Data Privacy Statement

We would like to hereby inform you of the processing of your personal data during the visit to our website according to the General Data Protection Regulation, art. 13 (1) and (2) of EU Regulation 2016/679, later referred to as GDPR.

I. Name and contact details of the responsible party
II. Name and contact details of the data protection officer
III. General information on data processing
IV. Provision of the website and generating log files
V. E-Mail contact
VI. OpenStreetMap Map service
VII. Legal framework for affected individuals
VIII. Amendment to this data protection information

 

 

 

 

 

 

I. Name and contact details of responsible party

The responsible party in accordance with GDPR and further national data protection laws of the EU-member states as well as all other data protection provisions is:

GuD Geotechnik und Dynamik Consult GmbH
Darwinstraße 13
10589 Berlin
Germany

Phone: +49 30 - 78 90 89 - 0
E-mail: office@gudconsult.de

II. Name and contact details of the data protection officer

You can reach the data protection officer of the person responsible under the following contact options:

Christian Tomaske
Phone: +49 (0) 5721 820 99 91
E-mail: ct@ufdi.de

III. General information on data processing

1. Scope of personal data processing

Statistics on personal data are only compiled in case this is required for proper operation our website as well as for the running of our content and services. Personal data is only processed if the processing is permitted by legal regulations or if the user has consented to the processing.

2. Legal basis for processing personal data

In order to deliver the content of our website and to offer you services related to our portfolio, we process personal data based on the following legal decree.

  • Consent: Insofar as we obtain the data subject’s power of attorney for processing operations involving personal data, art. 6 (1) a) GDPR serves as a legal basis.
  • Fulfilment of a contract: When the fulfilment of a contract calls for consent to data processing by the contractor, art. 6 (1) (b) GDPR serves as a legal basis. This also applies to data processing which is mandatory for the performance of pre-contractual negotiations.
  • Legal obligation: If our company is bound to fulfil a legal obligation to process personalised data, art. 6 (1) c) GDPR serves as a legal basis.
  • Balance of interests: If data processing is necessary to protect a legitimate concern of our company or of a third party and on the contrary the user’s interests, fundamental rights and civil freedom do not outweigh the company’s or third party’s interests, art. 6 (1) f) GDPR serves as a legal basis for processing data entries.

If the user had once given consent to the collection of personal data, the consent can be withdrawn at any time with immediate, permanent effect.

If data is being processed due to a balance of interests, the user can submit any concerns, as far as the right to object to the processing of the personal data is given and the requirements of
art. 21 GDPR, are met.

3. Data deletion and storage period

We delete personalised data if there is no demand for further storage but demand may exist in particular if the data is still of interest with respect to the fulfilment of contractual obligations or in order to check, grant or ward off warranty or possible guarantee claims.
In the case of data storage that is legally binding, data deletion will only be considered after the obligation to store it has expired.

4. Data tracking and transfer

Any data transmitted by a user of the website is generally not transferred to third parties.
In particular, your data will not be passed on for advertising purposes to third parties.

However, we do use service providers for the operation of these internet pages as well as for our products and services in general. It may happen that a service provider obtains knowledge of personalised data. We select our service providers carefully - especially with regard to data protection and data security - and we hold on to required standards of data protection and data processing.

5. Data processing outside the European Union

In case personal data is processed outside the EU, information is provided in the following paragraphs.

IV. Running of the website and generating log files

1. Description and scope of data processing

Each time our website is accessed, our server automatically collects data from the accessing device.

The following data is being collected:

  • anonymised IP address
  • date and time of access
  • access of files
  • status code of the server
  • transferred data amount
  • web page that referred the user to our website
  • technical information on the data client: browser, operating system, CPU, user interface, language, version
  • alternative domain entered initially, if applicable

The data mentioned above is stored in our log files as well. No additional personalised data storage occurs.

2. Purpose of data processing

The server temporarily stores your IP address which is necessary for opening the website in your browser. For this purpose, the IP address remains in our system’s storage for the duration of the web-session.

Temporary data storage in log files positively contributes to the performance of our website. Furthermore, data analysis can thus improve the running of the website and protects our IT system. An evaluation of data for marketing purposes does not take place in this context.

3. Legal basis for data processing

Your IP address and browser data are processed when surfing our website. This data processing serves the purpose to provide you with valuable information on our website.

The storage of log files is based on a balancing of interests for the purpose of ensuring the confidentiality and integrity of the personalised data processed by our IT system.

4. Storage duration, the possibility of objection and data deletion

The data is deleted as soon as the purpose for which it had been collected has been achieved.

Data that had been collected during the web session is deleted after the respective session has ended.

Data stored in log files is deleted within seven days. The storage duration can be excelled. In this case, the user’s IP addresses are deleted or alienated, so that an assignment of the calling client is no longer possible.

The compilation of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website. Consequently, there is no possibility for the user to object.

V. E-mail contact

1. Description and scope of data processing

If you send us a message to the e-mail address mentioned above, personalised data transmitted by e-mail will be stored. We hereby point out the fact that unencrypted e-mails can possibly be accessed by unauthorized third parties if a number of circumstances apply. Confidential messages should therefore not be transmitted by e-mail.

Data obtained in this context will not be passed on to third parties. The data will be exclusively used for following up the conversation.

2. Purpose of data processing

Processing personalised data that has been transmitted by filling in the contact form or by sending an e-mail is used for contact reasons only.

All other personalised data that is generated during the transmission of the contact form serves to prevent improper usage of the website as well as to guarantee the proper functioning of our IT system in general.

3. Legal basis for processing data

Inquiries in the run-up of closing a contract or for initiating a contract make data processing necessary. Data transmitted in a message which is not aimed at the conclusion of a contract is processed according to a balance of interests, which legitimises the necessary data processing that serves such a purpose (mentioned under 2.).

4. Storage duration, veto power and data deletion

E-Mails that contain personalised data will be deleted within three months after the transmitted inquiry has been accomplished and communicational interchange is finished so that no further need to store the messages is given. A communication is finished when a content-related reference indicates that the issue is closed, but data storage is particularly important in case the data is still needed whether for fulfilling contractual services or to check, grant or ward off warranty and, if applicable, guarantee claims. In the case of data storage being legally binding, data deletion will be considered after the obligatory storage period has expired.

The option to object to the storage of personalised data by sending an e-mail to the e-mail address indicated above (please refer to chapter I, Name and address of the person(s) in charge/controller) exists within legal frameworks. After the objection has been successfully claimed, the line of communication will not be continued. Any personalised data that had been stored within the course of the communicational interchange will be deleted.

VI. OpenStreetMap Map service

1. description, extent and purpose of data processing

On the contact page of our website, we use map extracts from the service "OpenStreetMap" to visualise the locations of our company and to make it easier for you to find our office addresses.

The OpenStreetMap Foundation, St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom (OSMF) offers the use of maps. By calling up the map service, the user's data is used by OpenStreetMap solely for the purpose of displaying the map functions in the best possible way and temporarily storing the selected settings. This data includes, in particular, IP addresses, data on your browser, device and operating system, as well as on the web page visited. OpenStreetMap's servers are currently located in the United Kingdom and the Netherlands. Further information on data processing by OpenStreetMap can be found here: https://wiki.openstreetmap.org/wiki/Privacy_Policy

2. legal basis for data processing, duration of storage, possibility of objection and elimination

OpenStreetMap is used on the basis of a balance of interests, whereby the purpose and legitimate interest is the easy location of our company. OpenStreetMap does not use your data to draw conclusions about you personally.

Insofar as personal data may be transferred to the United Kingdom, there is an adequacy decision of the Commission of 28 June 2021 pursuant to Art. 45 DSGVO, available under

https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_de

VII. Legal framework for affected individuals

If personalised data is being processed and your personal concerns are disregarded, GDPR guidelines regulate the lawfulness and serve as a framework. The following legal regulations cover the individual’s and the company’s liabilities:

1. The company’s obligation to provide information

The data subject has the right to require a statement that personalised data has been processed by the company. In case the respective data has been indeed processed, the data subject has a right of being informed which specific data has been stored.

Any written request for information makes it necessary for us to ensure that the individual who has transmitted the inquiry can legitimately verify his or her identity.

2. Claiming a revision of a data entry

You have a right to correction and/or completion if the processed personal data concerning you is incorrect or incomplete, by submitting the correct details to the data protection officer.

3. Claiming the deletion and/or restricted usage of stored data

If an immediate deletion of personalised data is being legitimately claimed and the deletion asked for is justifiable, the data protection officer is legally obliged to manage an instantaneous data removal.

Within the existing legal framework a restricted data processing of personalised data can be demanded.

4. Right to data portability

According to current law, the data protection officer has the duty to provide the data subject with the requested personalised data in a structured, common, digital file without delay, so that the data can be moved to another data officer who the data subject chose instead. The transfer has to be performed in a way that excludes mutual hindrances/obstructions between the data officers.

5. Right to object to data processing

According to art. 6, chapter 1 lit. f) GDPR, the data subject has the right to disapprove the processing of personal data if a particular situation causes him/her to do so. The data processing has to be cancelled immediately afterwards.

As a result, the company is not legitimated any longer to process the personalised data, unless compelling reasons for further processing exist which overpower the individual’s rights and freedoms or further processing serves the purpose of asserting, exercising or defending legal claims.

If your personal data is processed for direct marketing purposes, the right to object permanently exists. If you withdraw your consent to data processing for direct marketing purposes, your personal data will no longer be processed for these purposes.

6. Right to withdraw consent

GDPR regulates your permanent right to withdraw consent to data processing, leaving the consent given earlier legally untouched until the withdrawal has finally come into force. The withdrawal of consent does not affect the lawfulness of the processing carried out on basis of the consent until the revocation.

7. Complaining before a supervisory board

If the usage of personalised data is suspected to be in contrary to GDPR guidelines, the individual has the right to lodge an administrative or juridical complaint which does not negate the right to additionally complain before a supervisory board of one’s choice that is specifically handling data security claims. This includes the data protection supervisory authority responsible for data control as well:

Berliner Beauftragte für Datenschutz und Informationsfreiheit
Friedrichstr. 219
10969 Berlin
Phone: +49 30 13889-0
E-mail: mailbox@datenschutz-berlin.de

We also welcome you to contact our data protection officer if you believe that we unlawfully process your personalised data. The data protection officer’s contact details are shown under chapter II: Name and contact details of the data protection officer

VIII. Amendment of this data protection information

The data protection information is reviewed when the website is updated as well as if GDPR rules have changed. The most recent version of the data protection information is provided on this website.

Latest review: 15.06.2022