Data protection information according to Art. 13, 14 GDPR for this website
Within the entire euroterra team, the protection of personal, project-related and sometimes confidential data has always been a particularly high priority. The EU General Data Protection Regulation has been in force since 25 May 2018 which obligates us to inform you which data – particularly personal, but also technical data – we collect from you and for what purposes it is used. We would like to ensure that all data collection and data storage is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection provisions applicable to euroterra GmbH. With this privacy policy, we would like to inform you about the type, scope and purpose of the personal data we collect, use and process. Furthermore, we would like to inform you about your rights. This privacy policy was created with the help of the German Federal Chamber of Architects (Bundesarchitektenkammer – BAK).
1. What are personal data?
These are information about your identity with which you can be personally identified, such as name, address, telephone number, email address, among others. We always receive this data on a voluntary basis and directly from you – in a personal conversation, via email or other means of digital communication. We require this information and store it for the purpose of fulfilling your contractual and pre-contractual obligations. Data processing is necessary for the performance of the services contractually agreed by us. We do not pass on this data to third parties, or if we do, it is only with your express consent. The data will be deleted by us as soon as they are no longer required for the purpose of their processing and the retention obligations prescribed by law have expired. You may, of course, request information about the data we have stored about you free of charge and at appropriate intervals, as well as request that the data be rectified if it is incorrect or deleted if it has been stored inappropriately.
In addition to personal data, we also receive additional technical data through our IT systems, e.g. when you visit our website. This includes data from your Internet browser, operating system, etc., which is automatically collected so that we can, for example, ensure the error-free provision of our website. This is exclusively information which does not allow any conclusions to be drawn about your identity (see 4.a)
Please read our detailed privacy policy below and, if you have any questions regarding the protection of your data, please contact datenschutz[@]euroterra.de
2. The person responsible in terms of data protection laws, in particular the EU General Data Protection Regulation (GDPR), is
Marc Ewers, Managing Director, euroterra GmbH architekten ingenieure, Ness 1, 20457 Hamburg, Germany
www.euroterra.de
T: +49 (0)40 2787 5880
F: +49 (0)40 2787 5889
info[@]euroterra.de
3. Questions for the Data Protection Officer
If you have any questions on data protection, please email us or contact the person responsible for data protection directly:
Carmen Ewers
euroterra GmbH
architekten ingenieure
Ness 1
20457 Hamburg, Germany
www.euroterra.de
T: +49 (0)40 2787 58812
F: +49 (0)40 2787 5889
datenschutz[@]euroterra.de
4. Purposes and legal basis for the processing of your data and retention period
We will only collect, process and use all personal data that we collect from you for the stated purpose. In doing so, we ensure that this only takes place within the framework of the applicable legal provisions or otherwise only with your consent. The extent and nature of the processing of your data differs depending on whether you visit our website merely to retrieve information or make use of services offered by us:
a) Use of the Internet
When using our website for purely informative purposes, it is generally not necessary for you to provide personal data. In this case, we only collect and use the data that your Internet browser automatically transmits to us. This information is temporarily stored in a so-called log file and may possibly allow identification.
The following information is collected without your input and stored until automated erasure:
We collect and process this data for the purpose of enabling you to use the web pages you have accessed and to improve our online services. Furthermore, we process the data for the purpose of ensuring system security and stability, including the defence against and analysis of attacks on our websites. An evaluation for statistical purposes takes place at most in anonymised form. This data is not merged with other data sources. The legal basis for the temporary storage of data and log files is Art. 6(1)(f) GDPR. The legitimate interest results from the listed purposes.
b) Use of services or data for the fulfilment of tasks
If you wish to make use of services offered by us, it is necessary that you provide us with the personal data required for this purpose. This is the data that is required for the respective processing and handling of your enquiry. You may provide further information voluntarily; we have accordingly marked this as optional. Your data will be processed for the purpose of dealing with your enquiry and providing the services you have requested. The legal basis for the data processing is Art. 6(1)(b) GDPR, as far as the initiation and, if applicable, execution of a contract is concerned. Otherwise, the legal basis is Art. 6(1)(f) GDPR; our legitimate interest lies in answering and processing your enquiry, for which the stored data is necessary. Your data will generally be deleted as soon as it is no longer required for the purpose for which it was collected, i.e. your enquiry has been processed or the service you requested has been provided in full. Furthermore, data is only stored to the extent that is necessary to comply with legal obligations, in particular retention obligations (e.g. from tax law e.g. in accordance with § 147 AO) in accordance with Art. 6(1)(c) GDPR or for the assertion, exercise and defence of possible legal claims in connection with our services within the applicable limitation periods (e.g. in accordance with §§ 195 et seqq. BGB) or you have given us your consent for this in accordance with Art. 6(1)(a), Art. 7 GDPR.
5. Recipients of the data
Your data may be passed on to service providers supporting us for the aforementioned purpose, who we have of course carefully selected and obliged to comply with data protection law. This may include, in particular, technical service providers or shipping service providers (e.g. Bundesarchitektenkammer version: 27.8.2018 Lettershop etc.). Your data will only be passed on to other third parties if this is necessary to fulfil a legal obligation in accordance with Art. 6(1)(c) GDPR or if we have received your explicit consent for this in accordance with Art. 6(1)(a) GDPR.
6. Use of cookies
We do NOT use so-called cookies on our website. Cookies are small text files that are sent to your browser by our web server when you visit our website and are stored on your computer for later retrieval. You can determine whether cookies can be set and retrieved through the settings in your browser. You can, for example, completely deactivate the storage of cookies in your browser, restrict it to certain websites or configure your browser so that it automatically notifies you as soon as a cookie is to be set and asks you for feedback on this. You can find out how this works in detail in the help function of your browser or the most common browsers.
Since this site was designed without the storage of cookies, we do not ask for consent at the beginning in order to additionally prevent the storage of a cookie.
7. Data security
We have taken technical and organisational security measures in order to protect personal data generated or collected on our websites, in particular against accidental or intentional manipulation, loss, destruction or against attack by unauthorised persons. Our security measures are continuously improved in line with technological developments.
8. Rights of the data subject
Under the applicable laws, you have various rights in connection with the processing of your personal data. If you wish to exercise these rights, please send your request by email or post, clearly identifying yourself, to the email or postal address given in Section 2/Section 3 of this privacy policy.
Below you will find a summary of your rights:
a) Right of access
You have the right to obtain information from us at any time as to whether personal data concerning you is being processed. If this is the case, you have the right of access to the personal data stored concerning you and the information listed in Art. 15(1) and (2) GDPR in connection with the processing of your data. As part of your right of access, you have the right to request a copy of your personal data under the provisions of Art. 15(3) GDPR. The first copy is free of charge for you, a reasonable fee may be charged for further copies. Pursuant to Art. 15(4) GDPR, the provision of a copy is subject to the rights and freedoms of other persons who may be affected by the transmission of the data copy. In addition, the restrictions on your right of access pursuant to § 34 of the German Federal Data Protection Act (BDSG) must be complied with.
b) Right to rectification
In accordance with Art. 16 GDPR, you may immediately request the rectification of any inaccurate or incomplete personal data we hold concerning you.
c) Right to erasure (‘right to be forgotten’)
Under the provisions of Art. 17 GDPR, you have the right to request that we delete personal data concerning you without delay. According to Art. 17(1) GDPR, you have a right to erasure, among other things, provided that
The right to erasure is subject to certain restrictions according to Art. 17(3) GDPR and § 35 of the German Federal Data Protection Act (BDSG). Thereafter, the right to erasure shall not apply, inter alia, where the processing is necessary for the establishment, exercise or defence of legal claims or for compliance with a legal obligation which requires processing under EU or Member State law to which the controller is subject.
d) Right to restriction of processing
You have the right to request the restriction of processing of your personal data by us under the conditions of Art. 18(1) GDPR. If the processing of personal data concerning you has been restricted, those data may be processed, with the exception of their storage, only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the EU or a Member State.
e) Right to data portability
Under the provisions of Art. 20 GDPR, you have the right to receive the personal data concerning you that you have provided to us in a structured, standard and Bundesarchitektenkammer version: 27.8.2018 machine-readable format, and you have the right to transfer this data to another controller without hindrance from us. When exercising your right to data portability, you have the right to request that we transfer your personal data directly to another controller where this is technically feasible. The right to data portability is subject to the conditions of Art. 20(3) and (4) GDPR.
f) Withdrawal of consent
In accordance with Art. 7(3) GDPR, you have the right to revoke your consent at any time. This also applies to data protection consents that you gave us before the GDPR came into force. The revocation means that we may no longer continue the data processing based on this consent in the future. The revocation of consent shall not affect the lawfulness of the processing carried out on the basis of the consent until the point of revocation.
g) Right to object
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data relating to you which is carried out on the basis of Article 6(1)(e) or (f) GDPR. We will then no longer process this data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the purpose of establishing, exercising or defending legal claims (Art. 21 GDPR).
9. Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority, irrespective of any other administrative or judicial appeal, if you consider that the processing of personal data concerning you by us is in breach of the GDPR, Art. 77 GDPR. You may exercise this right before a supervisory authority in the Member State of your residence, place of work or the place of the alleged breach.
You will find the contact details of the supervisory authorities in Germany at
https://www.bfdi.bund.de/DE/Infothek/Anschriften Links/anschriften links-node.html
The party responsible for euroterra is
The Hamburg Commissioner for Data Protection and Freedom of Information
Kurt-Schumacher-Allee 4
20097 Hamburg, Germany
mailbox[@]datenschutz.hamburg.de
www.datenschutz-hamburg.de
Please note that for architectural companies the “supervisory authorities for the non-public sector” are relevant.
10. Amendment of the privacy policy
We reserve the right to change this privacy policy at any time with effect for the future. A current version is available here. Please visit the website regularly and read the applicable privacy policy.