Privacy Policy

Data Controller

GFA Consulting Group GmbH

Eulenkrugstraße 82
22359 Hamburg | Germany
Phone: +49 40 603 06 100
Fax: +49 40 603 06 199
E-mail: info@gfa-group.de

www.d2innovate.eu

Data protection officer

Susanne Eggers
Contact: datenschutz@gfa-group.de

Responsible Authority

Data Protection Authority of Hamburg  https://datenschutz-hamburg.de/

Data Privacy

GFA Consulting Group GmbH, which operates this website, takes the protection of your personal data very seriously. We treat your personal data confidentially in accordance with statutory data protection regulations and this Data Privacy Statement.

It is possible to use our website without providing any personal data. Any personal data (for example name, address or email address) that is collected on our website is collected on a voluntary basis insofar as this is possible. This data will not be disclosed to any third party without your express consent.

Please note that data transmission via the internet (e.g., in the case of communication by email) may be subject to security gaps. It is not possible to protect such data completely against access by third parties.

Purpose of data collection, processing and use

GFA Consulting Group is an international, independent consulting firm in the fields of technical and developmental collaboration, with its headquarter in Hamburg. GFA activities include project planning, project management, evaluation in agriculture and forestry, resource protection, climate change and energy projects, labor and human resource development, decentralization and private sector development, water and sanitation, financial system development and health.

Within the context of these activities, personal data is collected, processed, used, and, where applicable, transmitted for the purpose of obtaining, implementing, and billing orders.

In the staff department, personal data is collected, processed, used, and, where applicable, transmitted for internal purposes (personnel and payroll management, recruitment, travel management) and also to meet the requirements under statutory obligations.

Description of affected groups and their related data / data categories

Within the context of normal business activities, addresses, contractual and payment information, and data concerning electronic information for clients, employers, consultants as well as freelance experts and employees of partner consulting companies are collected, processed, and used.

In the staff department (head office employees, visiting staff, national staff, integrated professionals, family members, applicants, former employees), additional information concerning qualifications and applications, duration of employment, remuneration, social security information, contact details, bank details, work documents are collected, processed, and used.

Recipients / categories of recipients, to whom the data may be disclosed

Responsible internal administrators (bookkeeping, accounting, contracts department, project management, telecommunications and IT); external clients (GIZ, KfW, Ministries, World Bank, EU, Asian and other development banks, etc.).

For staff management: any internal department involved in carrying out respective business processes (project management and administrative departments).

Public authorities on the basis of statutory regulations (social insurance carriers, tax authorities, health insurance companies); bank institutions (for salary transactions); creditors (in the case of wage / salary garnishment); travel agencies.

On our website you have the opportunity to voluntarily share personal data with us, for example by sending us an e-mail. These data (e. g. name, e-mail address, content of your query) will be shared with all GFA companies as well as:

GFA Consulting Group GmbH, Eulenkrugstr. 82, 22359 Hamburg, Germany

GFA B.I.S. GmbH, Königswinterer Straße 827, 53227 Bonn, Germany

Projekt Consult GmbH, Eulenkrugstraße 82, 22359 Hamburg, Germany

GFA SysCom GmbH, Eulenkrugstraße 82, 22359 Hamburg, Germany

HEAT GmbH, Seilerbahnweg 14, 61462 Königstein, Germany

GKW Consult GmbH, Augustaanlage 67, Augustaanlage 67, Germany

Standard periods for the deletion of data

Personal data is deleted on a regular basis when it is no longer needed to fulfill a contract, if the person in question has not provided their separate approval to retain said data or if statutory retention obligations and deadlines do not stipulate that data be retained for a longer period.

Planned transmission of data to third countries

In general, no personal data will be transmitted to third countries by electronic means. Exceptions to this are possible when there is a specific legal basis for such a transmission.

Your rights

You may at any time request information about the use of your personal data (according to § 15 DSGVO) or request the verification, correction or deletion of your personal data (§§ 16 and 17 DSGVO). You may also at any time request the restriction of the use or processing of your personal data (§§ 18 and 19 DSGVO), request the transmission of your personal data to third parties (§ 20 DSGVO), or object to the use of your personal data (§ 21 DSGVO).

If you want to exercise any of the above-mentioned rights, please send an e-mail to: datenschutz@gfa-group.de. We will endeavour to take the necessary measures as soon as possible. To that purpose, you will receive an access form to be completed, allowing you to indicate which rights you wish to exercise with regard to your personal data.

You also have the right to file a complaint against the use of your personal data. The competent complaints board is the Data Protection Supervisory Authority (Datenschutzaufsichtsbehörde) of the Free and Hanseatic City of Hamburg.

Data privacy regarding the use of website analytics

With your consent, GFA uses the open source software Matomo to analyze and statistically evaluate the use of the website. Cookies are used for this purpose. The information about website usage obtained in this way is transmitted exclusively to our servers and summarized in pseudonymous usage profiles. We use the data to evaluate the use of the website. The data collected is not passed on to third parties.

The IP addresses are anonymized (IP masking), so that an assignment to individual users is not possible.

Data privacy regarding the use of Google Fonts

This site uses so-called Google Fonts, which are provided by Google, for the uniform display of fonts. When you call up a page, your browser loads the required fonts into its browser cache in order to display texts and fonts correctly. We are using the “Local Google Fonts” Plug-in by Everpress to make them available without sharing your IP address.
If your browser does not support Google Fonts, a standard font will be used by your computer.
You can find more information about Google Fonts at
https://developers.google.com/fonts/faq and in Google’s privacy policy:
https://policies.google.com/privacy?hl=en.

Server log files

The provider of this website automatically collects and stores information in so-called server log files which your browser automatically transmits to us. This information includes:

  • Browser type/ browser version
  • Operating system being used
  • Referrer URL
  • Host name of accessing computer
  • Time of server request

The data thus collected cannot be connected to a specific person. The data is not merged or compared with data from other sources. We reserve the right to subsequently examine this data if concrete evidence of unlawful use is made known to us.

Cookies

Parts of this website use so-called cookies. Cookies will not harm your computer and do not contain any virus. Cookies are used to make our offer more user-friendly, effective, and safe. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are “session cookies”. Session cookies are automatically deleted at the end of your visit. Other cookies are stored on your computer until you delete them. These cookies make it possible for us to recognize your browser the next time you visit our website.

The data is processed according to Art. 6 paragraph 1 (f) of the EU General Data Protection Regulation (GDPR) with the legitimate interest of analyzing usage to improve the company’s website.

Regarding cookies, you can adjust the settings on your browser in different ways:

  • to be informed each time a cookie is used
  • to allow such use on a case-by-case basis
  • to prohibit the use of cookies in specific cases
  • to prohibit the use of cookies in general
  • to delete cookies when you close your browser

Deactivating cookies may limit the functionality of this website.

Contact Form

If you send us an inquiry using the contact form, we shall store the information you provide in the inquiry form, including the contact information that you provide, so that we can process your inquiry, and in the case there is a follow-up inquiry. The data is processed according to Art. 6 paragraph 1 (b) of the EU GDPR for the purpose of receiving the query formulated in the contact form. This data will never be disclosed without your consent.

Objection to promotion mail

The use of the contact information included in the Legal Notice to send unsolicited advertising and informational materials is herewith prohibited. The operators of this website expressly reserve the right to take legal steps in the event that unsolicited advertising materials are sent, specifically through spam e-mail.

Hostinger

GFA uses the service provider HOSTINGER operations, UAB. Hostinger  processes your data on behalf of GFA on secure servers within the EU.

For more details, please refer to the data protection provisions of Hostinger at: https://www.hostinger.de/datenschutz-bestimmungen

Your personal data (first name, last name, gender and email address) are encrypted by Hostinger using SSL.