Privacy and Data Protection

1. Purpose

Declaration of consent for members and visitors of iBAN blue on the storage and use of data by the Inclusive Business Action Network (iBAN) within GIZ in Bonn.

2. General

The Inclusive Business Action Network (iBAN) is a global initiative supporting the scaling and replication of inclusive business models. iBAN manages the largest global online knowledge platform (iBAN blue) on inclusive business and offers a focused Capacity Development Programme (iBAN weave) for selected companies and policymakers in developing and emerging countries.

iBAN is funded by the Federal Ministry for Economic Cooperation and Development (BMZ) and the European Union. It is implemented by the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.

Data processing is the responsibility of the Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.

The Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH is a public-benefit federal enterprise for international cooperation. We work as a federal enterprise under private law. Our aim is to achieve the development-policy objective of improving the living conditions of people worldwide and conserving the natural resources on which livelihoods depend.

Postal adress:

Friedrich-Ebert-Allee 36 + 40, 53113 Bonn

Dag-Hammarskjöld-Weg 1–5, 65760 Eschborn

Contact: info@ib-an.net

Contact details of the data protection officer: datenschutzbeauftragter@giz.de

3. Information on how collected data will be processed

This declaration explains how iBAN, represented by GIZ will process user data of inclusivebusiness.net.

iBAN is collecting, processing and storing data in order to:

  • provide users the opportunity to create a profile that enables users to leave comments, post blogs and communicate with other users,
  • provide users the opportunity to create and use a personalised dashboard that can only be accessed by the user himself/herself,
  • receive mailings and updates
  • ask users to take part in regular surveys - voluntary and anonymous
  • process and answer user requests,
  • provide users access to an online learning environment.

3.1 Tracking of user data on website and cookies

For statistical purposes and to improve service, this website uses technology provided by PIWIK, which evaluates and then deletes data. No other use is made of the data, and the data is not passed on to third parties.

Page access and file download activities are anonymised, processed and stored in a temporary protocol file. The anonymization process is conducted through an IP address altering software.

The following information is stored for each page viewed and each file download: 

  • Technical details of the browser used 
  • Anonymous IP address 
  • Date and time 
  • Page opened/name of the file downloaded 
  • Quantity of data transferred 
  • Notification of whether viewing or download was successful 

Temporary session cookies are used each time an individual page is viewed, to make navigation easier. Cookies are small text files that are stored locally in the users browser cache. Session cookies do not include any personal data and expire at the end of each session, or after the completion of a user survey, which is conducted as a rule every two years. This website does not use methods such as Java applets or ActiveX controls that make it possible to track browsing behaviour.

Any personal details collected as part of the personal profile will only be used for the purpose of dealing with enquiries and to provide relevant content on the users dashboard. Any personal information collected apart from the IP address is used to pinpoint and deliver topics relevant to the users dashboard. Personal details will not be passed onto third parties. 

Email addresses provided during an enquiry or registration on the website are used exclusively for correspondence and, if interest in newsletters has been indicated, for the delivery of mailings.

All personal details will be deleted from the database after cancellation of subscription.

 

3.2 User profiles (only applicable to registered users)

Profile

When signing up to the platform, users are asked to submit account details and data for a user profile. It is mandatory to enter an e-mail address, a user name and to choose a password when signing up to the website. Entering further information is optional.

Signing up to the platform, will enable users to publish blog posts and comments on the online platform. Blog posts and comments are publicly visible. Furthermore, it enables users to subscribe to iBAN’s mailing lists for updates and newsletters. Optional profile information will be used for internal monitoring and evaluation of the platform (e.g. if users are interested in information from a specific sector or region). Personal user data will be anonymized before assessments.

After deleting the profiles all personal data of the user will be anonymised. The content the user provided to the platform will remain published on the website unless deletion was explicitly requested.

Dashboard

Users will be able to create a personalized area for subscribers offering selected content according the users interests.

Once logged in, users can select filters on the dashboard page and will be offered new content according to these categories. All functions will be unified on an individual dashboard, where users will be additionally informed on new content. Users can mark preferred content and will have access to within a „favorites“-section.

Administrators will be able to assess what interests/content filters members select over time and in which region and country members are located. This information will only be used for statistical reasons in order to improve the website and after data has been anonymized.

3.3 Newsletters and mailings

iBAN is using Mailingwork to send out newsletters and updates. Any personal details collected as part of the mailing list subscription will only be used for the purpose of processing the subscription. Mailingwork is implemented via a central service run by GIZ. As a result, you will get redirected to webpages of the GIZ website during the subscription process (opt-in).

Personal details will not be passed onto third parties. No use will be made of users details for consulting purposes, for advertising or for market research. All personal details will be deleted from the database after cancellation of the subscription.

After entering the receiving e-mail address, the users will receive an email containing a confirmation link. Clicking on this link confirms that the email address and subscription request are genuine. The subscription can be cancelled at any time.

3.4 Processing user requests

For contact and feedback forms, name and email address of users are processed. Under Article 6 (1 b) of the GDPR, this data is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, in this case for the purpose of receiving enquieries entered in the contact form. Personal information is never shared with third parties if this is not explicitly requested by the subject. Enquiries are deleted on a regular basis (every two years) or once they have been dealt with.

3.5 Online learning environment (only applicable to registered users)

The platform will link to an external learning space. Users will be able to register for online courses and closed discussion groups on this platform. The terms and regulations will be specified in the data protection of the online learning space.

4. Protection of minors

Persons under the age of 16 may not transfer any personal data to iBAN without the consent of a parent or legal guardians.

5. Reference to user rights

The person agreeing to this declaration is entitled to:

  • object to data processing,
  • enquire about personal data and its processing
  • to have this corrected if necessary, or to request restriction of processing or the erasure of the data

The data will then be erased. To revoke consent, please send an email to info@ib-an.net

If you have any questions or complaints about this website, please contact the GIZ data protection officer (see contact information provided above). You also have the right to lodge a complaint with the responsible data protection supervisory authority. The responsible authority in this case is the German Federal Commissioner for Data Protection and Freedom of Information (BfDI).

6. Closing remark

GIZ uses appropriate technical and organizational measures to secure personal data against unintentional or intentional falsification, destruction, loss or access by unauthorised persons. Access to personal data is restricted to GIZ staff from the Inclusive Business Action Network who need to process the data for the above-mentioned purpose, and who will handle the information provided in a proper and confidential manner.

The data will be used exclusively for the declared purposes. Any other use will always be dependent on consent being obtained again.