Data Protection

Firstly, we would like to point out that there is no obligation to provide your personal data. Provision of personal data is voluntary and importantly, will not affect your application. Automated decision-making, in particular an automated decision on your application, or profiling will not happen. If your personal data is processed, you are the data subject in the sense of GDPR and you are entitled to the following rights against the data controller. To exercise these rights, you can contact our Data Protection Officer at any time:

datenschutz@zif-berlin.org

Center for International Peace Operations (ZIF) gGmbH
Data Protection Officer
Ludwigkirchplatz 3-4
10719 Berlin

1.    Rights of Access, Article 15 of the GDPR

You can request confirmation from the data controller whether personal data concerning you will be processed by us.

If such processing exists, you can request information from the data controller about the following information:

(1)      the purposes for which the personal data is processed

(2)      the categories of personal data that is processed

(3)       the recipients, or the categories of recipients, to whom your personal data has been, or will be disclosed

(4)       the planned duration that your personal data will be stored for or, if specific information is not possible, criteria for determining the storage period

(5)       the existence of a right to amend or remove personal data, a right to restrict the processing of the data by the data controller, or a right to object to the processing of the data

(6)       the existence of a right to appeal to a supervisory authority

(7)       all available information relating to where the date came from, if the personal data is not collected from the data subject

You have the right to request information relating to whether the personal data concerning you will be transferred to a third country or to an international organisation. In this context, you may request to be informed about the appropriate safeguards pursuant to Article 46 of the GDPR in connection with the transfer of data. Regarding the right to information, the restrictions of sections 34 and 35 of the German Federal Data Protection Act (BDSG) apply.

2.    Right to Rectification Article 16 of the GDPR

You have the right to obtain rectification from the data controller and the right to have incomplete data completed, provided that the personal data processed concerns you and is incorrect or incomplete. The data controller must make the correction without undue delay.

3.    Right to Restriction of Processing Art. 18 of the GDPR

Under the following conditions, you can request the processing of your personal data to be restricted if:

(1)       you dispute the accuracy of the personal data concerning you within a reasonable period that allows the data controller to verify the accuracy of the personal data;

(2)       the processing is unlawful and you refuse to delete the personal data and you instead request the restriction of the use of personal data;

(3)      the data controller no longer needs the personal data for the purposes of processing, but you need it for the establishment, exercise or defence of legal claims, or

(4)      you object to the processing pursuant to Art. 21(1) GDPR pending the verification whether the legitimate grounds of the controller override your reason for objecting.

If the processing of your personal data has been restricted, this data may only be processed (apart from its storage) with your consent, or with the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person or for reasons of an important public interest of the Union or a Member State.

If the processing has been restricted in accordance with the above conditions, you will be informed by the data controller before the restriction is lifted.

4.    Right to Deletion, Art. 17 of GDPR

a)      Deletion obligation

You may request from the data controller that personal data concerning you is deleting without undue delay and the controller is obliged to delete this data immediately if one of the following grounds applies:
(1)       the personal data concerning you are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(2)       you withdraw your consent to the processing of your data, pursuant to  Article  6(1) or Article 9(2) of the GDPR, and where there is no other legal ground for the processing.
(3)      you object to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Article 21(2) of the GDPR.
(4)      the personal data concerning you have been unlawfully processed.
(5)       the erasure of personal data concerning you is necessary to fulfil a legal obligation under Union or Member State law to which the data controller is subject.
(6)       the personal data concerning you were collected in relation to the offer o f information society services referred to in Article 8(1) of the GDPR.

Regarding the right to information, the restrictions of sections 34 and 35 of the German Federal Data Protection Act (BDSG) apply.

b)      Information to Third Parties

Where the data controller has made the personal data concerning you public and is obliged pursuant to  Article 17(1) of the GDPR to erase the personal data, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing your personal data have requested the erasure by such controllers of any links to, or copy or replication of, those personal data.

c)      Exceptions

The right to erasure does not exist to the extent that processing is necessary:

(1)      exercising the right of freedom of expression and information;
(2)       for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(3)      for reasons of public interest in the area of public health in accordance with points 9(2) as well as Article 9(3) of the GDPR;
(4)       for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) of the GDPR, in so far as the right referred to in paragraph 1 is likely to render impossible or seriously impair the achievement of the objectives of that processing; or
(5)      for the establishment, exercise or defence of legal claims.

5.    Right to Notification

If you have asserted the right to rectification, erasure or restriction of processing against the controller, the controller is obliged to inform all recipients, to whom your personal data have been disclosed to, of this rectification or erasure of the data or restriction of processing, unless this proves impossible or involves a disproportionate effort.

You have the right to be informed about these recipients by the data controller.

6.    Right of Data Portability, Article 20 of the GDPR

You have the right to receive the personal data concerning you, which you have provided to the controller, in a structured, widely accepted and machine-readable format. Additionally, you have the right to transfer this data to another data controller without hindrance from the controller to which the personal data have been provided, where:

(1)      the processing is based on consent pursuant to Article 6 (1) (a) of the GDPR or of Article 9 (2) (a) of the GDPR or on a contract pursuant to Article 6 (1) (b) of the GDPR; and

(2)       the processing is carried out by automated means.

In exercising this right to data portability pursuant to paragraph 1, you shall also have the right to have the personal data transmitted directly from one controller to another, where technically feasible. The freedoms and rights of other persons must not be affected by this.

The right of data portability shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

7.    Right to Object, Article 21 of the GDPR

You have the right under Article 21(2) of the GDPR to object, for reasons relating to your particular situation, at any time to the processing of personal data concerning you, which is based on Article 6 (1) (e) or (f) of the GDPR, to file an objection.

The controller shall no longer process the personal data unless the controller demonstrates compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Where personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for advertisement purposes.

Where you object to processing for direct marketing purposes, the personal data shall no longer be processed for such purposes. Please note that the objection is only effective for the future. Processing that took place before the objection is not affected by this.
 

In connection with the use of information society services, you have the opportunity – notwithstanding Directive 2002/58/EC – to exercise your right of objection by means of automated procedures using technical specifications.

If we base the processing of your personal data on a balance of interests, you can object to the processing. If you exercise such an objection, we will ask you to explain the reasons, as described by us, why we should not process your personal data. In the event of your justified objection, we will examine the situation and will either discontinue or adapt the data processing or explain to you our compelling reasons worthy of protection.

8.    Right to Withdraw Declaration of Consent under Data Protection Law

You have the right to withdraw your declaration of consent under data protection law at any time via the Berlin Centre for International Peace Operations. This also applies to the withdrawal of consent relating to declarations issued to the Berlin Center for International Peace Operations (ZIF) gGmbH before the data protection regulation came into force on 25 May 2018. Please note that withdrawal of consent only applies to future data processing. Processing that took place before the withdrawal is not affected by this. The withdrawal of consent does not affect the legality of the data processing carried out under consent before the withdrawal.

9.    Right to Lodge a Complaint with a Supervisory Authority

Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence, place of work or place of the alleged infringement if you believe that the processing of personal data relating to you violates the GDPR.

The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy pursuant to Article 78 of the GDPR.

The responsible supervisory authority in Berlin is the

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstraße 219
10969 Berlin
Tel.: +49 30 13889-0
Fax: +49 30 2155050
Email: mailbox@datenschutz-berlin.de

I. Website Deployment and Creation of Log Files

a) Description and Scope of Data Processing

You can visit our website without us collecting any personal data from you. When accessing the website or you retrieve a file stored on the website, data is collected and processed. These are stored in the log files of the server. In principle, this only happens if it is essential for the functioning of the website, as well as its contents and services. Furthermore, the collection and regular use of personal data can only happen with the appropriate consent. An exception applies in cases where it was not possible to obtain prior consent due to genuine reasons and the processing of the data is permitted under legal regulations.
However, the following general data is automatically collected and processed when you access the website:

• Browser type/version
• Operating system used
• IP Address
• Date and time of the server request

These are stored in the log files of the server.

In the members area, the login data (username and e-mail address) are also recorded and stored. This collection is necessary to authenticate members and prevent unauthorised access.

We work with a hosting provider (Mandarin media) for our websites. The hosting services we use serve to provide the following services:

Infrastructure and platform services, computing capacity, storage space and database services, emailing, security services and technical maintenance services are all services that we use for the purpose of operating this online offer.

To offer these services, we or our hosting provider (Mandarin media) process the following data of our customers, interested parties and visitors to the online offer: inventory data, contact data, content data, contract data, usage data, meta and communication data. The processing of this data is done so on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with  Article  6(1) (f) of the GDPR  in conjunction with Article 28 of the GDPR (conclusion of the order processing contract).

b) Legal Basis of Data Processing
The legal basis for the storage of the data/ log files is Article 6(1)(f) of the GDPR.

c) Purpose of Data Protection
The data and information collected will therefore be evaluated statistically, as well as being evaluated with the aim of increasing data protection and data security within our company to ultimately ensure an optimal level of protection for the personal data processed by us. Anonymous data is stored separately from all personal data provided by a data subject. Storage of data in log files allows the website to function smoothly and also serves to help improve and secure our systems. In the event of a cyber attack, we can also provide law enforcement authorities with the information necessary for criminal prosecution. In such circumstances, personal data will not be evaluated further (e.g. for marketing purposes) than this extent.

d) Duration of Storage
Data stored by the Center for International Peace Operations (ZIF) gGmbH shall be deleted as soon as it is no longer required for the purpose for which it was collected.

• If the data is collected for the deployment of the website, then the data shall be deleted when the respective session has ended.
• If the data is stored in log files, data shall be deleted after seven days at the latest.
• If the data has been collected from the ZIF careers page (except for submitted applications), data shall be deleted after six weeks. Longer storage is possible. When this is the case, the IP addresses of the users are deleted or alienated so that the data is no longer assigned to the calling customer.

e) Option for Opting-Out and Removal of Data
The collection of the mentioned data is absolutely necessary for the operation of the website. Consequently, it is not possible for the user to withdraw or reject.

 

In the members area, the login data (username and e-mail address) are also recorded and stored. This collection is necessary to authenticate members and prevent unauthorised access.

The data and information collected will therefore be evaluated statistically, as well as being evaluated with the aim of increasing data protection and data security within our company to ultimately ensure an optimal level of protection for the personal data processed by us. Anonymous data is stored separately from all personal data provided by a data subject.

We work with a hosting provider (Mandarin media) for our websites. The hosting services we use serve to provide the following services: Infrastructure and platform services, computing capacity, storage space and database services, emailing, security services and technical maintenance services are all services that we use for the purpose of operating this online offer.

To offer these services, we or our hosting provider (Mandarin media) process the following data of our customers, interested parties and visitors to the online offer: inventory data, contact data, content data, contract data, usage data, meta and communication data. The processing of this data is done so on the basis of our legitimate interests in an efficient and secure provision of this online offer in accordance with  Article  6(1) (f) of the GDPR  in conjunction with Article 28 of the GDPR (conclusion of the order processing contract).

Data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. If the data is collected for the deployment of the website, then the data shall be deleted when the respective session has ended. If the data is stored in log files, data shall be deleted after seven days at the latest.

II. Use of Cookies

1.    Description and Scope of Data Processing

All ZIF websites use cookies. Cookies are small text files that are stored locally in the internet browser on the user's computer system. If a user visits a website, then a cookie may be stored on the user's computer. This cookie contains a string of characters that allow the browser to be recognised when the website is visited again.

When accessing the website, the user is informed about the use of cookies and the user is asked to provide their consent that allows their personal data to be processed.
No personal data is stored in the cookies used. Cookies allow us to only receive anonymised information.

You can disable cookies at any time under the Cookies settings, if your browser allows this. This may mean that the functions of our website become no longer available to you, as the browser would have to be recognised after navigating to each page.

The user data collected in this way is pseudonymised by putting technical precautions in place. This means that the data is no longer assigned to the visiting user. Data will not be stored together with the personal data of others.

2.    Legal Basis for Data Processing

The legal basis for the processing of personal data using cookies is Article 6 (1) (f) of the GDPR. The legal basis for the processing of personal data using cookies for analysis purposes is Article 6(1)(a) of the GDPR.

3.    Purpose of Data Protection

The purpose of using strictly necessary cookies is to simplify and optimise the use of websites for users. They are essential to improve your experience whilst accessing our websites and subpages. Cookies are used to facilitate the log-in procedure, and also determine the frequency of use, the number of users on our website and also to provide you with individual user functions. Some functions of our webpages cannot be accessed without the use of cookies.

User data collected by strictly necessary cookies will not be used to create user profiles. They serve to simplify the use of our websites.

Analytics cookies are used to improve the quality of our websites and their content. They allow us to learn how the websites are used and can continuously optimise our features.

These purposes also constitute our legitimate interest in the processing of personal data in accordance with Article 6 (1) (f) of the GDPR.

4.    Storage Duration, Opting Out & Data Removal

Cookies are stored on the user's computer and are transmitted to our website. This means that as a user, you have full control over the use of cookies. By changing the settings on your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been save can be deleted at any time. This can also be done automatically. If cookies are deactivated for our websites, it may not be possible to use all the functions of our websites to their full extent.

III. Newsletter

1.    Description and Scope of Data Processing

You can also subscribe to our various free newsletters on our websites here:www.zif-berlin.org and https://karriere.zif-berlin.org  As part of the registration process, consent is obtained through a so-called double opt-in procedure. When subscribing to a newsletter, the data from the entry form, name and email address will be transmitted to us.  The data will be used by us exclusively for sending the newsletter.

In addition, the following data is collected during registration:

·       IP address of the visiting computer

·       Date and time of the registration

.       Name of the website on which you subscribed to our newsletter.

Our newsletters are sent via the email marketing provider CleverReach® GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany and also via rexx systems GmbH, Süderstraße 77, 20097 Hamburg, Germany for our career portal newsletter. You can view the email marketing provider's privacy policy here:https://www.cleverreach.com/de/datenschutz/

The use of this provider is based on our legitimate interests in accordance with  Article  6(1) (f) of the GDPR and an order processing contract pursuant to  Article 28(3)(a) of the GDPR.

The email marketing provider may use the pseudonymised data of recipients to improve its own services (e.g. for the technical optimisation of email delivery and the presentation of the newsletter) or for statistical purposes. Additionally, the email marketing provider is prohibited from using the data of the newsletter recipients for its own purposes, such as sending emails, and passing the data onto third parties.

Modern technical measures will protect your personal data from theft and misuse. If personal data is provided, it will be transmitted in encrypted form (TLS). Under no circumstances will be pass on your data to third parties. If you have purchased any products from the Berlin Center for International Peace Operations gGmbH and have entered your email address, then this may also be used to send a newsletter. The data will only be used in this case to send the newsletter with direct advertising for our own similar goods or services.

2.    Legal Basis for Data Processing

The legal basis for the processing of the data after registration for the newsletter by the user is Article 6 (1) (a) of the GDPR. The legal basis for sending the newsletter as a result of the sale of products is section 7(3) of the German Act Against Unfair Competition (UWG).

3.    Purpose of Data Protection

The collection of the user's email address serves to deliver the newsletter.

The collection of other personal data as part of the registration process serves to prevent misuse of the services or the email address used.

4.    Duration of Storage

Data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. The user's email address will therefore be stored for the duration of the newsletter subscription. Contractual and legal provisions, in particular retention periods, remain unaffected. This specifically applies to the users of the ZIF members area.

Other personal data which is collected during the registration process will normally be deleted after a period of seven days.

5.    Option for Opting-Out and Removal of Data

A newsletter subscription can be cancelled by the affected user at any time via the registration form. This also allows users to withdraw their consent to the storage of personal data collected during the registration process.

In the members area under "personal settings", you can object to or agree to receiving some, or all of our newsletters. Each newsletter also has a corresponding link which allows you to unsubscribe at any time. You can also unsubscribe by messaging us. Once unsubscribed, your email address will be immediately removed from our newsletter distribution list.

IV. Contact Form and Email

1.    Description and Scope of Data Processing

If you have any enquiries, you can visit our websites and contact us via a contact form at www.zif-berlin.org, https://karriere.zif-berlin.org   and https://tech-blog.zif-berlin.org/.  When you make an enquiry, the data from the entry form, name and email address are collected and stored by us. The user's IP address as well as the date and time of the transmission, are stored at the time of submitting the form. We require this information so that we can process your request and get back to you as quickly as possible.

Alternatively, you can also contact us via the email address provided. In this case, the user's personal data which is transmitted via email will be stored.
 

This personal data will not be passed on to third parties. The data will be used by us exclusively to respond to your request.

2.    Legal Basis for Data Processing

The legal basis for the processing of data with user consent is permitted under Article 6(1)(a) of the GDPR. The legal basis for the processing of the data is our legitimate interest in responding to your concerns to the ZIF in accordance with Article 6(1)(f) of the GDPR.

The legal basis for the processing of the data transmitted in the course of sending an email is Article 6(1)(f) of the GDPR. If the purpose of the email is to conlcude a contract, then the additional legal basis for processing this data is Article 6(1)(b) of the GDPR. 

3.    Purpose of Data Protection

The processing of this personal data is solely to allow for the establishment of contact. If you contact us by email, this also constitutes the necessary legitimate interest in the processing of the data.
The processing of other personal data is to prevent misuse of the contact form or the email address and ensures the security of our information technology systems.
 

4.    Storage Duration, Opting Out & Data Removal

Any data entered by you into the contact form or sent via email will remain with us until you either request for us to delete it, withdraw your consent to storage or as soon as the data is no longer necessary to achieve the purpose of its collection, e.g. after your request has been processed. Processing is classed as completed when it can be inferred from the circumstances that the matter in question has been completely resolved.

Contractual and legal provisions, in particular retention periods, remain unaffected.

Other personal data which is collected during the registration process will normally be deleted after a period of seven days.

You have the option to object to data processing and to request the deletion of your data: Rights of the Data Subjects

a) Duration of Storage
Data will be deleted as soon as it is no longer required to achieve the purpose for which it was collected. This applies to any data entered by you into the contact form or sent via email when the respective conversation has ended. 

b) Opting Out

Users have the option to withdraw their consent to the processing of personal data at any time. For this purpose, the user can contact the data controller via the contact options provided on the website. If the user contacts the Berlin Center for International Peace Operations (ZIF) gGmbH by e-mail, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued.

c) Disclosure of Data - Personal Data/Recipients

Your data will only be passed on to affiliated companies and service partners if they are working on our behalf and support the Berlin Center for International Peace Operations (ZIF) gGmbH in providing their services. Your personal data will be processed by commissioned service providers within the scope of order processing in accordance with Article 28 of the GDPR.
The aforementioned service providers only receive access to such personal information as is necessary for the performance of the respective activity. These service provided are prohibited from passing on your personal information or using it for other purposes, for example for their own advertisements.
For external service providers which may come into contact with your personal data, we have implemented legal, technical and organisational measures and routine checks to ensure that they comply with relevant data protection regulations. A commercial data transfer of your personal data to other companies will not happen.

V. OpenStreetMap

We use Open Street Maps (OSM) on our website www.zif-berlin.org to display interactive maps and for providing directions. This service provider is the Open Street Map Foundation (OSMF), 132 Maney Hill Road, Sutton Coldfield, West Midlands, B72 1JU, United Kingdom. 

The following data is transmitted to the OSM servers during display: the internet pages you visited on our website and the IP address of your device. OpenStreetMap may store cookies in your browser for this purpose. We have no influence on the further processing and use of the data by Google and therefore cannot assume any responsibility for this.

The legal basis for he processing of your data in relation to the OSM service is Article 6(1)(f) of the GDPR (legitimate interest in data processing). The legitimate interest arises from our need for an appealing presentation of our online offer and the easy findability of the places indicated on our homepage. This service enables us to present our website in an appealing way by loading map material from an external server.

More information on the handling of user data can be found in the OSM privacy policy: https://wiki.osmfoundation.org/wiki/Privacy_Policy

VI. Google Fonts

We use external fonts from Google fonts on our websites https://www.zif-berlin.org/, https://karriere.zif-berlin.org and https://tech-blog.zif-berlin.org/. Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland is responsible for the European area. The parent company Google LLC has its registered office at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; 

The legal basis for the use of Google Fonts is our legitimate interest in improving and optimizing our websites through improved loading times, low administrative effort, uniform presentation across devices and increasing our awareness in accordance with Article  6(1) (f) of the GDPR.

The integration of Google Fonts takes place through a server call, usually a Google server in the USA. This allows information to be transmitted to the server, including which of our websites you have visited, as well as your IP address. 
We have no influence on the further processing and use of the data by Google and therefore cannot assume any responsibility for this.

You can find Google's privacy policy at: https://policies.google.com/privacy?hl=de.

VII. Web Analysis using Matomo

1.   Scope of the Processing of Personal Data

We use the open source software tool Matomo (www.matomo.org) to analyse the surfing behaviour of our users. The software places a cookie on the user's computer in order to create user profiles from this data under a pseudonym (for cookies and the rejection of cookies, see II). If individual pages of our websites are called up, the following data is stored:

(1)   the IP address of the user's calling system is anonymised so that no personal data is stored

(2)   the website visited

(3)   the website from which the user reached the visited website (the referrer)

(4)   the subpages which are accessed from the main visited website

(5)   the duration of time spent on the website

(6)   the frequency of visits to the website.

The software runs exclusively on the servers of our website. This is the only place where the personal data of our users is stored. The information generated by the cookie in the pseudonymous user profile is not used to personally identify the visitor to this website and is not merged with personal data about the bearer of the pseudonym.  The data will not be passed on to third parties.

2.    Legal Basis for the Processing of Personal Data

The legal basis for the processing of user's personal data in this way is their consent under Article 6(1) (a) of the GDPR and our legitimate interests under Article 6(1) (f) of the GDPR.

3.    Purpose of Data Protection

The processing of users' personal data enables us to analyse the surfing behaviour of our users. The web analysis service software Matomo collects and stores data for marketing and optimisation purposes. By evaluating the data obtained, we are able to compile information about the use of the individual components of our website. This helps us to continuously improve our website and its user-friendliness. These purposes also constitute our legitimate interest in the processing of personal data in accordance with Article 6 (1) (f) of the GDPR. By anonymising the IP address, the interest of the users in the protection of their personal data is sufficiently taken into account.

4.    Duration of Storage

The data will be deleted as soon as they are no longer needed for our recording and evaluation purposes.

In our case, this is done after 90 days.

We store data processed by the career portal, such as applications, in accordance with Section 15(g) of the German Equal Treatment Act (AGG), with a security period of two weeks. If you have given us your consent to a longer retention period, we will process the data in accordance with your declaration.

5.    Option for Opting-Out and Removal of Data

Cookies are stored on the user's computer and are transmitted to our website. This means that as a user, you have full control over the use of cookies. By changing the settings on your internet browser, you can deactivate or restrict the transmission of cookies. Cookies that have already been save can be deleted at any time. This can also be done automatically. If cookies are deactivated for our websites, it may not be possible to use all the functions of our websites to their full extent.

More information on the privacy settings of the Matomo software can be found here: https://matomo.org/docs/privacy-policy/.

VIII. Amendments to our Data Protection Regulations

The privacy policy and information concerning data protection will be revised when any changes are made to this website, or on any other occasions that make this necessary. You can always find the latest version on this website.

Data Protection for Events

1.    Description and scope of the data processing

The preparation and realisation of events with invited guests as well as events requiring registration involves the collection of the personal data of participants. The data provided is stored electronically by the
Center for International Peace Operations (ZIF) for the organisation of the event. Your data will not be unlawfully forwarded to third parties.
 
The Center for International Peace Operations (ZIF) may make audio and video recordings in the course of the event. The image material serves documentation purposes and for the information activities and public relations work of the ZIF, e.g. for the publication of selected photos on the websites or in information material.

2.     Legal basis for the data processing

The legal basis for the processing of personal data following registration for the event by the user is, where they have given their consent, Art. 6 (1) lit. a GDPR. The legal basis for the processing of personal data in the form of image recordings of the users is Art. 6 (1) lit. f GDPR.

3.    Purpose of the data processing

The collection of participant data serves to prepare the event and is – depending on the event – necessary for the fulfilment of security requirements of the event. Accordingly, the processing of personal data is a prerequisite for the performance of the contract in accordance with Art. 6 (1) lit. a GDPR.
 
In the case of an online registration for events with ZIF photographers, the personal data (name, event, date of registration for the event) will be stored as proof of knowledge of the prior references to image recordings. These purposes also include our legitimate interest in the processing of personal data in accordance with Art. 6 (1) lit. f GDPR.

4.    Duration of storage

The personal data of the data subject will be erased or blocked as soon as the purpose of storage no longer applies. Furthermore, the data may be stored if the European or national legislator has provided for this in regulations, laws or other stipulations laid down by European Union legislation that the data controller is subject to. The data shall also be blocked or erased if a storage period prescribed by the aforementioned standards expires, unless it is necessary for further retention of the data for the purposes of concluding or performing a contract.

5.    Option of objection

You can withdraw your consent at any time to the Center for International Peace Operations (ZIF). Please note that due to security requirements, participation in an event can then no longer be guaranteed.
 
Should you have any questions regarding image recordings, please contact our data protection officer.

Data Protection for Applications and in the Application Process

Applications sent to us electronically or by post will be processed electronically or manually for the purpose of implementing the application process.
 
The application process requires that applicants provide us with their applicant data. The necessary applicant data is derived from the job descriptions, and generally includes personal details, postal and contact addresses and the documents belonging to the application, such as cover letter, curriculum vitae and certificates. Applicants may also voluntarily provide us with additional information.
By submitting an application to us, applicants consent to the processing of their data for the purposes of the application process in accordance with the type and scope set out in this privacy statement.
 
If special categories of personal data as understood by Art. 9 (1) GDPR are voluntarily provided as part of the application process, they will also be processed in accordance with Art. 9 (2) lit. b GDPR (e.g. health-related data, such as severe disability status or ethnic origin). Insofar as special categories of personal data as understood by Art. 9 (1) GDPR are requested from applicants as part of the application procedure, their processing will also be carried out pursuant to Art. 9 (2) lit. a GDPR (e.g. health-related data where required for the exercise of a profession).
 
The legal basis for the processing is Art. 6 (1) S.1 lit. b) GDPR and Art. 26 of German Privacy Law (BDSG) as amended. If an employment relationship is entered into with the applicant after conclusion of the application process, the applicant data will be stored in compliance with the relevant data protection regulations. If you are not offered a position after conclusion of the application process, your submitted letter of application including documents will be deleted six months after dispatch of the rejection in order to be able to satisfy any claims and obligations to provide evidence according to the German General Equal Treatment Act (AGG).

Data Protection on Social Media

The ZIF is present on various social media platforms in order to provide information on the work of the ZIF, and for the purposes of facilitating an exchange with interested parties and members.
 
The legal basis for the use of social media is our legitimate interest in increasing our recognition through social media and the possibility of interaction with you and users among each other via social media in accordance with Art. 6 (1) sentence 1 lit. f GDPR.
 
We have no influence on the data collected and the data processing procedures. Nor do we have any knowledge of the scope of the data collection, the purpose of the processing and the storage periods. We likewise have no information on the erasure of the collected data by the plug-in provider.
 
With regard to the purpose and scope of data collection and processing, we refer to the respective privacy policies of the social media providers. You will additionally find information there on your rights and settings options concerning the protection of your personal data.

LinkedIn

Social network, service provoder: LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
Website: https://www.linkedin.com: data protection policy: https://www.linkedin.com/legal/privacy-policy
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

Twitter

Social network; service provider: Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA
Data protection policy: https://twitter.com/de/privacy, (Settings) https://twitter.com/personalization

YouTube

Social network; service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA;
Data protection policy: https://policies.google.com/privacy; Opt-out: https://adssettings.google.com/authenticated

Changes to Our Data Protection Provisions

This privacy statement and the privacy notice will be revised when changes are made to this website or as other circumstances arise that require this. The current version can always be found on this website.

This text is a translation of our official Data Protection and Privacy Policy, originally in German. Please refer to the German original wording in case of doubt - it is the only legally binding text.