II. Use of the website and data protection
1. Name and contact data of the controller of the website
The website will be managed by the Aquila Capital Holding GmbH, which is part of Aquila Capital (meaning Aquila Capital Holding GmbH and its affiliated entities in the sense of sections 15 et seqq. of the German Stock Corporation Act (AktG)). We, Aquila Capital Holding GmbH represented by the managing directors Dr. Dieter Rentsch and Roman Rosslenbroich, Valentinskamp 70, 20355 Hamburg, Germany as the provider of this website, are the controller within the meaning of Art. 4 para. 7 GDPR.
2. Contact data of the data protection officer
The data protection officer of Aquila Capital can be reached as follows:
Aquila Capital Holding GmbH
c/o the data protection officer
Valentinskamp 70, 20355 Hamburg
This Information only applies to Aquila Capital’s own content stored on our servers. It expressly does not extend to any links to third-party websites.
4. Processing of personal data in the context of informational use of our website
a. Description and scope of data processing
If you only use our website for informational purposes, we do not collect any personal data aside from the data transmitted by your browser to enable you to visit the website.
That data is:
- Date and time of your request
- Time zone difference compared to Greenwich Mean Time (GMT)
- Access status / HTTP status code
- Operating system
- Language and version of the browser software
- IP-address (anonymised).
b. Purpose and legal basis of data processing
We store data related to the end device, e.g. to compile usage statistics or to identify and track unauthorised attempts to access our web servers. We only create profiles regarding the use of our website in anonymised form and only to improve user guidance and to optimise our products and services. Our legitimate interest in data processing pursuant to Art. 6 para 1 lit. f GDPR also lies in these purposes. We do not create or process any behaviour profiles relating to a specific person from the aforementioned information.
c. Duration of data storage
The data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected. In the case of the collection of data for the provision of the website, this is the case when the respective session has ended.
5. Processing of personal data during the use of our website functions
We process personal data when you use our website functions. The following data processing activities are considered in this context:
6. Cookies and Tracking
aa. Description and scope of data processing
If you want to, you can suppress the storage of cookies in general through your web browser or you can decide if you want to be asked if a cookie should be stored or not. However, if you do not accept cookies, some pages may not be displayed correctly anymore.
- Language and country
- Browser settings and installed plug-ins
- Data on the use of our website.
This website uses the following cookies:
Transient cookies (temporary use)
Persistent cookies (use for a limited time)
Transient cookies are deleted automatically when you close your browser. They specifically include session cookies. Session cookies store a "session ID" which allows to allocate various requests from your browser to a joint session. This allows the website to recognize your computer when you return to the website. Session cookies are deleted when you log out or close your browser.
Persistent cookies are deleted automatically after a specified period which may vary depending on the type of the cookie. You can delete the cookies at any time in the security settings of your browser.
The user data collected in this way is pseudonymised by technical precautions. Therefore, it is no longer possible to assign the data to the calling user. The data will not be stored together with other personal data of the users.
More information on how cookies work can be found on the following website: www.allaboutcookies.org.
bb. Purpose and legal basis of data processing
The user data collected by technically necessary cookies are not used to create user profiles.
The legal basis for the processing of personal data using technically necessary cookies is Art. 6 para. 1 lit. f. GDPR. Legal basis for the processing of personal data using other cookies (marketing, statistics, etc.) will be- if we ask you for consent- based on Art. 6 para. 1 lit. a. GDPR.
cc. Duration of storage objection and elimination options
dd. Customize cookie settings
When calling up our website, we offer you the possibility to individually adjust the cookies via the "Settings" item in the cookie banner. This consent is voluntary, not necessary for the use of this website and can be revoked at any time. You can adjust the cookie settings here at any time:
By clicking on "Accept" in the cookie banner, you also consent to your data being processed in the USA in accordance with Art. 49 Para. 1 S.1 lit a GDPR. The USA is considered by the European Court of Justice to be a country with an inadequate level of data protection according to EU standards. In particular, there is a risk that your data may be processed by US authorities, for control and monitoring purposes, possibly without the possibility of legal recourse. If you click on "Functional Cookies only", the transfer described above will not take place.
b. Google Analytics
We use the Google Analytics service of the provider Google Ireland Limited (Google Ireland/EU) on our website.
Some of this data is information stored in the terminal device you are using. In addition, further information is also stored on your end device via the cookies used. Such storage of information by Google Analytics or access to information already stored in your terminal device will only take place with your consent.
Google Ireland will process the data thus collected on our behalf in order to evaluate the use of our website by users, to compile reports on the activities within our website and to provide us with further services related to the use of our website and the use of the Internet. In doing so, pseudonymous user profiles can be created from the processed data.
The setting of cookies and the further processing of personal data described here takes place with your consent. The legal basis for the data processing in connection with the Google Analytics service is therefore Art. 6 (1) a DSGVO. You can revoke this consent via our Consent Management Tool at any time with effect for the future.
The personal data processed on our behalf to provide Google Analytics may be transferred to any country in which Google Ireland or Google Ireland's sub-processors maintain facilities. Google Ireland uses the EU standard data protection clauses as appropriate safeguards for these transfers of personal data in third countries, which can be found at the following link: https://business.safety.google/adsprocessorterms/sccs/eu-p2p-intra-group/.
We use the Google Universal Analytics variant. This enables us to assign interaction data from different devices and from different sessions to a unique user ID. This allows us to put individual user actions in context and analyse long-term relationships.
The data on user actions is stored for a period of 14 months and then automatically deleted. Data whose storage period has expired is automatically deleted once a month.
We also use the Google Analytics advertising functions (remarketing). This function enables us, in conjunction with the cross-device functions of Google, to display advertisements in a more targeted manner and to present users with ads that are tailored to their interests. Remarketing displays ads and products to users that have been identified as being of interest on other websites in the Google network. The function allows us to link advertising target groups created via Google Analytics Remarketing with the cross-device functions of Google Ads. In this way, interest-based, personalised advertising messages that have been adapted to a user depending on previous usage and surfing behaviour on one end device (e.g. mobile phone) can also be displayed on another end device of the user (e.g. tablet or PC).
If you have given your consent, Google will link your web and app browsing history to your Google account for this purpose. In this way, the same personalised advertising messages can be displayed on every end device on which you log in with your Google account. The aggregation of the collected data in your Google Account is based solely on your consent, which you can give or revoke at Google. For these linked services, data is then collected via Google Analytics for advertising purposes. To support the remarketing function, Google Analytics collects users' Google-authenticated IDs, which are temporarily linked to our Google Analytics data. This is used to define and create target groups for cross-device ad advertising.
c. LinkedIn Plug-In
Each time a LinkedIn component (LinkedIn plug-in) is installed on our website, that component causes the browser used by the individual to download an appropriate representation of the LinkedIn component. More information about the LinkedIn plug-ins can be found at https://developer.linkedin.com/plugins. As part of this technical process, LinkedIn obtains information as to which specific subpage of our website is visited by the person concerned.
If the person concerned is logged in to LinkedIn at the same time, LinkedIn recognizes which specific page of our website the person concerned is visiting each time the person visits our website and for the entire duration of that person's stay on our website. This information is collected by the LinkedIn component and assigned by LinkedIn to the respective LinkedIn account of the person concerned. If the person concerned clicks on an integrated LinkedIn button on our website, LinkedIn assigns this information to the personal LinkedIn user account of the person concerned and saves this personal data.
LinkedIn always receives information through the LinkedIn component that the person concerned has visited our website if the person concerned is logged in to LinkedIn at the same time as accessing our website; this occurs regardless of whether the person concerned clicks on the LinkedIn component or not. If the data subject does not want LinkedIn to receive such information, he or she can prevent the transmission by logging out of his or her LinkedIn account before accessing our website.
Notes on legal bases:
If we ask you for your consent to the use of LinkedIn, the legal basis for the processing of data is the consent in accordance with Art. 6 para. 1 lit. a. GDPR. In other cases, your data will be processed on the basis of our legitimate interests (i.e. interest in an attractive presentation of our online services) pursuant to Art. 6 para 1. lit. f. GDPR.
7. Data security, TLS encryption with https
We take diligent precautions to protect your data managed by us against manipulations, loss, destruction and against access by unauthorised persons. We continuously improve our security measures in accordance with the development of technology. Our employees are obligated to maintain data confidentiality in accordance with the provisions of the GDPR.
We use https to transmit data in a tap-proof manner on the Internet (data protection through technology design Art. 25 para 1 GDPR). Using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this data transmission security by the small lock symbol in the upper left corner of the browser and the use of the https scheme (instead of http) as part of our Internet address.
8. Technologies used
9. Your rights
III. Your rights
You have the following rights with respect to your personal data:
- right of access
You have the right to request information about your personal data processed by the controller. In particular, about the purposes of processing, the categories of personal data and about recipients or categories of recipients to whom the personal data have been disclosed. Furthermore, you have the right to obtain information about the planned duration of storage.
- right to rectification or erasure,
You have the right to request the correction of incorrect data or the completion of your personal data stored by the controller without delay. You have the right to request the erasure of your data under the conditions specified in Art. 17 GDPR.
- right to restriction of processing,
In specific cases set out in the GDPR, you have the right to request the restriction of the processing of your personal data.
- right to withdraw the consent
Insofar as we process your data on the basis of your consent you have the right to revoke this consent at any time with effect for the future, without this affecting the lawfulness of the consent valid until then. The revocation is - like the granting of consent itself - possible orally or in text form.
- right to object to processing,
Insofar as personal data are processed based on legitimate interests pursuant to Art. 6 para. 1 lit. f GDPR, you have the right to object to the processing of your personal data, insofar as there are grounds for doing so that arise from your particular situation.
- right to data portability
In specific cases set out in the GDPR, you have the right to receive and transfer all personal data concerning you to another controller (right to data portability).
You can contact us or our data protection officer to assert your rights (for contact details see II. Clause 1 and 2).
You also have the right to complain with a data protection supervisory authority about our processing of your personal data.