Privacy Policy

We, as the operator of the website at www.behnisch.com (also "website"), are responsible in the sense of the applicable data protection law, in particular the General Data Protection Regulation ("GDPR"), for the personal data of the user ("you") of this website.

In the following, we inform you clearly within the scope of our information obligations (Art. 13 et seq. GDPR) about what data is processed when you visit our website and on what legal basis this is done. You will also receive information about how we protect your data from a technical and organizational point of view and what rights you have vis-à-vis us and the competent supervisory authority.

Behnisch Architekten Partnerschaft mbB, Stuttgart
Rotebühlstraße 163A
70197 Stuttgart
Germany
Phone +49 711 60772-0
Fax +49 711 60772-99
Mail buerostuttgart@behnisch.com

We have appointed a company data protection officer: 

DS Compliance GmbH
Michal Nachtigall
Carlsplatz 24
40213 Düsseldorf
Tel: 0211 942 588 - 24
E-Mail: m.nachtigall@wecomply.de

Informational use of our website  

When you access our website for the purpose of visiting it, so-called log files are processed by being automatically recorded by our system. The following log files are processed automatically: 
•IP address of the requesting computer 
•type of Internet browser used 
•language of the Internet browser used 
•version of the Internet browser used 
•Operating system and its version 
•Operating system interface 
•Pages visited 
•Date and time of the visit 
•Time zone difference from Greenwich Mean Time (GMT) 
•Access status/http status code 
•Amount of data transferred 
•Referrer 
•Websites accessed by the visitor's system via our website 
•Internet service provider of the user 

The log files contain your IP address and possibly other personal data. Therefore, an association with you is possible in principle. However, we only temporarily store your data, not with other personal data.

The processing of the above data is necessary for the provision of our website. We also store the data for the purpose of the security of our information technology systems. In these purposes is also our legitimate interest to process the data on the legal basis Art. 6 (1) lit. f GDPR. The log files containing your IP address are deleted or anonymized immediately after they are no longer required to achieve the aforementioned purposes, but at the latest after three days.

This website uses the open source analysis tool MATAMO (matomo.org) to generate statistical evaluations about the use of the website. MATAMO stores the collected data (including time, page accessed, browser used, operating system) in a database. The analyses generated by MATAMO are completely anonymised and cannot be used to identify individual persons. IP addresses are made unrecognisable before they enter the database in order to comply with legal requirements. The stored data is not linked to other data sources or passed on to third parties.

We have integrated map sections of the online mapping tool "OpenStreetMap" on our website. This is a so-called open source mapping, which we can access via an API (interface). This function is offered by OpenStreetMap Foundation, St John's Innovation Centre, Cowley Road, Cambridge, CB4 0WS, United Kingdom. By using this map function, your IP address is forwarded to OpenStreetMap.

When you visit one of our websites that offers OpenStreetMap, user data is transmitted to the service and stored there. OpenStreetMap collects, for example, information about your interactions with the digital map, your IP address, data about your browser, device type, operating system and on which day and at what time you used the service. Tracking software is also used to record user interactions for this purpose. The company specifies the analysis tool "Piwik" here in its own privacy policy.

The collected data is subsequently accessible to the corresponding working groups of the OpenStreetMap Foundation. According to the company, personal data is not passed on to other persons or companies unless this is legally necessary. The third-party provider Piwik does store your IP address, but in shortened form. For more information on how user data is handled, see the OpenStreetMap Foundation privacy policy at:
https://wiki.osmfoundation.org/wiki/Privacy_Policy

Our website uses plugins of the video portal Vimeo. The provider is Vimeo Inc, 555 West 18th Street, New York, New York 10011, USA. When you start one of our pages equipped with a Vimeo plugin, a connection to the Vimeo servers is established. This tells the Vimeo server which of our pages you have visited. In addition, Vimeo obtains your IP address. This also applies if you are not logged in to Vimeo or do not have an account with Vimeo. The information collected by Vimeo is transmitted to the Vimeo server in the USA.

If you are logged into your Vimeo account, you enable Vimeo to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your Vimeo account. For more information on the handling of user data, please see Vimeo's privacy policy at:
vimeo.com/privacy

We have integrated Instagram functions on our website. Instagram is a social media platform of the company Instagram LLC, 1601 Willow Rd, Menlo Park CA 94025, USA. Instagram has been a subsidiary of Meta Platforms Inc. since 2012 and is part of the Facebook products. Embedding Instagram content on our website is called embedding. This allows us to show you content such as buttons, photos or videos from Instagram directly on our website. When you visit web pages on our website that have an Instagram function integrated, data is transmitted to Instagram, stored and processed. Instagram uses the same systems and technologies as Facebook. Your data is thus processed across all Facebook companies. For more information on the handling of user data, please see Instagram's privacy policy at:
https://www.facebook.com/privacy/policy

On our site, we use social plugins provided by EmbedSocial, operated by EmbedSocial, Boulevard Saint Clement of Ohrid 52, 1000 Skopje, Macedonia ("EmbedSocial"). We use these plugins to display user reviews on social media bundled on our website.

When you visit a page that contains such a plugin, your browser establishes a direct connection to EmbedSocial's servers. In doing so, the plugin transmits log data to the EmbedSocial server. This log data may contain your IP address, type and settings of the browser, date and time of the request, your usage of EmbedSocial and cookies.

The use of the EmbedSocial plugin is based on Art. 6 (1) lit. f GDPR. The website operator has a legitimate interest in ensuring the greatest possible visibility in social media.For more information on the purpose, scope and further processing and use of data by EmbedSocial, as well as your rights in this regard and options for protecting your privacy, please refer to the privacy notices of Embed Social:
https://embedsocial.com/privacy-policy/

We use Adobe Fonts, a web font hosting service, on our website. The service provider is the American company Adobe Inc. The Irish company Adobe Systems Software Ireland Companies, 4-6 Riverwalk, Citywest Business Campus, Dublin 24, Ireland, is responsible for the European region.

Adobe also processes data from you in the USA, among other places. We would like to point out that according to the opinion of the European Court of Justice, there is currently no adequate level of protection for the transfer of data to the USA. This may pose various risks to the lawfulness and security of data processing.

As a basis for data processing with recipients located in third countries (outside the European Union, Iceland, Liechtenstein, Norway, i.e. in particular in the USA) or a data transfer there, Adobe uses so-called standard contractual clauses (= Art. 46. para. 2 and 3 GDPR). Standard Contractual Clauses (SCC) are templates provided by the EU Commission and are intended to ensure that your data complies with European data protection standards even if it is transferred to and stored in third countries (such as the USA). Through these clauses, Adobe undertakes to comply with the European level of data protection when processing your relevant data, even if the data is stored, processed, and managed in the United States. These clauses are based on an implementing decision of the EU Commission. You can find the decision and the corresponding standard contractual clauses here, among other places:
https://eur-lex.europa.eu/eli/dec_impl/2021/914/oj?locale=de

For more information about the data processed and the standard contractual clauses at Adobe, see https://www.adobe.com/de/privacy/eudatatransfers.html.

If we process your data, you are a "data subject" within the meaning of the GDPR. You have the following rights: right to information, right to rectification, right to restriction of processing, right to erasure, right to information, and right to data portability. In addition, you have a right of objection and a right of revocation. 

Below you will find details on the individual rights:

You have the right to request confirmation from us as to whether we are processing your personal data. If we process your personal data, you have the right to obtain information about the following: 

•the purposes of processing
•the categories of personal data that are processed;
•the recipients or categories of recipients to whom your personal data have been or will be disclosed, in particular in the case of recipients in third countries or international organizations;
•if possible, the planned duration for which your personal data will be stored or, if this is not possible, the criteria for determining this duration;
•the existence of a right to rectification or erasure of personal data concerning you or to restriction of processing by us or a right to object to such processing;
•the existence of a right of appeal to a supervisory authority;
•if the personal data was not collected directly from you, all available information about the origin of the data;
•the existence of automated decision-making including profiling pursuant to Article 22 (1) and (4) of the GDPR and - at least in these cases - meaningful information about the logic involved and the scope and intended effects of such processing for you.

If we transfer your data to an international organization or to a third country, you also have the right to request information about whether appropriate safeguards exist in accordance with Article 46 of the GDPR in connection with the transfer. 

You have the right to correct and/or complete the data we have stored about you if this data is incorrect or incomplete. We will carry out the correction or completion without delay. 

Under certain circumstances, you have the right to demand that we restrict the processing of your personal data. At least one of the following conditions must be met:  

•You dispute the accuracy of the personal data for a period of time that allows us to verify the accuracy of the personal data,
•The processing is unlawful and you object to the erasure of the personal data and instead request the restriction of the use of the personal data;
•We no longer need the personal data for the purposes of processing, but you need it for the assertion, exercise, or defense of legal claims; or
•You have objected to the processing pursuant to Art. 21 (1) GDPR as long as it has not yet been determined whether our legitimate grounds outweigh your interests.

You have the right to demand that we delete your personal data immediately if we are obliged to do so. This is the case if one of the following conditions is met:

•Your personal data is no longer necessary for the purposes for which it was collected or otherwise processed.
•You revoke your consent on which the processing was based pursuant to Art. 6 (1) lit. a or Art. 9 (2) lit. a GDPR and there is no other legal basis for the processing.
•You object to the processing pursuant to Art. 21 (1) GDPR and there are no overriding legitimate grounds for the processing, or you object to the processing pursuant to Art. 21 (2) GDPR.
•Your personal data have been processed unlawfully.
•The deletion of the personal data is necessary for compliance with a legal obligation under Union or Member State law to which we are subject.
•Your personal data was collected in relation to information society services offered pursuant to Art. 8 (1) GDPR. 

If we have made your personal data public and we are obliged to erase it in accordance with the aforementioned conditions, we shall take reasonable measures, including technical measures, to inform other data controllers processing the personal data that you have requested that we erase all links to or copies or replications of that personal data, taking into account the technologies and implementation costs available to us.

However, your right to erasure does not exist if the processing is necessary for the following reasons (exceptions): 

•To exercise the right to freedom of expression and information;
•for compliance with a legal obligation which requires processing under Union or Member State law to which we are subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us;
•for reasons of public interest in the area of public health pursuant to Art. 9 (2) lit. h and i and Art. 9 (3) GDPR;
•for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes pursuant to Article 89 (1) of the GDPR, insofar as the right referred to in (1) is likely to render impossible or seriously prejudice the achievement of the purposes of such processing, or
•for the assertion, exercise, or defense of legal claims.

If you have exercised your right to rectify, erase or restrict the processing of your data, we are obliged to notify all recipients to whom we have disclosed your personal data of the rectification, erasure, or restriction of the processing of your data, unless this proves impossible or involves a disproportionate effort. 

You have the right, subject to the following condition, to receive the personal data you have provided to us in a structured, commonly used, and machine-readable format and the right to have this data transferred to another controller: 

(1) the processing is based on consent pursuant to Art. 6 (1) lit. a or Art. 9 (2) lit. a GDPR or on a contract pursuant to Art. 6 (1) lit. b and(2) the processing is carried out with the help of automated processes.

In this context, you have the right to obtain that we transfer your personal data directly to another controller, insofar as this is technically feasible and freedoms and rights of other persons are not affected thereby. 

This right to data portability does not apply if the processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in us.

You have the right to object at any time, on grounds relating to your particular situation, to the processing of your personal data based on Art. 6 (1) lit. e or lit. f GDPR. This also applies to profiling based on these provisions. 

We will no longer process your personal data after an objection unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims. 

If we process your personal data for the purpose of direct marketing, you have the right to object at any time to the processing of your personal data for the purpose of such marketing. This also applies to profiling, insofar as it is related to direct advertising. 

If you object to the processing of your personal data for direct marketing purposes, we will no longer process it for these purposes. 

You have the option, in connection with the use of information society services - notwithstanding Directive 2002/58/EC (Directive on privacy and electronic communications) - to exercise your objection by means of automated procedures using technical specifications.

Pursuant to Art. 7 (3) GDPR, you have the right to revoke your consent at any time.  The withdrawal of consent does not retroactively invalidate the lawfulness of the processing.

You have the right to lodge a complaint with a supervisory authority, without prejudice to any other administrative or judicial remedy. In particular, you may exercise your right to lodge a complaint in the Member State of your residence, your place of work or the place of the alleged infringement if you consider that the processing of your personal data infringes the GDPR. 

You can find an overview of the respective data protection commissioners of the federal states as well as their contact details under the following link:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.

As of May 25, 2018. Data protection customized. www.datenschutz-stuttgart.com