Skip to main content

Processing of (personal) data by the entity in charge of the online application process

Privacy

This Privacy Policy explains how the International Civil Society Centre (Centre) uses your personal data an which rights and options you have in this respect. It applies to Personal Data you provide to the Centre or which is derived from such data and to all pages and online services hosted on icscentre.org, the homepage of the Centre.

This policy does not apply to pages or services hosted by other organisations to which we may link and whose privacy policies may differ. Please note that where this Policy explains applicable law and your rights, this applies only to personal data which is processed under the EU General Data Protection Regulation (“GDPR”). Where the processing of your personal data is not subject to this regulation, different rules may apply und your applicable law.

We do not collect personal data such as name, address, email contact, etc. via our website unless you voluntarily decide to provide us with these dates through a purpose-bound online form – e.g. by signing up to one of our events.

We do not sell or rent web-generated mailing lists or other personally identifiable information. We do not provide mailing lists to outside commercial agencies. Personal data will only be forwarded to partners with prior information and consent of concerned parties.

The use of published contact details by third parties for the purpose of sending unsolicited advertisements is strictly opposed by us. As website provider, we reserve the right to take legal action in case of unsolicited emailing, spam or sending any kind of advertising information.

Who is responsible for your personal data?

We, International Civil Society Centre gGmbH, Agricolastraße 26, 10555 Berlin, Germany will be responsible controller for any personal data you provide to us in connection with our business relationship.


Which categories of Personal Data do we collect?

We may collect and process in particular the following categories of personal data:

  • Private or work contact information, such as full name, address, telephone number, mobile phone number, fax number and email address, mobile device unique identifier and the IP address of your computer if you use our services online;
  • Payment data, such as data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
  • Further business information necessarily processed in a business or other contractual relationship with the Centre or voluntarily provided by you, such as purchases, services and other business activities, feedback and any other information you may provide to us;
  • Information about your interests and preferences and other information obtained by website analytics tools, in particular your activities when you use our websites, or products or other services we offer to you online (such as downloadable content). This may include information about which content you download, click or view for how often and how long; (see section below on Google Analytics)
  • Special categories of Personal Data. In connection with the registration for and provision of access to an event or seminar, we may ask for information about your health for the purpose of identifying and being considerate of any disabilities or special dietary requirements you may have. Any use of such information is based on your consent. If you do not provide any such information about disabilities or special dietary requirements, we will not be able to take any respective precautions.
  • Photography. Participants may be photographed during their attendance at events (in-person and onlineorganised by the International Civil Society Centre. The International Civil Society Centre uses these photographs for promotional material, including the Centre’s website and printed materials. The taking of such event pictures will be announced to participants in advance, giving them the option to revoke being photographed in the first place. The International Civil Society Centre will not provide these photographs to third parties, unless this is necessary for the purposes named above. In case you want to revoke the use of such photographs by the Centre retrospectively, you can send a revocation statement any time to mail@icscentre.org.

  • For which purposes do we use your personal data?

    We will process your personal data strictly only for the following purposes (“Permitted Purposes“):

    • Planning, performing, managing and administering your (or a third party’s to whom you are related) contractual business relationship with the Centre, e.g. by processing payments, performing accounting, auditing, billing and collection activities, providing support services or providing you with other services or things you may have requested;
    • Maintaining and protecting the security of our services and websites or other systems, preventing and detecting security threats, fraud or other criminal or malicious activities;
    • Ensuring compliance with our legal and regulatory obligations. This may include sales record keeping obligations for tax or other purposes and sending required notices or other disclosures, compliance screening or recording obligations.
    • Informing you, where permitted in accordance with local laws, within an existing business relationship about the Centre’s services which are similar or relate to such services which have already been purchased or used within that business relationship; or
    • Solving disputes, enforcing our contractual agreements and to establish, exercise or defend legal claims.

    Where you have expressly given us your consent or otherwise legally permitted, we may process your personal data also for the following purposes:

    • Communicating with you through the channels you have approved to keep you up to date on the latest announcements and other information about the Centre’s services (including marketing-related newsletters) as well as events and projects of the Center; Website visitors of the Centre have the chance to enrol for the newsletter of the Centre by indicating their email address, being verified by double opt-in. The newsletter contains updated information on current and planned activities, events, and achievements of the International Civil Society Centre and its core clientele;
    • Administrating and performing customer surveys, marketing campaigns, market analysis, or other promotional activities or events or
    • Automated processing: Collecting information about your preferences on the basis of your activities when you use our websites and any services we offer to you online (such as downloadable content or newsletter). The logic behind these automated activities is to identify areas of interest for our customers and to help to analyse how users use our online services, and thereby enable us to offer improved products.

    Where your explicit permission is required for any marketing-related communication, we will only provide you with such information if you have opted in. You may opt out at any time if you do not want to receive any further marketing-related types of communication from us. We will not use your personal data for taking any automated decisions affecting you or creating profiles other than described above.

    Newsletter mailing related to the enrolment to an event or programme

    As a matter of mutual interest, the Centre contacts former participants of its workshops and/or registered members of a project the Centre conducts via its newsletter to inform them about upcoming programmes in a related contextual framework to keep them updated if the legal basis for such contacting is provided.

    If consent for the newsletter mailing is provided a revocation of this consent can be forwarded to the Centre any time by sending an email to mail@icscentre.org or through the “unsubscribe” link in the newsletter itself.

    We use Newsletter2Go as a service provider for sending mailings. By signing up for our newsletter(s), you agree that the information you enter will be transmitted to Sendinblue GmbH. Please consult the Data Protection Policy and the Terms and Conditions of Sendinblue GmbH. 

    Work group pages

    In some meeting formats, participants will automatically be granted access to a Centre online work group page that is hosted via Microsoft Office 365 (and not via icscentre.org). The only personal data of participants used by the Centre to create access is a work email address. Participants have the option to choose the Screen Name under which they want to appear in this work group and also to choose their password. Contributions in this work group are not visible to the public. For access to and data submitted at the external online platform, the privacy regulations of the service provider Microsoft apply. We inform you that the data exchange with Microsoft conducted by the Centre is regulated via the EU standard clause for the transfer of personal data to third countries. (The servers at which your personal data is stored for the above context are located within the EU.)

  • Legal basis for the procession of personal data

    The legal bases for processing of your personal data are set forth in Article 6 of the GDPR. Depending on the above purposes for which we use your personal data, the processing is either necessary for the performance of a contract or other business agreement with the Centre or for compliance with our legal obligations or for purposes of legitimate interests pursued by us or a third party, always provided that such interests are not overridden by your interests or fundamental rights and freedoms. In addition, the processing may be based on your consent where you have expressly given that to us.

    We will not use your personal data for taking any automated decisions affecting you or creating profiles.

  • How do we collect and use personal data?

    We will typically collect your personal data directly from you when you interact with us, e.g. when you visit our website, communicate with us in relation to our services, request a service, register to receive our newsletter or other specific marketing material or participate in our customer surveys.  We do not obtain personal data from third parties on a commercial basis.

  • Where do we process your personal data?

    In the course of our business activities, we may transfer your personal data also to recipients in countries outside of the European Economic Area (“third countries”), in which applicable laws do not offer the same level of data protection as the laws of your home country. When doing so we will comply with applicable data protection requirements and take appropriate safeguards to ensure the security and integrity of your personal data, in particular by entering into the EU Standard Contractual Clauses. These clauses are available here:

    Standard Contractual Clauses (SCC) – European Commission

    You may contact us anytime using the contact details below if you would like further information on such safeguards.

    Job application

    In regular intervals, the Centre will post job advertisements via Personio. Personio practices are based on the legal framework of the European General Data Protection Regulation (EU GDPR) as well as common standards and guidelines such as ISO/IEC 27001 and the principles of basic  IT protection (“IT-Grundschutz”) of the German Federal Office for Information Security (BSI). Their privacy policy is available here.  

    The data received via Personio will be used for recruitment purposes only and anonymised after six months. 

    Automatic detection of personal data through the interaction with our website

    Each time our website is accessed, our system automatically collects data and information from the computer system of the connecting computer. The following data is automatically collected:
    (1) Information about the browser type and version used

    (2) The operating system of the user

    (3) The Internet service provider of the user

    (4) The IP address of the user

    (5) Date and time of access

    (6) Websites from which the system of the user comes to our website

    (7) Websites accessed by the user’s system through our website

    The temporary storage of such data, in particular the IP address of the user, is necessary to allow delivery of the website to the computer of the user. To do this, the user’s IP address must be kept for the duration of the session.

  • Cookie policy

    To see how we use cookies – read about our Cookie Policy here


Processing of (personal) data by the operator of the recruitment website

General information

This recruitment website is operated by Personio SE & Co. KG, which offers a human resource and candidate management software solution (https://www.personio.com/legal-notice/). Data transmitted as part of your application will be transferred using TLS encryption and stored in a database. The sole controller of this data within the meaning of article 24 of the GDPR is the enterprise carrying out this online application process. Personio’s role is limited to operating the software and this recruitment website and, in this context, being a processor under article 28 of the GDPR. In this case, the processing by Personio is based on an agreement for the processing of orders between the controller and Personio. In addition, Personio SE & Co. KG processes further data, some of which may be personal data, to provide its services, in particular for operating this recruitment website. We will refer to this in more detail below.

The controller

The controller under data protection law is:
Personio SE & Co. KG
Seidlstraße 3
80335 München
Tel.: +49 (89) 1250 1004
Entry in the commercial register
Commercial register entry number: HRA 115934
Registration Court: Amtsgericht München
Data Protection Officer contact: privacy@personio.com

Access logs (“server logs”)

Each access to this recruitment website automatically causes general protocol data, so-called server logs, to be collected. As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. Without this data, it would, in some cases, be technically impossible to deliver or display the contents of the software. In addition, processing this data is absolutely necessary under security aspects, in particular for access, input, transfer, and storage control. Furthermore, this anonymous information can be used for statistical purposes and for optimizing services and technology. In addition, the log files can be checked and analyzed retrospectively when unlawful use of the software is suspected. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. Generally, data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp of the access to the software is collected. The scope of this log process does not exceed the common log scope of any other site on the web. These access logs are stored for a period of up to 7 days. There is no right to object to this.

Error logs

So-called error logs are generated for the purpose of identifying and fixing bugs. This is absolutely necessary to ensure we can react as quickly as possible to possible problems with displaying and implementing content (legitimate interest). As a rule, this data is a pseudonym and thus does not allow for inferences about the identity of an individual. The legal basis for this is §25 subsection 2 Sentence 2 TDDDG. When an error message occurs, general data such as the domain name of the website, the web browser and web-browser version, the operating system, the IP address, as well as the timestamp upon occurrence of the respective error message and/or specification is collected. These error logs are stored for a period of up to 7 days. There is no right to object to this.

Use of cookies

So-called cookies are used on parts of this recruitment website. They are small text files which are stored on the device with which you access this recruitment website. As a general rule, cookies serve the purpose of ensuring secure access to a website (“absolutely necessary”), implementing certain functionalities such as standard-language settings (“functional”), improving the user experience or the performance of the website (“performance”), or placing targeted advertisements (“marketing”). On this recruitment website, we generally use only cookies that are absolutely necessary, functional or performance-related, in particular for implementing certain default settings such as language, for identifying the job advertising channel, or for analyzing the performance of a job advert via which a user accessed this recruitment website. The use of cookies is absolutely necessary for providing our services and thus for the performance of the contract (article 6 (1) b) of the GDPR). Period of storage: up to 1 month or until the end of the browser session Right to object: You can determine via your browser settings whether you allow or object to the use of cookies. Please note that deactivating cookies may result in limited or completely blocked functionalities of this recruitment website.

Rights of data subjects

If Personio SE & Co. KG as the controller processes personal data, you as the data subject have certain rights under Chapter III of the EU General Data Protection Regulation (GDPR), depending on the legal basis and the purpose of the processing, in particular the right of access (article 15 of the GDPR) and the rights to rectification (article 16 of the GDPR), erasure (article 17 of the GDPR), restriction of processing (article 18 of the GDPR), and data portability (article 20 of the GDPR), as well as the right to object (article 21 of the GDPR). If the personal data is processed with your consent, you have the right to withdraw this consent under article 7 III of the GDPR. To assert your rights as a data subject in relation to the data processed for the purpose of operating this recruitment website, please refer to Personio SE & Co. KG’s Data Protection Officer (see item B).

Concluding provisions

Personio reserves the right to adjust this data privacy statement at any point in time to ensure that it is in line with the current legal requirements at all times, or in order to accommodate changes in the services offered, for example when new services are introduced. In this case, the new data privacy statement applies to any later visit of this recruitment website or any later job application.