Privacy policy

*Only the German version of the text is legally binding.

You have the right to know what data we collect, process, and use about you, and for what purposes. This is your right and is in accordance with the provisions of the EU General Data Protection Regulation (GDPR) of April 27, 2016, applicable from May 25, 2018, as well as the Federal Data Protection Act (BDSG-2018). Therefore, we provide you with an overview of the personal data we store about you, as well as the data protection organization of Seahawk Investments GmbH. Our goal is to enable you to exercise your “right to informational self-determination.”

Responsible Entity

Seahawk Investments GmbH
Bettinastraße 62
60325 Frankfurt am Main
Phone: +49 69 244 044 11
Email: info@seahawk-investments.com

Data Protection Coordinator

A Data Protection Officer has not been appointed because the legal requirements for doing so are not met. Our Data Protection Coordinator is Frank Eichelmann.

Competent Supervisory Authority regarding Data Protection

Hessian Data Protection Commissioner
Gustav-Stresemann-Ring 1, 65189 Wiesbaden
P.O. Box 31 63, 65021 Wiesbaden
Phone: +49 611 1408 0
Fax: +49 611 1408 900
Email: poststelle@datenschutz.hessen.de
Website: www.datenschutz.hessen.de

Section A: General Information

Source and Categories of Data

Seahawk Investments GmbH receives personal data from clients and other business partners in the course of contract initiation and performance. In the course of our management activities, we also receive data from the custodians selected by you. Additionally, we process personal data from publicly accessible sources, such as phone directories and the internet.

Possible Categories of Data

  1. Names/Contact Information
  2. Identity Card Data
  3. Bank Data
  4. Credit Rating Data
  5. Wealth Data
  6. Order Data
  7. Invoice Data
  8. Payment Data
  9. Tax Data
  10. Curriculum Vitae (CV)
  11. Qualification Data
  12. Insurance Data
  13. Marital Status and Family Situation
  14. Interests/Preferences/Special Life Circumstances
  15. Plans and Goals for Personal and Professional Future
  16. Company Contact Information

3. Legal Basis for Processing

In accordance with the provisions of the EU GDPR, the processing of personal data by Seahawk Investments GmbH is lawful.

Accepted Legal Bases

  1. Consent
  2. Contract initiation
  3. Contract, contractual-like relationship
  4. Legal obligation, higher-ranking legal provisions, public interest
  5. Balancing of interests

4. Data Recipients

Employees of Seahawk Investments GmbH process the relevant personal data to fulfill contractual and legal obligations. This occurs within the employment relationship – the data does not leave our domain. In addition, entities outside of Seahawk Investments GmbH (third parties) may receive personal data based on a defined legal basis. These entities only receive the data necessary for their respective tasks.

Possible Data Recipients

  1. Public authorities (BaFin, Bundesbank, tax authorities, etc.)
  2. Custodian bank/account-holding institution, securities institutions, comparable organizations, and processors
  3. External accounting
  4. Shipping service providers
  5. Other contractually bound service providers
  6. Other entities to whom you have granted consent for data transfer

5. Transfer to Third Countries

Data transfer to countries outside the EU or EEA (so-called third countries) takes place only when necessary for the execution of your orders (e.g., payment or securities orders), if required by law (e.g., tax reporting obligations), or if you have granted us your consent. If service providers are used in third countries, they are additionally required to comply with European data protection standards through the agreement of EU standard contractual clauses, alongside written instructions.

6. Retention Periods

We process (and store) your personal data to fulfill our contractual and legal obligations or for the purpose for which you provided the data. Once the processing purpose no longer applies, the data will be regularly deleted, unless its temporary further processing is required for the following purposes:

  • Fulfillment of commercial and tax retention obligations: This includes the Commercial Code (HGB), the Fiscal Code (AO), the Securities Institutions Act (WpIG), the Money Laundering Act (GwG), and the Securities Trading Act (WpHG). The retention and documentation periods set by these laws range from two to ten years.
  • Preservation of evidence under the statute of limitations. According to Sections 195 et seq. of the German Civil Code (BGB), these limitation periods can be up to 30 years, with the regular limitation period being three years.

7. Your Rights under the EU General Data Protection Regulation

  1. (Preliminary) Information: You are reading them right now.
  2. Access: Upon request, we will provide you with a compilation of the personal data we have stored about you.
  3. Correction: You have the right to request the immediate correction of any incorrect data.
  4. Deletion: We will delete your data once its processing is no longer necessary. However, there are exceptions, see the next section.
  5. Restriction of Processing: Your data will not be used by us if the processing purpose no longer applies, but we may not delete it immediately due to higher-ranking legal obligations.
  6. Data Portability: Upon request, you will receive your data in a suitable format for transmission to a third party.
  7. Revocation: If you have given us consent for certain processing purposes, you can revoke it at any time without providing reasons.
  8. Objection:  If the processing of your data is based on public interest or a balancing of interests (“overriding legitimate interest”), you can object to the processing of your personal data for contractual purposes.
  9. Complaint: If you believe the processing of your personal data by Seahawk Investments GmbH is unlawful, you have the right to file a complaint with the supervisory authority of your place of residence.

8. Is There an Obligation to Provide and Process Data?

In particular, under anti-money laundering regulations, we are required to identify you before establishing the business relationship, e.g., using your identity card, and collect and retain your name, place of birth, date of birth, nationality, and residential address. To comply with this legal obligation, you must provide the necessary information and documents and notify us of any changes that occur during the business relationship. As a securities institution subject to the supervision of the Federal Financial Supervisory Authority (BaFin), we are also legally obligated to process certain data when providing securities services (e.g., financial portfolio management, investment advice, investment, and contract mediation).

As part of our business relationship, you must provide the personal data necessary to establish and conduct the business relationship and fulfill the associated contractual obligations, or which we are legally obligated to collect. Without this data, we generally cannot accept or fulfill the contract or may have to terminate an existing contract. If you do not provide the necessary information and documents, we will not be able to initiate or continue the requested business relationship.

9. Is There Automated Decision-Making (Including Profiling)?

For the establishment and performance of the business relationship, we generally do not use fully automated decision-making in accordance with Article 22 of the GDPR. If we do use such processes in individual cases, we will inform you separately, where required by law.

10. Electronic Communication

If you send us an email, the processing is generally required as a pre-contractual or contractual measure. Furthermore, you grant us your voluntary consent to process the necessary personal data for the purpose of contact. A valid email address is required to assign and respond to your inquiry. The information you provide will be stored to process the request and for potential follow-up questions.

11. Consequences of Revocation of Consent and Objection

If you revoke a necessary and previously given consent, we will no longer process your personal data. If you object to the processing of your data in the public interest or based on a balancing of interests, we will no longer process your personal data unless we can demonstrate overriding legitimate grounds for the processing, which outweigh your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims.

If you object to the processing for direct marketing purposes, we will no longer process your personal data for these purposes.

Section B: Website-Relevant Information

1. Collection of General Information When Visiting Our Website

When you view our website, general information is automatically collected via a cookie. This information (log files or server log files) describes the type of web browser, the operating system used, the domain name of your Internet service provider, and similar data. These data are collected by the internet service provider hosting our website. They are technically necessary to display the website’s content correctly and are generally collected whenever you browse the internet. They are processed for the following purposes:

  • Ensuring a smooth connection to the website.
  • Ensuring the smooth use of our website.
  • Analyzing system security and stability.

According to the internet host, the log files’ data is anonymized after 7 days and stored for a maximum of 8 weeks. Anonymous data of this kind may also be statistically evaluated to optimize our website and the underlying technology.

Based on our legitimate interest, this processing of your personal data is permissible. We do not use your data to draw conclusions about your person. The recipients of the data are only Seahawk Investments GmbH as the responsible entity and the internet host.

2. Use of Website Analytics Services

We do not use tracking tools such as Google Analytics, Matomo, or others!

3. Device Width Detection

This website is programmed in HTML5 and offers the advantage of a responsive design. With the programming used, we have created multiple pages with the same content, allowing you to view our services on various devices (desktop computers, tablets, smartphones). No cookies are used for device width detection! Your device merely transmits technical data and browser information, from which the programming derives a percentage for the display. This information is not linked to personal data and is not stored; it is requested anew during each visit. Your device is not recognized, so there is no reason for privacy concerns.

4. SSL Encryption

To protect the security of your data during transmission, we use encryption methods that are up to date with current technology (e.g., SSL) via HTTPS. This protects the data described in section 1 of this section as well.

5. Newsletter

If you have agreed, we will send you our newsletter or comparable information to the email address you provide. Subscribers may also be informed by email about circumstances relevant to the service or registration (e.g., changes to the newsletter offering or technical conditions).

For a valid registration, we require a valid email address. To verify that the registration was indeed made by you, we use a “double opt-in” procedure. For this purpose, we record the newsletter order, the sending of our confirmation email, and your response to it. We do not collect any additional data. The data is used exclusively for sending the newsletter and will not be passed on to third parties.

You can revoke your consent for receiving the newsletter at any time. In each newsletter, there is a corresponding link to unsubscribe. Alternatively, you can inform us of your desire using the contact option provided at the end of these privacy notices.

6. Electronic Communication

If you send us a message via contact form, you give us your voluntary consent to process your required personal data for the purpose of contacting you. A valid email address is required to assign and respond to your inquiry. The information you provide will be stored for the purpose of processing the inquiry and for potential follow-up questions.

7. Use of Adobe Typekit

We use Adobe Typekit for the visual design of our website. Typekit is a service provided by Adobe Systems Software Ireland Ltd. that gives us access to a font library. To display the fonts we use, your browser must establish a connection to a server in the USA operated by Adobe and download the font needed for our website. Through this, Adobe receives the information that our website has been accessed via your IP address. For more information about Adobe Typekit, you can refer to Adobe’s privacy notices here: www.adobe.com/privacy/typekit.html

8. Use of Google Maps

This website uses the Google Maps API to visually display geographic information. When using Google Maps, Google collects, processes, and uses data about the usage of map functions by visitors. Further information on data processing by Google can be found in Google’s privacy policy. You can also change your personal privacy settings in the Google Privacy Center.

Detailed instructions on managing your data in relation to Google products can be found here.

9. Embedded YouTube Videos

On some of our web pages, we embed YouTube videos. The operator of the relevant plug-ins is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. When you visit a page with the YouTube plug-in, a connection to YouTube’s servers is established. This informs YouTube about the pages you have visited. If you are logged into your YouTube account, YouTube can associate your browsing behavior with your personal account. You can prevent this by logging out of your YouTube account beforehand.

When a YouTube video is started, the provider sets cookies that collect information about user behavior. If you want to prevent this, you must block the storage of cookies in your browser.

For further information about privacy on YouTube, refer to the provider’s privacy policy here: https://www.google.de/intl/de/policies/privacy/

10. Validity of This Privacy Policy

Our privacy policy is intended to always comply with the current legal requirements and reflect any changes in our services, such as when new services are introduced. Therefore, the latest privacy policy applies to your subsequent visits.

Status of Privacy Policy: 06/2025

11. Questions About Data Protection

If you have any questions about data protection concerning Seahawk Investments GmbH, our data protection coordinator can assist you. The competent supervisory authority depends on the state of your residence, work, or any presumed data protection violation. A list of supervisory authorities (for the non-public sector) with addresses can be found here:

https://www.bfdi.bund.de/DE/Infothek/Anschriften_Links/anschriften_links-node.html.