The following privacy policy applies to the use of the website www.jmayerh.de.

We attach great importance to data protection. We collect and process personal data in order to be able to offer you the above-mentioned web presence. This statement describes how and for what purpose your data is collected and used and what rights and options you have in connection with personal data. If you are redirected to other websites via a link, the data protection regulations of the respective website operator apply. We recommend that you inform yourself about the handling of personal data on the respective linked page.

 

1. Who is responsible for the data processing and who can I contact?
Controller of your personal data within the meaning of Art. 4 para 7 of the European General Data Protection Regulation (“GDPR”) is:

J.MAYER.H and Partners, Architects mbB
Knesebeckstrasse 30
10623 Berlin, Germany
Phone: +49 (0)30 644 90 77 0
Fax: +49 (0)30 644 90 77 11
E-mail: contact@jmayerh.de

You can contact our data protection officer at:

J.MAYER.H und Partner, Architekten mbB
– Datenschutzbeauftragter –
Knesebeckstrasse 30
10623 Berlin, Germany
E-Mail: contact@ jmayerh.de
Phone: +49 (0)30 644 90 77 0

If you wish to object to the collection, processing or use of your data by us as a whole or for individual measures, you can address your query to the above-mentioned controller.

2. Which data do we process when you use our website?
When you visit our website, our server automatically stores the name of your Internet service provider, the IP address, name and version of the browser you use, the operating system used, the date and time of your visit, and the website from which you access the website (referrer URL) (“log files”). We process this data to ensure the functionality of our website, to optimize our website and to guarantee the security of our systems. The log files are deleted after the end of the respective browser session, at the latest after seven days.

In addition, we process personal data that we receive from you in the context of our business relationship or in the context of enquiries. In particular, when we work for you as architects, we process the following personal data: Name, title, address, e-mail address, telephone number, company details. Depending on the circumstances of the individual case and the respective order, we may process further data, e.g. regarding customer requests or properties.

3. For what purpose and on what legal basis do we process your data?
We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):

3.1 For the performance of contracts (Art. 6 para. 1 lit. b GDPR)

If we work for you as architects, provide other services or maintain contractual relationships in general, the processing of personal data (Art. 4 No. 2 GDPR) takes place for the provision of services, for the provision of pre-contractual measures and for answering your questions.

3.2 For legitimate interests (Art. 6 para. 1 lit. f GDPR)

If necessary, we process your data beyond the actual fulfilment of the contract to protect the legitimate interests of us or of third parties, for example in the following cases: – Answering your questions outside of a contract or pre-contractual measures; – advertising or market and opinion research, unless you have objected to the use of your data; – operation and optimization of the website; – enforcement of legal claims and defence in legal disputes; – ensuring our IT security and IT operations; – prevention and investigation of criminal offences.

3.3 On the basis of your consent (Art. 6 para. 1 lit. a GDPR)
If you have given us your consent to process personal data for specific purposes, this processing is legal on the basis of your consent.

You can withdraw your consent at any time. This also applies to the revocation of declarations of consent issued to us prior to the validity of the GDPR, i.e. before May 25, 2018.

Please note that the withdrawal will only take effect for the future. Processing that took place before the withdrawal is not affected by this.

3.4 Due to legal requirements (Art. 6 para. 1 lit. c GDPR)

In addition, we are subject to various legal obligations, i.e. legal requirements. The purposes of the processing include, among other things, the fulfilment of retention periods under commercial and tax law.

4. (E-Mail) contact
If you contact us (e.g. by e-mail), we will store your details for processing the request and in the event that follow-up questions arise. The legal basis for this generally is Art. 6 para. 1 lit. b GDPR.

We will only store and use further personal data if you do so voluntarily or if this is legally permissible without special consent, e.g. on the basis of justified interests pursuant to Art. 6 para. 1 lit. f GDPR.

5. Newsletter
If you have expressly consented according to art. 6 para. 1 sentence 1 lit. a GDPR, we use your e-mail address for sending you our newsletter by e-mail, which informs you about us and our projects. Your consent will be recorded. The indication of an e-mail address is sufficient for receiving the newsletter.

You can unsubscribe at any time, for example via the link at the end of each e-mail. Alternatively, you are welcome to send your unsubscription request by e-mail to contact@jmayerh.de at any time. In this case, your e-mail address will be deleted from our e-mail distribution list and added to our blacklist. The revocation of your consent will only take effect in the future. Processings carried out before the revocation are not affected by this.

Please note that we evaluate the behaviour of the recipients of our e-mails using pseudonymous usage statistics. For this purpose, the e-mails contain so-called web beacons or tracking pixels and links. The following information may be recorded for such evaluation: the time at which the e-mail was opened and forwarded, the links clicked therein, the IP address (to determine the country of retrieval) and the e-mail program used. These data are not linked to your e-mail address or other personal data, so that a direct personal relationship is excluded for us. The evaluation is based on aggregated usage statistics (delivery rate, opening rate, click rate, number of redirects, number of clicks on the links contained in the e-mail, e-mail programs used,

For sending and evaluating our newsletter, we use MailChimp, a service of Rocket Science Group LLC, 675 Ponce De Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA (“MailChimp”).

The data processed during the sending and evaluation of e-mails is stored on the servers of MailChimp in the USA. The transfer of your information to a third country outside the EU is covered by an adequacy decision of the Commission within the meaning of Art. 45 GDPR, because MailChimp has submitted to the EU-US Privacy Shield (https://www.privacyshield.gov/EU-US-Framework). MailChimp acts for us as a contract processor within the meaning of Art. 28 GDPR and we have concluded a corresponding order processing contract with MailChimp. If you unsubscribe from our newsletter, your data (including tracking data) will also be deleted on the MailChimp servers.

Further information can be found in the privacy policy of MailChimp (https://mailchimp.com/legal/privacy/).

6. Social-Media-Plugins (Facebook, Twitter, Google+, Instagram)
Our website also contains simple links to our profiles on Facebook, Twitter and Instagram (provided by Instagram LLC, 1601 Willow Rd, Menlo Park, CA 94025, USA). If you click on these links, you will leave our website. The data processing on the websites of the social media providers is subject to the privacy policies available there.

7. Who gets my data?
Within our organization, those departments or individuals get access to your data that need it in order to fulfil our contractual and legal obligations.

Processors (Art. 28 GDPR) may also receive data for the aforementioned purposes (e.g. Google).

We share your personal data with third parties if this is necessary to fulfil an existing contractual relationship between you and us or to implement pre-contractual measures (Art. 6 (1) (b) GDPR) or for the purposes of legitimate interests (Art. 6 (1) (f) GDPR).

We only share such information as is required by the respective service provider to perform the task assigned to him. The service provider undertakes to treat the data confidentially in accordance with this data protection declaration and the relevant data protection laws and not to pass it on to third parties.

In addition, your personal data will be disclosed or transmitted if required to do so by law (Art. 8 (1) © GDPR) or if you have given your consent (Art. 6 (1) (a) GDPR).

Under these conditions, recipients of personal data can be, for example: – Subcontractors used by us to provide the services offered. – Public authorities and institutions in the event of a legal obligation or official order.

8. How long will my data be stored?
If necessary, we process and store your personal data for the duration of our business relationship, which also includes, for example, the initiation and processing of a contract. It should be noted that our business relationship, depending on the individual circumstances, may involve continuing obligations and may be intended for years.

In addition, we are subject to various storage and documentation obligations arising, among other things, from the German Commercial Code (HGB) and the Fiscal Code (AO). The retention and documentation periods specified there are 6 years for correspondence in connection with the conclusion of a contract and 10 years for accounting documents (Sections 238, 257 (1) and (4) HGB, Sections 147 (1) and (3) AO). Such storage and documentation obligations shall apply in particular if you conclude a contract with us (e.g. for architectural or consulting services).

Finally, the storage period is also assessed according to the statutory limitation periods, which, for example, according to Sec. 195 et seq. of the German Civil Code (BGB), can generally be three years, but in certain cases also up to thirty years.

After expiry of the storage and documentation obligations and the relevant limitation periods, we delete the data.

Log files and cookies are deleted within the above-mentioned deadlines.

9. Is any data transferred to a third country or to an international organisation?
Data is transferred to third countries (countries outside the European Economic Area (EEA)) if this is necessary or legally required for the execution of contracts or if you have given us your consent. We will separately inform you about details if required by law. In addition, the processors in third countries mentioned in this Privacy Policy (e.g. Google) have access to your data.

10. What data protection rights do I have?
You have the right of access (Art. 15 GDPR), the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to limitation of processing (Art. 18 GDPR) and the right to data portability (Art. 20 GDPR). The restrictions according to Sec. 34 and 35 BDSG apply to the right of access and the right of cancellation. You also have the right to object to data processing by us (Art. 21 GDPR). If our processing of your personal data is based on consent (Art. 6 (1) (a) GDPR), you can withdraw this at any time; the legality of data processing based on the consent until withdrawal remains unaffected by this.

To assert all these rights and for further questions on the subject of personal data, you can contact us at any time at our postal address or contact our data protection officer (see paragraph 1 above).

Regardless of this, you have the right to file a complaint with a supervisory authority – in particular in the EU Member State where you are staying, working or allegedly infringed – if you believe that the processing of personal data concerning you violates the GDPR or other applicable data protection laws (Art. 77 GDPR, Sec. 19 BDSG).

11. To what extent is there automated decision making in individual cases?
An automated decision making based on the collected personal data does not take place.

12. Data security
We take various security measures to adequately protect your personal data.

In addition, we maintain technical and organisational security measures which we constantly adapt to the state of the art.

We cannot guarantee that our offer will be available at certain times; disruptions, interruptions or failures cannot be ruled out. The servers we use are regularly and carefully secured.