DeutschLegal NoticeContact

Data privacy

Data privacy

Responsible Authority

Seilerbahnweg 14
61462 Königstein i. Ts. | Germany
Phone: +49 (0) 61 74 - 96 94 70
Fax: +49 (0) 61 74 - 96 94 729

Data protection officer:
Susanne Eggers

Responsible authority:
Hessian Data Protection Officer


HEAT GmbH, which operates this website, takes the protection of your personal data very seriously. We treat your personal data confidentially in accordance with statutory data protection regulations and this Data Privacy Statement.

It is possible to use our website without providing any personal data. Any personal data (for example name, address or email address) that is collected on our website is collected on a voluntary basis insofar as this is possible. This data will not be disclosed to any third party without your express consent.

Please note that data transmission via the internet (e.g., in the case of communication by email) may be subject to security gaps. It is not possible to protect such data completely against access by third parties.

Purpose of data collection, processing or use

HEAT is an international, independent consulting firm in the fields of technical and developmental collaboration, with its headquarter in Königstein, Germany. HEAT activities include project planning, project management, and implementation in the fields of climate change, environmental protection, energy and technology. Since 2016, HEAT is part of GFA Consulting Group (

Within the context of these activities, personal data is collected, processed, used, and, where applicable, transmitted for the purpose of obtaining, implementing, and billing orders.

In the staff department, personal data is collected, processed, used, and, where applicable, transmitted for internal purposes (personnel and payroll management, recruitment, travel management) and also to meet the requirements under statutory obligations.

Description of affected groups and their related data / data categories
Within the context of normal business activities, addresses, contractual and payment infor-mation, and data concerning electronic information for clients, employers, consultants as well as freelance experts and employees of partner consulting companies are collected, processed, and used.

In the staff department (head office employees, visiting staff, national staff, integrated professionals, family members, applicants, former employees), additional information concerning qualifications and applications, duration of employment, remuneration, social security information, contact details, bank details, work documents are collected, processed, and used.

Recipients / categories of recipients, to whom the data may be disclosed
Responsible internal administrators (bookkeeping, accounting, contracts department, project management, telecommunications and IT); external clients (GIZ, KfW, Ministries, World Bank, EU, Asian and other development banks, etc.).

For staff management: any internal department involved in carrying out respective business processes (project management and administrative departments).

Public authorities on the basis of statutory regulations (social insurance carriers, tax authorities, health insurance companies); bank institutions (for salary transactions); creditors (in the case of wage / salary garnishment); travel agencies.

Standard periods for the deletion of data
Personal data is deleted on a regular basis when it is no longer needed to fulfill a contract, if the person in question has not provided their separate approval to retain said data or if statutory retention obligations and deadlines do not stipulate that data be retained for a longer period.

Planned transmission of data to third countries
In general, no personal data will be transmitted to third countries by electronic means. Exceptions to this are possible when there is a specific legal basis for such a transmission.

Your rights
You may at any time request information about the use of your personal data (according to § 15 DSGVO) or request the verification, correction or deletion of your personal data (§§ 16 and 17 DSGVO). You may also at any time request the restriction of the use or processing of your personal data (§§ 18 and 19 DSGVO), request the transmission of your personal data to third parties (§ 20 DSGVO), or object to the use of your personal data (§ 21 DSGVO).

If you want to exercise any of the above-mentioned rights, please send an e-mail to: We will endeavour to take the necessary measures as soon as possible. To that purpose, you will receive an access form to be completed, allowing you to indicate which rights you wish to exercise with regard to your personal data.

You also have the right to file a complaint against the use of your personal data. The competent complaints board is the Data Protection Officer of Hesse: Der Hessische Beauftragte für Datenschutz und Informationsfreiheit (

Data privacy regarding the use of LinkedIn
Our website uses functions from the LinkedIn network. The provider of that service is the LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time a page of this website containing a LinkedIn functions is called up, a connection is established with the LinkedIn servers. LinkedIn is informed that you have visited our website using your IP address. If you click the Recommend button from LinkedIn and are logged in to your LinkedIn account, LinkedIn is able to assign your visit to our website to your user account. Please note that HEAT, as the provider of this site, has no knowledge of the content of the data thus transmitted to or used by LinkedIn. Additional information can be found in the LinkedIn data privacy statement:

Data privacy regarding the use of Twitter
Our website uses functions of the Twitter. The provider of that service is:

(a) for accounts within the U.S.A.:
Twitter, Inc.
Attn: Privacy Policy Inquiry
1355 Market Street, Suite 900
San Francisco, CA 94103

(b) for accounts outside of the U.S.A.:
Twitter International Company
Attn: Privacy Policy Inquiry
One Cumberland Place, Fenian Street
Dublin 2, D02 AX07 IRELAND

Each time a page of this website containing a Twitter function is called up, a connection is established with the Twitter servers. To our knowledge, no personal data is stored when doing so. In particular, no IP address is stored and usage behaviour is not evaluated.

Additional information concerning data privacy of Twitter can be found in the Twitterdata privacy statement at

Server log files
The provider of this website automatically collects and stores information in so-called server log files which your browser automatically transmits to us. This information includes:

  • Browser type/ browser version
  • Operating system being used
  • Referrer URL
  • Host name of accessing computer
  • Time of server request

The data thus collected cannot be connected to a specific person. The data is not merged or compared with data from other sources. We reserve the right to subsequently examine this data if concrete evidence of unlawful use is made known to us.

Objection to promotion mail
The use of the contact information included in the Legal Notice to send unsolicited advertising and informational materials is herewith prohibited. The operators of this website expressly reserve the right to take legal steps in the event that unsolicited advertising materials are sent, specifically through spam e-mail.