Data protection statement for the gtm-online.de domain

We are delighted at the interest you have shown in our company. Data privacy has particularly high importance for GTM Gebäudetechnik Management GmbH. With this data protection declaration, our company would like to inform the public about the type, scope, and purpose of the personal data which is collected, used and processed by us. This data protection declaration also explains what your related rights are. If we need to process personal data and there is no legal basis for this in a particular case, we always ask for your consent first.
This data protection declaration applies to the gtm-online.de domain of GTM Gebäudetechnik Management GmbH. We also meet our information obligations as defined in the EU General Data Protection Regulation (GDPR).

  • Responsible body
  • Name and address of data protection officer
  • Data processing on this website
  • Processing of personal data
  • Data privacy for applications and application procedures
  • Transmission of data to third parties
  • Note concerning the use of cookies
  • Notes concerning the use of external links ("Disclaimer")
  • Note concerning the use of Web Fonts by Monotype Imaging Inc
  • Note on the use of Matomo
  • Legal bases for the processing of personal data
  • Your rights
  • Standard deadlines for the deletion of the data
  • Automated decision making
  • Right of appeal to a supervisory authority
  • Note on changes and updates  

Responsible body

GTM Gebäudetechnik Management GmbH
Morsbachtalstrasse 30
D-42857 Remscheid
Phone: +49 (0) 2191 - 8847 550
E-mail: info@gtm-online.de

Name and address of data protection officer

GTM Gebäudetechnik Management GmbH has appointed an external data protection officer:

Mr. Arndt Halbach of GINDAT GmbH
Wetterauer Str. 6, 42897 Remscheid
E-mail address: datenschutz@wurm.de

Data processing on this website
Each time the website of GTM Gebäudetechnik Management GmbH is accessed by a particular person or an automated system, it collects a general set of data and information about them. This general data and information is stored in log files on the server. This information can include 

  • the types and versions of browser used,
  • the operating system running on the system accessing our website,
  • the website sub-pages you have viewed,
  • the date and time of access to the website,
  • the internet protocol address (IP address),
  • other similar data and information to be used for the purpose of security in case of attacks on our IT systems.

In using this general data and information, GTM Gebäudetechnik Management GmbH draws no conclusions about the person concerned. This information is actually required for

  • presenting content correctly on our website,
  • optimising the content on our website,
  • ensuring the long-term functionality of our IT systems and technology on our website, and
  • providing the law enforcement authorities with the information necessary for prosecution in the case of cyber attacks.

The collected data and information are therefore evaluated by GTM Gebäudetechnik Management GmbH primarily for the purpose of increasing the data protection and data security in our company, and finally ensuring an optimal level of protection for the personal data which is processed by us. Data collection is based on Art. 6 Para. 1 S. 1(f) GDPR (legitimate interest: data security and error analysis). The IP address of your computer is deleted after 14 days.

Processing of personal data
Personal data is collected by the automatic logging described above when you inform us about this yourself, e.g. using the contact form, or when you decide to use products requiring registration or when you want to use the online services of Wurm GmbH & Co. KG.

Contact form
If you have any queries, please use our contact form to state the content of your inquiry, giving your name and e-mail address (required). If you contact us using the contact form, the personal data communicated by you is stored and processed. Personal data communicated to us on a voluntary basis is used and stored only for the purpose you have indicated to us. Your data can be passed on within the company group and to our partner companies, insofar as it is necessary to process your request. In sending the contact form, you consent to the data processing described above. This data is processed on the basis of Art. 6 Para. 1 S. 1(a) GDPR. You can withdraw your consent at any time in the future by notifying us to that effect.

Access to the online services
Access to the online services (content is provided by Wurm GmbH & Co. KG) or the use of products requiring registration is only possible by means of corresponding license agreements. This presupposes that a corresponding user account already exists or a new account is created. For this purpose you will be asked to provide personal details (name, mail address) and further information. Only information required for establishing the contractual relationship or for carrying out the services is designated as mandatory information.

The use of the portal is possible via various login procedures:

  • user name and password.
  • Login with OneID: With OneID you can use your mobile terminal for authentication for Frigodata Online, the Infocenter and other applications. To use OneID, you need a unique, personally identifiable email address or mobile phone number and a mobile device running the iOS or Android operating system. Authentication is realized via an application (app) that has to be installed and set up on your mobile device. If the installation was successful, you can bind the used device to your OneID access data via the key symbol and immediately log in to all applications that have been activated for you.

Data collection is based on Art. 6 Para. 1 S. 1(b) GDPR.
Further details on personal data can be found in the respective privacy statements of the websites or applications. By using online services the login procedures are also described separately in the respective privacy statements.

If you get in contact with GTM Gebäudetechnik Management GmbH by e-mail, please note that we use the STARTTLS encryption process. If your server supports this encryption process, this will ensure secure communication between our e-mail server and yours. Otherwise the data will usually be sent unencrypted. In this case, the confidentiality of the transferred information cannot be guaranteed. We have no control over the path taken by your e-mail over the public internet to our company and cannot therefore guarantee the security of your data. Once your e-mail has reached our e-mail server, we protect your data with highly technical and organisational measures.

Data privacy for applications and application procedures
Data from applicants for the purposes of processing an application procedure can be submitted either by postal mail or electronically through our e-mail address bewerbung@wurm.de. Please take into consideration that e-mails are not a secure medium (see the previous paragraph).
If we conclude an employment contract with an applicant, the data submitted for the purposes of establishing an employment relationship are stored in compliance with the legal requirements. If no employment contract is concluded with the applicant, then the application documents are deleted six months after notification of the decision to reject, unless there are legitimate interests to prevent us from doing so. Another legitimate interest for this purpose is as the burden of proof in procedures under the General Equal Treatment Act (AGG). If we are unable to offer you a currently vacant position, but based on your profile we are of the opinion that your application may be suitable for positions that become available in the future, then we would keep your application data stored for twelve months, provided that you give express consent for your data to be stored and used in this way. The legal basis for this data processing is Section 26 BDSGNeu (New German Federal Data Protection Act) and, where your consent is given for a longer period of storage, Art. 6 Para. 1 S. 1(a) GDPR.

Transmission of data to third parties
On principle, GTM Gebäudetechnik Management GmbH does not pass on your personal data to third parties outside the company group, unless:

  • transmission is necessary for the purpose of carrying out or billing services, if the service involves making use of the products or services of an independent partner company or if the data is needed for the purpose of carrying out the service for a partner company (if you are not advised otherwise, such vicarious agents are only authorized to use the data that is absolutely necessary for this service); an automatic email is generated and sent to the relevant sales partner for the billing (personal user contract).
  • you have given your consent to transmit the information, or prosecuting authorities or courts demand information based on applicable laws for the purpose of prosecution.
  • in order to carry out the processing and handling process, if we have to make use of service providers in order to process the contract data, the contractual relations are regulated as stipulated by Art. 28 GDPR, which contains the legally required points relating to data privacy and data protection.

Note concerning the use of cookies
A cookie is a little data file transferred by us to your computer if you visit the website of GTM Gebäudetechnik Management GmbH. A cookie can only contain information that we place on your computer, it does not read private data from it. When there is a visit to our website, we use only cookies that are technically necessary.
Technically necessary cookies help allow you to move around the website by ensuring essential functions such as navigation around the pages and access to secure areas. Without these cookies, the website would not work properly. The use of essential cookies for the correct presentation of the website is based on Art. 6 Para. 1 S. 1(f) GDPR (perception of legitimate interests).
The cookies used by our website are deleted from your hard disc at the end of your browser session (these are called session cookies).
If you do not want to have the advantages of cookies, you can change how cookies are handled in the security settings in your browser. Setting options are mostly found in the Tools menu, under Settings or Internet Options.
Other cookies may be used when our online services are accessed. You can find out more about these in the Data Protection Declarations related to these applications.

Notes concerning the use of external links ("Disclaimer")
Where this website contains links to other websites, we must point out that we have no influence whatever on the design and contents of the linked websites, and that their content has not been adopted by us. This applies to all external links appearing on our website and to all content on pages to which advertising material (e.g. banners, text displays, video displays) is linked. For this reason, we dissociate ourselves explicitly from all content on such sites.
Should we become aware of any legal violations, these links will be removed immediately if the corresponding content makes this necessary. We would also be pleased to receive any information from you in this regard.

Note concerning the use of Web Fonts by Monotype Imaging Inc.
This website uses so-called web fonts provided by Monotype Imaging Inc. for consistent font representation. When you call up a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.
To do this, the browser you are using must connect to the Monotype Imaging Inc. servers. This will give Monotype Imaging Inc. notice that your website has been accessed through your IP address. The use of Monotype Imaging Inc. web fonts is in the interest of a consistent and attractive presentation of our online services. This constitutes a legitimate interest within the meaning of Art. 6, S. 1(f) GDPR. If your browser does not support web fonts, a default font will be used by your computer.

Note on the use of Matomo
This website uses the Matomo web analytics service to evaluate user accesses to this website. We can use the collected statistics to improve our offer and make it more interesting for you the user. The legal basis for the use of Matomo is Art. 6 Para. 1 S. 1(f) GDPR.
This website uses Matomo with the "AnonymizeIP" setting. This means that IP addresses are truncated before processing, so that there is no longer any direct reference to any particular person. The IP address collected by Matomo from your browser is not linked to other data collected by us.
The Matomo program is an open source project. You can find more information about this third-party provider at matomo.org/privacy-policy/.

Legal bases for the processing of personal data

  • Art. 6 Para. 1 S. 1 (a) GDPR is taken by our company as the legal basis for processing procedures in which we request consent for certain processing purposes.
  • If the processing of personal data is required in order to fulfil a contract to which you are a party, and which is the case, for example, for processing procedures which are necessary for using our online services or supplying another service or return service, the processing is based on Art. 6 Para. 1 S. 1(b) GDPR. The same applies to processing procedures which are necessary for carrying out pre-contract actions, for example in the case of inquiries about our products or services.
  • If our company is under a legal obligation which makes it necessary to process personal data, for example in order to fulfil tax obligations, the processing is based on Art. 6 Para. 1 S. 1(c) GDPR.
  • Processing procedures can also be based on Art. 6 Para. 1 S. 1(f) GDPR. Processing procedures not already included in the other legal bases named previously apply this legal basis if the processing is required in order to protect a legitimate interest of our company or a third party, insofar as this does not outweigh the interests, basic rights and freedoms of the person concerned.

Your rights
According to Art. 15-21 GDPR you can claim the following rights in relation to the personal data processed by us.

The right to access your personal information
You are entitled to information about the personal data concerning you that are processed by us.

The right to rectification
You may request the correction of incomplete or incorrectly processed personal data.

The right to erasure
You are entitled to have personal data concerning you deleted, especially if one of the following reasons applies:

  • Your personal information is no longer necessary for the purposes for which it was collected or otherwise processed.
  • You revoke your consent to the processing of your data.
  • You have asserted a right to object to the processing.
  • Your data was processed unlawfully.

The right to erasure does not exist, however, if if is in conflict with the legitimate interests of the responsible person. This can be, for example, if:

  • personal data are required to assert, exercise or defend legal claims.
  • deletion is not possible due to storage requirements

However, if data cannot be deleted, there may be a right to restrict processing (see below).

Right to restriction of processing
You have the right to require us to restrict the processing of your personal data if

  • you deny the accuracy of the data and we therefore check its accuracy
  • the processing is unlawful and you refuse deletion and instead demand the restriction of use
  • we no longer need the data, but you need them to assert, exercise or defend your rights.
  • you have objected to the processing of your data, and it is not yet clear whether our legitimate reasons outweigh your reasons.

Right to data portability
You have the right to receive the personal information that you have provided us in a structured, common and machine-readable format and you have the right to transfer this data to another person without hindrance from us, provided the processing is based on your consent or a contract and processing is done by us using automated procedures.

Withdrawal
The data subject shall have the right, at any time, to object to the processing of personal data relating to him or her under Article 6 (1e) e or (1f) for reasons arising out of their particular situation; this also applies to a profiling based on these provisions. If the processing of your personal data is based on a consent, you have the right to revoke this consent at any time.

Standard deadlines for the deletion of the data
The criterion for the duration of the storage of personal data is the respective legal retention period. After the period has expired, the corresponding data will be routinely deleted, provided that it is no longer required to fulfill or initiate a contract.

Automated decision making
As a responsible company, we renounce the use of automated decision making or profiling.

Right of appeal to a supervisory authority
Each data subject has a right of appeal to a supervisory authority under Article 77 GDPR if they consider that the processing of personal data concerning them infringes the GDPR.

The supervisory authority responsible for us is:

Landesbeauftragte für den Datenschutz und die Informationsfreiheit Nordrhein-Westfalen
Kavalleriestr. 2 - 4
40213 Düsseldorf

Note on changes and updates 
Inasmuch as we roll out new products or services, modify internet procedures or if internet and IT security technology are enhanced, we reserve the right to update the data privacy statement. Any changes will be published here. For that reason, please access this website regularly to obtain information on the current status of the data privacy statement.  

Issued on 2021, April 7th