• 

Data privacy

Name and address of the person responsibleThe responsible person in terms of the EU data protection basic regulation as well as other data protection regulations is:
Dr. Gabriele Haack
Daimlerstr. 7
80798 München
Germany
Phone.: +49 175 33 62 578
E-Mail: dataprivacy@gh.consulting
Website: https://www.gh.consulting

We respect your data

Thank you for your interest in our Internet presence. The trust of all visitors and customers, the security of your data and the protection of your privacy are of central importance to us. Your personal data will therefore be treated by us in accordance with the valid legal data protection regulations and this data protection declaration. Personal data is information that can be used to find out your identity, such as your correct name, address or telephone number.

If you view and use our site without registering or otherwise expressly providing us with information, we process the data that is sent to us with each request from your browser (see below “Protocol Data”). If you expressly transmit personal data to us (e.g. via our contact form), this is done exclusively for the purpose of the inquiry or the respective order. We would like to point out that data transmission on the Internet can never be completely protected against access by third parties.

In the following, we would like to explain to you in more detail which data we process, when and for what purpose. It is explained how our offered services work and how the protection of your personal data is guaranteed.

Legal basis for the processing of personal data

If we obtain the consent of the data subject for processing of personal data, Art. 6 para. 1 lit. a DSGVO serves as the legal basis. For the processing of personal data required for the performance of a contract to which the data subject is a party, Art. 6 para. 1 lit. b DSGVO serves as the legal basis. This also applies to processing operations which are necessary for the performance of pre-contractual measures. If processing of personal data is necessary to fulfil a legal obligation to which our company is subject, Art. 6 para. 1 lit. c DSGVO serves as the legal basis. If vital interests of the data subject or another natural person require the processing of personal data, Art. 6 para. 1 lit. d DSGVO serves as the legal basis.

If processing is necessary to safeguard a legitimate interest of our company or of a third party and if the interests, fundamental rights and freedoms of the data subject do not outweigh the former interest, Article 6 paragraph 1 letter f FADP serves as the legal basis for data processing.

Data deletion and storage period

The personal data of the data subject shall be deleted as soon as the purpose of the storage no longer applies. Storage may also take place if this is provided for by European or national laws or other regulations to which the person responsible is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned regulations expires, unless there is a need to continue storing the data for the purpose of concluding or fulfilling a contract.

Your rights

You have a right to information free of charge about the data stored by us about your person as well as, if applicable, a right to correction, restriction of processing or deletion of this data. You also have the right to data transferability. Finally, you also have the right to complain about the processing of your personal data by us to the data protection supervisory authority.

We would also like to point out that you can object to the future processing of your personal data at any time in accordance with the legal requirements under Art. 21 DSGVO. The objection can be made in particular against processing for the purposes of direct advertising.

Provision of information

If you have any questions regarding the collection, processing or use of your personal data, for information, for the correction, blocking or deletion of data, as well as for the revocation of any consents granted or to object to a particular use of data, please contact us using the following e-mail address:

dataprivacy@gh.consulting

Protocol data

The automatic collection and storage of protocol data by the provider of the Internet services (provider) is carried out because the processing of this data is technically necessary to display our website and to ensure stability and security. The protocol data includes the following information:

• Date and time of the respective request
• Internet address (URL) that was requested
• URL that the visitor has visited immediately before
• Browser and language used
• Used operating system and its interface
• IP address (anonymized) and host name of the visitor
• Access status / http status code

Amount of data transmitted in each case

The transmission of this data to us is automatic and cannot be assigned to your person with reasonable effort. The legal basis for the processing of this data is our legitimate interest in accordance with Art. 6 Paragraph 1 Sentence 1 lit. f DSGVO, because this data processing is necessary for the operation and display of the website. The data will be deleted as soon as they are no longer necessary for the purpose of their collection. In the case of the collection of data for the purpose of providing the website, this is the case when the respective session has ended. The collection of the data for the provision of the website and the storage of the data in log files is absolutely necessary for the operation of the website. There is therefore no possibility of objection on the part of the user.

Cookies

To make visiting our website attractive and to enable the use of certain functions, we use so-called cookies. These are small text files which are stored on your end device and which store certain information for exchange with our system. The legal basis for processing this data is Art. 6 Paragraph 1 Sentence 1 lit. f DSGVO. Some of the cookies used by us are deleted again after the end of the browser session, i.e. after closing the browser (transient cookies). These include in particular session cookies. These store a unique identifier (session ID). This session ID can be used to assign various requests from your browser to a common session. This enables your terminal device to be recognised when you return to our website during a session. Session cookies are also deleted when you log out.

Other cookies remain on your end device for a predetermined period of time and enable us to recognise your browser or end device on your next visit (persistent cookies).

Please note that certain cookies are already set when you enter our website. You can set up your browser so that you are informed about the setting of cookies and can decide individually whether to accept them or to exclude the acceptance of cookies in certain cases, in particular cookies from third parties (third party cookies) or generally. If you do not accept cookies, the functionality of our website may be limited for you.

Encryption through SSL

For security reasons, our website uses SSL (Secure Sockets Layer) encryption. This protects transmitted data and prevents it from being read by third parties. You can recognize a successful encryption by the fact that the protocol designation in the status bar of the browser changes from “http://” to “https://” and that a closed lock symbol is visible there.

Contact form

You can contact us electronically using the contact form provided. The contact form indicates which data is mandatory and which can be entered voluntarily. All data entered will be stored and used exclusively for the purpose of answering your enquiries. In addition, your IP address as well as the date and time of registration are stored. Your personal data will be deleted as soon as the storage is no longer necessary for this purpose or we restrict the processing if there are legal obligations to keep records. The legal basis for the processing of the data is the implementation of a pre-contractual measure through your enquiry in accordance with Art. 6 Para. 1 lit. b DSGVO.

Comments

If you leave a comment on the website, the following data will be saved in connection with it:

• The chosen username
• Date and time of the comment
• Your IP address (anonymised)

Your IP address will be deleted after one week. The storage of the IP address is necessary in order to be able to defend ourselves against liability claims of third parties if possible publications in the comments represent illegal contents. Your e-mail address is required to be able to contact you in the event that third parties complain that your comments are unlawful. The legal basis is Art. 6 paragraph 1 lit. b and f DSGVO.

Google Analytics

This website uses Google Analytics, a web analytics service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site.

In connection with your use of this website, data is usually transferred, stored and, if necessary, processed further on a Google server in the USA (Google LLC 1600 Amphitheatre Parkway Mountain View, CA 94043. USA). According to the DSGVO, the USA is considered a third country with an uncertain level of data protection.

The information generated by the cookie about your use of this website is usually transferred to a Google server in the USA and stored there. However, if IP anonymization is activated on this website, your IP address will be shortened by Google within member states of the European Union or in other states which are party to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be transferred to a Google server in the USA and shortened there. On behalf of the operator of this website, Google will use this information for the purpose of evaluating your use of the website, compiling reports and statistics on website activity and providing other services relating to website activity and internet usage for the website operator. The IP address transmitted by your browser within the framework of Google Analytics is not combined with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plug-in available under the following link: http://tools.google.com/dlpage/gaoptout?hl=en.

This website uses Google Analytics with the extension “_anonymizeIp()”. This enables IP addresses to be processed in a shortened form. According to Google, the possibility of a personal reference is almost impossible. If the data collected about you contains a personal reference, this should be immediately excluded and the personal data deleted immediately.

e use Google Analytics to analyse and regularly improve the use of our website. We can use the statistics obtained to improve our offer and make it more interesting for you as a user. Google is certified under the Privacy-Shield-Agreement and thus offers a guarantee to comply with the European data protection law (https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active).

In order to protect your personal data, we have concluded a contract with Google for order processing in accordance with Art. 28 DSGVO.

You can find more information about Google here:

Terms of service: https://marketingplatform.google.com/about/analytics/terms/us/, overview of data protection: https://policies.google.com/?hl=en, as well as the privacy policy: https://policies.google.com/privacy?hl=en.

Privacy policy on the use and application of YouTube

The data controller has integrated YouTube components into this website. YouTube is an Internet video portal that allows video publishers to post video clips for free and other users to view, rate and comment on them, also free of charge. YouTube allows the publication of all types of videos, which is why complete film and television programmes, but also music videos, trailers or videos created by users themselves can be accessed via the Internet portal.

YouTube is operated by Google Ireland Limited, Gordon House, Barrow Street, Dublin, D04 E5W5, Ireland.

Each time the data subject accesses any of the individual pages of this website operated by the data controller and on which a YouTube component (YouTube video) has been integrated, the Internet browser on the data subject’s information technology system is automatically prompted by the relevant YouTube component to download a representation of the relevant YouTube component from YouTube. Further information on YouTube can be found at https://www.youtube.com/yt/about/de/   . As part of this technical process, YouTube and Google are informed which specific subpage of our website is visited by the data subject.

If the person concerned is logged in to YouTube at the same time, YouTube recognizes which specific page of our website the person concerned is visiting by calling up a page containing a YouTube video. This information is collected by YouTube and Google and assigned to the respective YouTube account of the person concerned.

YouTube and Google receive information through the YouTube component that the data subject has visited our website whenever the data subject is logged on to YouTube at the same time as he or she visits our website, regardless of whether or not the data subject clicks on a YouTube video. If the data subject does not want this information to be sent to YouTube and Google, he or she can prevent it from being sent by logging out of his or her YouTube account before visiting our website.

The privacy policy published by YouTube, which is available at https://policies.google.com/privacy?hl=en provides information about the collection, processing and use of personal data by YouTube and Google.

Encryption with RSA

We use RSA technology for encryption. RSA is an algorithm for encryption using a private and a public key. The public key is used to encrypt data before it is sent to the server where a certificate is stored. This public key is transmitted to each Internet user who wants to connect to the web page in question. The private key created with the CSR is used to decrypt the data encrypted with the public key. The private key should not be made available to a third party – your SSL security depends on it.

System and information security

We secure our website and our other systems by technical and organizational measures against loss, destruction, access, modification or distribution of the stored data by unauthorized persons. However, despite controls, complete protection against all dangers is not possible. The connection to the Internet and the technical possibilities resulting from it alone do not guarantee that the contents and the flow of information cannot be viewed and recorded by third parties.

Objection against unauthorised advertising by e-mail

Within the scope of the imprint obligation in accordance with § 5 TMG, we have published general contact data and an e-mail address on our website. We hereby object to the use of this contact data for the unsolicited sending of information material, advertising or spam mails which we have not explicitly requested.

Status of the privacy policy: MARCH, 7th 2021