Data protection declaration / duty to provide information according to §5 TMG & Art. 13/14 GDPR
At MOW Architekten BDA, we believe the protection of personal data involves far more than just complying with legislation. We are therefore happy that you are interested in how we handle personal data.
We always process personal data such as a person’s name, address, e-mail address, or phone number in accordance with applicable privacy law.
With this privacy notice, we would like to inform everyone about the nature, scope, and purpose of the personal data that we collect, use, and process. Furthermore, we would like to explain to the persons concerned the rights to which they are entitled.
MOW Architekten BDA has implemented numerous technical and organizational measures to ensure that the personal data processed via this Web site is protected as comprehensively as possible.
Despite the care we take, Internet-based data transmission is vulnerable to security flaws and, consequently, absolute protection can never be guaranteed. For this reason, you of course have the option of transmitting your personal data by alternative means, for example, by telephone or post.
Obligation to inform:
Name, Address, and Contact Details of the Entity Responsible
MOW Architekten BDA
60320 Frankfurt am Main
Partner: Thilo Mack, Stephan Lücke, Andreas Bendlin
Place of the Copartnership: Frankfurt am Main / Amtsgericht: Frankfurt am Main PR 1393
Privacy Officer Contact Details
The Privacy Officer for the data controller is:
DDI - Deutsches Datenschutz Institut GmbH
You can contact our Privacy Officer by sending a letter to the attention of “Privacy Officer” at the address above
or by sending an e-mail to: firstname.lastname@example.org
Purposes and Legal Grounds for Processing Data – When Visiting Our Web Site in General
Should you use our Web site purely for informational purposes, not register yourself, or convey information to us in some other way (e.g. by e-mail), we will only collect the data that your browser transfers to our server (“server log files”). This data is processed in accordance with GDPR art. 6(1)(f) on the basis of our legitimate interest in improving the stability and functionality of our Web site. This data is not used in any other way and in no way shared with third parties. However, we do reserve the right to analyze log files at a later date if there are reasons to suspect unlawful usage.
Purposes and Legal Grounds for Processing Data – Contact Form
When you contact us (e.g. using our contact form or by e-mail), we collect personal data. This data is stored and used exclusively for the purposes of answering your inquiry and for the associated technological administration. Our legitimate interest in responding to your inquiry forms the legal grounds for processing this data, in accordance with GDPR art. 6(1)(f). If you contact us for the purpose of entering into a contract, there are additional legal grounds for processing provided in GDPR art. 6(1)(b). Your data will be erased once your inquiry has been conclusively resolved. This is the case if it can be assumed that the relevant matter has been completely resolved and if there are no statutory retention periods barring us from erasing the data.
Purposes and Legal Grounds for Processing Data – Comment Function
When using the comment function on this Web site, details about the time you wrote the comment and the user name you have selected will be stored and published on the Web site alongside the comment. Furthermore, your IP address will also be recorded and stored. We store your IP address for security reasons and in case a comment that is left violates third-party rights or leads to illicit content being posted. The legal grounds for storing your data are provided in GDPR art. 6(1)(b) and (f). We reserve the right to delete comments if third parties contend that they are unlawful or harmful.
Purposes and Legal Grounds for Processing Data – Newsletter Function
Upon registering for our e-mail newsletter, we will regularly send you information about our company and our offers. The only information that is required for us to send the newsletter is your e-mail address. You may provide other data voluntarily so that we can address you by name. We use the double opt-in method to send out our newsletter. This means that we will only send you an e-mail newsletter if you have explicitly confirmed that you give your consent to us sending newsletters. We will then send you a confirmation e-mail asking you to confirm your desire to receive future newsletters by clicking on a corresponding a link.
By clicking on the confirmation link, you grant us permission to use your personal data in accordance with GDPR art. 6(1)(a). When you register for our newsletter, we save the IP address assigned by your Internet service provider (ISP) along with the date and time of registration so that we can trace any misuse of your e-mail address at a later point in time. The data that we collect when you register for the newsletter is used exclusively for promotional purposes in the form of our newsletter. You can unsubscribe from the newsletter at any time by using the link provided for this in every newsletter. When you unsubscribe, your e-mail address will be immediately deleted from our newsletter mailing list, provided that you have not given your explicit consent to us continuing to use your data or that we do not reserve the right to use the data beyond the given scope in a manner legally allowed and about which we inform you in this notice.
Recipients or Categories of Recipients
Transfer to Non-EU/EEA Country
A data transfer takes place in the context of the integration of the above-mentioned integrated services in accordance with the data protection regulations listed below.
The controller processes and stores the data subject’s personal data only for the period of time required to achieve the purpose for which it is stored or only if the controller is required to store data on account of legislation or regulations that are passed by European Union legislators and regulators, or other legislators, and the controller is subject to this legislation or these regulations. Should there no longer be any reason to store the data or if a retention period prescribed by a European Union directive or regulation or by other relevant law expires, the personal data will be restricted from processing or deleted as a matter of routine and in accordance with statutory regulations.
Notice of Right to Object When Consent Is Selected as Legal Grounds
You have the right at any time to withdraw any consent given to the processing of your data. If you withdraw your consent, we will immediately delete the data concerned, provided there are no other legal grounds to support further processing. If you withdraw your consent, it will not affect the legality of the processing operations conducted until the time of the withdrawal.
Right to Complain to Data Protection Supervisory Authority
If you believe that the processing of your personal data violates the GDPR, GDPR art. 77 provides you the option of filing a complaint with the Privacy Officer named above or with a supervisory authority for data protection. The supervisory authority with jurisdiction over us is:
Der Hessische Datenschutzbeauftragte
Notice About Profiling and Scoring
Profiling and scoring does not take place.
Registered at Frankfurt am Main Local Court under PR 1393
VAT or W-ID Number VAT no.:
DE 112 149 675
Activities and trades subject to authorisation
Architektenkammer Hessen, Bierstadter Straße 2, 65189 Wiesbaden, www.akh.de Architektengesetz Hessen (ArchG) www.akh.de Statute on a professional code of conduct of the Hesse Chamber of Architects
The professional title of architect was awarded in the Federal Republic of Germany. The Fee Regulations for Architects and Engineers (HOAI) as well as the Professional Rules and Professional Regulations for Architects of the Chambers of Architects apply.
Further information can be found on the websites of the Federal Chamber of Architects (www. bundesarchitektenkammer. de) and the Association of German Architects (BDA) (www. bda-hessen. de), texts on the professional regulations of the regional chambers of architects: www. berufsordnung. de
Rights of the Data Subject
Der Hessische Datenschutzbeauftragte
The data controller has integrated Google Maps on this website. Google Maps (API) is a web service of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google") to display interactive (land) maps for visual representation of geographical information. By using this service, visitors to the website are shown the company's location and any directions are made easier. Information about the use of the respective website (such as the IP address) is transmitted to and stored by Google on servers in the USA as soon as the sub-pages into which the Google Maps map is integrated are accessed. This happens regardless of whether Google provides a user account through which the person concerned is logged in, or whether no user account exists. If the person concerned is logged in to Google, their data will be assigned directly to their account. If this assignment is not desired, the person concerned must log out before activating the button. Google saves the data (even for users who are not logged in) as usage profiles and evaluates them. Such an evaluation takes place in particular according to art. 6 para. 1 lit. f GDPR on the basis of the legitimate interests of Google in the insertion of personalised advertising, market research and/or demand-oriented design of its website. You have the right to object to the creation of these user profiles, whereby you must contact Google to exercise this right.
Data Protection Provisions for the Use of Google Fonts
The controller has integrated Google Fonts into this Web site. Google provides free fonts that can be used when designing Web sites. So that fonts can be displayed consistently, this Web site uses Web fonts that are provided by Google LLC., 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”). When visiting a page on our Web site, the data subject’s browser loads the required Web fonts into its cache so that it can display text and fonts correctly.
For this purpose, the browser used by the data subject must establish a connection with Google’s servers. This process informs Google of the corresponding page being visited from the data subject’s IP address. We use Google Web fonts in the interest of presenting our online offering consistently and appealingly. This represents a legitimate interest as provided in GDPR art. 6(1)(f). If the data subject’s browser does not support Web fonts, the data subject’s computer will use a default font. Google LLC., based in the United States, has been certified for the purposes of the U.S.-EU “Privacy Shield” data protection framework, which ensures compliance with the level of privacy required in the EU.
Data Protection Provisions for the Use of Facebook
The controller has integrated components from Facebook, Inc. into this Web site. Facebook is a social network.
A social network is a social meeting place and online community run on the Internet that usually enables users to communicate with each other and interact in a virtual setting. A social network can be used as a platform to exchange opinions and experiences or it enables the online community to provide personal or commercial information. Facebook enables the social network’s users to do things such as create private profiles, upload photos, and network with each other through friend requests. The company operating Facebook is Facebook, Inc., 1 Hacker Way, Menlo Park, CA 94025, United States. The entity controlling the processing of data, if the data subject is not resident in the United States or Canada, is Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. Every time an individual page is visited on this Web site, the latter being operated by the controller and featuring an integrated Facebook component (Facebook plug-in), the relevant Facebook component automatically causes the Web browser on the data subject’s information technology system to download a rendering of the corresponding Facebook component from Facebook. You can see an overview of all Facebook plug-ins at developers.facebook.com/docs/plugins/. This technological process involves Facebook receiving knowledge of the particular sub-site on our Web site that the data subject is visiting.
Every time the data subject visits our Web site and for the entire length of time he or she spends on our Web site, Facebook will identify the specific sub-site on our Web site that the data subject visits if he or she is simultaneously logged in to Facebook. This information is collected by the Facebook component and matched with the data subject’s Facebook account by Facebook. If the data subject clicks on one of the Facebook buttons integrated into our Web site, for example the “Like” button, or if the data subject leaves a comment, Facebook will match this information with the data subject’s personal Facebook account and store this personal data. The Facebook component always informs Facebook of the data subject visiting our Web site if the data subject is simultaneously logged in to Facebook at the time of visiting our Web site, irrespective of whether the data subject clicks on the Facebook component. If the data subject does not want this information to be transferred to Facebook in the described manner, he or she can prevent it being transferred by logging out of his or her Facebook account before visiting our Web site. The Data Policy published by Facebook, available at facebook.com/about/privacy/, provides information about Facebook’s collection, processing, and usage of personal data. Furthermore, it explains the settings that Facebook offers to protect the privacy of data subjects. Additionally, there are various applications available that make it possible to stop data from being transferred to Facebook. Data subjects can use these applications to prevent data from being transferred to Facebook.
Data Protection Provisions for the Use of LinkedIn
The controller has integrated components from LinkedIn Corporation into this Web site. LinkedIn is an online social network that enables users to connect with existing business contacts as well as new ones. LinkedIn has over 400 million registered users in more than 200 countries. This makes LinkedIn currently the largest platform for business contacts and one of the most visited Web sites in the world.
Data Protection Provisions for the Use of Xing
On this website, the controller has integrated components of XING. XING is an Internet-based social network that enables users to connect with existing business contacts and to create new business contacts. The individual users can create a personal profile of themselves at XING. Companies may, e.g. create company profiles or publish jobs on XING. The operating company of XING is XING SE, Dammtorstraße 30, 20354 Hamburg, Germany. With each call-up to one of the individual pages of this Internet site, which is operated by the controller and on which a XING component (XING plug-in) was integrated, the Internet browser on the information technology system of the data subject is automatically prompted to download a display of the corresponding XING component of XING. Further information about the XING plug-in the may be accessed under dev.xing.com/plugins. During the course of this technical procedure, XING gains knowledge of what specific sub-page of our website was visited by the data subject.
If the data subject is logged in at the same time on XING, XING detects with every call-up to our website by the data subject—and for the entire duration of their stay on our Internet site—which specific sub-page of our Internet page was visited by the data subject. This information is collected through the XING component and associated with the respective XING account of the data subject. If the data subject clicks on the XING button integrated on our Internet site, e.g. the "Share"-button, then XING assigns this information to the personal XING user account of the data subject and stores the personal data.
XING receives information via the XING component that the data subject has visited our website, provided that the data subject is logged in at XING at the time of the call to our website. This occurs regardless of whether the person clicks on the XING component or not. If such a transmission of information to XING is not desirable for the data subject, then he or she can prevent this by logging off from their XING account before a call-up to our website is made. The data protection provisions published by XING, which is available under www.xing.com/privacy, provide information on the collection, processing and use of personal data by XING. In addition, XING has published privacy notices for the XING share button under https://www.xing.com/app/share?op=data_protection.