Mitglied werden

Privacy guidelines

Duty to provide information when collecting personal data in accordance with Article 13 GDPR

Thank you for visiting the website of Oeko-Institut Consult GmbH and for your interest in our work. We take the protection of your personal data very seriously. We would like to explain what kind of information Oeko-Institut Consult GmbH collects during your visit to our website and during further processing and how it is used.

Oeko-Institut Consult GmbH is an independent, private environmental research institute and its legal form is that of a limited liability company (GmbH).

1. Information on the collection of personal data

(1) In the following, we provide information about the processing of personal data when using our website. Personal data is all data that can be related to you personally, e.g. name, address, email addresses, user behaviour. In doing so, we would like to inform you about our processing procedures and at the same time fulfil our legal obligations, in particular those arising from the EU General Data Protection Regulation (GDPR).

(2) The controller responsible for the processing of your personal data within the meaning of Art. 4 No. 7 GDPR is Oeko-Institut Consult GmbH, Borkumstraße 2, D-13189 Berlin, phone +49 030 405085-100, email: info@oeko-consult.de. Further information about our company can be found in the legal notice on our website.

(3) When you contact us by email or a contact form, the data you provide (your e-mail address, your name and telephone number if applicable) will be stored by us in order to answer your questions. If the enquiry is associated with a contract, we delete the data arising in this context after the contract period or otherwise after the storage is no longer required or restrict the processing if there are statutory retention obligations. Data processing for the purpose of contacting us and answering your questions is carried out in accordance with Article 6 paragraph 1 sentence 1a) GDPR based on your voluntarily given consent.

2. Processing of personal data when visiting our website

When using the website for information purposes, i.e. simply viewing it without registering and without providing us with any other information, we process the personal data that your browser transmits to our server. The data described below is technically necessary for us to display our website to you and to ensure stability and security and must therefore be processed by us. The legal basis for this is Art. 6 para. 1 sentence 1 lit. f GDPR:

  • IP address,
  • date and time of the enquiry,
  • time zone difference to Greenwich Mean Time (GMT),
  • content of the request (page visited),
  • access status/HTTP status code,
  • amount of data transferred in each case,
  • previously visited page,
  • browser,
  • operating system, and
  • language and version of the browser software.

3. Use of cookies on our website

We use cookies on our websites. Cookies are small text files that are assigned to the browser you are using and stored on your hard drive by means of a characteristic character string and through which certain information flows to the location that sets the cookie. Cookies cannot execute programmes or transfer viruses to your computer and therefore cannot cause any damage. They serve to make the website more user-friendly and effective overall, i.e. more pleasant for you.

Cookies can contain data that makes it possible to recognise the device used. In some cases, however, cookies only contain information on certain settings that are not personally identifiable. However, cookies cannot directly identify a user.

A distinction is made between session cookies, which are deleted as soon as you close your browser, and permanent cookies, which are stored beyond the individual session. We only use technical cookies. These are absolutely necessary in order to move around the website, use basic functions and ensure the security of the website; they do not collect information about you for marketing purposes or store which websites you have visited.

The legal basis for these cookies, which are technically absolutely necessary in order to provide you with the expressly requested service, is § 25 para. 2 no. 2 of the German Telecommunications-Telemedia Data Protection Act (TTDSG).

4. Data erasure and storage duration

For the processing operations carried out by us, we indicate below how long the data is stored by us and when it is deleted or blocked. Unless an explicit storage period is specified below, your personal data will be erased or blocked as soon as the purpose or legal basis for storage no longer applies. Your data will only be stored on our servers in Europe.

However, data may be stored beyond the specified period in the event of an (impending) legal dispute with you or other legal proceedings or if storage is provided for by statutory provisions to which we, as the controller, are subject (e.g. Section 257 of the German Commercial Code (HGB), Section 147 of the Fiscal Code of Germany (AO)). If the storage period prescribed by the statutory provisions expires, the personal data will be blocked or erased unless further storage by us is necessary and there is a legal basis for this.

5. No automated decision-making (including profiling)

We do not intend to use personal data collected from you for automated decision-making (including profiling).

6. No obligation to provide personal data

We do not make the conclusion of contracts with us dependent on you providing us with personal data beforehand. As a customer, you are under no legal or contractual obligation to provide us with your personal data; however, we may only be able to provide certain services to a limited extent or not at all if you do not provide the necessary data. If this should be the case in the context of the products presented below and offered by us, you will be informed of this separately.

7. Legal obligation to transmit certain data

We may be subject to a special legal or statutory obligation to provide the lawfully processed personal data to third parties, in particular public authorities (Art. 6 para. 1 sentence 1 lit. c GDPR).

8. Data security

We take appropriate technical and organisational measures to protect your personal data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties (e.g. TLS encryption for our website), taking into account the state of the art, the implementation costs and the nature, scope, context and purpose of the processing as well as the existing risks of a data breach (including its probability and effects) for the data subject. Our security measures are continuously improved in line with technological developments. We will be happy to provide you with more detailed information upon request.

9. Your rights

You have the following rights vis-à-vis the above-mentioned controller with regard to your personal data:

  • the right of access to the data processed and a right to a copy of the data processed;
  • the right to correction if we process inaccurate data concerning you;
  • the right to erasure, unless exceptions apply as to why we are still storing the data, for example, retention obligations or statutes of limitation;
  • the right to restriction of the processing of data;
  • the right to withdraw consent to data processing at any time;
  • the right to object to processing of data in the public or legitimate interest;
  • the right to data portability;
  • the right to lodge a complaint with the competent supervisory authority in case you consider that we are not processing your data in accordance with the applicable regulations. The State Commissioner for Data Protection and Freedom of Information in Baden-Wuerttemberg is responsible for our association. However, if you are in another state (Land) of Germany or outside of Germany, you may also contact the data protection authority in your location.