Giesecke+Devrient Foundation Data Privacy
Our contact details are as follows:
1. Personal Data
“Personal data” is of any information that can identify or make an individual identifiable. This includes, for example, your first and last name, title, company, postal address, email address, telephone number, mobile number, username and password, and any information you may provide in free text fields or other message you send to us.
2. Collection and Use of Personal Data
We collect, process or use your personal data for the following purposes depending on the nature of your interaction with our Website: Your browser communicates your IP address automatically when you are visiting our Website. We will use your personal data only to the extent necessary for the purpose for which it was collected and will retain it for these purposes or as required by applicable law and then delete it. In as far as possible, we will attempt to use only anonymous information or pseudonyms if the use of personal data is not required.
3. Data Sharing and Transfer to Third Parties
Your personal data, collected when visiting our Website, will not be shared with any third party.
The G+D Foundation uses technical and organizational security measures to protect the personal data you provide. Our security measures are continually upgraded and adjusted in line with the current state of knowledge.
6. Links to other Websites
Our website may contain links to other websites which are not owned or operated by the G+D Foundation. The G+D Foundation has no control over and is not responsible for either the content or privacy practices of these websites. For information on their privacy practices please review their policies
7. Contact, Access and Correction of Personal Data
Duty to inform pursuant to the EU General Data Protection Regulation (GDPR)
We attach great importance to the security of your data and ensuring transparency in its handling. We would therefore like to present you with the following information in line with the requirements set forth in the GDPR.
Name and contact details of Director
Giesecke+Devrient Foundation, Prinzregentenstraße 159, 81677 Munich, Germany
Mr. Johannes von Lill-Rastern, Director
Mrs Astrid Wolff, Director
Tel. +49 (0)89 41079126
Purpose of data processing
The Giesecke+Devrient (G+D) Foundation embodies the social responsibility ethos of a successful, family-owned German company. Its objective is to provide both a national and international bridge between tradition and the future, between experience and innovation, and between different cultures and people.
Since 2010, the not-for-profit G+D Foundation has been the vehicle for our corporate citizenship activities.
Commissioned Data Processing
There is no commissioned processing of personal data.
Legal basis of data processing
The processing of your data for the purposes specified above takes place in accordance with Article 6 par. 1 lit. f (legitimate interest). The legitimate interest arises from the business objectives described above.
Origin of data
With regard to data collected from universities or other organisations or data transmitted to us, we always ensure compliance with the respective legal provisions.
Recipients or categories of recipients
Recipients within the G+D Foundation are exclusively people who need the data to serve the aforementioned purposes, and only insofar as this is necessary for the execution of their respective tasks. The data transferred may only be processed by the recipients for the purposes specified above. Processing of the data for other purposes is not permitted.
Transfer to third parties
Data may only be transferred if and insofar as it is necessary for the execution of the Foundation purposes.
The data transferred may only be processed by the recipients for the purposes specified above. Processing of the data for other purposes is not permitted.
The personal data we collect about you will be stored for the fulfillment of the aforementioned purpose. Data will be deleted as soon as the purpose for which it is stored has been fulfilled and the data is no longer required, provided that this is not prevented by any statutory retention periods (e.g. as indicated in the German Commercial Code (HGB), the German Criminal Code (StGB) or the German Fiscal Code (AO)).
Rights of the data subject
As a data subject, you have the following rights under GDPR:
- Right to access
You have the right to access information about the processing of your personal data (Article 15 GDPR)
- Right to rectification
You have the right to request the rectification of errors in your personal data as stored by us, or to request the completion of incomplete data (Article 16 GDPR)
- Right to erasure
You have the right to obtain the erasure of personal data concerning you that we have stored, provided that this is not prevented by any statutory retention obligation (Article 17 GDPR)
- Right to restriction of processing
You have the right to obtain restriction of processing with regard to your personal data where you contest the accuracy of the data or where the processing of the data is unlawful (Article 18 GDPR)
- Right to data portability
You have the right to data portability and thereby the right to receive the personal data pertaining to you in a structured, commonly used and machine-readable format (Article 20 GDPR)
- Right to object
You have the right to object to the processing of your personal data (Article 21 GDPR)
- Right to withdraw consent
You have the right to withdraw consent you have previously given (Article 7 GDPR)
- Right to lodge a complaint with the competent supervisory authority
You have the right to lodge a complaint with the competent supervisory authority (Article 77 GDPR). In our case, the competent supervisory authority is the Bavarian State Office for Data Protection (Landesamt für Datenschutzaufsicht in Bayern, www.lda.bayern.de)
If you have any questions or would like further information, please feel free to contact our Group Privacy Officer using the contact details above.
Effective date: 25 September 2018