform. Furthermore, we record the complete Uniform Resource Locator (URL) Clickstream through and from our website, i.e. the sequence of the pages of our website that you visit, including date and time, cookie or flash cookie number, and the content that you viewed or for which you searched.

During your visits, we sometimes use JavaScript in order to gather and evaluate information, including the time it takes a website to load, download errors, the duration of the visit on a subpage, information regarding the interaction between pages (e.g. scrolling, clicking, mouse-overs) and leaving the page.

In brief, here is the key data that we store:

  • Type of browser/browser version
  • The operating system used
  • Referrer URL (the page visited previously)
  • URLs / pages on this website that have been accessed
  • IP address of the accessing computer along with its name
  • Time of the server request
  • Visitor history

The legal basis for the processing of the IP address is Article 6, Para 1f) of the GDPR. Our legitimate interest results from the following list of purposes of the data processing. Please note that it is not possible for us to draw any direct conclusions about your identity on the basis of the data collected, nor do we attempt to draw such conclusions.

The IP address of your device and the remaining data listed above is used by us for the following purposes:

  • Ensuring a seamless establishment of the connection
  • Ensuring the comfortable use of our website
  • Assessing the system security and stability

The data is saved for a period of 7 days, after which it is automatically deleted or anonymized. Further, we make use of so-called cookies and a tracking tool for our website. Exactly what process is undertaken and how your data is used for these is clarified in Section III.4 below.


Newsletter Distribution


You can subscribe to our newsletter via e-mail (sovereignrisktransfer@giz.de). Within the scope of making a subscription, we will save your name and email address. We shall solely use this data for the distribution of the newsletter mailing. Your data will not be processed or used for consulting, advertising or market research purposes. After entering your address you will receive an email with a confirmation link to confirm the authenticity of the address and your order. The order can be cancelled at any time. If the subscription is cancelled, all personal data will be deleted from our database. Your declared consent can be withdrawn conveniently by replying to one of our emails or sending an e-mail to climaterisktransfer@giz.de with the subject "unsubscribe".

Our newsletters are sent from sovereignrisktransfer@giz.de via Outlook and are not processed by a third party newsletter platform or programme.  

 

Contact Form


When using the contact form, your surname, first name and e-mail address are processed. The processing is carried out on the basis of Art. 6 para. 1 b) GDPR for the purpose of receiving the request formulated in the contact form. The data will not be passed on to third parties. The data is transmitted to GIZ via an SSL-encrypted connection, making unauthorised access considerably more difficult. As well as requests sent to GIZ by e-mail, requests via the contact form will be deleted after a retention period of 10 years [or after completion].

 

Use of the climate-risk-transfer.org members area


On our website, members have the opportunity to register to our climate-risk-transfer.org members area by providing personal data. The data is entered into an input mask and transmitted to us. A transfer of data to third parties does not take place. The following data is collected during the registration process:

  • Family name
  • First name
  • E-mail address
  • IP address
  • Date and time of registration.

The legal basis for this is Article 6, Para 1b) of the GDPR, i.e. you make the data available to us on the basis of the contractual relationship between yourself and us.

Registration is required for the provision of certain content and services intended only for our members, e.g. creating an account or replying to your contact inquiry.

Personal data is routinely deleted if it is no longer necessary to fulfil the contract, if there is no separate consent from the persons concerned and if legally prescribed retention obligations and periods do not require longer data retention. However, after the conclusion of the contract, there may be a need to store personal data of the contracting party in order to comply with contractual or legal obligations. After expiry, we retain the information regarding the contractual relationship that is required by commercial law and tax law for the legally determined period. For this period of time (generally 10 years from the conclusion of the contract), the data will only be re-processed in the case of an audit by the taxation authorities.


Online presence and website optimization


Cookies


Our Internet sites use so-called cookies at numerous points. Insofar as these cookies contain personal data, the use of these takes place on the basis of Article 6 Para 1f) of the GDPR. Our interest in optimizing is thereby to be seen as legitimate in the sense of the aforementioned regulation. Cookies are small text files that are automatically generated by your browser and saved on your device (laptop, tablet, smartphone, etc.). Cookies do not cause any damage to your device and they do not contain any viruses, Trojans, or other malware. In the cookie, information is stored which results from the connection with each specific device respectively. However, this does not mean that we gain any direct knowledge regarding your identity. The use of cookies serves on the one hand the purpose of improving the user experience of our Internet presence. We therefore use so-called “session cookies” in order to recognize that you have already visited individual pages on our website. These are deleted automatically after the end of your visit. In addition to this, also for the purpose of increasing user-friendliness, we make use of temporary cookies that are saved on your device for a specific period of time. When you visit our website again, it will be automatically recognized that you have visited the site previously, and what input you made or settings you activated, so that you do not have to input them again.

These cookies are automatically deleted after a respectively defined period of time. You can, however, configure your browser so that no cookies are stored on your computer, or so that a warning appears before a new cookie is created. However, the complete deactivation of cookies can result in you not being able to use all functions on our website. The storage duration of the cookies is dependent on their purpose and is not the same for all.

In the cookies we use, we store:

  • an anonymous session id
  • a token preventing cross site request forgery
  • session information, see "Matomo (formerly Piwik)"


Matomo (formerly Piwik)

On the basis of Article 6 Para 1f) of the GDPR, our website uses the web analytics service Matomo/PIWIK. Matomo uses cookies, text files that are saved on your computer and enable us to analyze your use of the website. For this purpose, user information generated through the cookie (including your abbreviated IP address) is transferred to our server and stored for the purpose of analyzing website usage, which supports our website optimization. Your IP address is immediately anonymized in this process, so that you remain anonymous to us as a user. The information generated through the cookie about your use of this website is not transferred to any third parties. You can prevent cookies from being used by activating the corresponding settings in your browser software; however, this may result in your not being able to make complete use of all functions on this website.

If you do not agree with the storage and analysis of data from your visit, you can dissent to the storage and analysis at any time by checking the opt-out checkbox below (at the end of this page). In this case, an Opt-Out cookie will be set in your browser, after which Matomo will collect no data from your sessions on this website. Please note: If you delete your cookies, this will also result in your Opt-Out cookie being deleted, so that you will need to reactivate it.


Social Media Plugins


We do not use any social media plugins on our website.



Your rights


Overview


Alongside the right to withdraw the consent given to us, you also have the following rights, when the respective legal conditions are extant:

  • Right of information regarding your personal data stored by us in accordance with Article 15 of the GDPR; in particular, you can obtain information about the purpose of processing, the category of personal data, the category of recipient for whom your data is or has been made available, the planned period of retention, the origin of your data, insofar as it was not collected directly from you,
  • Right of rectification of erroneous or to completion of correct data in accordance with Article 16 of the GDPR,
  • Right to deletion of your data stored by us in accordance with Article 17 of the GDPR, insofar as there are no legal or contractual requirements to retain the data, or other legal obligations or rights to the continued retention of the data,
  • Right to limit the processing of your data in accordance with Article 18 of the GDPR, insofar as you dispute the correctness of the data, the processing is illegal, but you oppose the deletion of said data; the data controller no longer requires the data, but you require said data for the assertion, exercise or defense of legal claims, or you have filed an objection to the processing in accordance with Article 21 of the GDPR,
  • Right to data portability in accordance with Article 20 of the GDPR, i.e. the right to receive selected data about you stored by us in a standard, machine-readable format, or to have this transmitted to another data controller,
  • Right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your normal place of residence or work, or of our association headquarters to do this.


Right to object


Under the conditions of Article 21, Para 1 of the GDPR, the data processing can be objected to on grounds arising out of the special situation of the person affected.

The above general right to object applies for all purposes of processing described in this Privacy Policy that are processed on the basis of Article 6, Para 1f) of the GDPR. In contrast to the special right to object to data processing for marketing purposes (see Section III.2.1.2 above), we are, according to the GDPR, only obligated to implement such a general right to object if you can provide grounds of superordinate importance (e.g. a possible risk to life or health). You also have the right to lodge a complaint with the responsible data protection supervisory authority. The responsible authority in this case is the German Federal Officer for Data Protection and Freedom of Information (BfDI).


Forwarding to third parties


The data collected by us is not sold. We provide information that we obtain to third parties exclusively to the extent described in the following:

  1. Affiliated companies

Affiliated companies that are under the control of climate-risk-transfer.org, if they are either subject to this Privacy Policy or adhere to guidelines that offer at least as much protection as this Privacy Policy.

  1. Service providers

We commission other companies and individuals to fulfill tasks for us. Examples include the maintenance of website, the analysis of our data bases. These service providers have access to personal information that is necessary for fulfilling their tasks. However, they are not permitted to use this for other purposes. In addition to this, they are obligated to handle the information in accordance with this Privacy Policy and applicable data protection laws.

  1. Protection of climate-risk-transfer.org and third parties

We disclose personal data when we are legally obliged to do so, or when such disclosure is necessary to protect our rights and those of third parties.

  1. Recipients outside of the EU

We do not forward your data to recipients with headquarters outside of Germany.  


Further information and notes


Our website, services, and initiatives evolve continuously. Equally, this Privacy Policy and our conditions of use change on occasion. Therefore, you should regularly visit our website and take note of any changes. Insofar as nothing is regulated in another manner, the use of all information that we have about you is subject to this Privacy Policy. We assure you that significant changes to our Privacy Policy that would result in weakened protection of already collected data will always only be made with your agreement as the respective affected party.

Your trust is very important to us. If you have questions that could not be answered in this Privacy Policy, or if you would like more detailed information on one of the points, please contact sovereignrisktransfer@giz.de at any time.

 

If you have any questions or complaints about this website, please contact the Data Protection Officer above. They also have the right of appeal to the competent data protection supervisory authority. The responsible authority is the Federal Commissioner for Data Protection and Freedom of Information (BfDI).