Skip to main content

Privacy Statement

GFA Consulting Group GmbH, which operates this website for the EU-PROMENS Project takes the protection of your personal data very seriously. We treat your personal data confidentially in accordance with statutory data protection regulations and this Data Privacy Statement.

GFA Consulting Group in collaboration with Trimbos instituut in Utrecht and Mental Health European Brussels (MHE) is carrying out the program “Capacity-building on mental health: multidisciplinary training programme and exchange programme for health professionals” (EU-PROMENS) on behalf of the European Health and Digital Executive Agency (HADEA) as the contracting authority for the purposes of the project.

This Data Privacy Statement will explain how EU-PROMENS (implemented by GFA) uses the personal data we collect from you when you use our website and what rights you have in relation to  your personal data. Your personal data are processed in accordance with Regulation (EU) No 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

It also specifies the contact details of the responsible Data Controller with whom you may exercise your rights, the Data Protection Officer and the Data Protection Supervisory Authority of Hamburg.

It is possible to use our website without explicitly providing any personal data. If personal data (for example name, address or email address) is collected on our website, it is collected on a voluntary basis. This data will not be disclosed to any third party without your express consent.

Please note that data transmission via the internet (e.g., in the case of communication by email) may be subject to security gaps. It is not possible to protect such data completely against access by third parties.

Data Controller and Data Protection Officer

Data Controller:

GFA Consulting Group GmbH

Eulenkrugstraße 82

22359 Hamburg | Germany

Phone: +49 40 603 06 100

Fax: +49 40 603 06 199


Data Protection Officer:

If you have specific questions about the protection of your personal data, you may contact the data protection officer of GFA:

Susanne Eggers

With regard to the data processing by the GFA, you have to right to lodge a complaint with the supervisory authority:

Hamburg Commissioner for Data Protection and Freedom of Information

Data Processing when you visit this website

Every time you access this website, the data collected during your usage process will only be processed for the period of your use of our offer. The legal basis for this processing is Article 6 paragraph 1 letter f GDPR. Data about this process will be temporarily stored and processed in a log file. Prior to the storage, each dataset is anonymised by modifying the IP-Address.

The provider of this website automatically collects and stores information in so-called server log files which your browser automatically transmits to us. This information includes:

Browser type/ browser version

Operating system being used

Referrer URL

Host name of accessing computer

Time of server request

Volume of transferred data

Notification whether the access/retrieval was successful.

The data thus collected cannot be connected to a specific person. The data is not merged or compared with data from other sources. We reserve the right to subsequently examine this data if concrete evidence of unlawful use is made known to us.

This is ensured by our data processor, who is responsible for technical support, maintenance and arranging the hosting of our website.

When calling up individual pages, so-called cookies are used.  Cookies will not harm your computer and do not contain any virus. Cookies are used to make our offer more user-friendly, effective, and safe. Cookies are small text files that are stored on your computer and saved by your browser.

Most of the cookies we use are "session cookies". Session cookies are automatically deleted at the end of your visit. Other cookies are stored on your computer until you delete them. These cookies make it possible for us to recognize your browser the next time you visit our website.

The data is processed according to Art. 6 paragraph 1 letter f of the EU General Data Protection Regulation (GDPR) with the legitimate interest of analysing usage to improve the company’s website.

Regarding cookies, you can adjust the settings on your browser in different ways:

To be informed each time a cookie is used

To allow such use on a case-by-case basis

To prohibit the use of cookies in specific cases

To prohibit the use of cookies in general

To delete cookies when you close your browser

Deactivating cookies may limit the functionality of this website.

Data Privacy regarding the use of Google Analytics

This website uses functions of the web analysis service, Google Analytics. The provider of that service is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses so-called cookies. Cookies are text files which are stored on your computer and which make it possible to analyse the use of the website. Information concerning your use of the GFA website that is generated by the cookie is sent to a Google server in the U.S.A. and stored there.

By activating IP anonymization on this website, your IP address will be truncated within Member States of the European Union or other parties to the Agreement on the European Economic Area. The full IP address will be sent to a Google server and truncated there only in exceptional cases. Google will use this information on behalf of the operator of this website to evaluate your use of the website, to compile reports about web activity, and to provide the operator of this website with services associated with the use of this website and the Internet. The IP address transmitted within the context of Google analytics by your browser will not be merged with other data from Google.

You may refuse the use of cookies by adjusting your browser software. Please note that you may not be able to make full use of all the functions on this website after the browser adjustment. You can also prevent the data generated by the cookie from being recorded by Google (including your IP address) and prevent the data from being processed by Google by downloading and installing this browser plugin:

Newsletter Data

If you would like to receive the newsletter offered on the website, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the specified e-mail address and agree to receive the newsletter. Further data is not collected or only on a voluntary basis. For the handling of the newsletter, we use newsletter service providers, which are described below.

EU-PROMENS by GFA uses the service provider MailerLite to send newsletters.  MailerLite processes your data on behalf of GFA on secure servers within the EU. GFA and MailerLite have signed an agreement on commissioned processing in accordance with the provisions of the General Data Protection Regulation (GDPR). In this agreement, MailerLite agrees to provide full data protection in accordance with the European General Data Protection Regulation.

For more details, please refer to the data protection provisions of MaileLite at:

Your personal data (first name, last name, gender and email address) are encrypted by MailerLite using SSL. The provision of your name and gender is voluntary and only used for the purpose of personal address. These data as well as your IP address are only stored and used for registration and for sending the EU-Promens newsletter. They will not be passed on to third parties. Your e-mail address is encrypted by MailerLite SSL.

The legal basis for the data processing is your consent with the registration to receive the EU-PROMENS newsletter (Article 6 (1) (a) GDPR). . Recipients can unsubscribe from the newsletter or revoke their consent to the storage of data at any time. The revocation can be made via a link in the newsletter itself or by sending a message to the contact person listed in the imprint.

The report data will be stored by MailerLite for a maximum of six months. Your personal data will be stored until you unsubscribe from GFA's newsletter. After cancellation, your data will be stored for a period of two weeks.

Event Management

EU-Promens by GFA organises exchange visits for which you can register on our website. It is necessary for you to provide your personal data, which we need to process your order or booking. The mandatory information required for processing is marked separately; further information is voluntary. We may also process the data you provide to process your order or booking. If you have given your consent, the legal basis for processing the data is Article 6 paragraph 1 letter a GDPR. To do this, we can pass on your payment details to our house bank. We delete your data as soon as it is no longer required for its intended purpose and there are no legal retention obligations to prevent deletion. We can also process the data you provide to send you emails with technical information.

To prevent unauthorized third-party access to your personal data, the registration process is encrypted using TLS technology.

When organising exchange visits for EU-PROMENS, we use the services of the event management provider IdLoom, s.a., (Tervueren avenue 216, 1150 Brussels, Belgium), which processes personal data of participants such as name, address, email address, account details and the place and date of birth (for the purpose of issuing personal certification) on our behalf. This data processing is necessary for the fulfilment of contracts. The legal basis for this is Article 6 paragraph 1 letter b GDPS.

GFA and IdLoom have signed an agreement on commissioned processing of personal data in accordance with the provisions of the GDPR.


For web surveys GFA has installed Lime Survey on its servers in German data centres in accordance with data protection regulations. When you access our Lime Survey service, the browser used on your device automatically sends information to our Lime Survey service such as IP address of your computer and time of access, name of your internet access provider etc. This information is temporarily stored for the following purposes:

Ensuring a smooth connection to the website

Ensuring comfortable use of our website,

Evaluating system security and stability and for other administrative purposes.

The legal basis for data processing is Article 6 paragraph 1 letter f GDPR. Our legitimate interest in collecting data follows from the purposes listed above. We do not use the data collected for the purpose of drawing conclusion about you personally. This data is stored on our server for 21 days to prevent dangers and eliminate disruptions. After the storage period has expired, the data will be irrevocably deleted.

The answers to our surveys are anonymized. The operator of the survey has no way of establishing a connection between your answers and your participant data. The administrator is also unable to do so.

Your rights

You may at any time request information about the use of your personal data (according to § 15 GDPR) or request the verification, correction or deletion of your personal data (§§ 16 and 17 GDPR). You may also at any time request the restriction of the use or processing of your personal data (§§ 18 and 19 GDPR), request the transmission of your personal data to third parties (§ 20 GDPR), or object to the use of your personal data (§ 21 GDPR).

If you want to exercise any of the above-mentioned rights, please send an e-mail to: We will endeavour to take the necessary measures as soon as possible. To that purpose, you will receive an access form to be completed, allowing you to indicate which rights you wish to exercise with regard to your personal data.

You also have the right to file a complaint against the use of your personal data. The competent complaints board is the Hamburg H Commissioner for Data Protection and Freedom of Information

Detected timezone