Privacy Policy – Peter Bohn Architekten

Privacy Policy

1. An Overview of Data Protection

General Information
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data refers to all data that can be used to personally identify you. For detailed information on the subject of data protection, please consult our Privacy Policy as set out below.

Data Collection on This Website

Who is responsible for the data collection on this website?
Data processing on this website is carried out by the website operator. You can find their contact details in the section “Notice Concerning the Responsible Party” in this Privacy Policy.

How do we collect your data?
Some of your data is collected when you provide it to us. For instance, this may be data that you enter into a contact form.
Other data is collected automatically or upon your consent when you visit this website by our IT systems. This mainly includes technical data (e.g. internet browser, operating system, or the time of page access). Such data is collected automatically once you enter this website.

What do we use your data for?
Part of the data is collected to ensure the website’s error-free provision. Other data may be used to analyze your user behavior. Insofar as contracts can be concluded or initiated via the website, the data you submit will also be processed for contract offers, orders, or other requests for services.

What rights do you have regarding your data?
You have the right at any time to receive, free of charge, information about the origin, recipients, and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent for data processing, you may revoke this consent at any time with effect for the future. Furthermore, you have the right to demand the restriction of the processing of your personal data under certain circumstances.
You also have the right to lodge a complaint with the competent supervisory authority. Please feel free to contact us at any time regarding any further questions about data protection.

Analytics Tools and Third-Party Tools
When visiting this website, your surfing behavior may be statistically evaluated. This is primarily done via so-called analytics programs. Detailed information about these analytics programs can be found in the following Privacy Policy.

2. Hosting
We host the contents of our website with the following provider:

IONOS
The provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany (hereinafter “IONOS”). When you visit our website, IONOS collects various log files including your IP addresses. For details, please refer to the IONOS Privacy Policy:
https://www.ionos.de/terms-gtc/terms-privacy.

Use of IONOS is based on Art. 6(1)(f) of the GDPR. We have a legitimate interest in a reliable presentation of our website. If we have requested the relevant consent, processing will be carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as the consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Order Processing
We have concluded a contract on order processing (AVV) with the provider named above. This is a data protection–required agreement that ensures they only process the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.

3. General Notes and Mandatory Information

Data Protection
The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with statutory data protection regulations as well as this Privacy Policy.
When you use this website, various personal data is collected. Personal data is data that can be used to personally identify you. This Privacy Policy explains which data we collect and what we use it for. It also explains how and for what purpose this occurs.
We would like to point out that data transmission over the Internet (e.g. when communicating via email) can have security gaps. Complete protection of data from access by third parties is not possible.

Notice Concerning the Responsible Party

The party responsible for data processing on this website is:

Peter Bohn Architekten GmbH
Roßmarkt 6
80331 München
Germany
Phone: +49 (089) 24292490
Email: mail@peterbohn.com
The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).

Storage Period
Unless a more specific storage period has been stated in this Privacy Policy, your personal data remains with us until the purpose for processing the data no longer applies. If you assert a legitimate request for deletion or revoke your consent to data processing, your data will be deleted unless we have other legally permissible grounds for storing your personal data (e.g. retention periods under tax or commercial law). In the latter case, deletion will take place once these grounds cease to apply.

General Information on the Legal Bases for Data Processing on This Website
Where you have given consent to data processing, we process your personal data on the basis of Art. 6(1)(a) GDPR and/or Art. 9(2)(a) GDPR, if special data categories pursuant to Art. 9(1) GDPR are processed. In the event of explicit consent to the transfer of personal data to third countries, data processing is also performed on the basis of Art. 49(1)(a) GDPR. Where you have consented to the storage of cookies or to access to information on your device (e.g. via device fingerprinting), data processing is also based on § 25(1) TDDDG. Such consent may be revoked at any time. If your data is required for the performance of a contract or for pre-contractual measures, we process your data on the basis of Art. 6(1)(b) GDPR. Furthermore, if the processing of your data is necessary for the fulfillment of a legal obligation, we process it on the basis of Art. 6(1)(c) GDPR. Data processing may also be based on our legitimate interest under Art. 6(1)(f) GDPR. You will find information about the relevant legal basis in each specific case in the following paragraphs of this Privacy Policy.

Data Protection Officer

We have appointed a data protection officer:

Fan Xue
Peter Bohn Architekten GmbH
Roßmarkt 6
80331 München
Germany
Phone: +49 (089) 24292490 / extension (089) 74031852
Email: f.xue@peterbohn.com

Recipients of Personal Data

In the course of our business activities, we collaborate with various external entities. Sometimes it is necessary to transfer personal data to these external entities. We only pass on personal data if this is necessary to fulfill a contract, if we are legally obligated to do so (e.g. disclosure to tax authorities), if we have a legitimate interest under Art. 6(1)(f) GDPR in sharing the data, or if another legal basis permits the data transfer. When engaging processors, we only share our customers’ personal data on the basis of a valid order processing contract. In the case of joint processing, a contract governing joint responsibility will be concluded.

Revocation of Your Consent to Data Processing
Many data processing operations are only possible with your express consent. You can revoke any previously granted consent at any time. The legality of any data processing carried out prior to revocation remains unaffected by such revocation.

Right to Object to Data Collection in Special Cases and to Direct Advertising (Art. 21 GDPR)
If data processing is based on Art. 6(1)(e) or Art. 6(1)(f) GDPR, you have the right at any time to object, on grounds relating to your particular situation, to the processing of your personal data. This also applies to any profiling based on these provisions. Please consult this Privacy Policy to determine the legal basis on which any processing is based. If you object, we will cease processing your affected personal data unless we can demonstrate compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or if the processing serves to establish, exercise, or defend legal claims (objection pursuant to Art. 21(1) GDPR).

If your personal data is processed for the purposes of direct advertising, you have the right at any time to object to the processing of data concerning you for such advertising purposes, including profiling to the extent that it is related to such direct advertising. If you object, your personal data will no longer be used for direct advertising (objection pursuant to Art. 21(2) GDPR).

Right to Lodge a Complaint with the Competent Supervisory Authority
In the event of a violation of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, particularly in the member state of their habitual residence, place of work, or place of the alleged infringement. The right to lodge a complaint exists without prejudice to any other administrative or judicial remedies.

Right to Data Portability
You have the right to have data that we process automatically on the basis of your consent or in the performance of a contract handed over to you or to a third party in a commonly used, machine-readable format. If you request the direct transfer of data to another controller, this will only happen to the extent technically feasible.

Access, Rectification, and Erasure
Within the framework of applicable legal provisions, you have the right at any time to obtain free information about your stored personal data, its origin, recipients, and the purpose of data processing, and, where applicable, the right to rectification or deletion of this data. Please feel free to contact us at any time regarding any further questions concerning personal data.

Right to Restrict Processing
You have the right to request the restriction of the processing of your personal data. You can contact us at any time for this purpose. The right to restrict processing applies in the following cases:

If you dispute the accuracy of your personal data stored by us, we generally need time to verify this. For the duration of this verification, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is unlawful, you can request the restriction of data processing instead of erasure.
If we no longer need your personal data, but you need it to establish, exercise, or defend legal claims, you have the right to request the restriction of the processing of your personal data instead of its erasure.
If you have lodged an objection pursuant to Art. 21(1) GDPR, a balance must be struck between your interests and ours. Pending the determination of whose interests prevail, you have the right to request the restriction of the processing of your personal data.
If you have restricted the processing of your personal data, such data—apart from being stored—may only be processed with your consent or for the establishment, exercise, or defense of legal claims, to protect the rights of another natural or legal person, or for reasons of an important public interest of the European Union or a member state.

SSL or TLS Encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries you send to us as the site operator, this site uses SSL or TLS encryption. An encrypted connection can be identified by the browser’s address line changing from “http://” to “https://” and by the lock symbol in your browser line.
When SSL or TLS encryption is enabled, the data you transmit to us cannot be read by third parties.

Objection to Promotional Emails
We hereby object to the use of contact data published under the legal notice requirements for the purpose of sending unsolicited advertising and information materials. The operators of these pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for instance, through spam emails.

4. Data Collection on This Website

Cookies
Our web pages use “cookies.” Cookies are small data packages that do not harm your device. They may either be stored temporarily for the duration of a session (session cookies) or permanently (permanent cookies) on your device. Session cookies are automatically deleted after your visit. Permanent cookies remain stored on your device until you delete them yourself or until they are automatically removed by your web browser.

Cookies can originate from us (first-party cookies) or from third-party companies (so-called third-party cookies). Third-party cookies enable the integration of certain services from third-party companies within websites (e.g. cookies for handling payment services).

Cookies serve various functions. Many cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or displaying videos). Other cookies may be used to evaluate user behavior or for advertising purposes.

Cookies that are required to carry out the electronic communication process, to provide certain functions requested by you (e.g. the shopping cart function), or to optimize the website (e.g. cookies that measure web audience) are stored on the basis of Art. 6(1)(f) GDPR unless another legal basis is specified. The website operator has a legitimate interest in storing necessary cookies for the technically error-free and optimized provision of its services. Where consent has been requested for the storage of cookies or for similar recognition technologies, processing is carried out solely on the basis of this consent (Art. 6(1)(a) GDPR and § 25(1) TDDDG); consent can be revoked at any time.

You can configure your browser such that you are informed about the setting of cookies, allow cookies only on a case-by-case basis, exclude the acceptance of cookies in certain cases or in general, and enable the automatic deletion of cookies when closing the browser. Disabling cookies may limit the functionality of this website.

You can find out which cookies and services are used on this website in this Privacy Policy.

Consent with Complianz
Our website uses the Complianz consent technology to obtain your consent to store certain cookies on your device or to use certain technologies, and to document this in a data protection–compliant manner. The provider of this technology is Complianz B.V., Kalmarweg 14-5, 9723 JG Groningen, The Netherlands (hereinafter “Complianz”).

Complianz is hosted on our servers, so no connection is established with the servers of Complianz’s provider. Complianz stores a cookie in your browser so that the consents granted or any revocations of consent can be attributed to you. The data collected in this way is stored until you request us to delete it, delete the Complianz cookie yourself, or the purpose for storing the data no longer applies. Statutory retention obligations remain unaffected.

The use of Complianz is intended to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.

Real Cookie Banner
Our website uses the Real Cookie Banner consent technology to obtain your consent to store certain cookies on your device or to use certain technologies, and to document this in a data protection–compliant manner. The provider of this technology is devowl.io GmbH, Tannet 12, 94539 Grafling, Germany (hereinafter “Real Cookie Banner”).

Real Cookie Banner is locally installed on our servers, meaning that no connection to the Real Cookie Banner provider’s servers is established. Real Cookie Banner stores a cookie in your browser so that any consent you grant or revoke can be attributed to you. The data collected in this way is stored until you request us to delete it, delete the Real Cookie Banner cookie yourself, or the purpose for storing the data no longer applies. Statutory retention obligations remain unaffected.

The use of Real Cookie Banner is intended to obtain the legally required consents for the use of cookies. The legal basis for this is Art. 6(1)(c) GDPR.

Server Log Files
The provider of these pages automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information includes:

Browser type and browser version
Operating system used
Referrer URL
Hostname of the accessing computer
Time of the server request
IP address
This data is not merged with any other data sources.

This data is collected on the basis of Art. 6(1)(f) GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of its website; for this purpose, the server log files must be recorded.

Inquiries by Email, Telephone, or Fax
If you contact us by email, telephone, or fax, your inquiry, including all personal data resulting from it (name, request), will be stored and processed by us for the purpose of handling your request. We do not share this data without your consent.

The processing of this data is based on Art. 6(1)(b) GDPR, provided that your inquiry is related to the fulfillment of a contract or necessary for carrying out pre-contractual measures. In all other cases, processing is based on our legitimate interest in the effective handling of inquiries addressed to us (Art. 6(1)(f) GDPR) or on your consent (Art. 6(1)(a) GDPR) if requested; consent can be revoked at any time.

Data sent to us via contact inquiries remains with us until you request us to delete it, revoke your consent to store it, or until the purpose for data storage no longer applies (e.g. after completing the processing of your request). Mandatory statutory provisions — in particular statutory retention periods — remain unaffected.

5. Plugins and Tools

Google Maps
This site uses the map service Google Maps. The provider is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland. Using this service allows us to integrate map material on our website.

To use Google Maps features, it is necessary to store your IP address. This information is generally transmitted to and stored on a Google server in the USA. The operator of this website has no influence over this data transmission. If Google Maps is enabled, Google may use Google Fonts to ensure the uniform display of fonts. When you call up Google Maps, your browser loads the required web fonts into its browser cache to display texts and fonts correctly.

The use of Google Maps is in the interest of an appealing presentation of our online services and to make it easy to find the locations we specify on the website. This represents a legitimate interest pursuant to Art. 6(1)(f) GDPR. If consent has been requested, processing is carried out exclusively on the basis of Art. 6(1)(a) GDPR and § 25(1) TDDDG, insofar as consent includes the storage of cookies or access to information on the user’s device (e.g. device fingerprinting) within the meaning of the TDDDG. Consent can be revoked at any time.

Data transfer to the USA is based on the European Commission’s Standard Contractual Clauses (SCC). Details are available here:
https://privacy.google.com/businesses/gdprcontrollerterms/ and
https://privacy.google.com/businesses/gdprcontrollerterms/sccs/.

For more information on how Google handles user data, please see Google’s Privacy Policy:
https://policies.google.com/privacy?hl=en.

Google is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an arrangement between the European Union and the USA meant to ensure compliance with European data protection standards for data processing in the USA. Every company certified under the DPF is obligated to comply with these data protection standards. For more information, please consult the provider at the following link:
https://www.dataprivacyframework.gov/participant/5780.

6. Audio and Video Conferences

Data Processing

We use, among other tools, online conference tools to communicate with our customers. The specific tools we use are listed below. If you communicate with us via audio or video conference over the Internet, your personal data will be recorded and processed both by us and by the provider of the conference tool in question.

The conference tools collect all data that you provide or use to access these tools (email address and/or phone number). The conference tools also process the duration of the conference, start and end times (time) of participation in the conference, the number of participants, and other “context information” relating to the communication process (metadata).

Furthermore, the provider of the tool processes all technical data required for online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or speaker, and the type of connection.

If content is exchanged, uploaded, or otherwise provided within the tool, it is also stored on the servers of the tool provider. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards, and other information shared while using the service.

Please note that we do not have complete control over the data processing procedures of the tools used; our options are largely determined by the provider’s corporate policies. For further information on data processing by the individual conference tools, please refer to the privacy policies of the respective tools, listed below this text.

Purpose and Legal Bases
Conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6(1)(b) GDPR). Additionally, the use of these tools serves to generally facilitate and expedite communication with us or our company (legitimate interest within the meaning of Art. 6(1)(f) GDPR). If consent has been requested, the relevant tools are used on the basis of this consent; consent may be revoked at any time with effect for the future.

Storage Period
Data collected directly by us via video and conference tools is erased from our systems once you request its deletion, revoke your consent for storage, or the purpose for storing the data no longer applies. Cookies stored remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.
We have no influence over the storage period of your data that is stored by the operators of the conference tools for their own purposes. For details, please consult the operators of the conference tools directly.

Conference Tools Used

We use the following conference tool:

Microsoft Teams
We use Microsoft Teams. The provider is Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. For details on data processing, please see the Microsoft Teams Privacy Policy:
https://privacy.microsoft.com/en-us/privacystatement.

Microsoft is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an arrangement between the European Union and the USA meant to ensure compliance with European data protection standards for data processing in the USA. Each company certified under the DPF is obligated to adhere to these data protection standards. For more information, please consult the provider at the following link:
https://www.dataprivacyframework.gov/participant/6474.

Order Processing
We have concluded a data processing agreement (DPA) with the provider mentioned above. This is a contract mandated by data protection law that ensures the provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the GDPR.