Für die deutsche Version klicken Sie bitte hier: Datenschutzinformation
Privacy Agreement g-w.berlin
Within the use of this website, your personal data will be processed, collected and stored by us, as the data controller for the time necessary to fulfil the specified purposes and legal obligations. In the following we will inform you about what data is involved, how it is processed and what rights you have in this respect.
According to Art. 4 No. 1 of the General Data Protection Regulation (GDPR), personal data is any information relating to an identified or identifiable natural person.
1. Name and contact details of the person responsible for processing and the data protection officer when visitng the website
Gil und Weingärtner GmbH
Tel: +49 30 69001606
Our data protection officer can be contacted at the above address, for the attention of the data protection officer or at email@example.com.
You can contact our data protection officer directly at any time if you have any questions regarding data protection law or your rights as a data subject.
2. Processing of personal data and purposes of processing
You can access g-w.berlin without revealing your identity. The browser used on your terminal device will automatically send information to the server of our website (e.g. browser type and version, date and time of access) to enable a connection to the server. This also includes the IP address of your requesting terminal device. The data is temporarily stored in a so-called log file and will be anonymised after 7 days.
The IP address is processed for technical and administrative purposes of establishing and maintaining the connection, in order to guarantee the security and functionality of our website and to be able to trace possible illegal attacks on it if necessary.
The legal basis for the processing of the IP address and log-fils is Art. 6 para. 1 lit. f GDPR. Our legitimate interest follows from the above-mentioned security interest and the need to ensure that our website is available without disruption.
We cannot draw any direct conclusions about your identity from the processing of the IP address and other information in the log file.
For the hosting of this website we use the web hosting service of ALL-INKL.COM – Neue Medien Münnich, Hauptstr. 68, 02742 Friedersdorf (in the following „ALL-INKL.COM“).
In order to offer this website, it is necessary to commission a web hosting service. In accordance with Art. 6 para. 1 lit. f DSGVO, the web hosting service is used due to our legitimate economic interest in making our services available on this website. In connection with the hosting service, ALL-INKL.COM processes personal data on our behalf, which are generated while using the website.
We have entered into a data processing agreement with ALL-INKL.COM. Through this agreement, the service provider assures that it processes the data in accordance with the General Data Protection Regulation and guarantees the protection of the rights of the data subject.
3. Transfer of personal data
3.1. Transfer of data to third parties
We will only transfer your personal data to third parties if:
- you have given your explicit consent in accordance with Art. 6 Para. 1 lit. a GDPR
- in the event that there is a legal obligation to pass on the data pursuant to Art. 6 para. 1 lit. c GDPR.
3.2. Third country transfer
A transfer of personal data to a third country or an international organisation will only take place if we inform you of this and if the conditions of Art. 44 et seqq. GDPR are given.
The USA is a so-called unsafe third country. This means, that the US does not offer a level of data protection comparable to that in the EU. The risks involved in transferring personal data to the US are as follows: There is a risk that US authorities may gain access to personal data on the basis of the PRISM and UPSTREAM surveillance programmes based on Section 702 of the FISA (Foreign Intelligence Surveillance Act), and on the basis of Executive Order 12333 or Presidential Police Directive 28. EU citizens have no effective means of redress against such access in the US or the EU.
- the recipient provides appropriate safeguards in accordance with Art. 46 GDPR for the protection of personal data,
- you have explicitly agreed to the transmission, after we have informed you of the risks, in accordance with Art. 49 para. 1 lit. a) GDPR,
- the transmission is necessary for the fulfilment of contractual obligations between you and us
- or another exception from Art. 49 GDPR applies.
Safeguards under Art. 46 DSGVO can be so-called standard contractual clauses. In these standard contractual clauses, the recipient assures to protect the data sufficiently and thus to ensure a level of protection comparable to that provided by the GDPR.
We use so-called cookies or similar functions on our website. Cookies are small files that are automatically created by your browser and stored on your end device (laptop, tablet, smartphone or similar) when you visit our site. Cookies do not cause any damage on your terminal device, do not contain viruses, Trojans or other malware.
Information is stored in the cookie that is related to the specific terminal device used. However, this does not mean that we obtain direct knowledge of your identity.
Most browsers are accepting cookies automatically. It is possible for you to configure your browser in a way that no cookies are saved on your computer or that you get every time a notice, bevor a cookie is set.
5. Web Analysis: Google Analytics
On our website we use Google Analytics, a web analysis service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter Google). In this context, pseudonymous user profiles are created and cookies (see sec. 4) are used.
The information generated by cookies about the use of our website (e.g. IP address of the accessing computer, time of access, referrer URL and information about the browser and operating system used) is transferred to Google servers in the USA and processed there.
The use of Google Analytics is based on your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. Google processes the information on our behalf in order to evaluate the use of the website, to compile reports on the website activities and to provide us with further services associated with the use of the website for the purposes of market research and the design of this website.
We have concluded a data processing contract with Google for the use of Google Analytics. Through this contract, Google assures that they process the data in accordance with the General Data Protection Regulation and guarantee the protection of the rights of the data subject.
We only use Google Analytics with activated IP anonymisation. This means that the IP address of the user is shortened by Google within the European Union or in other states that are party to the Agreement on the European Economic Area. The IP address is not combined with other data from Google.
We do not use the Universal Analytics with User ID offered by Google.
If necessary, the collected data will be transferred to third parties if this is required by law or if third parties process the data on our behalf.
The user data collected via cookies is automatically deleted after 14 months.
The information generated by the cookies set by Google Analytics about the use of our website is transferred to Google servers in the USA and processed there. The transmitted data consist only of pseudonyms, a conclusion on your name is not possible. We have concluded a contract with Google that includes the EU standard contract clauses. This ensures a level of protection comparable to that in the EU (see also section 3.2 on data transfer to the USA).
6. YouTube Videos
We use videos on our website from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter: YouTube), a Google company. The implementation is based on our legitimate interest pursuant to Art. 6 para. 1 p. 1 lit. f GDPR, whereby our interest lies in the smooth integration of the videos and the thus appealing design of our website.
For implementing the videos, we are using the „extended privacy mode“ provided by YouTube.
When you visit a page that has an embedded video, a connection is established to the YouTube servers and the content is displayed on the website by informing your browser.
According to YouTube’s information, in „extended data protection mode“ your data – in particular which of our websites you have visited as well as device-specific information including the IP address – is only transmitted to the YouTube server in the USA when you watch the video. By clicking on the video, you consent to this transmission.
If you are logged in to YouTube at the same time, this information is associated with your YouTube membership account. You can prevent this by logging out of your account before visiting our website.
Google transfers the information to Google’s servers in the USA. The transmitted data consists only of pseudonyms, a conclusion on your name is not possible. We have concluded a contract with Google that includes the EU standard contract clauses. This ensures a level of protection comparable to that in the EU (see also section 3. 2 on data transfer to the USA).
For more information about the purpose and extent of data collection and processing by Google, please visit https://policies.google.com/privacy .
7. Vimeo Videos
We use components (videos) on our website from Vimeo LLC. based in 555 West 18th Street, New York 10011. The implementation is based on Art. 6 para. 1 p. 1 lit. f GDPR, whereby our interest lies in the smooth integration of the videos and the thus appealing design of our website.
Every time you visit a page on this website that offers one or more Vimeo video clips, a direct connection is established between your browser and a Vimeo server in the USA. The information that you have visited this page with your IP address is transmitted directly from your browser to the Vimeo server and stored there. By interacting with the Vimeo plugins (e.g. clicking, start.), the information caused by the interaction is transmitted to Vimeo and stored there.
If you have a Vimeo user account and do not want Vimeo to collect data about you via this website and link it to your membership data stored with Vimeo, you must log out of Vimeo before visiting this website.
The information generated by Vimeo about the use of our website is transmitted to Vimeo servers in the USA and processed there. The transmitted data are only pseudonyms, an inference to your name is not possible. We have concluded a contract with Vimeo that includes the EU standard contractual clauses. This ensures that a level of protection comparable to that in the EU exists (see also section 3.2. on data transfer to the USA).
The data protection declaration for Vimeo with more detailed information on the collection and use of your data by Vimeo, your rights in this regard and the settings options for protecting your privacy can be found at http://vimeo.com/privacy.
8. Data subject rights
You have the right:
- pursuant to Art. 7 Subs. 3 GDPR to withdraw your consent to us at any time. This means that we may no longer continue processing the data based on that consent for the future;
- pursuant to Art. 15 GDPR to demand information about your personal data we process. In particular, you can demand information about the purposes of the processing, the category of the personal data, the categories of recipients to whom your data were or will be disclosed, the planned storage period, the existence of a right to rectification, deletion, restriction or revocation of processing, the existence a right to lodge a complaint, the origin of your data, in so far as not collected by us, and also about the existence of automated decision-making including profiling and where appropriate meaningful information about to details thereof;
- pursuant to Art. 16 GDPR to demand immediate rectification of inaccurate or completion of your personal data saved with us;
- pursuant to Art. 17 GDPR to demand deletion of your personal data saved with us, in so far as the processing is not required for exercising the right of freedom of expression and information, to comply with a legal obligation, for reasons of public interest or to establish, exercise or defend legal claims;
- pursuant to Art. 18 GDPR to demand restriction of processing of your personal data, in so far as you contest the accuracy of the data, the processing is unlawful but you oppose deletion and we no longer need the data but you do to establish, exercise or defend legal claims or you have objected to processing pursuant to Art. 21 GDPR;
- pursuant to Art. 20 GDPR to receive your personal data you have provided us in a structured, commonly used and machine-readable format or to demand transmission to another controller;
- pursuant to Art. 77 GDPR to lodge a complaint to a supervisory authority. As a rule, you can contact the supervisory authority for your habitual residence or place of work or our registered offices.
9. Information about your right to object according to Art. 21 GDPR
In so far as your personal data are processed on the basis of legitimate interests pursuant to Art. 6 Subs. 1 Sentence 1 lit. e and Art. 6 Subs. 1 Sentence 1 lit. f GDPR, you have the right, pursuant to Art. 21 GDPR, to object to the processing of your personal data, in so far as there are grounds arising from your particular situation or it relates to objection to direct marketing. In the latter case, you have a general right to object which we shall heed without the stating of a particular situation; This also applies to profiling based on those provisions as defines in Art. 4 no 4 GDPR.
If you submit an objection we shall no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or the processing is necessary for the establishment, exercise or defence of legal claims.
If your objection is to the processing of data for direct marketing purposes, we shall cease processing immediately. In this case it is not necessary for you to assert a particular situation. This also applies to profiling to the extent that it is related to such direct marketing.
If you want to exercise your right to object, simply send an email to firstname.lastname@example.org.
10. Data Security
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, de-struction or against unauthorised access by third parties. Our security measures are continually monitored and improved to reflect technological developments.
11. Actuality of and changes to this data protection policy
This Data Protection Policy is the latest version and was last amended as of February 2021.
The further development of our website and offers on it or changes in statutory or public-authority requirements many render it necessary to amend this Data Protection Policy. For you it is always possible to find, and print, our latest data protection policy on our website.