Giesecke & Devrient Stiftung

Giesecke+Devrient Foundation Data Privacy

Giesecke+Devrient Foundation, Prinzregentenstr. 159, 81677 Munich, Germany (“G+D Foundation”, “we” or “us”) takes the protection of your data very seriously. Your privacy and the protection of your personal data are of utmost importance to us. Therefore, this Privacy Policy explains how we safeguard your privacy.

Our contact details are as follows:

Giesecke+Devrient Foundation
Prinzregentenstrasse 159
D-81677 Munich

If you are located outside the European Union or European Economic Area, in as far as legally required due to the laws applicable subject to your location, access to and use of the website by you implies your full acceptance of the Privacy Policy.

1. Personal Data

“Personal data” is of any information that can identify or make an individual identifiable. This includes, for example, your first and last name, title, company, postal address, email address, telephone number, mobile number, username and password, and any information you may provide in free text fields or other message you send to us.

2. Collection and Use of Personal Data

We collect, process or use your personal data for the following purposes depending on the nature of your interaction with our Website: Your browser communicates your IP address automatically when you are visiting our Website. We will use your personal data only to the extent necessary for the purpose for which it was collected and will retain it for these purposes or as required by applicable law and then delete it. In as far as possible, we will attempt to use only anonymous information or pseudonyms if the use of personal data is not required.

3. Data Sharing and Transfer to Third Parties

Your personal data, collected when visiting our Website, will not be shared with any third party.

4. Cookies

Cookies are small text files that websites save onto your computer via your web browser. Cookies serve different purposes. We do not use cookies on the G+D Foundation site.

5. Security

The G+D Foundation uses technical and organizational security measures to protect the personal data you provide. Our security measures are continually upgraded and adjusted in line with the current state of knowledge.

6. Links to other Websites

Our website may contain links to other websites which are not owned or operated by the G+D Foundation. The G+D Foundation has no control over and is not responsible for either the content or privacy practices of these websites. For information on their privacy practices please review their policies

7. Contact, Access and Correction of Personal Data

If you have any questions about this Privacy Policy or would like to access or correct your personal data or request their deletion or want to file any complaints in relation to the processing of your personal data to us or the competent regulator please refer to the contact details posted at the top of this privacy policy. We will aim to respond to you as soon as possible, however, if your inquiry requires more detailed consideration, we will acknowledge receipt of your complaint and we may ask you to provide further information about your inquiry and the outcome you are seeking. If you are required to duly sign your request and sent it to us due to the laws applicable subject to your location, we will inform you accordingly.

8. Changes to this Privacy Policy

We reserve the right to amend or update this Privacy Policy at any time in order to reflect our then current handling of personal data. Any such amendments or updates will be posted on this site.

Duty to inform pursuant to the EU General Data Protection Regulation (GDPR)

We attach great importance to the security of your data and ensuring transparency in its handling. We would therefore like to present you with the following information in line with the requirements set forth in the GDPR.

Name and contact details of Director

Giesecke+Devrient Foundation, Prinzregentenstraße 159, 81677 Munich, Germany
Mr. Johannes von Lill-Rastern, Director
Mrs Astrid Wolff, Director
Tel.  +49 (0)89 41079126

Purpose of data processing

The Giesecke+Devrient (G+D) Foundation embodies the social responsibility ethos of a successful, family-owned German company. Its objective is to provide both a national and international bridge between tradition and the future, between experience and innovation, and between different cultures and people.

Since 2010, the not-for-profit G+D Foundation has been the vehicle for our corporate citizenship activities.

Commissioned Data Processing

There is no commissioned processing of personal data.

Legal basis of data processing

The processing of your data for the purposes specified above takes place in accordance with Article 6 par. 1 lit. f (legitimate interest). The legitimate interest arises from the business objectives described above.

Origin of data

With regard to data collected from universities or other organisations or data transmitted to us, we always ensure compliance with the respective legal provisions.

Recipients or categories of recipients

Recipients within the G+D Foundation are exclusively people who need the data to serve the aforementioned purposes, and only insofar as this is necessary for the execution of their respective tasks. The data transferred may only be processed by the recipients for the purposes specified above. Processing of the data for other purposes is not permitted.

Transfer to third parties

Data may only be transferred if and insofar as it is necessary for the execution of the Foundation purposes.
The data transferred may only be processed by the recipients for the purposes specified above. Processing of the data for other purposes is not permitted.

Storage period

The personal data we collect about you will be stored for the fulfillment of the aforementioned purpose. Data will be deleted as soon as the purpose for which it is stored has been fulfilled and the data is no longer required, provided that this is not prevented by any statutory retention periods (e.g. as indicated in the German Commercial Code (HGB), the German Criminal Code (StGB) or the German Fiscal Code (AO)).

Rights of the data subject

As a data subject, you have the following rights under GDPR:

  • Right to access
    You have the right to access information about the processing of your personal data (Article 15 GDPR)
  • Right to rectification
    You have the right to request the rectification of errors in your personal data as stored by us, or to request the completion of incomplete data (Article 16 GDPR)
  • Right to erasure
    You have the right to obtain the erasure of personal data concerning you that we have stored, provided that this is not prevented by any statutory retention obligation (Article 17 GDPR)
  • Right to restriction of processing
    You have the right to obtain restriction of processing with regard to your personal data where you contest the accuracy of the data or where the processing of the data is unlawful (Article 18 GDPR)
  • Right to data portability
    You have the right to data portability and thereby the right to receive the personal data pertaining to you in a structured, commonly used and machine-readable format (Article 20 GDPR)
  • Right to object
    You have the right to object to the processing of your personal data (Article 21 GDPR)
  • Right to withdraw consent
    You have the right to withdraw consent you have previously given (Article 7 GDPR)
  • Right to lodge a complaint with the competent supervisory authority
    You have the right to lodge a complaint with the competent supervisory authority (Article 77 GDPR). In our case, the competent supervisory authority is the Bavarian State Office for Data Protection (Landesamt für Datenschutzaufsicht in Bayern,

If you have any questions or would like further information, please feel free to contact our Group Privacy Officer using the contact details above.

Effective date: 25 September 2018