Public directory of procedure

Article 4g of the German Federal Data Protection Act (BDSG) stipulates that the Data Protection Officer must, if requested, make collected information available to any person in a suitable form, as laid out in Article 4e of the German Federal Data Protection Act. This and other information is held by GIZ’s Data Protection Officer in the form of an extensive and detailed overview.

Name of the company

Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH

Chair of the Supervisory Board

Martin Jäger, State Secretary

Chair of the Management Board

Tanja Gönner

Managing Directors

Dr Christoph Beier (Vice-Chair of the Management Board)
Dr Hans-Joachim Preuß

Responsible for data processing

Dr Eric Heinen-Konschak, Director of the Information Technology division

Postal address

Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH
Dag-Hammarskjöld-Weg 1-5
65760 Eschborn Germany

Deutsche Gesellschaft für internationale Zusammenarbeit (GIZ) GmbH
Friedrich-Ebert-Allee 40
53113 Bonn

Purpose of gathering, processing and use of data

The Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH is a federal enterprise with worldwide operations. We support the German Government in the fields of international cooperation for sustainable development and international education. Through our work we assist people and societies in shaping their own futures and improving living conditions. We operate throughout Germany and in more than 130 countries worldwide.

Within the framework of these activities we gather, process, use and in some cases transfer personal data for the purpose of obtaining, implementing and invoicing contracts and commissions.

At the Centre for International Migration and Development (CIM), a GIZ specialised business unit, data are gathered, processed, used and in some cases transferred within the framework of placing experts with a development-policy mandate. The data are used to place suitable experts and, if appropriate, to grant a salary top-up.

The Human Resources Department gathers, processes, uses and in some cases transfers personal data for its own purposes (for example, to manage human resources or the company pension scheme, deal with applications, calculate salaries, and manage business trips) and to meet statutory obligations with respect to social insurance or other provisions.

Definition of the groups of individuals concerned and the pertinent data/data categories

In the performance of its business activities, GIZ gathers, processes and uses addresses, contractual and payment data and electronic communication data relating to clients, contractors and others (including consultants, self-employed experts, employees of consulting firms).

In the Human Resources Department, additional information on qualifications, the start and end of employment, on wages and salaries, pension and social insurance, bank accounts, warnings issued, references and on application documents is gathered, processed and used. This involves the following individuals: Head Office employees (including interns and guest students), seconded staff, national personnel, integrated experts, development advisors, family members (for the crisis file and allowances), applicants, recipients of assistance, future recipients of a company pension and former employees.

Recipients/categories of recipients with whom the data may be shared

Data can be shared with responsible administrative officers within GIZ (e.g. officers involved in accounting, invoicing, contracts, telecommunications and IT). In specific cases, external bodies such as the German Federal Ministry for Economic Cooperation and Development (BMZ), the German Federal Foreign Office, and donors such as the World Bank, the EU and the Asian Development Bank will be forwarded data related to the planned assignment of staff, for example, for GIZ IS offers.

For human resources management purposes, data may be shared with individuals and units in house (e.g. the HR Department or the line manager) that are involved in the relevant business process, with  public bodies that receive data on the basis of statutory regulations (e.g. social insurance schemes, inland revenue, health insurers) and with credit institutions (for salary payments), creditors (in the case of wage or salary attachment) and travel agencies, etc.

Regular data deletion deadlines

Personal data are regularly deleted when they are no longer needed for contractual purposes (e.g. for employment, top-ups, rental, sale or service contracts), when the individuals concerned have not given any separate authorisation and when statutory data storage obligations and periods have expired.

Planned data transmission to third states

As a general principle, data will not be transmitted to third states, except in exceptional legal circumstances.