Privacy Policy, Data Protection and Terms of Use

Below we provide users with information as to
            – what data is collected and processed when they visit the WFD portal
            – what data is collected and processed when users register themselves
            – what data is collected and processed when they add case studies
            – how they can opt out of the storage of data
            – What security measures and steps that have been implemented to safeguard personal data.
            – what rights and obligation they have with respect to WFD portal
            – what licence the WFD can be used
            – who they can contact at GIZ on the subject of data protection.

1.0 Introduction

The Waste Flow Diagram (WFD) is an open-source online platform that provides information about and access to WFD software, a method that calculates plastic leakage from waste management systems into the environment. It hosts background information and data from WFD case studies which will be provided case study owners. Further training courses and useful resources are provided to ease the application and the WFD. Overall, the portal aims to enhance data driven decision making in the field of waste management and on plastic leakage into the environment. 

The terms and conditions developed hereunder should serve as an agreement between GIZ and the users of the WFD online portal. Users will be required to agree to these terms and 

conditions before using the portal and to abide by them while using the portal. The WFD 

Private Policy, Personal Data Protection and Terms of Use are framed within the EU General Data Protection Regulation (GDPR) to protect data subjects when their personal data is processed and GIZ Responsible Data Guidelines. 

2.0 Privacy Policy, Personal Data Protection and Terms of Use 

2.1 Introduction 

The Privacy Policy, Personal Data Protection and Terms of Use applies to the WFD website, portal and forum. Registered users (“Users”) share their professional identities, exchange data by sharing WFD case study insights that be displayed on the portal. Case study content and data can be viewed by non-registered users (“Visitors”) after case study owner publishes them. 

2.2 Data Collection 

The WFD website and portal captures four main types of data: open data, WFD case study data, personal data and web traffic data.

– Open Data will be shared in the portal and in the forum and is available public domain. After publishing case studies, the data becomes open data available on the WFD website.  

– Personal Data such as any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly will be mainly captured during users registration process to the portal and forum.

– Case study data determines the characteristics of a WFD case study and is based on primary data such as waste measurements, interviews, qualitative assessments, and secondary data from literature. The input of this data into the WFD software, enables the computation of main outputs and its visualization in a sankey diagram and waste flow diagram. Users can use the data and visual output for themselves only as unapproved WFD data. Once users want to publish data on the portal, the data input is validated by a curation team and after approval published as open data. 

– Web Traffic Data will be captured anonymously for purposes of monitoring the sites usage and obtain statistics on such usage. 

2.2.1 Open Data 

Open Data, that will be shared openly, comprises of technical resources, such as project reports, site photos and actual case studies, after they are published. Users need to have the rights to publish data on the portal. 

It is important to note that the data should not be deemed as a representation of any views, beliefs, or opinions of GIZ or its partners. 

2.2.2 Personal Data

GIZ processes personal data exclusively in accordance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, BDSG).

Personal data are, for example, name, address, email addresses and user behaviour.

GIZ only processes personal data to the extent necessary. Which data is required and processed for which purpose and on what basis is largely determined by the type of service you use or the purpose for which the data is required. 

Personal Data will be mainly captured during registration to the WFD portal and will 

comprise of the following: 

• Organization name (Mandatory)

• Address (Mandatory)

• City (Mandatory

• Postcode (Mandatory)

• Country (Mandatory

• Webpage

• Contact person (Mandatory)

• Email (Mandatory)

Personal data is stored on the WFD server to administer users of the WFD and contact them during the process of case study authorization/data curation. Personal data is entered by users themselves. It will only be accessible by administrator and not be made available to other user or visitors. Data might be stored at servers in UK. 

2.2.3. WFD case study data

Case study Consists of data that determines a WFD case study and involves key data as well meta data and assessment of data reliability on:

1. General information: Population, Municipal solid waste generation, MSW composition.

2. Waste treatment and disposal: waste quantities and composition at disposal sites, energy from waste facilities, formal and informal sorting facilities and informal service chain collection. 

3. Management of waste in controlled facilities: percentage of waste that is sent to controlled treatment or disposal.

4. Plastic leakage potential levels per leakage influencer on main waste stations: collection, formal/informal value chain; formal/informal sorting; transport to disposal, storm drains; and 

5. Fate each open burning, dumping on land/in drains or water systems of uncollected plastic, collection and transportation, formal/informal sorting and disposal facilities.   

As data is meant to improve learning from case studies, data might be shared with other cities. Data owner can publish their case study data to be published on the public domain portal. By entering the data, the User must approve that they have consent to use the data. 

Data ownership will remain with the owner of a case study. 

2.2.4 Cookies

When visiting the WFD portal, the browser used automatically transmits data that is saved in a log file. They are used to make the online presence more user-friendly and effective overall. Cookies cannot run programs or infect your computer with viruses. GIZ itself processes only the data that is technically required in order to display the website correctly and to ensure its stability and security. 

Only essential cookies are used to enable application functionality, no web traffic data is collected at all. 

2.3 Data Handling and Processing 

Data handling and processing of the WFD Portal is governed by the following principles: 

1. Data is collected, stored, and processed on a lawful basis; users are fully informed of the data collected, data use and exposure. 

2. Data is collected and used only for those purposes and duration that have been transmitted to the data subject and about which the consent has been received. 

3. Personal Data collected is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed. 

4. Personal Data is not kept longer than necessary. 

5. Handling of Personal Data is conducted in a manner ensuring appropriate security, which include protection against unlawful processing or accidental loss, destruction, or damage.

2.4 Data Use

Data use of the WFD portal is governed by the following principles: 

2.4.1 Open Data 

Resources submitted and published to the WFD portal will have an Open Data access policy to support the free online communication and exchange of knowledge. 

2.4.2 Personal Data 

Email addresses may be used to send out system updates and to notify Stakeholders on changes in the WFD online Platform Privacy Policy, Personal Data Protection and Terms of Use. 

2.4.3 Web Traffic Data 

Web Traffic Data will be used internally, only for web site traffic analysis to help improve 

service delivery and will not be published for general access. Thus, it will not be accessible to  Visitors. 

2.5 Data Sharing 

The development team encourages users of the WFD to share the results of their work as open data with the developer team and other users. This has a number of mutual benefits such as, supporting users in applying of the WFD, help to provide quality assurance, increase the availability of data for both waste management and marine litter, improve the robustness of the WFD and finally build a community of practice for data driven marine litter prevention.

2.5.1 Open Data 

Once a user submits a case study to be published to the WFD portal, the data set will undergo an approval/verification process and once approved, it will be fully visible to all 

Users and Visitors on public domain. As long data is not published, it remains visible for Users only. It can be unpublish data at any time.

2.5.2 Personal Data

User profiles data will not be shared. 

1. Service Providers: GIZ uses external providers to help provide services (e.g., 

maintenance, data curation, analysis and development). Service Providers will 

have access to Personal Data as reasonably necessary to perform these tasks on GIZ’s 

behalf and are obligated not to disclose or use it for other purposes.

2. Legal Authorities: Comply with legal obligations, such as instructions from government regulatory / enforcement agencies. WFD might disclose Personal Data if there is a good faith belief that disclosure is reasonably necessary to:

a. investigate, prevent, or act regarding suspected or actual illegal activities or to 

assist government enforcement agencies that GIZ has accepted to assist;

b. investigate and defend Up against any third-party claims or allegations;

c. protect the security and/or integrity of GIZ’s services;

d. exercise or protect the rights and safety of GIZ personnel, or others.

2.6 Data Security 

GIZ accords great importance to protecting personal data. For this reason, technical and organisational security measures ensure that data is protected against accidental and intentional manipulation and unintended erasure as well as unauthorised access. These measures are updated accordingly based on technical developments and adapted continuously in line with the risks.

Security safeguards designed to protect User data, such as HTTPS, have been 

implemented and systems are regularly monitored for possible vulnerabilities and attacks. 

However, GIZ cannot warrant the security of any information that is received. There is no 

guarantee that data may not be accessed, disclosed, altered, or destroyed by breach of any of GIZ’s physical, technical, or managerial safeguards. 

2.7 Stakeholder Choices and Obligations 

2.7.1 Data Retention 

Users’ data shall only be retained for as long as Users keep their account open or  as needed to provide Users with any other services. 

2.7.2 Rights to Access and Control Users’ Personal Data 

Concerning their Personal Data, Users can request to: 

1. Have access to their Personal Data. 

2. Change or correct their Personal Data. 

3. Object to, limit or restrict use of their Personal Data. 

Have their Personal Data deleted from the WFD portal. 

Reference to user rights as per GDPR

Visitors to the GIZ website have the right

• To obtain information about their data stored by us (Article 15 GDPR)

• To have their data stored by us rectified (Article 16 GDPR)

• To have their data stored by us erased (Article 17 GDPR)

• To obtain restriction of processing of their data stored by us (Article 18 GDPR) 

• To object to the storage of their data if personal data are processed on the basis of the first sentence of Article 6 (1) 1 f and e GDPR (Article 21 GDPR) 

• To receive their personal data in a commonly used and machine-readable format from the controller such that they can be potentially transmitted to another controller (right to data portability, Article 20 GDPR)

• To withdraw their consent to the extent that the data has been processed on the basis of consent (Article 6 (1) a GDPR). The lawfulness of the processing on the basis of the consent given remains unaffected until receipt of the withdrawal.

Users also have the right in accordance with Article 77 GDPR to lodge a complaint with the competent data protection supervisory authority. The competent authority is the Federal Commissioner for Data Protection and Freedom of Information (BfDI)

2.7.3 Account Closure 

Stakeholders may opt out of the WFD portal. In such case, their accounts and profile 

information will be deleted immediately, and their data will stop being visible to other 

Users. 

2.8 Contact Information 

For further clarifications or enquiries on the privacy policy contact email: 

gocircular@giz.de

3.0 Terms of Use 

3.1 Introduction 

The Terms of Use apply to https://wfd.rwm.global/ and associated pages. 

By accepting the Terms of Use, Users and Visitors enter a contractual agreement with GIZ. When organizations register and join the 

WFD Portal, they become Users. Visitors choosing not to register with the 

Portal will only be able to view certain features as “Visitors”. Users will 

receive an update of any modifications to the Terms of Use. 

3.1 Obligations 

Users agree to: 

1. Keep their account secure by using a strong password and keeping it confidential. 

2. Not transfer any part of their account. 

3. When entering case studies, ensure that they have the consent to use the data from data owners and are in good faith with city officials, which city will be represented.

4. Share submitted resources with both Users and Visitors. 

5. Receive system-wide notifications and messages (very rarely). 

3.2 Rights and Limits 

3.2.1 Service Availability 

GIZ may change, suspend, or discontinue WFD portal services upon reasonable notice to Users. 

3.2.2 Content 

The content displayed on the Portal is as shared by the Users and is not a representation of GIZ’s views, beliefs, or opinions. 

Regardless of any other license and/or terms governing the use a resource from the WFD Portal must be attributed to relevant Uses(s) that own that resource. 

3.2.3 Intellectual Property Rights 

Stakeholders are encouraged to use the WFD Portal to their benefit. They are 

permitted to use the Open Data, subject to their compliance with the Terms of Use and the 

Privacy Policy, but the relevant Users(s) retain(s) the copyright(s) to all the resources 

shared on the WFD Portal. 

3.3 Complaints Regarding Content 

GIZ respects the intellectual property rights of other entities. GIZ requires that information 

posted by stakeholders be accurate and not in violation of the intellectual property rights or other rights of third parties. Complaints may be communicated via: gocircular@giz.de 

3.4 Contact Information 

For further clarifications or enquiries on the Terms of Use email: gocircular@giz.de 

3.5 Data controller and data protection officer

Data processing is the responsibility of Deutsche Gesellschaft für Internationale Zusammenarbeit (GIZ) GmbH.

Address:

Friedrich-Ebert-Allee 32+ 36, 53113 Bonn, Germany

Dag-Hammarskjöld-Weg 1–5, 65760 Eschborn, Germany

Contact: 

info@giz.de

Please contact GIZ’s data protection officer if you have questions specifically about how your data are protected: datenschutzbeauftragter@giz.de

Last updated: December 8, 2022

Waste Flow Diagram