Impressum

Bauhütte 4.0 e.V. – Verein zur Förderung des urbanen Bauens mit nachwachsenden Rohstoffen

Pascalstr. 8-9

10589 Berlin

Germany

Privacy Policy

This privacy policy informs you about the type, scope, and purpose of the processing of personal data (hereinafter referred to as "data") within our online offering and the associated websites, features, and content, as well as external online presences, such as our social media profiles (collectively referred to as "online offering"). Regarding the terminology used, such as "processing" or "controller," we refer to the definitions in Article 4 of the General Data Protection Regulation (GDPR).

Responsible Person

Bauhütte 4.0 e.V. – Verein zur Förderung des urbanen Bauens mit nachwachsenden Rohstoffen

c/o Produktionstechnisches Zentrum
Pascalstr. 8-9
10589 Berlin

Executive Board

Prof. Raoul Bunschoten, President

Prof. Dr. Holger Kohl, Vice President

Management

Nicole Oertwig

Contact
bauhuette40@gmail.com

EU Dispute Resolution

The European Commission provides a platform for online dispute resolution (ODR):
https://ec.europa.eu/consumers/odr
Our email address can be found in the legal notice above.

Consumer Dispute Resolution/Universal Arbitration Board
We are neither willing nor obligated to participate in dispute resolution proceedings before a consumer arbitration board.

Liability for Content

As a service provider, we are responsible for our own content on these pages in accordance with § 7(1) TMG (German Telemedia Act) under general laws. However, pursuant to §§ 8 to 10 TMG, we are not obligated as a service provider to monitor transmitted or stored external information or to investigate circumstances indicating illegal activity.

Obligations to remove or block the use of information under general laws remain unaffected. However, liability in this regard is only possible from the time of knowledge of a specific legal violation. Upon becoming aware of such legal violations, we will remove the content immediately.

Liability for Links

Our offering contains links to external third-party websites, the content of which we have no influence over. Therefore, we cannot assume any responsibility for these external contents. The respective provider or operator of the linked pages is always responsible for their content.

The linked pages were checked for possible legal violations at the time they were linked. No illegal content was discernible at the time of linking. A permanent content check of the linked pages is, however, unreasonable without concrete evidence of a legal violation. Upon becoming aware of legal violations, we will remove such links immediately.

Copyright

The content and works created by the operators of these pages are subject to German copyright law. Reproduction, editing, distribution, and any kind of use beyond the limits of copyright law require the written consent of the respective author or creator.

Downloads and copies of this site are permitted for private, non-commercial use only. Insofar as the content on this site was not created by the operator, the copyrights of third parties are respected. Third-party content is specifically identified as such. Should you nevertheless become aware of a copyright infringement, please notify us accordingly. Upon becoming aware of legal violations, we will remove such content immediately.

Types of Data Processed:

Inventory Data (e.g., names, addresses).
Contact Data (e.g., email addresses, phone numbers).
Content Data (e.g., text input, photographs, videos).
Usage Data (e.g., visited websites, interest in content, access times).
Meta/Communication Data (e.g., device information, IP addresses).

Categories of Data Subjects:

Visitors and users of the online offering (hereinafter collectively referred to as "users").

Purpose of Processing:

Providing the online offering, its functions, and content.
Responding to contact requests and communicating with users.
Security measures.
Reach measurement/marketing.

Terms Used:

“Personal Data” refers to all information relating to an identified or identifiable natural person (hereinafter “data subject”); a natural person is considered identifiable if they can be identified directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier (e.g., cookie), or one or more specific characteristics that are an expression of the physical, physiological, genetic, psychological, economic, cultural, or social identity of that natural person.

“Processing” refers to any operation or set of operations performed on personal data, whether or not by automated means. The term is broad and covers virtually any handling of data.

“Pseudonymization” refers to the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person.

“Profiling” refers to any type of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular, to analyze or predict aspects concerning that natural person’s work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

“Controller” refers to the natural or legal person, public authority, agency, or other body that, alone or jointly with others, determines the purposes and means of the processing of personal data.

“Processor” refers to a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

Relevant Legal Bases:

In accordance with Article 13 GDPR, we inform you of the legal bases for our data processing. If the legal basis is not explicitly mentioned in the privacy policy, the following applies:

The legal basis for obtaining consent is Article 6(1)(a) and Article 7 GDPR.
The legal basis for processing for the performance of our services and the execution of contractual measures, as well as responding to inquiries, is Article 6(1)(b) GDPR.
The legal basis for processing to fulfill our legal obligations is Article 6(1)(c) GDPR.
The legal basis for processing to protect our legitimate interests is Article 6(1)(f) GDPR.
In cases where the processing of personal data is necessary to protect the vital interests of the data subject or another natural person, Article 6(1)(d) GDPR serves as the legal basis.

Security Measures:

In accordance with Article 32 GDPR, we take appropriate technical and organizational measures to ensure a level of security appropriate to the risk, considering the state of the art, implementation costs, nature, scope, circumstances, and purposes of the processing, as well as the varying likelihood and severity of risks to the rights and freedoms of natural persons.

These measures include, in particular, ensuring the confidentiality, integrity, and availability of data by controlling physical access to the data and managing access, input, transmission, availability, and separation. We have also established procedures to ensure the exercise of data subject rights, data deletion, and response to data vulnerabilities. Furthermore, we take into account the protection of personal data during the development or selection of hardware, software, and procedures, in accordance with the principle of data protection by design and by default (Article 25 GDPR).

Collaboration with Processors and Third Parties:

If we disclose, transmit, or otherwise grant access to data to other persons or companies (processors or third parties) in the course of our processing, this is done only on the basis of a legal permission (e.g., if a transmission of data to third parties, such as payment service providers, is necessary for contract fulfillment according to Article 6(1)(b) GDPR), if you have given your consent, if a legal obligation provides for this, or on the basis of our legitimate interests (e.g., when using agents, web hosting providers, etc.).

If we commission third parties to process data on the basis of a so-called "data processing agreement," this is done on the basis of Article 28 GDPR.

Transfers to Third Countries:

If we process data in a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)) or if this occurs in the context of using third-party services or disclosing or transferring data to third parties, this is done only if it is necessary to fulfill our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation, or on the basis of our legitimate interests.

Subject to legal or contractual permissions, we process or allow data to be processed in a third country only under the special conditions of Articles 44 ff. GDPR. This means that the processing takes place, for example, on the basis of specific guarantees, such as the officially recognized determination of a level of data protection equivalent to that of the EU (e.g., for the USA under the “Privacy Shield”) or compliance with officially recognized special contractual obligations (so-called “standard contractual clauses”).

Rights of Data Subjects:

You have the right to request confirmation as to whether data concerning you is being processed, to access the data, and to receive further information and a copy of the data in accordance with Article 15 GDPR.

You have the right to request the rectification of inaccurate data or the completion of incomplete data concerning you in accordance with Article 16 GDPR.

You have the right to request the immediate deletion of data concerning you in accordance with Article 17 GDPR or, alternatively, to request a restriction of the processing of your data in accordance with Article 18 GDPR.

You have the right to receive the data concerning you that you have provided to us in accordance with Article 20 GDPR and to request its transmission to other controllers.

You also have the right to lodge a complaint with the competent supervisory authority in accordance with Article 77 GDPR.