Data privacy & public procedure register
GFA Consulting Group GmbH
22359 Hamburg | Germany
Phone +49 40 603 06 100
Fax +49 40 603 06 199
I. Data privacy
GFA Consulting Group GmbH, which operates this website, takes the protection of your personal data very seriously. We treat your personal data confidentially in accordance with statutory data protection regulations and this Data Privacy Statement.
It is possible to use our website without providing any personal data. Any personal data (for example name, address or email addresses) that is collected on our website is collected on a voluntary basis insofar as this is possible. This data will not be disclosed to any third party without your express consent.
We would like to point out that data transmission over the Internet (e.g., in the case of communication by email) may be subject to security gaps. It is not possible to protect such data completely against access by third parties.
Data privacy regarding the use of Google Analytics
This website uses functions of the web analysis service, Google Analytics. The provider of that service is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called "cookies". These are text files, which are stored on your computer and which make it possible to analyze the use of the website. Information concerning your use of the website that is generated by the cookie is sent to a Google server in the USA and stored there.
By activating IP anonymization on this website, your IP address will be truncated within Member States of the European Union or other parties to the Agreement on the European Economic Area. The full IP address will be sent to a Google server and truncated there only in exceptional cases. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports about web activity, and to provide the operator of this website with services associated with the use of this website and the Internet. The IP address transmitted within the context of Google analytics by your browser will not be merged with other data from Google.
Data privacy regarding the use of Facebook plugins (Like button)
Integrated into our website are plugins for the social network, Facebook, the provider of which is Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA. Facebook plugins on our website can be recognized by the Facebook logo or "Like-Button".
You can find an overview of the Facebook plugins at: http://developers.facebook.com/docs/plugins/
When you visit our website, the plugin establishes a direct connection between your browser and the Facebook server. Facebook thereby receives the information that you have visited our website using your IP address. If you click the Facebook "Like button" while you are logged into your Facebook account, you can link the contents of our website to your Facebook profile. This allows Facebook to assign your visit to our website to your user account. We would like to point out that, as the provider of this site, we have no knowledge about the content of the data that is transmitted or its use by Facebook.
Additional information can be found in the Facebook’s data privacy statement at:
If you do not want Facebook to be able to assign your visit to our website to your Facebook account, please log out of your Facebook account.
Data privacy regarding the use of LinkedIn
Our website uses functions from the LinkedIn network. The provider of that service is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Every time one of our pages that contains the LinkedIn functions is called up, a connection is established with the LinkedIn servers. LinkedIn is informed that you have visited our website using your IP address. If you click the "Recommend button" from LinkedIn and are logged into your LinkedIn account, LinkedIn is able to assign your visit to our website to you and your user account. We would point out that, as the provider of this site, we have no knowledge about the content of the data that is transmitted or its use by LinkedIn.
Additional information can be found in the data privacy statement for LinkedIn at: https://www.linkedin.com/legal/privacy-policy
Data privacy regarding the use of Xing
Our website uses functions of the Xing network. The provider of that service is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Every time one of our pages containing the Xing functions is called up, a connection is established with the Xing servers. To our knowledge, no personal data is stored when doing so. In particular, no IP addresses are stored and usage behavior is not evaluated.
Additional information concerning data privacy and the Xing Share-Button can be found in the data privacy statement for Xing at https://www.xing.com/app/share?op=data_protection
Information, deletion and blocking
You have the right to information concerning your personal data that is stored, its origin, its destination, and the purpose of the data processing, as well as a right to correct, block or delete this data at any time, free of charge. You can write to us at the address indicated in the Legal Notice for this website or contact us directly at firstname.lastname@example.org at any time concerning this or any other questions you have concerning your personal data.
Server log files
The provider of this website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. This information includes:
- Browser type/ browser version
- The operating system being used
- Referrer URL
- Host name of accessing computer
- Time of server request
This website uses, in part, so-called cookies. Cookies will not harm your computer and do not contain any viruses. Cookies are used to make our offer more user-friendly, effective and safer. Cookies are small text files that are stored on your computer and saved by your browser.
Most of the cookies we use are so-called "session cookies". These session cookies are automatically deleted at the end of your visit. Other coolies are stored on your end device until you delete them. These cookies make it possible for us to recognize your browser the next time you visit our website.
If you send us an inquiry using the contact form, we will store the information you provide in the inquiry form, including the contact information that you provide, so that we can process your inquiry, and in the case there is a follow-up inquiry. This data will never be disclosed without your consent.
Objection to promotional mail
The use of the contact information included in the Legal Notice to send unsolicited advertising and informational materials is herewith prohibited. The operators of this website expressly reserve the right to take legal steps in the event that unsolicited advertising materials are sent, specifically through spam email.
If you wish to receive the newsletter offered on the website, we need your email address as well as information that would allow us to verify that you are the owner of the email address provided, and that you agree to receive the newsletter. We do not collect any additional data. This data will only be used to send the requested information and will not be disclosed to third parties.
You may revoke your consent to the storage of the data, your email address and the use thereof to send the newsletter at any time by simply clicking the "Unsubscribe" button contained in the newsletter, or by writing us directly at .
II. Public procedure register
The Data Protection Act (BDSG) stipulates in § 4 that the individual responsible for data privacy must make the information available to everyone in a suitable manner according to § 4 e of the BDSG.
1. Name of the responsible authority
GFA Consulting Group GmbH
2. Company management
Dr. Klaus Altemeier
Dr. H.-Christoph Schaefer-Kehnert
Dr. Heiko Weißleder
3. Data protection officer
4. Address of the responsible authority
GFA Consulting Group GmbH
Tel.: 040 – 603060
Fax: 040 – 60306199
5. Purpose of data collection, processing or use
The GFA Consulting Group is an international, independent consulting firm in the field of technical and developmental collaboration, headquartered in Hamburg. The company's activities focus on project planning, project management, and evaluation in the agricultural and forestry sectors, as well as resource protection, climate change and energy, labor and human resource development, decentralization and private sector development, water and sanitation, financial system development and health.
Within the context of this activity, personal data is collected, processed, used and, where applicable, transmitted for the purpose of obtaining, implementing and billing orders.
In the personnel department, personal data is collected, processed, used and, where applicable, transmitted for internal purposes (personnel management, occupational pensions, applicant management, payroll, travel management) and in order to meet the requirements under social security law or other statutory obligations.
6. Description of affected groups and their related data / data categories
Within the context of normal business activities, addresses, contractual and payment information, and data concerning electronic information for clients, employers, consultants as well as freelance experts and employees of partner consulting companies are collected, processed and used.
In the personnel department (head office employees, visiting staff, national staff, integrated professionals, family members, applicants and former employees), additional information concerning qualifications, start and end date of employment, wage and salary information, retirement and social security information, address information, security information, bank details, warnings, certificates and application documents are collected, processed and used.
7. Recipients / categories of recipients, to whom the data may be disclosed
Responsible internal administrators (bookkeeping, accounting, contracts department, project management departments, telecommunications and IT).
External clients (GIZ, KfW, Ministries, World Bank, EU, Asian and other development banks, etc.).
For personnel management: internal departments that are involved in carrying out the respective business processes (project management and administrative departments).
Public authorities that obtain the data on the basis of statutory regulations (social insurance carriers, tax authorities, health insurance companies); credit institutions (for salary transactions); creditors (in the case of wage / salary garnishment); travel agencies, etc.
8. Standard periods for the deletion of data
Personal data is deleted on a regular basis when it is no longer needed to fulfill a contract, if the person in question has not provided their separate approval to retain said data and if statutory retention obligations and deadlines do not stipulate that data be retained for a longer period.
9. Planned transmission of data to third countries
In general, no personal data will be transmitted to third countries by electronic means. Exceptions to this are possible when there is a specific legal basis for such a transmission.
GFA Consulting Group GmbH
Data Protection Officer