# Privacy policy of the Global S4D Community **(1) Preamble** The responsible handling of your personal data in accordance with the relevant data protection regulations in Germany and the EU (in particular the General Data Protection Regulation) is of considerable importance to us: Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH is running the platform “Global S4D Community” (GS4DC) for the purpose of networking coaches, trainers, multipliers of S4D among themselves in the Internet under the URL "[https://s4dcommunity.humhub.com/”](https://s4dcommunity.humhub.com/”) (the “**Service**”). Personal data is only collected, processed and used by GIZ to the extent that the data protection regulations in Germany and the EU  explicitly allow it. This privacy policy aims to inform you about the details of how GIZ handles your personal data. In the following, the term "**user**" refers to everyone registered in the Global S4D Community Network. **(2) Personal data collected** The GS4DC Network has been designed to minimize the amount of personal data to be collected, processed or used. As a social network, the GS4DC Network will only work if the users make a minimum of personal data accessible to other users. In the course of the first log-in, in order to access the Service, the following personal data will be requested from you : * First name * Name * E-Mail address * Gender * Country * Age * S4D Background * Motivation * Years of Experience * Password These data will be established and transmitted via a secure site link (https / SSL Certificate). After registration, you can supplement your user profile with the following additional data (the provision of this data is voluntary). * Title * Gender * City * Profession * Phone Private * Phone Work * Mobile * Url * Facebook URL * LinkedIn URL * Instagram URL * Youtube URL * Vimeo URL * TikTok URL * Twitter URL * Profile Picture For security reasons, the web server logs accesses to the network. * IP * Time/Date of request * Page accessed, method (GET) and status code (200=OK, 404=Not found) * URL * Amount of data * Status code * Browser Agent These logs are cleared every 14 days. **(3) Purposes of the data processing operations** The first name, name, gender, E-Mail address, country, age, S4D background, motivation, years of experience, username and password of the user will be used to create a personalized profile of the user on the GS4DC Network. With the help of these information, the user will be recognizable by the other users on the platform. The first name, name and E-Mail address of the user are processed for the purpose of delivering E-Mail notifications from the GS4DC Network to the user in the following cases: * When creating an account on the GS4DC Network, in particular to verify the E-Mail address, * When using the "Forgot your password" function, * Event invitations and reminders, activity overview, space invitations or notifications from the administrator, * Notifications related to your activity or space membership such as notifications about received messages, comments on your posts and the like. The first name, name, E-Mail address will be processed for the purpose of communication between the user and the GIZ, upon such communication request from the user. Communication with the user will be for example to inform him or her about upcoming webinars or online events. The purpose of the processing is the provision of the S4D community/learning platform or the user account therein - the user agrees to this by his consent. In addition, all data are processed that usually arise in the context of a community platform. The personal data may not be used for further purposes, in particular not for commercial inquiries or mailings.Your personal data will not be used by us for automated decision-making or profiling. In addition, on a voluntary basis, you can make further personal details statements accessible to other users. **(4) Legal basis for the processing of your personal data** The processing of the first name, name, E-Mail address, gender, country, age, S4D background, motivation, years of experience, username and password of the user for the purpose of creating his or her profile as well as to send him or her e-mails to notify him or her when creating an account on the GS4DC Network or when using the "Forgot your password" function is necessary for us to perform our contractual obligations with regard to the contract concluded with the user for the use of the GS4DC Network (Art. 6(1) lit. b) of the GDPR). The processing of the first name, name and E-Mail address of the user for the purpose of sending him or her e-mails to notify him or her of event invitations and reminders, activity overview, space invitations or notifications from the administrator, as well as to deliver him notifications related to his or her activity or space membership such as notifications about received messages, comments on your posts and the like are based on the consent of the user (Art. 6(1) lit. a) of the GDPR). Such notifications will only be sent if the user explicitly requires them. The processing of the first name, name andE-Mail address of the user for communication purposes between the user and the GIZ will be based on our necessity to perform our contractual obligations (Art. 6(1) lit. b) of the GDPR) where such communication regards the Services such as the creation of an account, and will be based on the consent of the user (Art. 6(1) lit. a) of the GDPR), where such communication regards optional Services such as event invitations and reminders. **(5) Retention** Your information will only be stored by us for as long as it is necessary to provide the Service to you. At the end of the provision of the Service, this data will be deleted if there are no other legal obligations for retaining the data. Every user can send messages to, and receive messages from, other users. Messages sent / received are stored under "Messages", but you may delete them at any time, and only you and the sender or recipient can view them. **(6) Recipients of your personal data and third country data transfers** We use the Social Network Open Source Software "Humhub", a service from Humhub GmbH& Co.KG. This service provider processes your personal data when using this website. It is bound by our instructions and instructed in writing. The data processing by this service provider takes place within the framework of the legal provisions of data protection law of the European Union, in particular the General Data Protection Regulation ("**GDPR**"). The following companies participate in the data processing in order to help running and maintaining the S4D network: * HumHub GmbH & Co. KG, Johann-Clanze-Str. 28C, 81369 Munich, Germany (technical support) * CRISP e.V., Ringbahnstraße 54, 12099 Berlin (content creation & digital training courses) * Yunus Sports Hub, 5 MTE DU BASSIN, 13160 CHATEAURENARD, France (community management) * Oaks Consultancy, Sovereign Court, Unit 10, 8 Graham St, Birmingham B1 3JR, United Kingdom (community management) * Laureus Sport for Good Foundation Germany, Landsbergerstr. 382, 50687 Munich, Germany (community management) A search within the GS4DC network user directory will enable you to look for other users and have them find you. Except for the contact email, you can do searches for all data. Of course, the search results depend on what the other users have chosen to render visible. Your data is not transferred to other third parties. Third parties such as users of Internet search engines may therefore not access your personal data by using such Internet search engine. Apart from the above where personal data is shared with third party service providers, who will process it on our behalf for the purposes listed, personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws. Where information is transferred outside the EEA, e.g. to a vendor in a country that is not subject to an adequacy decision by the EU-Commission, data is adequately protected by EU-Commission approved standard contractual clauses (see at [https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_en](https://commission.europa.eu/publications/standard-contractual-clauses-international-transfers_en) for further information).  **(7) Cookies and Webanalysis technology** The GS4DC Network uses certain cookies that are technically necessary to provide you with the Service. This cookie can be deleted in your browser settings. Furthermore, the following technically necessary cookies are used: * PHPSESSID: Current Session (Login) - Technically required cookie that contains the session identifier and is used to recognise the user * _csrf - Protects against "Cross-Site Request Forgery" attacks, where a user unknowingly performs an action within an application * language - This cookie permanently stores the language setting selected * RichTextEditor.backup - Text editor support The GS4DC Network also uses certain functional cookies. The following cookies will be be used only if the user consents to their use by the GS4DC Network: * _identity (Keep me logged in) - If "Keep me logged in" is enabled at login, this cookie will enable a persistent session The GS4DC Network does not use any further cookies or webanalysis technology. **(8) Deactivating the account** Accounts that have been opened may be deleted together with the data they contain. The data may subsequently no longer be called up. Due to the data stored in the cache, the user data may still be accessible for a short period after deactivating the account. When you have deleted your account, except where there is a legal obligation to archive such data for a certain period of time, your personal data will be irretrievably deleted, and forum entries and personal messages will be made anonymous so that they can no longer be assigned to you. This is done, for example, to prevent the course of a discussion from being interrupted. **(9) Amendments to the privacy policy** The contents and functions of the GS4DC Network are constantly being developed and improved. This can cause the need to arise for an amendment of this privacy policy. Registered users will be informed about changes when logging in. Where new personal data processing operations require the consent of the user, such consent will be asked for when logging in. **(10) Right to information and contact** You have the right to access your personal data stored by us at any time. Also, we will correct your data according to your request, should there be errors in storage. At your request, we will also delete all your personal data, provided that we do not have to comply with statutory retention requirements. In such situation, we will restrict your data for further processing so that it can no longer be used. Furthermore, you have a right to object to the further processing of your data and the right to receive your data in electronic form. Where the processing of your personal data is based on your consent, you have the right to withdraw your consent at any time. This will not affect the lawfulness of the processing operation carried out before such withdrawal. Should you wish to enforce one of your right or have any question, please contact our data protection officer: Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH Friedrich-Ebert-Allee 36+40, 53113 Bonn Dag-Hammerskjöld-Weg 1-5, 65760 Eschborn Contact details of the data protection officer: [datenschutzbeauftragter@giz.de](mailto:datenschutzbeauftragter@giz.de) If you have any questions or complaints about this privacy policy, please contact the Global S4D Community Team ([tbd@giz.de](mailto:tbd@giz.de)) or the GIZ data protection officer (see contact information provided above). You also have the right to lodge a complaint with the responsible data protection supervisory authority. The responsible authority in this case is the German Federal Commissioner for Data Protection and Freedom of Information (BfDI – Bundesbeauftragter für den Datenschutz und die Informationsfreiheit). **(11) Processing of personal data in the context of the use of social networks** The Global S4D Community offers the possibility to embed videos from [YouTube](https://www.youtube.com/). The videos will not be displayed until the users have given their consent once again When playing the videos in the Global S4D Community, no personal data is collected, used and stored by GIZ. YouTube however does store browser data. GIZ has no influence on the collection of data and its further use by YouTube. The extent to which, where and for how long the data is stored, the extent to which YouTube complies with existing deletion obligations, which evaluations and links are made with the data and to whom the data is passed on is not comprehensively recognizable for us. The individual data processing operations and their scope differ depending on the operator of the respective social network. GIZ has no influence on the collection of data and its further use by the operators of the social networks. The extent to which, where and for how long the data is stored, the extent to which the networks comply with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on is not comprehensively discernible to us. More information [here](https://www.giz.de/de/html/89811.html).   **Disclosure to third parties** GIZ does not disclose personal data to third parties unless it is legally obliged or entitled to do so by law. **Data transfers abroad** There is no transfer of personal data to third countries by GIZ. When using social media, the data protection provisions of the respective providers apply.