HAFEN12 GmbH (following referred to as “provider” / “we”) is pleased about your (following referred to as “you”) visit to our website hafen12.koeln and your interest in our company and our services.

Your privacy is an important concern for us. We take the protection of your personal data and its confidential treatment very seriously. Your personal data is processed exclusively within the framework of the legal provisions of data protection law, in particular the EU Data Protection Basic Regulation (hereinafter “DSGVO”).

In the following we inform you about the processing of your personal data when using our range of services on www.hafen12.koeln (hereinafter the “website”). Personal data are all data that can be related to you personally. Furthermore, we would like to inform you about your rights by means of this data protection information.

If we link to this data protection declaration from external social media sites, the following conditions only apply insofar as the data processing procedures within the framework of such social media sites are actually within our area of responsibility and no more specific and therefore primarily applicable data protection information is provided within the framework of such social media sites.

1. Data controller and data protection officer; contact

The data protection officer within the meaning of Article 4 No. 7 of Regulation (EU) 2016/679 (EU Data Protection Basic Regulation, or “DS-GVO” for short) for the processing of personal data on www.hafen12.koeln (the “Website”) is:

Hafenstraße 12
51063 Cologne
Managing Director: Stefan Koch

If you have any questions or suggestions regarding data protection, please do not hesitate to contact us.

2. Data protection at HAFEN12 GmbH

If you have any questions regarding the processing of your personal data or the assertion of your rights as a data subject (see points 5, 6 and 7), please contact us via datenschutz@hafen12.koeln

3. Subject of data protection

The subject of data protection is personal data. This is all information relating to an identified or identifiable natural person (so-called data subject). This includes, for example, information such as name, postal address, e-mail address or telephone number, but also information that necessarily arises during the use of our website, such as information on the beginning, end and extent of use and the transmission of your IP address.

4. Type, scope, purposes and legal basis of automated data processing

The use of our website is generally possible without registration. Even if you use our website without registration, however, personal data may be processed.

In the following, you will find an overview of the type, scope, purposes and legal basis of automated data processing via our website.

4.1 Provision of our website

Every time you access our website, the browser used on your terminal device automatically sends data and information to the server of our website. The following data is collected:

  • an IP address of your inquiring internet capable device;
  • the date and time of your access to the website;
  • the duration of your access to the website;
  • the website/application from which the access was made (referrer URL);
  • the browser type and version you are using;
  • the operating system of your Internet-capable computer;
  • the name of your internet service provider;
  • the type of your terminal device;
  • the sub-websites that are accessed via your accessing system on our website;
  • the files downloaded from our website (e.g. PDF or Word documents);
  • the amount of data sent;
  • the features they use;

This data is also temporarily stored in so-called log files in our system. This data is not stored together with other personal data.

The temporary storage of the IP address by the system is necessary to make the website available to you. For this purpose, the IP address must remain stored for the duration of your use of the website.

The storage of the above-mentioned data in log files is done in order

  • to deliver the contents of our website correctly;
  • to optimise the website;
  • to ensure the long-term functionality of our information technology systems and technology, in particular to ensure the security and stability of our website;
  • to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack.

The legal basis for data processing is Art. 6 para. 1 letter b) DSGVO, insofar as data processing is necessary for the provision of the website. To such a degree as data processing is necessary for the evaluation of system security and stability, the legal basis is Art. 6 para. 1 letter f) DSGVO. The legitimate interest in data collection follows from the purpose of system security and stability listed above. Under no circumstances we will use the data collected for the purpose of drawing conclusions about your person.

The data is automatically deleted as soon as it is no longer required for the purpose. In the case of processing the data for the purpose of making the website available, this is the case when the respective session has ended. If the data is stored in log files, the data is automatically deleted after 7 days at the latest.

The processing of the data described above is absolutely necessary for the operation of the website. Consequently, there is no possibility for the user to object.

Furthermore, we use analysis services when visiting the website. You will find more detailed explanations in section 4.2 of this data protection information.

4.2 Use of Google Analytics

This website uses Google Analytics, a web analysis service of Google Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, in the event that IP anonymisation is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the person responsible, Google will use this information to evaluate your use of the website, to compile reports on website activities and to provide further services to the website operator in connection with the use of the website and the Internet.

The IP address transmitted by your browser within the scope of Google Analytics is not merged with other Google data.

This website uses Google Analytics with the extension “anonymizeIp()”. This means that IP addresses are further processed in a shortened form, thus excluding the possibility of personal references. If the data collected about you contains a personal reference, this is immediately excluded and the personal data is therefore deleted immediately.

We use Google Analytics to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. For the exceptional cases in which personal data is transferred to the USA, Google has subjected itself to the EU-US Privacy Shield, www.privacyshield.gov/EU-US-Framework. The legal basis for the use of Google Analytics is Art. 6 para. 1 sentence 1 lit. f DS-GVO.

In addition, you can deactivate the use of Google Analytics cookies by means of a browser add-on if you do not want the website analysis. You can download this here: http://tools.google.com/dlpage/gaoptout?hl=de. In this case, a so-called “opt-out” information is stored on your end device, which serves to assign your deactivation of Google Analytics. Please note that such “opt-out” information only leads to a deactivation of Google Analytics for the end device and the browser from which it was set. You may also need to set it again if you delete cookies from your device. As an alternative to the browser add-on, for example on mobile devices, you can also prevent Google Analytics from collecting cookies by clicking on the following link. An “opt-out cookie” will then be set which will prevent the future collection of your data. The opt-out cookie only applies to the browser used when you set it and only to our website and is stored on your device. If you delete the cookies in the browser, you must set the opt-out cookie again. You can also activate the “Do-Not-Track-Function” in your end device. If this function is activated, your terminal device informs the respective service that you do not wish to be tracked.

Third party information: Google Dublin, Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. user terms and conditions: www.google.com/analytics/terms/de.html, privacy overview: www.google.com/intl/de/analytics/learn/privacy.html, and the privacy policy: http://www.google.de/intl/de/policies/privacy.

4.3 Cookies

So-called “cookies”, i.e. small files, can be stored on your terminal device when you visit our website in order to offer you a comprehensive range of functions, to make use more convenient and to be able to optimise our offers. If you do not wish cookies to be used, you can prevent cookies from being stored on your device by making the appropriate settings in your Internet browser or by using special objection options. Please note that the functionality and range of functions of our offer may be limited by this. Please refer to our cookie policy for detailed information on the type, scope, purposes, legal basis and objection possibilities of data processing with cookies. The following cookies are currently in use:

Name Speicherdauer Zweck
PHPSESSID End of session This cookie is used to identify the session.
cookie-notice 7 daysThis cookie is used to check whether the user has accepted the use of cookies.
_utma 2 years from the last update Google Analytics cookie to distinguish between users and sessions. Contains a
unique identifier.
_utmb 30 days from the last update Google Analytics cookie for the recognition of new sessions or visits. Contains a
unique identifier.
_utmc End of session Google Analytics cookie, which is used in combination with the _utmb cookie to
recognize new sessions or visits. Contains a unique identifier.
_utmt 10 minutesGoogle Analytics cookie that is used to throttle the request rate.
_utmz 6 months from the last update Google Analytics cookie that stores the source or campaign that indicates how
the user reached the website.
ga-disable-UA-143681720-2PermanentlyGoogle Analytics cookie: is set if tracking via Google Analytics is to be
prevented and therefore the link to the Google Analytics Opt-Out was called.

Categories of cookies
We use cookies for different purposes and with different functions. We differentiate between whether the cookie is technically absolutely necessary (technical necessity), how long it is stored and used (storage period) and whether it was set by our website itself or by third parties and by which provider this cookie was set (cookie provider).

Technical necessity
Technically mandatory cookies: We use certain cookies because they are mandatory for our website and its functions to work properly. These cookies are set automatically when you access our website or a particular function, unless you have prevented cookies from being set by changing the settings in your browser.

Cookies that are not technically mandatory: In contrast, cookies that are not mandatory are set, for example, to improve the comfort and performance of our website or to save certain settings you have made. We also use technically non-essential cookies to determine information on the frequency of use of certain areas of our website, so that we can tailor these more specifically to your needs in the future. We do not store any technically non-essential cookies until you have confirmed by clicking on the appropriate field that you have taken note of our cookie notification and will continue to use our website.

Storage period
Session cookies: Most cookies are only required for the duration of your current service call or session and are deleted again or lose their validity as soon as you leave our website or your current session expires (so-called “session cookies”). Session cookies are used, for example, to retain certain information during your session, such as your registration for our website.

Permanent cookies: Cookies are only occasionally stored for a longer period of time, for example to recognize you at a later time when you call up our website again and to be able to call up stored settings. This enables you to access our website more quickly or conveniently, for example, or you do not have to make certain settings such as your selected language again. Permanent cookies are automatically deleted after a predefined period of time when you visit the page or domain from which the cookie was set.

Flow Cookies: These cookies are used for communication between different internal servers. They are set at the beginning of a user interaction and are deleted after it has ended. Flow cookies receive a unique identification number during the interaction, but this number does not allow any conclusions to be drawn about the actual customer or user.

Third-party cookies: So-called “third-party cookies” are set and used by other agencies or websites, for example by providers of web analysis tools. More information on web analytics tools and reach measurement can be found in the further course of this policy. Third party providers may also use cookies to display advertisements or to integrate content from social networks such as social plugins.

Deletion and objection to the use of cookies
The acceptance of cookies when using our website is not mandatory; if you do not want cookies to be stored on your terminal device, you can deactivate the corresponding option in the system settings of your browser. You can delete stored cookies at any time in the system settings of your browser. If you do not accept cookies, however, this may lead to functional restrictions of our offers.

You can prevent the storage of cookies by adjusting your browser software settings accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.

5. Contact

If you provide us with personal data by e-mail or via a contact form, this is always done on a voluntary basis. Your details will be processed by us to process your contact request and to handle it in accordance with Article 6 paragraph 1 letter b) or f) DSGVO and, if necessary, will also be passed on to third parties (e.g. commissioned service providers) in this context. Insofar as registration is possible, the principles described above under 4.1 apply accordingly.

5.1 Protection of legitimate interests

We process your personal data to protect our legitimate interests. In addition to the interests stated in the description of the individual services and offers under point 4, data processing procedures within the framework of our website or after registration are carried out in particular against the background of the following interests:

  • ensuring the availability, operation and security of technical systems and technical data management;
  • further development of products, services and support offers;

In this respect, the respective data processing is carried out on the basis of Article 6 paragraph 1 letter f) DSGVO.

6. Consent

Should you give us your consent to certain data processing procedures, this is always for a specific purpose; the purposes are always derived from the content of the specific declaration of consent. In this case, data processing is carried out on the basis of Article 6 paragraph 1 letter a) DSGVO. We cannot comply with your request, which is covered by the consent, without the declaration of consent. You may revoke any consent you have given at any time, without affecting the legality of the processing that has taken place on the basis of the consent until revocation.

7. Recipients of personal data

Your personal data will be processed within the HAFEN12 GmbH for the purposes mentioned above. We will only pass on your personal data to external recipients outside the HAFEN12 GmbH if this is necessary to process or handle your request and there is a legal reason for this or if we are obliged to pass on the data due to a legal, (administrative) court decision or an official order. Recipients of the data can be service providers that we use to fulfil the purpose.

External recipients can be:

a) Processors
External service providers that we use to provide services, for example in the areas of technical infrastructure and maintenance for the HAFEN12 GmbH offer or the provision of content. These contract processors are carefully selected by us and regularly checked to ensure that your privacy is protected. The service providers may use the data only for the purposes specified by us and in accordance with our instructions.

b) Public bodies
Authorities and state institutions, such as public prosecutors, courts or tax authorities, to which we must transfer personal data for legally binding reasons. The transmission is then carried out on the basis of Article 6 paragraph 1 letter c) DSG-VO.

c) Private bodies
Service companies, cooperation partners, service providers or persons to whom data is transmitted on the basis of a consent, for the execution of a contract with you or for the protection of legitimate interests, for example service providers. The transmission is then carried out on the basis of Article 6 paragraph 1 letters a), b) and/or f) DSGVO.

8. Data processing in third countries

If a data transfer takes place to entities whose registered office or place of business is not located in a member state of the European Union or in another state that is a party to the Agreement on the European Economic Area, we will ensure prior to the transfer that, except in exceptional cases permitted by law, either an adequate level of data protection is in place at the recipient (e.g. by an adequacy decision of the European Commission, by appropriate safeguards such as self-certification of the recipient for the EU-US Privacy Shield or the agreement of so-called EU standard contractual clauses of the European Union with the recipient) or you give your consent to the data transfer.

You can obtain from us an overview of the recipients in third countries and a copy of the specifically agreed regulations to ensure an adequate level of data protection. Please use the information provided under point 1.

9. Storage duration and deletion

If the description of the individual services and offers does not include information on the specific storage period or deletion of data, the following applies:

We only store your personal data for as long as this is necessary to fulfil the intended purposes or – in the case of consent – as long as you have not revoked your consent. In the event of an objection to processing, we will delete your personal data, unless further processing is permitted under the relevant legal provisions. We also delete your personal data if we are obliged to do so for other legal reasons.

Applying these general principles, we usually delete your personal data immediately

  • after the legal and, if no other legal basis (e.g. commercial and tax law retention periods) no longer apply. If the latter applies, we delete the data after the other legal basis has ceased to apply.
  • if they are no longer necessary for the purposes of preparing and implementing a contract or legitimate interests pursued by us and no other legal basis (e.g. commercial and tax retention periods) intervenes. If the latter applies, we will delete the data after the other legal basis has ceased to apply.
  • if the purpose of the collection pursued by us ceases to apply and no other legal basis (e.g. retention periods under commercial and tax law) intervenes. If the latter applies, we delete the data after the other legal basis has ceased to apply.

10. Your rights as a data subject

In accordance with the DS-GVO, you are entitled to the following additional rights in addition to the right to revoke the consent you have given us, provided the respective legal requirements are met:

Right to confirmation of the processing of your personal data by the person responsible for processing, as well as the right to free information on stored data relating to your person or your pseudonym in written form or, at your request, in electronic form in accordance with Art. 15 DSGVO;

  • Right to immediate correction of incorrect or incomplete personal data concerning you – also by means of a supplementary declaration – according to Art. 16 DS-GVO;
  • Right to immediate deletion (“right to be forgotten”) of your personal data stored by us in accordance with Art. 17 DS-GVO, provided that no legal or contractual retention periods or other legal obligations or rights to further storage must be observed; If the personal data has been made public by the provider and our company is responsible for the data in accordance with Art. 17 Para. 1 DSGVO to delete the personal data, the provider, taking into account the available technology and the implementation costs, shall take appropriate measures, including technical measures, to inform other data controllers who process the published personal data that the data subject has requested these other data controllers to delete all links to this personal data or copies or replications of this personal data, unless the processing is necessary. The provider’s data protection officer will arrange the necessary steps in individual cases. If legal regulations do not permit deletion, your data will instead be blocked by us so that they are only accessible for the purpose of mandatory legal regulations.
  • Right to restrict the processing of your data in accordance with Art. 18 DS-GVO;
  • Right to data transferability (data portability) in accordance with Art. 20 DS-GVO; In doing so, you are entitled to receive the personal data concerning you which you have provided to our responsible party in a structured, common and machine-readable format. Furthermore, you have the right to have your personal data transferred directly from our responsible person to another responsible person, as far as this is technically feasible and as long as the rights and freedoms of other persons are not affected.
  • Right to complain to a supervisory authority. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our company headquarters for this purpose.

11. Right of objection

If you no longer wish your personal data to be actively used for internal purposes by the provider, you as a user are entitled to object to this use and processing at any time in accordance with Art. 21 (2-4) EU-DS-GVO. To do so, simply send an e-mail to anker@hafen12.koeln. This does not affect the special case of a legally prescribed data block instead of data deletion in accordance with Art. 17-19 DS-GVO.

12. Integration of offers from third parties

Websites and services of other providers to which our website is linked have been and are designed and provided by third parties. We have no influence on the design, content and function of these third-party services. We expressly distance ourselves from all content of all linked third-party services. Please note that the third party services linked from our website may install their own cookies on your end device or collect personal data. We have no influence on this. Please contact the providers of these linked third party offers directly for more information.

The respective provider and person responsible can be seen in particular via the imprint and the respective data protection information on the corresponding websites.

13. Subject to alterations

We reserve the right to change or supplement these guidelines for data protection at any time in compliance with the data protection regulations. All changes will be published on our website. New data protection regulations thus become effective upon publication. We recommend that you visit this website regularly to view the latest version.

14. Status

The latest version of this privacy policy applies.
Date of last update: January 2020