Data Policy TUMI Mobility Data Hub
1. Responsibilities and Data Protection Officer
Data processing is the responsibility of the
Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH
Friedrich-Ebert-Allee 32 + 36, 53113 Bonn
Dag-Hammarskjöld-Weg 1–5, 65760 Eschborn
info[at]transformative-mobility[dot]o r g
Contact details of the data protection officer:
2. Information on the collection of personal Data
Personal data is only processed by us to the extent necessary. Which data is required and processed for which purpose and on what basis is largely determined by the type of service you use or the purpose for which it is required.
Personal data are all data that can be related to you personally, e.g. name, address, e-mail addresses and user behavior.
In the following we inform you about the collection of personal data when using our website.
2.2. Collection of personal data when visiting our website
When you use our website for informational purposes only, i.e. when you do not send us any other information, we only collect the personal data that your browser sends to our server. If you wish to view our website, we collect the data that is technically necessary for us to display our website and to ensure its stability and security.
In detail, the following data is temporarily stored in a log file for each access/retrieval:
- Technical details of the browser used
- Anonymous IP address
- Date and time
- Page opened/name of the file downloaded
- Quantity of data transferred
- Notification of whether viewing or download was successful
The Sector Project Sustainable Mobility is additionally obliged on the basis of Art. 6 para. 1 lit. e GDPR in conjunction with § 5 BSI-Law to store data to protect against attacks on the internet infrastructure of TUMI and the communication technology of the Federal Government beyond the time of your visit. This data is analysed and, in the event of attacks on communications technology, is required to initiate legal and criminal prosecution. The data will be deleted as soon as they are no longer required for the fulfilment of the task.
Data that is logged when you access the TUMI Mobility Data Hub website is only transferred to third parties if we are legally obliged to do so or if the transfer is necessary for legal or criminal prosecution in the event of attacks on the communication technology of the German Federal Government. We do not pass on information in other cases. A consolidation of this data with other data sources does not take place either.
In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files that are stored by the Internet browser on the user’s terminal device.
Cookies cannot execute programs or transfer viruses to your computer. They are used to make the Internet offer as a whole more user-friendly and effective. Without cookies, for example if they have been deactivated in the browser, it is not possible to use our website in its entirety.
Temporary cookies (matomo): These so-called session cookies are used for user analysis (see point 2.4). They do not contain any personal data and expire after the end of the session or after the end of a user survey, which is usually conducted every 6 month.
2.4. matomo analysis service (user analysis)
On the Mobility Data Hub, the Sector Project Sustainable Mobility uses the web analysis service „matomo“ (matomo.org) to analyse usage data.
On the basis of Art. 6 para. 1 lit. e GDPR in accordance with § 3 BDSG, the Sector Project Sustainable Mobility evaluates usage information for statistical purposes as part of its public relations work and for the demand-oriented provision of information on the tasks to be performed by TUMI.
The data generated with matomo is processed and stored by ourselves directly on the webhost of this website exclusively in Germany.
Therefore no data is exchanged with matomo.org or any other third party websites or services.
Further information on data protection at matomo can be found here:
Notes on opposition
If you do not agree to a completely anonymous storage and evaluation of this data from your visit, you can object to the storage and use of this data at any time by clicking on the respective box in the cookies notice and take out the tick respectively.
For this purpose, a so-called opt-out cookie is stored on the end device, which prevents the collection of user data when visiting this website. In order for the opt-out to be effective, the cookie must be stored on every terminal device used. Since the cookie is stored in the respective browser (Internet program), the cookie must be stored in each browser if several browsers are used on one end device (e.g. Internet Explorer, Chrome, Mozilla Firefox). It should also be noted that if all cookies are deleted, the objection cookie is also deleted and must then be stored again.
3. Processing of personal data in the context of contacting us
It is possible to contact us via the e-mail form we provide. If you contact us via the e-mail address provided, the e-mail address, as well as the information contained in the e-mail (any personal data you may have transmitted) will be forwarded to the project exclusively for the purpose of contacting and processing your request.
The legal basis for the processing of the data processed in the course of sending an e-mail is Art. 6 para. 1 lit. b GDPR.
4. Processing of personal data in the context of using social networks
On our website, we offer you the opportunity to visit our presence in social networks and platforms specifically: Twitter, LinkedIn, Facebook, Youtube, Instagram as well as podigee.
We use this online presences in order to communicate with the users actively and to inform them about our projects and related services. If you click on the respective logo, a link will take you to the respective page.
When visiting the platforms, no personal data is collected, used and stored by GIZ, but by the operators of the respective social network. This also happens if visitors themselves do not have a profile in the respective social network.
The individual data processing operations and their scope differ depending on the operator of the respective social network. GIZ has no influence on the collection of data and its further use by the operators of the social networks. The extent to which, where and for how long the data is stored, the extent to which the networks comply with existing deletion obligations, what evaluations and links are made with the data and to whom the data is passed on is not comprehensively discernible to us.
which is operated by LinkedIn Corporation, 2029 Stierlin Court Mountain View, CA 94043, USA, can be viewed at https://de.linkedin.com/legal/privacy-policy?
operated by Podigee GmbH Schlesische Straße 20 10997 Berlin Deutschland can be viewed at https://www.podigee.com/de/ueber-uns/datenschutz
5. Transfer of your data to third parties
The Sector Project Sustainable Mobility will not pass on your personal data to third parties unless we are legally obliged to do so by law.
6. Data transmissions abroad
The Sector Project Sustainable Mobility does not transfer personal data to third countries. If you use third-party social media, the data protection regulations of the respective providers apply.
7. Duration of data storage
Your data will not be stored for longer than is necessary for the purpose for which it is processed or as required by law.
8. IT security of your data
The protection of your personal data is an important concern for us. Therefore, technical and organizational security measures ensure that your data is protected against accidental and intentional manipulation, deletion and unauthorized access. These measures are updated in line with technical developments and constantly adjusted to the risks.
9. Reference to users’ rights
You have the right,
- to receive information about your data stored by us (Art. 15 GDPR)
- to request correction of your data stored with us (Art. 16 GDPR),
- to request deletion of your data stored with us (Art. 17 GDPR).
- to request restriction of the processing
of your data stored with us (Art. 18 GDPR),
- to object to the storage of your data if your personal data
are processed on the basis of Art. 6 para. 1
sentence 1 lit. f and e GDPR (Art. 21 GDPR)
- to receive the data concerning you in a common,
machine-readable format from the person in charge,
in order to have them forwarded to another person in charge,
if necessary (Right to data transferability, Art. 20 GDPR).
You also have the right to lodge a complaint with the competent data protection supervisory authority pursuant to Art. 19 GDPR. The competent authority is the Federal Commissioner for Data Protection and Freedom of Information (BfDI).
If you have any questions or complaints about this website, you can contact the Data Protection Commissioner at the contact address given above.
Status: February 2023