Data protection is important to us
PROTECTING THE PERSONAL DATA OF OUR STAFF, PARTNERS, CLIENTS AND SUPPLIERS, AND THUS COMPLYING WITH DATA PROTECTION LEGISLATION, IS IMPORTANT TO US. OUR DATA PROTECTION STRATEGY FORMS THE BASIS FOR DATA PROTECTION MANAGEMENT WITHIN THE COMPANY AND DESCRIBES HOW WE TRANSLATE THE GERMAN FEDERAL DATA PROTECTION ACT INTO ACTION AT GIZ.
In 2017, the German Federal Data Protection Act and GIZ’s data protection strategy were applied at all GIZ locations worldwide. GIZ also paved the way for implementation of the EU’s General Data Protection Regulation (GDPR) within the company.
GIZ’S OWN DATA PROTECTION OFFICER
The main task of GIZ’s data protection officer and his team is to ensure that processes in which personal data is collected or processed are designed from the outset to enable adequate account to be taken of data protection. The data protection officer reports to the Management Board on an ongoing basis and prepares regular data protection reports. He is also a member of the company-wide Risk Management Committee.
For data security purposes, we screen contractors who are likely to come into contact with personal data during the course of their work for us before we enter into a contact with them. All processes in which such data is to be collected internally or processed by third parties are presented to the data protection officer for review beforehand. This requires staff to be aware of and have a good knowledge of data protection. We offer target group-specific training and individual advice to this end.
DATA PROTECTION IS GAINING IN IMPORTANCE
The topic of data protection is becoming more and more important within the company. In 2011, the data protection team received and responded to 190 enquiries about this issue compared with 510 in 2017, and this number is expected to rise further in future. Since 2014/2015, data protection audits have been carried out around the world, in 16 key countries and country offices so far.
In 2017, a total of 18 justified internal complaints about the protection of client privacy and violations of data protection were received. These were all isolated cases that were settled amicably. In 2017, one case was reported concerning unauthorised data access, data transfer and successful data hacking.
In an increasingly digitalised world, data protection is also playing an increasingly important role. digital change is not only altering how we deal with personal data, but also the way we work with partners in projects and our internal processes and working methods. information on this core topic can be found under Digital transformation