Menu

Data Privacy Policy

gmp International GmbH (hereinafter: gmp) takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal regulations of the relevant data privacy laws, in particular the EU General Data Protection Regulation (GDPR) as well as this data privacy policy.

This data privacy policy covers the use of gmp’s digital services, including our social media profiles on PCs, smartphones, tablets and all other Internet-enabled mobile devices.

The digital services may contain links to other third party service provider websites that are not covered by this data privacy policy.

 

Note on the data controller - Who is responsible for the collection of data?

The data controller for the processing of your personal data is

gmp International GmbH

represented by the managing directors Prof. Dr. h.c. mult. Dipl.-Ing. Meinhard von Gerkan and Prof. Dr.-Ing. h.c. Volkwin Marg

Elbchaussee 139
22763 Hamburg
dataprivacy@gmp-architekten.de

If you have any questions about data privacy with us, please write to us at the aforementioned postal address, with the addition "Data Privacy" or at the e-mail address provided.

 

Purposes and legal basis of data processing - What do we use your data for?
Data processing for the provision of contractual services

We process personal data in order to process the contractual relationships and to be able to submit contractual
offers tailored to your requirements. The collection of the data takes place in particular for the conclusion and/or for the performance of a contract.

From our business partners we request in particular name and contact data of contact persons of the company for the purpose of establishing and performing the contractual relationship.

The basis for data processing is Art. 6 para. 1 s. 1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.

 

Data processing for communication with you

In addition to the contract data, we process your communication data (name, address, telephone number, e-mail address) in order to process your inquiry and/or to be able to contact you. Personal data that you provide to us by e-mail will only be processed for correspondence with you or only for the purpose for which you have made the data available to us.

The basis for data processing is Art. 6 para. 1 s. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.

 

Download of press materials

On our website we provide press material about our company and our works, which may be downloaded using a special form. For this purpose we need your full name, your e-mail address and information about which editorial office you work for. This information is required because publication free of charge is only permitted in the context of an editorial article about the architecture of the architects von Gerkan, Marg and Partners (gmp) in the context of the content of this press release. We reserve the right to process your details in order to pursue our legal interests in the event of infringement.

We have a legitimate interest in the lawful use of our press materials. The basis for data processing is then Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail.

 

Cookies

We use so-called cookies on some of our websites, among other things to be able to offer you website-specific services, to recognize you when you visit our website again, and/or to adapt our offer to your personal preferences.

Cookies are small text files that are stored on a visitor's computer and contain data on the respective user in order to enable access to various functions.  Both session cookies and persistent cookies are used on our website. A session cookie is temporarily stored on your computer as you navigate through the site. A session cookie is deleted as soon as you close your Internet browser or as soon as your session has expired after a certain period of time. A persistent cookie remains on your computer until it is deleted. The storage of a cookie ensures that you do not have to repeatedly enter your personal settings and preferences every time you visit our website. This saves you time and makes using our website more convenient for you.

We may work with third parties on some of our websites, and therefore, when you visit such a website, cookies from partner companies may be stored on your hard drive (third-party cookies). We inform you below about the use of such cookies and the scope of the data collected in each case.

You can delete permanently installed cookies via the settings of your browser. Most browsers accept cookies automatically - so if you want to suppress the use of cookies, you may have to actively delete or block cookies or prevent the storage of cookies by setting your browser software. Please note, however, that if you choose not to accept cookies, you may still be able to visit our website, but some features may not work as intended.

The use of the aforementioned cookies is in the interest of a uniform presentation and functionality of our websites. The data processing is based on Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the data controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail.

 

Data processing in the context of our Facebook corporate website

We operate a company page (fan page) in the social network facebook.com. We are jointly responsible with Facebook for the operation of the Facebook fan page within the meaning of Art. 26 GDPR. The agreement on joint responsibility can be found here: https://www.facebook.com/legal/terms/page_controller_addendum. Primarily responsible for data processing is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook").

Nature and scope of the information you provide to Facebook, the related purposes of data processing by Facebook, its lawfulness and information on how to exercise your rights can be found in the Data Policy, as well as other information provided by Facebook on the processing of "Insights data", https://www.facebook.com/policy.php.

Facebook provides us with so-called page insights for our site. Page-Insights (https://www.facebook.com/business/a/page/page-insights) are aggregated data that allows us to understand how people interact with our site. The creation and provision of these page insights is the responsibility of Facebook, we have no influence on it. This also applies to data processing, which is carried out exclusively for the purposes of Facebook. Facebook also undertakes all obligations under the GDPR with regard to the processing of Insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Articles 32 to 34 GDPR).

The purpose of data processing of the data provided by Facebook for us is the statistical evaluation of the use of our fan page. This enables us, for example, to determine the preferred visiting and posting times of our users and to use this information to optimise our posts and our fan page. In addition, we process personal data made publicly available by you on Facebook (e.g. clear names in the user profile) as well as data directly related to activities on our fan page (e.g. posts, likes, tags), also for the purpose of communicating with you.

The basis for the data processing is Art. 6 para. 1 s. 1 lit. a GDPR, if you have provided Facebook with the corresponding consent. You can revoke such consent to Facebook at any time with effect for the future. Otherwise, the basis for our data processing is Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail. Our interest lies in the provision of content and communication with Facebook users and in improving the range and effectiveness of our contributions.

Please assert your rights to information, correction, deletion, restriction of processing and data transferability of your stored Insights data vis-à-vis Facebook, as Facebook has undertaken the corresponding obligations:

 

Facebook Ireland Ltd.
4 Grand Canal Square, Grand Canal Harbour
Dublin 2, Ireland
Privacy policy: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

 

Online presence in other social networks

We have set up online presences in various social networks to communicate with you, potential customers and clients and to inform them about our services and current offers. In addition to our interaction with you, the social networks process the data of visitors to their websites for the purpose of market research and advertising, i.e. a user profile may be created by the respective social network operator from the respective visiting or usage behaviour and the preferences and interests of a visitor derived from this. Such user profiles can be used, among other things, to display advertisements individually adapted to the respective user profile within the respective social network and possibly on other websites. Cookies (see above) may be stored on the visitors' devices, with the help of which data on user behaviour can be collected. The collection of this data can, especially in the case of logged-in members of the respective social network, also be realised across several browsers and/or end devices used by a user. Even if a visitor does not have a profile with the respective social network, it cannot be guaranteed that personal data on this visitor will not be stored when visiting the respective website. Requests for information regarding the data stored via our online presence in social networks or the use of other related rights of data subjects  can be directed to the provider of the respective service (see below). Only the providers of the social networks have access to the respective data stored there and can provide the corresponding information, etc. With regard to the purpose and scope of data processing by the various social networks, we refer additionally to their respective data privacy notices and the respective contact details:

Facebook Ireland Ltd.
4 Grand Canal Square
Dublin 2, Ireland
Privay Policy: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads
Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active

 

LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2, Ireland
Privay Policy https://www.linkedin.com/legal/privacy-policy
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out

 

Instagram
Facebook Ireland Ltd.
4 Grand Canal Square
Dublin 2, Ireland
Privay Policy: https://www.facebook.com/about/privacy/
Contact: https://www.facebook.com/help/contact/540977946302970
Opt-out: https://www.facebook.com/settings?tab=ads

 

WeChat
Tencent International Service Europe B.V.
26.04 Amstelplein 54
1096 BC Amsterdam, The Netherlands
Privay Policy: https://www.wechat.com/de/privacy_policy.html

The processing of data in the context of our online presence in social networks is based on our legitimate interest in effective information and direct communication with potential customers and clients of our company.

The basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail.

 

Tracking with Matomo

On our website we use the web analysis service Matomo to analyse the use of our website. For this purpose the information generated by Matomo about the use of the respective internet page is stored on the server. Matomo may collect the following data, which can give information about which functions of the respective internet page are frequently used and where misunderstandings may occur:

 

Country, state, city
Time of the page call
the browser used, including the browser version, browser language and the installed plugins
the operating system of the user
the screen resolution of the user
the anonymized IP address of the user, where the fourth octet is replaced by a 0
the time of the last visit
the date of the first visit
a randomly generated unique user ID
the loading time of the visited page
the number of actions per visit
the page title of the visited page
the URL of the visited page
the length of stay per visit
functions used during the visit

Statistics on user behaviour are then based on this data. These include, for example, overviews of the devices and browsers used and of the actions per visit, e.g. whether data exports were carried out or counter readings were entered. Matomo itself is very transparent about which data is collected. You are welcome to read it yourself on the official website, at https://matomo.org/faq/general/faq_18254/.

IP addresses are made anonymous before being saved. However, we expressly point out that despite the fully activated anonymization function, a total anonymization is not achieved, but only a pseudonymization. Matomo creates an internal hash value during its use, which is calculated from various factors such as the IP address, the resolution, the browser, the plugins used and the operating system. Even if the anonymization function is activated, this heuristic uses the full IP address for internal purposes, so that a recalculation of the values is possible with some effort except for the IP address and thus can be concluded with great reliability to the other information.

If you do not agree to the storage and use of your data, you can deactivate the storage and use here. In this case, an opt-out cookie is stored in your browser which prevents Matomo from saving usage data. If you delete your cookies, the Matomo Opt-Out cookie will also be deleted. The opt-out must be reactivated the next time you visit our site.

[Matomo iframe code] (link to instructions)

The data processing by the use of Matomo is based on Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in the analysis of general user behaviour in order to optimise the respective internet pages for use by end users.

 

Data processing for applications

You can send us applications for jobs in our company via our websites and the contact data provided. Insofar as personal data is transferred to us by you in this way or in any other way during applications, we process your data for the purpose of examining, processing and responding to your application and, if necessary, preparing the employment relationship.

The basis for the data processing is either Art. 6 para. 2 GDPR, Art. 26 para. 1 BDSG (new) which allows the processing of data for the purpose of deciding on the grounds, for the establishment and for the performance of employment relationships or - if you have given your consent - Art. 6 para. 1 s. 1 lit. a GDPR. You may revoke any consent you have given at any time with effect for the future. An informal notification by e-mail to us is sufficient for this purpose. The legality of the data processing operations already carried out remains unaffected by the revocation.

 

Data processing to protect legitimate interests

We also process your data if it is necessary to protect the legitimate interests of us or of third parties. This may be the case to guarantee IT security and IT operation; for support inquiries; in the event of legal disputes, to be able to understand and prove the facts of the case; to statistically evaluate the use of our website.

The basis for data processing is Art. 6 para. 1 s. 1 lit. f GDPR. We have a legitimate interest in the data processing listed above.

 

Data processing based on your consent

It may also happen that we ask for your consent to process personal data. Any granting of consent and the relevant data processing is voluntary and you will not suffer any disadvantages if you do not give your consent.

The data processing is then carried out on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR.

You can revoke your consent at any time with effect for the future. An informal notification by e-mail to us is sufficient for this purpose. The legality of the data processing operations that have already taken place remains unaffected by the revocation.

 

Log files

Each time our websites are accessed, usage data is transmitted by the respective Internet browser and stored in log files, the so-called server log files. The stored data records contain the following data: Browser type and browser version, operating system used, referrer URL, time of server request, shortened IP address.

These data cannot be assigned to specific persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.

The data processing is based on Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the data controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail.

 

Data processing for the fulfilment of legal obligations

In addition, we process your data to fulfil legal obligations (e.g. regulatory requirements, commercial and tax storage and proof obligations). The basis for data processing is Art. 6 para. 1 s. 1 lit. c GDPR, which permits processing to fulfil a legal obligation.

 

Categories of receipt of personal data

Your personal data will only be passed on to third parties or otherwise transmitted if this is necessary for the purpose of contract processing or billing or if you have given your prior consent or if there is a legal basis for the passing on of such data.

Insofar as it is necessary for the purpose of contract processing, data will be passed on to partner companies which have been commissioned to support contract processing. Our partners undertake to comply with and observe the provisions of data privacy laws. Furthermore, our partners are not permitted to use the data in any other way than to process the contract.

Service providers who support us in providing our services to you are sales and marketing partners, software (SaaS) providers, IT service providers, in particular service providers for software and hardware maintenance, hosting providers and e-mail service providers.

 

Duration of data storage

In principle, we delete your data as soon as it is no longer required for the above-mentioned purposes, unless temporary storage is still necessary. We store your data on the basis of legal proof and storage obligations, which result among other things from the German Commercial Code and the German Tax Code, according to which the storage periods are up to ten full years. In addition, we keep your data for the period during which claims can be asserted against our company (statutory limitation period of three or up to thirty years).

 

Data Security

Your personal data will be transmitted securely by us through encryption. We use the coding system SSL (Secure Socket Layer). You can recognize an encrypted connection by the fact that the address line of the browser changes from "http://" to "https://" and by the lock symbol in your browser line. Furthermore, we secure our websites and other systems by technical and organizational measures against loss, destruction, access, alteration or distribution of your data by unauthorized persons.

 

Rights of the data subject

Within the framework of the applicable legal provisions, you have the right to obtain information free of charge at any time about your personal data stored by us, its origin and recipients and the purpose of the data processing and, if applicable, a right to correct, block or delete this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time using the contact details given in section 1. You may also have a right to restrict the processing of your data and a right to have the data provided by you released in a structured, common and machine-readable format. If you have given us your consent to process personal data for specific purposes, you can revoke your consent at any time with effect for the future. If we process your data to protect legitimate interests, you may object to this processing for reasons arising from your particular situation. In addition, you have the possibility to contact a data protection supervisory authority (right of appeal).