Privacy policy

General privacy policy

H&A Global Investment Management GmbH takes the protection of your personal data very seriously. This Privacy Policy describes how we process and protect the personal data collected and processed via https://www.ha-gim.com (“Website”). It consists of a “Summary Notice” (see below under section A .) and a “Detailed Notice” (see below under section B .)

Personal data (“personal data”) is all information (such as your salutation (title), your name, your address, your e-mail address, your telephone number, your IP address, etc.) that relates to an identified or identifiable natural person (“data subject”). Your personal data will only be processed by us in accordance with the provisions of Regulation (EU) 2016/679 (EU General Data Protection Regulation “GDPR”) and the other provisions of the applicable national data protection laws.

Your personal data will only be processed if you have consented to the processing or if the processing is permitted by law. The contents of this privacy policy inform you about the type, scope and purpose of the processing of your personal data.

This privacy policy applies exclusively to our website. In the event that you are redirected to third-party websites via links from our website, please inform yourself on these websites about the handling of your personal data

1. Summarizing note

1. Scope of application, data subjects, controller Contact option

This privacy policy applies exclusively to the collection and processing of personal data of users of the website https://ha-gim.com/

The controller for all personal data collected and processed in connection with the use of the website is

H&A Global Investment Management GmbH
Taunusanlage 19 (mainBuilding)
60325 Frankfurt am Main
E-Mail: datenschutz@ha-gim.com

You can contact our company data protection officer
authorized under:

H&A Global Investment Management GmbH
Datenschutzbeauftragter
Stahlgruberring 52
81829 München
Telefon: +49 89 69 3109 4533
E-Mail: datenschutz@ha-gim.com

2. Categories of personal data, purposes of processing and legal bases

Appendix 1 “Personal Data” to this Privacy Policy contains detailed information about (i) the categories of personal data We collect from you; (ii) the purposes for which We process this personal data; (iii) the legal bases; and (iv) the retention period of your personal data. If the processing is for a different purpose, We will provide you with additional information.

You can find details on this in the section B.1 .

3. Recipients and categories of recipients of the personal data

We sometimes use external service providers to provide services and products on our behalf. Your personal data is transmitted to the service providers for this purpose. Within H&A Global Investment Management GmbH and when using service providers, any access to your personal data in connection with your use of the website is restricted to those persons who absolutely need this data to fulfill their professional duties.

We will disclose your personal data to government authorities, courts, external advisors and similar third parties who are public bodies to the extent required or permitted by applicable law

We only pass on personal data to recipients to the extent necessary.

You can find details on this in the section B.2 .

4. Data transfers outside the European Economic Area (“EEA”)

Some of the recipients of your personal data are located outside the EEA (namely in the USA) or have branches there. We ensure that such recipients outside the EEA offer an adequate level of protection for personal data and that appropriate technical and organizational security measures are in place to protect personal data by concluding appropriate agreements on data transfer or by taking other suitable measures, e.g. also certifications with the so-called Data Privacy Framework. Any further transfer beyond this is subject to the relevant legal requirements.

You can find details on this in the section B.3 .

5. Scope and duration of storage

Your personal data will only be stored by us and/or our service providers to the extent necessary for the fulfillment of our obligations to you or for the fulfillment of the obligations of the service providers to us. The data will be stored in accordance with the applicable data protection laws exclusively for the period of time required to achieve the purposes for which the personal data is processed. When the purpose for the data processing has ceased to exist, the personal data will be deleted from the systems and/or records and/or steps will be taken to properly anonymize your personal data so that you can no longer be identified from that data. This does not apply where We and/or our service providers are required to retain your information beyond this:

• to comply with any legal or regulatory obligations to which we and/or our service providers are subject; and/or
• with regard to statutory time limits.

You can find details on this in the section B.4 .

6. Your rights

In accordance with applicable data protection laws (such as the GDPR), you have the following rights: (i) the right of access; (ii) the right to obtain a copy of your personal data undergoing processing; (iii) the right to rectification; (iv) the right to erasure (“right to be forgotten”); (v) the right to restriction of processing; (vi) the right to data portability; (vii) the right to object; and (viii) the right to lodge a complaint with the competent data protection supervisory authority. If you have given your consent to the processing of personal data, you can withdraw this consent at any time. Such withdrawal will not affect the lawfulness of processing based on consent before its withdrawal.

Details on this can be found in the section B.5 .

7. Use of cookies and similar technologies on the website

We use cookies and similar technologies on our website. You can find detailed information on this under B. 6

8. Personal data required for the conclusion or fulfillment of the contract

You only need to provide the personal data that is marked as mandatory in the corresponding forms on Our website. Without this personal data, the desired contract or your request cannot be concluded.

Personal data that is not marked as mandatory in the relevant forms on Our Website does not have to be provided.

You only need to provide the personal data that we require to enter into and conduct a business relationship with you or that we are legally obliged to collect. Such personal data is marked as mandatory in the respective fields on our website. Without this personal data, we cannot conclude the requested contract/your request.

Personal data that is not marked as mandatory in the corresponding fields on Our Website does not have to be provided.

9. Changes to this privacy policy

This privacy policy may be subject to change. We reserve the right to change or amend this privacy policy at any time. We will publish the changes on https://www.hag-im.com and/or inform you accordingly.

10. Contact form

Personal data is collected when you contact us (e.g. by e-mail or telephone). This data is stored and used exclusively for the purpose of responding to your request or for contacting you and the associated technical administration. The legal basis for the processing of this data is your consent Art. 6 para. 1 lit. a GDPR or your and our legitimate interest in responding to your request, Art. 6 para. 1 lit. f GDPR. If your contact is aimed at concluding a contract, the additional legal basis for the processing is Art. 6 para. 1 lit. b GDPR. Your data will be deleted after final processing of your request. This is the case if it can be inferred from the circumstances that the matter in question has been conclusively clarified and provided that there are no statutory retention obligations to the contrary.

11. Newsletter registration

You can subscribe to our newsletter via our homepage using a so-called double opt-in procedure. We process the personal data required for this on the basis of your consent, Art. 6 para. 1 lit. a GDPR. We delete this data if and as soon as you unsubscribe from our newsletter and no mandatory retention periods prevent the deletion of the data. To deliver the newsletter, we use the service provider CleverReach GmbH & Co KG, which processes your personal data exclusively on our instructions and not for its own purposes. We have concluded an order processing contract with CleverReach in accordance with Art. 28 GDPR.

2. Detailed note

1. Categories of personal data, purposes of processing and legal bases

Under B 6 vii. of this privacy policy you will find detailed information about:

• the categories of personal data that you actively provide to Us (e.g. by sending Us an email) and that We collect in addition to other personal data.
• the purposes for which We process these categories of personal data; and
• the legal basis applicable at the time of collection and processing of your personal data.

We also use cookies and similar technologies on our website. You can find detailed information on this under B6.

Please note that We will only process your personal data for other purposes if:

• We are obliged to do so due to legal requirements (e.g. transmission to courts or law enforcement authorities);
• if you have consented to the respective processing; or
• if the processing is lawful under other applicable law.

If processing is carried out for another purpose, We will provide you with additional information.

2. Recipients and categories of recipients of the personal data

We transfer your personal data to the recipients and categories of recipients listed below for the respective purposes and to the extent necessary:

Service providers: We use both external and internal service providers to provide services and products on our behalf and share your personal data with them for this purpose. Our service providers are contractually obliged to process this personal data on our behalf under appropriate instructions, insofar as this is necessary for the respective processing purposes and to protect your personal data appropriately. Our service providers may not otherwise process or disclose your personal data unless this is permitted by law.

Public authorities, courts, outside counsel and similar third parties: To the extent required or permitted by applicable law to: (i) ensure compliance with applicable laws; (ii) respond to regulatory requests or requests from public authorities; (iii) comply with applicable legal requirements; (iv) protect the rights, privacy, safety or property of ANTON INTERIOR, website visitors, guests, employees or the public; (v) enable Us to pursue possible legal remedies or prevent or mitigate possible bad debts or damages that We may suffer; and (vi) respond to an emergency. Such data transfers are based on Art. 6 para. 1 lit. a), c) or f) GDPR.

Within our company and the service providers, access to your personal data in connection with your use of the website is restricted to those persons who absolutely need this data to fulfill their professional duties.

3. Data transfers outside the European Economic Area (“EEA”)

Some of the recipients of your personal data are located outside the EEA (namely in the US), where data protection laws may provide a different level of protection than the laws in your country. We will take all necessary steps under applicable data protection law to ensure that transfers from the EEA are adequately protected.

By concluding appropriate safeguards based on the standard contractual clauses (2021/914/EU) pursuant to Art. 46 (2) lit. c) GDPR or by other appropriate means (such as certifications with the EU-US Data Privacy Framework), which can be obtained on request from the contact information provided in section7 , We have ensured that all recipients located outside the EEA provide an adequate level of protection for personal data and that appropriate technical and organizational security measures are in place to protect such data against accidental or unlawful destruction, accidental loss or alteration, unauthorized disclosure or access and against all other unlawful forms of processing. Any transfers (including to our affiliates outside the EEA) will be subject to the relevant legal requirements.

4. Scope and duration of storage

In accordance with applicable data protection laws, your personal data will be stored by us and/or our service providers only to the extent and for the duration necessary to fulfill our obligations to you or to fulfill the service providers’ obligations to us.

Once your personal data is no longer necessary for the purpose of your processing, it will be deleted from the systems and/or records and/or steps will be taken to properly anonymize it so that you can no longer be identified from your personal data. However, we and/or our service providers must retain your data in order to comply with any legal or regulatory obligations to which we and/or our service providers are subject. If legal proceedings are initiated, the personal data will be stored until the end of these proceedings, including possible appeal periods.

If a more detailed description is possible, you will find detailed information under B. 6 of this privacy policy.

5. Your rights

If you have given your consent to the processing of personal data, you can withdraw this consent at any time with effect for the future. Such a revocation does not affect the legality of the processing that took place prior to the revocation of consent.

In accordance with applicable data protection laws (such as the GDPR), you may exercise the following rights by contacting Us using the contact information provided in section7 :

1. Right to information: You have the right to obtain information as to whether and, if so, which of your personal data is processed by Us. The right of access includes, among other things, information about the purposes of the processing, the categories of personal data concerned and the recipients and categories of recipients of the personal data. However, this is not an unlimited right and the interests of other persons may restrict your right to information.
   You also have the right to receive a copy of the personal data that is the subject of the processing. We may charge a reasonable fee based on administrative costs for any further copies you request.
2. Right to rectification: You have the right to request the rectification of inaccurate personal data concerning you. Depending on the purpose of the processing, you have the right to have incomplete personal data completed, which can be done by submitting a supplementary declaration.
3. Right to erasure (“right to be forgotten”): In certain circumstances, you have the right to request the erasure of personal data concerning you and We may be obliged to erase such personal data for certain reasons.
4. Right to restriction of processing: Under certain circumstances, you have the right to request that we restrict the processing of your personal data. In this case, the data concerned will be marked and may only be processed by Us for certain purposes.
5. Right to data portability: In certain circumstances, you have the right to receive the personal data concerning you, which you have provided to Us, in a structured, commonly used and machine-readable format and you have the right to transmit those data to another entity without hindrance from Us.
6. Right to object: You have the right to object, on grounds relating to your particular situation, at any time to processing of your personal data by Us where such processing is necessary for the purposes of the legitimate interests pursued by Us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, in particular where the data subject is a child, including profiling based on those provisions. We will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims. Where your personal data are processed for direct marketing purposes, where this is permitted without your prior consent, you also have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. In this case, your personal data will no longer be processed by Us for these purposes.
7. Right to lodge a complaint: In addition to the above rights, you also have the right to lodge a complaint with the competent data protection supervisory authority.

6. Use of cookies and similar technologies

i. What are cookies and what information do they collect?

When you visit our website, We or an authorized third party may send you a cookie. Cookies are small text files that may be placed on your device. When a website is accessed, a cookie set on a device sends information to the party that set the cookie. Cookies are widespread and are used on numerous websites. Each cookie usually contains the name of the domain from which the cookie originated, the “lifetime” of the cookie and usually the IP address or other unique number of the device and may therefore contain personal data, i.e. information about an identified or identifiable natural person.

ii. Why are cookies useful?

Cookies can be very useful for the operator of a website. For example, they can use a cookie to find out whether a computer (and therefore probably its user) has visited the website before. In general, the purpose of cookies is to improve the performance of the website and the user’s experience when using that website. Cookies help a website to work more efficiently, enable additional functions and provide the operator of a website with additional information about your visit to a website. Cookies also enable the operator of a website to track general use of the website and to determine which areas users prefer. Cookies help to make visiting a website easier by recognizing users when they return and thus providing a personalized experience.

iii. First-party and third-party cookies

Our website may set first-party cookies and allow third parties to set cookies on your device. The difference between a first-party cookie and a third-party cookie is who provides the cookie. First-party cookies are cookies that are specific to the website that created them. Their use allows us to operate an efficient service and track the behavior patterns of visitors to the website. Third-party cookies, on the other hand, are placed on your device by third parties (i.e. not by Us). Even if We allow third parties to access the Website to set these cookies on users’ devices, We do not retain control over the information provided by the cookies, nor do We have access to this data. This information is controlled solely by the relevant third party in accordance with their respective privacy policies.

iv. Plug-ins

We use so-called functional plug-ins on our website. A plug-in is a software component that extends our website with a specific function. By using functional plug-ins, we implement certain functions that are essential for the operation of Our Website. Functional plug-ins are widespread and are used on numerous websites. Each functional plug-in usually processes information about who visits our website or enters data on our website.

We currently use the following plug-ins on our website

A plug-in is a software component that adds a specific function to our website. By using social network plug-ins, we implement certain network-related functions (e.g. like or share buttons). To ensure the protection of your data, the plug-ins are not integrated directly into the page, but a pure HTML link (so-called “Shariff solution” from c’t) is used. This ensures that there is no connection to the servers of the provider of the respective social network when you visit Our website that contains such plug-ins. When you click on one of the buttons, a new window opens in your browser and calls up the page of the respective social network, where you can (if necessary after entering your login data) press the Like or Share button, for example.

v. Session cookies and similar technologies

Our website may place session cookies and similar technologies on your device. The difference between a session cookie and a plug-in lies in the duration of the cookie and plug-in. Session cookies and similar technologies generally remain on for as long as you use your browser or for the duration of a browser session. When you end your browser session, the cookie and/or plug-in expires.

vi. Overview of the personal data processed by us

vii. Supplementary information on integrated third-party services

We use Google Analytics 4, which automatically collects and processes the IP address transmitted by your device when you use our website by default – but only in anonymized form – so that it cannot be directly linked to a specific person. This automatic anonymization takes place by Google truncating the IP address transmitted by your device within member states of the European Union (EU) or other parties to the Agreement on the European Economic Area (EEA). Google uses this and other information on our behalf. The truncated IP address transmitted by your device will not be merged with other Google data. Google Analytics 4 also enables the creation of statistics with statements about the age, gender and interests of website users on the basis of an evaluation of interest-based advertising and with the use of third-party information via a special function, the so-called “demographic characteristics”. This makes it possible to determine and differentiate between user groups of the website for the purpose of target group-optimized alignment of marketing measures. However, data collected via the “demographic characteristics” cannot be assigned to a specific person and therefore not to you personally.

Further information on Google Analytics 4, including a copy of the EU standard contractual clauses used, can be found at

(i) https://policies.google.com/privacy?hl=de&gl=de and;
(ii) https://policies.google.com/technologies/partner-sites.

You can also separately revoke your consent to the processing of information via Google’s analysis services by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

The description of the cookies used when using Google Analytics 4 can be found in the table below under viii.

viii. Overview of the cookies we use

You can find an overview of the cookies we use here

Status of this privacy policy: February 2025