Privacy policy

The following provides information on how personal data is collected when using this website. Personal data are all data that can be personally related to you, e.g. your name, your address, your email address, etc.

1. Details pursuant to the General Data Protection Regulation Art. 4 para 4 GDPR

Controller pursuant to the EU General Data Protection Regulation (GDPR) and Provider of Services pursuant to the German Telemedia Act (TMG) is:

HafenCity Hamburg GmbH
Osakaallee 11
20457 Hamburg

2. Data protection officer contact

You can reach our data protection officer as follows:

Betrieblicher Datenschutzbeauftragter
der HafenCity Hamburg GmbH
Osakaallee 11
20457 Hamburg
datenschutz@hafencity.com

3. Collection of personal data when you visit our website

The type and extent of the processing of your personal data depends on whether you visit our website merely to call up information (see 3.1) or contact us (see 5). Concerning the use of so-called cookies, see section 3.2 of this policy.

3.1 When using the website for information purposes only, i.e. if you do not contact us via our contact form, the only personal data we collect are those that your browser sends to our server. If you wish to view our website, we collect the following data that are technically necessary for us in order to display our website and to ensure its stability and security (the legal basis for this is Art. 6 para 1 f GDPR).

3.1.1 IP address; host name of the accessing computer; date and time of the request; content of the request (concrete page); access status/http status code; amount of data transferred in each case; website sending the request (referrer URL), browser type and version; operating system and its interface; language and version of the browser software.

3.1.2 These data are stored in our system’s log files.

3.2 In addition to the data mentioned above, cookies are stored on your computer when you use our website. Cookies are small text files placed on your hard drive, according to the browser you are using, by which certain information is transmitted to the site that sets the cookie (in this case, to us). Cookies cannot run any programs or transmit viruses to your computer. Their purpose is to make the website as a whole more user friendly and efficient.

3.2.1 This website uses the following types of cookies, whose scope and function are explained below: transient cookies (see 3.2.2) and persistent cookies (see 3.2.3).

3.2.2 Transient cookies are automatically erased when you close your browser. These include, in particular, session cookies. These store a so-called session ID through which different requests from your browser can be assigned to the common session. This enables your computer to be recognized when you return to our website. Session cookies are erased when you log out or close the browser.

3.2.3 Persistent cookies are erased automatically after a preset period that can vary from cookie to cookie. You can delete these cookies at any time through your browser’s security settings.

3.2.4 You can configure your browser settings to suit your wishes and e.g. refuse third-party cookies or all cookies. However, please note that, if you do this, you may not be able to use all the functions of this website.

4. Data erasure and storage duration

4.1 We erase personal data (Art. 17 GDPR) as soon as the purpose for their storage no longer applies, or we restrict their processing (Art. 18 GDPR). In addition, storage may take place if this is provided for by the European or national legislator in EU regulations, laws or other rules to which we are subject. Erasure of data or restriction of processing also occurs when a storage period prescribed by the aforementioned standards expires, unless further storage of the data is necessary for the conclusion or performance of a contract.

4.2 This provision applies to all data generation and data processing operations listed in this policy unless otherwise specified in individual cases.

In the case of storage of data in log files (see 3.1.2 of this policy) the purpose of storage shall cease to apply after seven days at the latest. Storage beyond this period is possible, however. In this case, the IP addresses of users will be erased or anonymized so that the data can no longer be assigned to the accessing client.

5. Email contact

5.1 If you contact us by email, we will process the data you provide (email address and, if necessary, your name, address and phone number) so that we can answer your questions. We erase the data arising in this context once storage is no longer necessary for this purpose, or we will restrict processing if there are legal storage obligations. In this context, data will not be shared with third parties. Data will be used only for processing the email exchange.

5.2 The legal basis for processing data transmitted in the course of sending an email is Art. 6 para 1 f GDPR (legitimate interests).

5.3 Data are erased as soon as they are no longer required for the purpose for which they were collected. For personal data from the input screen of the contact form and those transmitted by email, this is the case when the exchange with the user has ended. The exchange is considered to have ended when it is clear from the circumstances that the matter in question has been conclusively clarified. Personal data additionally collected during the process of sending the message (see 5.2) will be erased after seven days at the latest.

6. Recipients

Unless explicitly stated in this privacy policy, we do not share personal data collected via this website with third parties or other recipients. An exception is made for external service providers who provide us with IT services relating to the creation, modification and maintenance of this website and who may gain access to personal data in this context.

7. Font Awesome

This site uses so-called web fonts, provided by Fonticons, Inc., for the uniform display of fonts. When you call up a page, your browser loads the web fonts required into its browser cache in order to display texts and fonts correctly.

For this purpose, the browser you use must connect to the Fonticons, Inc. servers. This tells Fonticons, Inc. that your IP address has been used to access our website. The use of web fonts is in the interests of a uniform and attractive presentation of our online service. This represents a legitimate interest pursuant to Art. 6 para 1f GDPR.

If your browser does not support web fonts, a standard font will be used by your computer.

You can find further information about Font Awesome at https://fontawesome.com/help and in the Fonticons, Inc. privacy policy: https://fontawesome.com/privacy.

8. Embedding of Vimeo videos

8.1 We have embedded Vimeo videos on our website that are stored at http://www.vimeo.com and can be played directly from our website. All the videos have been embedded in “advanced privacy mode”, which means that no data about you as a user will be transferred to Vimeo if you do not play the videos. Only if you play the videos will the data stated in 8.2 be transmitted. We have no influence on this data transfer.

8.2 By clicking on the video play button, a direct connection will be made between your browser and a server belonging to Vimeo (Vimeo, Inc. 555 West 18th Street New York, New York 10011) in the USA. Clicking on the video play buttons also transmits information about your visit and your IP address to Vimeo where it is stored.

8.3 If you have a Vimeo user account and do not want Vimeo to collect data about you via this website and link them to your membership data stored at Vimeo, you must log out of Vimeo before visiting this website.

8.4 We have no influence on data processing by Vimeo. You can find the Vimeo privacy policy with further information on how Vimeo collects and uses your data at https://vimeo.com/privacy.

9. Your rights

9.1 You have the right to data access, to rectification or erasure, to restriction of processing, to object to processing and the right to data portability provided the statutory requirements in Art. 15 – 22 GDPR are fulfilled.

9.2 You also have the right to complain to the supervisory authority if you believe that your data have been processed unlawfully. The competent supervisory authority in our case is:

Der Hamburgische Beauftragte
für Datenschutz und Informationsfreiheit,
Ludwig-Erhard-Str 22, 7. OG,
20459 Hamburg