Privacy Policy & Data Protection

The protection of your personal data matters. We protect data collected, processed and used during your visit on our website in compliance with relevant data protection regulation.


I. Controller and Data Protection Officer​

Verantwortliche im Sinne von Art. 4 Nr. 7 DSGVO ist GRTgaz Deutschland GmbH, Rosenthaler Str. 40/41, 10178 Berlin. Datenschutzbeauftragter gem. Art. 37 ff. DSGVO ist Dr. Gregor Scholze, zu kontaktieren über die Verantwortliche oder über folgende Email-Adresse: 


II. Processing of Personal Data for the Use of the Website

1. Collection and Processing of Personal Data

Upon accessing our website, the following types of data are saved for the duration of one month:

  • URL 
  • Date and time of access 
  • Description of the type of the web browser used
  • Referrer 
  • IP address.

The only personal data we process is your IP address. It will be deleted as you leave the website. The provision of these data is not a statutory or contractual requirement, but failure to provide these data might impair operability of the website.

Further personal data are collected and processed when you log in to the password-protected areas of the website as a customer of GRTgaz Deutschland. Personal data comprise access data required for the registration process. The provision of these data is not a statutory requirement, but it is required for a contract to be concluded with GRTgaz Deutschland GmbH.

Other personal data will be stored permanently (eg capacity request) upon submission of an offer or request. The data entered, the user name, and the IP address are stored. The processing serves the fulfilment of contractual obligations (art. 6 (1)(1)(b) GDPR) as well as the defence against or substantiation of legal claims (art. 6 (1)(1)(f) GDPR). It ends with the expiry of the limitation period according to Section 199 (3)(1)(1) of the German Civil Code.

This website uses cookies that enable the site to function properly by distributing traffic to the website across several servers in order to optimize response times. 

​2. Obligations of GRTgazDeutschland while Processing your Personal Data ​

GRTgaz Deutschland GmbH shall use any of the personal data you transmitted exclusively for the purpose of operating our website and for optimising its functionality (Art. 6 Abs. 1 Satz 1 lit. F DSGVO), to send a subscribed newsletter when appropriate, or to process other requests by the user. ​

GRTgaz Deutschland GmbH shall in no case sell, lease or transfer in any other way your personal data to any third parties. ​

GRTgaz Deutschland GmbH shall take appropriate technical and organizational measures to ensure protection of your personal data against accidental loss or unauthorized or unlawful processing. ​


III. Newsletter and E-Mail Push-Alert ​

We use our newsletter to inform about our company and our services. ​

If you would like to receive this newsletter, please provide us with a valid email address and information allowing us to verify that you are the owner of the email address indicated, or that the owner of this email address agrees to the receipt of the newsletter. ​

No further data will be collected. These data are used only for sending the newsletter and will not be forwarded to third parties. By registering for the newsletter, we will save your IP address and the date of registration. The sole purpose of this storage is to fight misuse of your email address by third parties. You can revoke your consent to the storage of the data, the e-mail address and their use for sending the newsletter at any time. The revocation can be done via a link in the newsletters themselves. The email address remains stored permanently (even in the case of unsubscribing through an opt-out manager. ​


IV. Your Rights​

You have the right to request access to and rectification or erasure of personal data or restriction of  processing concerning  the data subject or to object to processing as well as a right to data portability. ​

You have the right to lodge a complaint with a supervisory authority. ​


V. Processing of Applicants’ Personal Data

All data transmitted by the applicants will be processed (sec. 26 Abs. 1 BDSG). To minimize data processing, we therefore ask to submit only such information that will typically be relevant, i.e. required for a contract. We reserve the right to process job-related information made public by applicants, such as their profiles on social media platforms. Applicants have the right to request access to and rectification or erasure of personal data or restriction of  processing concerning  the  data  subject or  to  object to  processing as  well  as  a right  to  data portability. 

They have the right to lodge a complaint with a supervisory authority. ​

The transmitted data will generally be deleted after completion of the selection process. We may, however, process personal data of applicants as far as this is necessary to defend against asserted legal claims arising from the application procedure (art. 6(1)(1)(f) GDPR; the legitimate interest is, for example, a burden of proof in proceedings under the General Equal Treatment Act; in this respect, the storage period shall be two months from the allocation of the job, and four years for the defence against other civil law claims. ​

Applicants who would like to be considered in future selection processes for vacancies are asked to provide explicit consent, embedding the following message in the cover email to the application: "I agree with the storage of my application for future selection procedures." ​

Applicants may object to further processing at any time. They have the right to lodge a complaint with the Berlin Commissioner for Data Protection and Freedom of Information. There is no legal or contractual duty to provide any information, but we do require the candidate information to enter into a contract of employment, which cannot be achieved without the information.​

If we conclude an employment contract, we can further process the personal data already received for employment purposes in accordance with sec. 26(1) BDSG if required for the execution or termination of the employment relationship or to exercise or fulfilment of a law or a collective agreement, an operating or service agreement (collective agreement) or the rights and duties of representing the interests of employees. ​

For application processing, we use, inter alia, StepStone Deutschland GmbH. Therefore, StepStone Deutschland GmbH and its subcontractors, which can be found at, are recipients of the data provided. StepStone uses security systems by Akamai Technologies, Inc., which may be transferred to the United States. Akamai is Privacy Shield certified, so there is an appropriate level of privacy. The certification can be viewed at