1. Collection and storage of personal data, and the nature and purpose of its use
We take your privacy seriously. Below you can read how we treat personal data that you send us while visiting this website. In general you can browse this website without providing any personal data. If you fill out the contact form, however, you may send us data that identifies you personally. We handle this data in accordance with applicable data protection provisions. We only use it to contact you in accordance with your enquiry, and if applicable to send you information that you requested. We do not pass your details on to third parties. Personal data that you send us is stored only for as long as is necessary to fulfil the purpose for which you sent us this data, or for as long as is required by law. If you have any further questions relating to data privacy, please contact us. The use by third parties of contact data such as postal addresses and telephone and fax numbers published in the legal notice or in similar places for the purpose of sending unsolicited information is not allowed. We expressly reserve the right to take legal action against senders of spam e-mails if this prohibition is breached.
1. b) SSL and TLS encryption
This website uses SSL and TLS encryption for security reasons and to protect the transmission of confidential content such as orders or enquiries which you send to us in our capacity as website operator. You can tell that you have an encrypted connection when the address bar in your browser changes from “http://” to “https://” and a padlock symbol is displayed.
When SSL or TLS encryption is active, data that you send to us cannot be read by third parties.
1. c) Contact form
If you send us enquiries using the contact form, we store the details that you provide on the enquiry form including the contact data you provide there for the purpose of processing the enquiry and in case there are any follow-up questions. We do not pass on this data without your consent.
Thus the data entered on the contact form is processed solely on the basis of your consent (Art. 1 (1) (a) General Data Protection Regulation (GDPR)). You can withdraw this consent at any time. An informal communication to us via e-mail is sufficient for this purpose. The lawfulness of data processing operations which have taken place up until the time when consent is withdrawn remains unaffected by the withdrawal.
We keep the data you enter on the contact form until you ask us to delete it, you withdraw your consent to its storage, or the purpose for storing the data no longer applies (e.g. once the processing of your enquiry is completed). Mandatory statutory provisions – in particular retention periods – remain unaffected.
1. d) When you visit the website
When you access our website www.hartung-consulting.com, the browser you are using on your terminal device automatically sends information to our website’s server. This information is stored for 30 days in a logfile. In this process, the following information is collected without any action on your part and stored until it is automatically deleted:
- IP address of the requesting computer,
- date and time of access,
- name and URL of the accessed file,
- the accessing website (referrer URL),
- browser used and possibly your computer’s operating system and the name of your access provider.
We process the above-mentioned data for the following purposes:
- to ensure that a connection to the website is established without any problems,
- to ensure convenient use of our website,
- to evaluate system security and stability, and
- for other administrative purposes.
The legal basis for this data processing is Art. 6 (1) sentence 1 (f) GDPR. Our legitimate interests follow from the purposes of data collection listed above. In no case do we use the collected data for the purpose of drawing conclusions about your person.
2. Data sharing
Your personal data is not transmitted to third parties for purposes other than those listed below.
We share your data with third parties only if:
- you have given your express consent to this in accordance with Art. 6 (1) sentence 1 (a) GDPR,
- sharing is required in accordance with Art. 6 (1) sentence 1 (f) GDPR for the establishment, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,
- in the event that there is a legal obligation to disclose the data in accordance with Art. 6 (1) sentence 1 (c) GDPR, and
- this is legally permissible and required in accordance with Art. 6 (1) sentence 1 (b) GDPR for the processing of contractual relationships with you.
3. Rights of the data subject
You have the right:
- under Art. 15 GDPR to obtain information about the personal data concerning you that we process. In particular, you can obtain information about the purposes of the processing, the categories of personal data concerned, the categories of recipient to whom your personal data has been or will be disclosed, the envisaged period of storage, the existence of the right to rectification, erasure, restriction of processing or objection, the existence of the right to lodge a complaint, the source from which your data was obtained, where it was not collected by us, and about the existence of automated decision-making, including profiling, and if applicable meaningful information about the details;
- under Art. 16 GDPR to obtain without delay the rectification of inaccurate personal data that we hold on you or to have incomplete personal data completed;
- under Art. 17 GDPR to obtain the erasure of personal data that we hold on you, unless processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;
- under Art. 18 GDPR to obtain restriction of processing of your personal data where the accuracy of the personal data is contested by you, the processing is unlawful and you oppose the erasure of the personal data, and where we no longer need the data, but it is required by you for the establishment, exercise or defence of legal claims, or you have objected to processing pursuant to Art. 21 GDPR;
- under Art. 20 GDPR to receive the personal data concerning you which you have provided to us, in a structured, commonly used and machine-readable format, or to transmit that data to another controller;;
- under Art. 7 (3) GDPR to withdraw at any time your consent once granted to us. The consequence of this is that from this point in time onwards we are not allowed to continue the data processing that was based on this consent, and
- under Art. 77 GDPR to lodge a complaint with a supervisory authority. Generally for this purpose you can approach the supervisory authority in your usual place of residence, place of work, or in the place of our registered office.
4. Right to object
If and to the extent that your personal data is processed on the basis of legitimate interests in accordance with Art. 6 (1) sentence 1 (f) GDPR, you have the right under Art. 21 GDPR to object to processing of your personal data on grounds relating to your particular situation, or to object to processing for direct marketing purposes. In the latter case, you have a general right to object which we shall implement without you needing to specify any particular situation.
If you wish to exercise your right to withdraw consent or right to object, it is sufficient to send an e mail to firstname.lastname@example.org.
5. Data security
During your visit to our website we use the widespread SSL (secure socket layer) method in conjunction with the highest level of encryption that your browser supports. Generally this is 256-bit encryption. If your browser does not support 256-bit encryption, we fall back on 128-bit v3 technology. When an individual page on our website is sent via an encrypted connection, this is indicated by the locked state of the key or padlock symbol displayed in your browser’s address or status bar.
Moreover, we employ suitable technical and organisational security measures to protect your data against accidental or deliberate manipulation, partial or complete loss, destruction, or access by unauthorised third parties. Our security measures are subject to continuous improvement in line with technological developments.
7. Data protection officer
HARTUNG CONSULTING PARTGMBB complies with statutory data protection requirements and has appointed an external data protection officer.
Our data protection officer is:
23-1 Service GmbH