Privacy policy

Content of this data protection notice

With this data protection notice, we, Green City AG and its subsidiary, SUMMIQ AG, Zirkus-Krone-Straße 10, 80335 Munich, Germany, inform you which personal data we collect, process and use when you visit our website. In addition, you will find out in these data protection notices which options and objections you have with regard to your data.

The term “personal data” means any information relating to an identified or identifiable natural person (hereinafter “data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, on-line identifier or one or more specific characteristics which express the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person;

Further official definitions can be found in Art. 4 DSGVO.

Basic information on data collection and scope of use

The person responsible for your data is Green City AG, Zirkus-Krone-Straße 10, 80335 München.

When you visit our website, we do not collect any personal data. We collect and use such data only when and to the extent necessary to provide the relevant service, such as when you request information or register for an event.

In the forms of our web pages mandatory fields are marked with an asterisk (*). Filling in all other fields is voluntary.

For the operation of the websites or the dispatch of newsletters ordered by you, we can use technical service providers by way of order data processing. The technical operation of the software (hosting) is carried out by a provider in Germany.

Unless expressly stated otherwise in this Privacy Policy, we do not transfer personal data to countries outside the European Union (EU) or the European Economic Area (EEA).

Green City AG
Zirkus-Krone-Straße 10
D – 80335 München, Germany

Phone +49 89 06 68 – 800
Fax +49 89 06 68 – 880

Contact the Data Protection Officer
Law Firm: MASLATON Rechtsanwaltsgesellschaft mbH
Represented by the Managing Partner: Prof. Dr. Martin Maslaton
Holbeinstraße 24, 04229 Leipzig, Germany


3. Web hosting / server log

When you call up our web pages, it is technically necessary for data to be transmitted to our web server via your Internet browser. The following data is recorded during an ongoing connection for communication between your Internet browser and our web server:

  • Visited domain
    Date and time of the request
    Page from which the file was requested.
    Access status (file transferred, file not found, etc.)
    web browser and operating system used
    IP address of the requesting computer
    transferred data volume

We collect the listed data in order to guarantee a smooth connection establishment of the website and to enable a comfortable use of our website by the users. In addition, the log file is used to evaluate system security and stability as well as for administrative purposes. The legal basis for the temporary storage of data or log files is Art. 6 para. 1 lit. f DSGVO.

4. Use of cookies

The website of our company does not use cookies. Cookies are small text files that are stored on your hard drive assigned to the browser you are using and through which certain information flows to the location that sets the cookie. Cookies cannot execute programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.

5. Security

We take security precautions to protect your data processed by us against manipulation, loss, destruction or against access by unauthorized persons or unauthorized disclosure. Our security measures are adapted to the state of the art. Furthermore, all necessary technical and organizational measures for compliance with data protection are ensured.

6. TLS encryption

Our website uses TLS encryption to protect the transmission of confidential content. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

7. The existence of automatic decision making (profiling)

We do not automatically process your personal data with the aim of evaluating certain personal aspects (so-called profiling, Art. 4 No. 4 DSGVO).

8. Data transfer and receiver

A transfer of your personal data to third parties does not take place, except

  • if we have explicitly pointed this out in the description of the respective data processing.
  • if you have given your express consent in accordance with Art. 6 para. 1 sentence 1 lit. a DSGVO to do so
  • the disclosure according to Art. 6 Para. 1 S. 1 lit. f DSGVO is necessary for the assertion, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data
  • in the event that there is a legal obligation to pass on data pursuant to Art. 6 (1) sentence 1 lit. c DSGVO, and
  • to the extent required by Art. 6 para. 1 sentence 1 lit. b DSGVO for the execution of contractual relationships with you.

In addition, we use external service providers for the provision of our services and the handling of our services, whom we carefully select and commission in writing. These are bound by our instructions and are regularly monitored by us. Contract processing agreements required pursuant to Art. 28 DSGVO shall be concluded prior to commissioning. Specifically, these are service providers for web hosting, sending e-mails and maintaining and servicing our IT systems. Your personal data will also not be passed on to third parties by the service providers working for us.

9. Storage duration

The duration of the storage of personal data is determined by the relevant statutory retention periods (e.g. from commercial law and tax law). After expiration of the respective period, the corresponding data is routinely deleted. If data is required for contract fulfilment or contract initiation or if we have a justified interest in further storage, the data will be deleted if you are no longer required for these purposes or if you make use of your right of revocation or objection.

10. Your rights

In the following you will find information on the rights of data subjects which the applicable data protection law grants you vis-à-vis the person responsible with regard to the processing of your personal data:

The right, pursuant to Art. 15 DSGVO, to request information about your personal data processed by us. In particular, you may request information about the purposes of the processing, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right of rectification, deletion, limitation of processing or opposition, the existence of a right of appeal, the origin of your data if it has not been collected from us, as well as the existence of an automated decision making process including profiling and, if applicable, meaningful information on its details.

The right, pursuant to Art. 16 DSGVO, to immediately request the correction of incorrect or incomplete personal data stored by us.

The right to demand the deletion of your personal data stored by us in accordance with Art. 17 DSGVO, unless processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims.

The right, pursuant to Art. 18 DSGVO, to demand the restriction of the processing of your personal data if the accuracy of the data is disputed by you, the processing is unlawful, but you refuse its deletion and we no longer need the data, but you need it to assert, exercise or defend legal claims, or you have objected to the processing pursuant to Art. 21 DSGVO.

The right, pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request transmission to another responsible person.

The right to complain to a supervisory authority pursuant to Art. 77 DSGVO. As a rule, you can contact the supervisory authority of the federal state in which our registered office is located or, as the case may be, that of your usual place of residence or workplace.

Right to revoke consent granted pursuant to Art. 7 (3) DSGVO: You have the right to revoke consent once granted for the processing of data at any time with effect for the future. In the event of revocation, we will immediately delete the data concerned, unless further processing can be based on a legal basis for processing without consent. The revocation of the consent does not affect the lawfulness of the processing carried out on the basis of the consent up to the revocation.

11. Right of objection

If your personal data is processed by us on the basis of legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f DSGVO, you have the right pursuant to Art. 21 DSGVO to object to the processing of your personal data if this is done for reasons arising from your particular situation. As far as the objection is directed against the processing of personal data for the purpose of direct marketing, you have a general right of objection without the requirement of the indication of a special situation.

12. Requests

If you have any questions about data protection with us or would like to know which personal data we have stored about you, please contact:

Status of this privacy policy: 14.03.2019