Hager Management Consulting takes the protection of your personal data very seriously and would like to inform you below about the purposes for which we process your personal data, which categories are affected, who the recipients of this data are, the planned duration of storage and your rights with regard to information and correction or erasure or restriction of processing.
The subject of data protection is personal data. These are according to Art. 4 No.1 GDPR (General Data Protection Regulation) all information relating to an identified or identifiable natural person (data subject).
If you have any questions, please do not hesitate to contact us firstname.lastname@example.org Contact us or our external data protection officer:
Martin Bastian – Data Protection Officer (TÜV) DADIVO UG (limited liability)
Address: Schäfergasse 25, D-63477 Maintal
Telephone: +49 (0) 6109 7688 938
Purpose of storage and type of data
We collect and store personal data on the basis of Article 6 GDPR Paragraph 1: • in order to be able to fulfill our contractual obligations towards you;
- to be able to identify you as a customer;
- in order to be able to advise you appropriately
- to comply with our legal obligations;
- to correspond with you;
- for invoicing or, if applicable, as part of the dunning process;
- for permitted direct marketing purposes
- to assert any claims against you.
For this purpose, data such as name, first name, address, e-mail address, telephone number, possibly date of birth or account details are required, as well as all information that is necessary for the fulfillment of the contract with you.
We assure you that we will process your data with the greatest possible confidentiality in accordance with the existing legal regulations.
We use technical and organizational security measures to protect the data we manage against manipulation, loss, destruction and access by unauthorized persons. Our security measures are continuously improved in line with technological developments. We would also like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.
Our websites may contain links to websites of other providers to which this data protection declaration does not extend.
Duration of data storage
We only store your data for as long as is necessary to fulfill the purpose of processing your data:
- for the purpose of executing the contract and for enforcing and defending against civil law claims arising from the contractual and legal obligations existing with you until the end of the year following the statute of limitations for all mutual claims;
- for the purpose of direct marketing by email or post until the end of our business relationship;
- and as long as and to the extent that the storage is required by law or to comply with any advertising contradiction.
Transfer to third parties
A transmission of your personal data to third parties does not take place. Exceptions to this apply to some services provided by external providers insofar as this is necessary for the processing of contractual relationships with you. This includes in particular the transfer to service providers commissioned by us who have been obligated to confidentiality or with whom there is a contract for order processing according to Art. 28 DSGVO. The data passed on may only be used by third parties for the stated purposes. Your personal data will also be disclosed or transmitted to third parties if we are obliged to do so by law or a legally binding judgment.
Rights of the data subject
Information, correction, deletion and blocking, right of objection, data portability
In accordance with Art. 15 GDPR, you are entitled at any time to receive comprehensive information from us about the data stored about you.
In accordance with Art. 16 – 18 GDPR, you can request us to correct, delete or block individual personal data at any time.
According to Art. 20 GDPR you have the right to data portability
You can also make use of your right of objection at any time without giving reasons and change or completely revoke a given declaration of consent with effect for the future. You can send the revocation to us either by post, email or fax:
Hager Executive Consulting GmbH
To Charlottenburg 3
Fax: +49 (0)69 95092-111
you have acc. Art. 77 GDPR also gives you the right to complain to the competent supervisory authority if you believe that your personal data is not being processed lawfully. The supervisory authority responsible for us is:
The Hessian Data Protection Officer, Postfach 3163, 65021 Wiesbaden.
In principle, this website can also be used without providing personal data.
We save server log files to ensure the operation of the website and to be able to trace any misuse of the website. In this special case, the complete IP address is stored for a very limited period of time. This personal data is not evaluated or used for any other purpose. Our website may contain links to websites of other providers to which this data protection declaration does not extend.
There is a contact form on our website which can be used to contact us electronically. If a user takes advantage of this option, the data entered in the input mask will be transmitted to us and saved.
The processing of the personal data from the input mask serves us solely to process the contact and is used purely for the intended purpose.
With the following information we will inform you about the contents of our newsletter as well as the registration, dispatch and statistical evaluation procedures as well as your rights of objection. By subscribing to our newsletter, you agree to receive it and the procedures described.
We send newsletters, e-mails and other electronic notifications with advertising information (hereinafter „newsletter“) only with the consent of the recipient.
Double opt-in and logging
Registration for our newsletter takes place in a so-called double opt-in procedure. This means that after registration you will receive an e-mail in which you will be asked to confirm your registration. This confirmation is necessary so that nobody can register with someone else’s e-mail address. The registrations for the newsletter are logged in order to be able to prove the registration process in accordance with the legal requirements. This includes storing the time of registration and confirmation as well as the IP address. Changes to your data stored by MailChimp are also logged.
Use of the shipping service provider „MailChimp“
The newsletter is sent using “MailChimp”, a newsletter mailing platform from the US provider Rocket Science Group, LLC, 675 Ponce De Leon Ave NE #5000, Atlanta, GA 30308, USA.
The e-mail addresses of our newsletter recipients, as well as their other data described in this notice, are stored on the MailChimp servers in the USA. MailChimp uses this information to send and evaluate the newsletter on our behalf. Furthermore, according to its own information, MailChimp can use this data to optimize or improve its own services, e.g. for the technical optimization of the dispatch and the presentation of the newsletter or for economic purposes, in order to determine from which countries the recipients come. However, MailChimp does not use the data of our newsletter recipients to write to them or pass them on to third parties.
Statistical survey and analysis
The newsletters contain a so-called „web beacon“, ie a pixel-sized file that is retrieved from the MailChimp server when the newsletter is opened. As part of this retrieval, technical information, such as information about the browser and your system, as well as your IP address and time of retrieval, are initially collected. This information is used to technically improve the services based on the technical data or the target groups and their reading behavior based on their retrieval locations (which can be determined using the IP address) or the access times.
The statistical surveys also include determining whether the newsletters are opened, when they are opened and which links are clicked. For technical reasons, this information can be assigned to the individual newsletter recipients. However, it is neither our aim nor that of MailChimp to monitor individual users. The evaluations serve us much more to recognize the reading habits of our users and to adapt our content to them or to send different content according to the interests of our users.
Online retrieval and data management
There are cases in which we direct the newsletter recipients to the MailChimp websites. For example, our newsletter contains a link with which the newsletter recipient can access the newsletter online (e.g. in the event of display problems in the e-mail program). Furthermore, newsletter recipients can subsequently correct their data, such as their e-mail address. Likewise, MailChimp’s data protection declaration can only be accessed on their website.
Termination – Revocation
You can cancel the receipt of our newsletter at any time, ie revoke your consent. At the same time, your consent to its dispatch via MailChimp and the statistical analyzes expire. A separate revocation of the dispatch via MailChimp or the statistical evaluation is unfortunately not possible. You will find a link to cancel the newsletter at the end of each newsletter.
Google is certified under the Privacy Shield Agreement and thus offers a guarantee to comply with European data protection law ( https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active ).
Google will use this information on our behalf to evaluate the use of our online offer by users, to compile reports on the activities within this online offer and to provide us with other services related to the use of this online offer and internet usage. Pseudonymous user profiles can be created from the processed data.
We only use Google Analytics with activated IP anonymization. This means that the IP address of the user is shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be sent to a Google server in the USA and shortened there.
The IP address transmitted by the user’s browser is not merged with other Google data. Users can prevent the storage of cookies by setting their browser software accordingly; In addition, users can prevent the data generated by the cookie and related to their use of the online offer being collected by Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=de .
You can find more information on data use by Google, setting and objection options on the Google website: https://www.google.com/intl/de/policies/privacy/partners (“Data use by Google when you use websites or apps our partners”), http://www.google.com/policies/technologies/ads (“Use of data for advertising purposes”), http://www.google.de/settings/ads (“Manage information that Google uses, to show you advertising”).
ONLINE PRESENCE IN SOCIAL MEDIA
We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to be able to inform them about our services there.
We would like to point out that user data can be processed outside of the European Union. This can result in risks for the user because, for example, the enforcement of the user’s rights could be made more difficult. With regard to US providers who are certified under the PrivacyShield, we would like to point out that they undertake to comply with the data protection standards of the EU.
Furthermore, user data is usually processed for market research and advertising purposes. For example, usage profiles can be created from usage behavior and the resulting interests of users. The usage profiles can in turn be used, for example, to place advertisements inside and outside the platforms that presumably correspond to the interests of the user. For these purposes, cookies are usually stored on the users‘ computers, in which the usage behavior and the interests of the users are stored. Furthermore, data can also be stored in the usage profiles independently of the devices used by the users (especially if the users are members of the respective platforms and are logged in to them).
The processing of the personal data of the users takes place on the basis of our legitimate interests in effective information of the users and communication with the users in accordance with Article 6 Paragraph 1 lit. f GDPR. If the users are asked by the respective providers of the platforms for their consent to the data processing described above, the legal basis for the processing is Article 6 Paragraph 1 Letter a., Article 7 GDPR.
For a detailed description of the respective processing and the possibility of objection (opt-out), we refer to the following linked information from the providers.
Also in the case of requests for information and the assertion of user rights, we would like to point out that these can be asserted most effectively with the providers. Only the providers have access to the data of the users and can take appropriate measures and provide information directly. If you still need help, you can contact us.
This offer uses the buttons of the Tumbler service. These buttons are offered by Tumblr, Inc., 35 East 21st St, 10th Floor, New York, NY 10010, USA, email@example.com. They can be recognized by the term „Tumblr“. With the help of the buttons it is possible to share a post or page of this offer on Tumblr or to follow the provider on Tumblr.
DISQUS communication function
We use the DISQUS comment service, offered by DISQUS, Inc., 301 Howard St, Floor 3 San Francisco, California, on the basis of our legitimate interests in efficient, secure and user-friendly comment management in accordance with Article 6 Paragraph 1 lit – 94105, USA, a. DISQUS is certified under the Privacy Shield Agreement and thus offers a guarantee of compliance with European data protection law: https://www.privacyshield.gov/participant?id=a2zt0000000TRkEAAW&status=Active .
To use the DISQUS comment function, users can register via their own DISQUS user account or an existing social media account (e.g. OpenID, Facebook, Twitter or Google). The login data of the users are obtained from the platforms by DISQUS. It is also possible to use the DISQUS comment function as a guest, without creating or using a user account with DISQUS or one of the specified social media providers.
We only embed DISQUS with its functions in our website, whereby we can influence the comments of the users. However, the users enter into a direct contractual relationship with DISQUS, in the context of which DISQUS processes the comments of the users and is a contact person for any deletion of the users‘ data. We refer to the data protection declaration of DISQUS: https://help.disqus.com/terms-and-policies/disqus-privacy-policy and also point out to users that they can assume that DISQUS will also collect their IP address and the time of the comment in addition to the content of the comment stores and stores cookies on the users‘ computers and can use them to display advertising. However, users can object to the processing of their data for the purpose of displaying ads: https://disqus.com/data-sharing-settings .