Privacy
Privacy Policy
Below we inform you about the processing of personal data on this website. This privacy policy is tailored to the current structure of Green Infrastructure Advisory GmbH and specifically takes into account the Cookiebot consent management used on this site.
The controller within the meaning of Art. 4 no. 7 GDPR and other applicable data protection provisions is:
Green Infrastructure Advisory GmbH
Brückenweg 2
64665 Alsbach-Hähnlein
Germany
Email: info@greeninfraadvisory.com
The registered seat of the company is Düsseldorf. Green Infrastructure Advisory GmbH is registered with the commercial register of the Local Court of Düsseldorf under HRB 108549. The managing representative is Hartmut Petersmann. Further information can be found in our Legal Notice.
This privacy policy uses the terminology of the General Data Protection Regulation, in particular Art. 4 GDPR.
Personal data means any information relating to an identified or identifiable natural person, such as name, email address, telephone number, IP address or other online identifiers.
Processing means any operation performed on personal data, whether or not by automated means, such as collection, storage, organisation, use, disclosure or deletion.
Consent means any freely given, informed and unambiguous indication of the data subject’s wishes by which they signify agreement to the processing of personal data relating to them.
Processor means a natural or legal person that processes personal data on behalf of the controller.
3.1 Your rights
You may exercise your data protection rights at any time by contacting us informally, especially via email at info@greeninfraadvisory.com.
3.1.1 Right to object in specific situations and to direct marketing (Art. 21 GDPR)
You have the right, on grounds relating to your particular situation, to object at any time to the processing of personal data concerning you where such processing is based on Art. 6(1)(e) or (f) GDPR.
If you object, we will no longer process the personal data concerned unless we can demonstrate compelling legitimate grounds for the processing or the processing serves the establishment, exercise or defence of legal claims.
Where personal data is processed for direct marketing purposes, you also have the right to object at any time to such processing. No active direct marketing is currently carried out via this website.
3.1.2 Additional rights
- Access under Art. 15 GDPR to the data processed concerning you.
- Rectification under Art. 16 GDPR if data is inaccurate or incomplete.
- Erasure under Art. 17 GDPR, provided no statutory retention obligations apply.
- Restriction of processing under Art. 18 GDPR.
- Data portability under Art. 20 GDPR where the statutory requirements are met.
- Withdrawal of consent with effect for the future under Art. 7(3) GDPR.
- Complaint to a supervisory authority under Art. 77 GDPR.
3.2 Legal bases for processing personal data
We process personal data only on a valid legal basis. In particular, the following legal bases may apply:
- Art. 6(1)(a) GDPR for processing based on your consent.
- Art. 6(1)(b) GDPR for pre-contractual measures and the performance of a contract.
- Art. 6(1)(c) GDPR for compliance with legal obligations.
- Art. 6(1)(f) GDPR for the purposes of legitimate interests, unless your interests or fundamental rights override those interests.
3.3 Access to and storage of information on end devices
When using our website, it may be technically necessary to access information on your end device or store information there, especially through cookies or similar technologies. Where this is necessary for the technically fault-free provision of the website, access is based on Section 25(2) TDDDG. For any additional technologies, your consent under Section 25(1) TDDDG is required.
3.4 Retention period
Unless a more specific retention period is stated in this privacy policy, we store personal data only for as long as necessary for the respective processing purpose. Data is then deleted unless statutory retention periods or legitimate reasons require longer storage.
3.5 Data security
This website uses SSL or TLS encryption. You can recognise an encrypted connection by the fact that the browser address line begins with “https://” and a lock symbol is displayed. Data transmitted to us can therefore be better protected against unauthorised access by third parties during transmission.
3.6 Voluntary provision of data
The provision of personal data is generally voluntary. However, without certain information we may be unable to provide individual website functions or process your enquiry fully.
3.7 No automated decision-making
Automated decision-making, including profiling within the meaning of Art. 22 GDPR, does not take place.
4.1 Provision of the website
4.1.1 Website hosting
Our website is hosted by an external technical service provider. The provider is:
americk GmbH & Co. KG
Prinzenallee 1
40549 Düsseldorf
Germany
For the purpose of securely, stably and efficiently providing the website, IP addresses, access times, meta and communication data as well as requests for content may in particular be processed.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in the technically error-free presentation and secure operation of our website. Where the hosting provider processes personal data on our behalf, this is done on the basis of a data processing agreement pursuant to Art. 28 GDPR.
4.1.2 Server log files
When our website is accessed, the browser automatically transmits information to the web server, which is stored in server log files. In particular, the following data may be processed:
- IP address of the requesting end device,
- date and time of access,
- name and URL of the requested file,
- referrer URL,
- browser used and, where applicable, operating system,
- name of the access provider.
Processing takes place on the basis of Art. 6(1)(f) GDPR. Our legitimate interest lies in ensuring the functionality, stability and security of the website as well as in detecting and preventing misuse.
Server log data is stored only for a limited period and is then routinely deleted unless further retention is required as evidence in the event of specific security incidents.
4.2 Use of cookies
4.2.1 What are cookies?
Cookies are small text files stored on your end device. They may contain information used for the technical provision of the website, the storage of your settings or the management of your consent. Some cookies are strictly necessary, while others are only set with your consent.
4.2.2 Cookiebot
We use the consent management tool Cookiebot provided by Usercentrics A/S, Havnegade 39, 1058 Copenhagen, Denmark, on this website. Cookiebot enables us to obtain, manage and document your consents for non-essential cookies and comparable technologies.
In connection with the use of Cookiebot, the following data may in particular be processed:
- shortened or anonymised IP address,
- date and time of consent, rejection or change,
- URL from which the consent was submitted,
- consent ID or encrypted proof of consent,
- technical browser information and the selected consent status.
The legal basis for processing is Art. 6(1)(c) GDPR where we are legally required to document consents, and Art. 6(1)(f) GDPR for the legally compliant organisation of our consent management. Where Cookiebot stores or accesses information on your end device, this takes place on the relevant legal basis under Section 25 TDDDG.
Further information can be found in Cookiebot’s privacy notice at cookiebot.com/en/privacy-policy.
4.2.3 Categories
Cookiebot classifies technically used cookies and comparable technologies into categories. On the current website, necessary cookies are of primary relevance. Additional categories only become relevant if corresponding services are activated and you give your consent.
- Necessary: for the technical functionality, security and storage of your privacy settings.
- Preferences: for storing individual settings, if such functions are used.
- Statistics: for reach or usage analyses, should such services be activated in the future.
- Marketing: for advertising or tracking purposes, should such services be activated in the future.
4.2.4 Cookies used
The overview of the specific cookies and similar technologies used is provided automatically via Cookiebot and is updated on an ongoing basis.
4.3 Contact form
If you send us a message via the contact form on this website, we process the information you provide for the purpose of handling your enquiry and any follow-up questions. In the current form, this concerns in particular:
- name,
- email address,
- company, where provided voluntarily,
- your message,
- technical transmission information.
Depending on the content of your enquiry, the processing is carried out on the basis of Art. 6(1)(b) GDPR where the enquiry is aimed at pre-contractual measures or a contract, or on the basis of Art. 6(1)(f) GDPR for other general enquiries. Our legitimate interest lies in the proper handling of incoming communication.
Your data will be deleted as soon as your enquiry has been conclusively processed and no legal retention obligations or legitimate interests require further storage.
4.4 Local fonts
We use locally embedded fonts to ensure a consistent presentation of this website. No connection is made to external font services. Accordingly, no separate transfer of personal data to third-party providers takes place in this context.
The legal basis is Art. 6(1)(f) GDPR. Our legitimate interest lies in a technically stable, high-performance and visually consistent presentation of our website.
4.5 Spam protection in the contact form
To protect our contact form against automated entries, we use a so-called honeypot procedure. This involves providing a form field that is not visible to regular users. If this field is filled in, we treat this as an indication of automated input and prevent the submission.
The legal basis for this is Art. 6(1)(f) GDPR. Our legitimate interest lies in protecting our systems and communication channels against misuse, spam and automated attacks.