Privacy Policy
Pawlik Consultants GmbH takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal regulations of the relevant data protection laws, in particular the EU General Data Protection Regulation (GDPR) as well as this privacy policy.
This Privacy Policy covers the use of our digital services, including our social media profiles on PCs, smartphones, tablets and all other Internet-enabled mobile devices.
The digital services may contain links to other third party service provider websites that are not covered by this privacy statement.
1. Controller
The controller for the processing of your personal data is
Pawlik Consultants GmbH
vertreten durch die Geschäftsführer Joachim Pawlik, Tobias M. Andresen, Layla Dolfen
Zirkusweg 2
20359 Hamburg
E-Mail: datenschutz@pawlik.de
You can reach our data protection officer at the above-mentioned postal address, with the addition ” To the Data Protection Officer ” or at the e-mail address: dsb@pawlik.de. If you wish to assert your so-called data subject rights, have questions about this privacy policy or our data protection practices, please feel free to contact our data protection officer.
2 Purposes and legal basis of data processing
2.1 Data processing for the provision of contractual services
We process personal data in order to process the contractual relationships and to be able to submit contractual offers tailored to your requirements. The collection of the data takes place in particular for the conclusion and/or for the performance of a contract.
We collect with all forms obligatorily only those personal data, which are absolutely necessary for the completion of the contractual relations and/or for your information inquiry. This information is marked with an asterisk. The collection of data, which is not absolutely necessary, but in which we are interested in order to optimize the fulfilment of the purpose, is only optional. In this case you decide on a voluntary basis if and which data you want to give us.
You can contact us via our website and our contact data to request contractual services. You can also use the contact form on our website for this purpose. If you provide us with personal data this way or in another way with this purpose, we process your data for the answer of your requests, for the performance of the order/contract as well as for invoicing. We need your name, your address data as well as your e-mail address. These data are necessary to enter into a contract with us.
In addition, we collect further data you provide within the contractual initiation or performance of the contract, which are not absolutely necessary for the performance of the contract, but which support the purpose and are useful for it, in particular to be able to provide better consulting services. For example, we may collect information about contact persons in your company (name, telephone number, e-mail address, department, position in the company) and information about your company (business sector, planned measures and budget plans, if you provide them).
Depending on the order/contract, we may require additional data; we will inform you on a case-by-case basis.
In the case of suppliers/service providers, we process the provided personal data to order and claim services and to pay for the services provided. For this we need the name, the name of your company (if different) the address data as well as the bank account data. We also use further data you provide in this way or another way for this purpose, but those data are not necessary to enter into a contract. Depending on the order/contract, we may require additional data; we will inform you on a case-by-case basis.
The basis for data processing is Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
2.2 Data processing for communication with you (contact form, etc.) In addition to the contract data, we process your communication data (names of contact persons, address, telephone number, fax number, e-mail address) in order to be able to contact you and communicate with you within the contractual relationship. Personal data that you provide to us by e-mail, the contact form on our website, by post or telephone will only be processed for correspondence with you or only for the purpose for which you have made the data available to us. For communication via the contact form on our website, we need at least your full name and your e-mail address. If you would like us to call you back, we also need your telephone number.
The basis for this data processing is also Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
2.3 Data processing for contact arrangement for applications
We broker potential candidates for jobs as agents. In this context, we address suitable candidates in social networks (of course within the scope of the local terms and conditions) and we ask whether there is interest in getting in contact with our clients.
If you do not give us your consent for the processing of your data, we will save your name and the date of our inquiry for the purpose of documenting our approach, not approaching you again and for respecting any objections.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. We are interested in the efficient approach of potential candidates as well as in the avoidance of double approaches and approaches of persons who do not want to be approached by us.
If, after our approach, you send us application documents unasked or if you provide us with data in follow-up interviews/conversations or in any other way in this context, and you do not give us your express consent to process and/or to forward this data to our client/provider of a job, we process the data in preparation for the transfer to our client/provider of a job until we receive your consent or the contract with our client ends.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. We are interested in the preparation for the transfer of to our client/provider of a job in the event that the corresponding consent, which we regularly ask for, is given. In this case, we do not have to request all data again.
2.4 Newsletter (Performance Impulse)
If you wish to subscribe to our newsletter, we need your first and last name, an e-mail address and information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receiving the newsletter. For this purpose, we will send a confirmation e-mail with a link (double opt-in) to the registered e-mail address. Only after clicking on this link the registration will be completed. The purpose of the procedure is to prove your registration and, if necessary, to clarify any possible abuse of your personal data. We do not collect any further data in this context. We use these data exclusively for the dispatch of the requested newsletter. If we use an order processor to send the newsletter, we will of course comply with the applicable data protection laws.
If we use an order processor to send the newsletter, we will of course comply with the applicable data protection laws.
If you subscribe, you agree that we will send e-mails containing information on our Area of Expertise and on specialist blog contributions as well as on events, products and services of our company group to the deposited e-mail address on a regular basis. You can revoke your consent to receive these e-mails at any time. A text message to the contact data mentioned under point 1 (e.g. e-mail, fax, letter) is sufficient.
We analyze our newsletter campaigns with the help of our newsletter service provider based in Germany, which acts as an order processor for us. When you open an e-mail from the newsletter, a file contained in the e-mail (so-called web beacon) connects to the servers of our service provider. This allows us to determine whether a newsletter message has been opened and which links, if any, have been clicked. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. If you enter your e-mail address and, if applicable, other data for the purpose of receiving the newsletter, this will be stored on the servers of our newsletter service provider.
The data that you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of our newsletter provider after you unsubscribe from the newsletter. Data, which were stored for other purposes, remains unaffected.
The data processing is based on your consent pursuant to Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent to the sending of a newsletter at any time and cancel the respective subscription. You can declare the revocation by clicking on the link provided in each e-mail or by sending a message to us using the contact details listed under point 1. The legality of the data processing operations already carried out remains unaffected by the revocation.
2.5 Data processing for advertising purposes
We use the provided address data to send you product/service information, current price advantages and product/service offers of our company group by post.
The basis for data processing is Art. 6 para. 1 s. 1 f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. Our interest is the promotion and sale of our products and services.
In addition, we use your e-mail address for recommendations and information about our products and services of our company group by e-mail if you have already purchased products or services from us. You will receive these recommendations from us regardless of having subscribed to a newsletter. In this way we would like to provide you with information about other similar products and services that may be of interest to you based on your recent purchases/orders. Of course, we will strictly comply with legal requirements.
In addition, we use your telephone number to provide you with recommendations and information on our products and services by telephone. Of course we will also comply with legal requirements in this case.
If you no longer wish to receive any recommendations on products or services or any advertising messages from us, you can object at any time. A message in text form to the contact data (e.g. e-mail, fax, letter) mentioned above is sufficient.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override Our interest is economic and lies in the promotion and sale of our products and services.
2.6 Log-Data
Each time our websites are accessed, usage data is transmitted by the respective Internet browser and stored in log files, the so-called server log files. The stored data records contain the following data: Browser type and browser version, operating system used, referrer URL, time of server request, shortened IP address.
These data cannot be assigned to specific persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.
The data processing is based on Art. 6 para. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the data controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail. We have an interest in the prosecution, prevention and punishment of illegal use of our offer.
2.7 Cookies
We use so-called cookies on some of our websites, among other things to be able to offer you website-specific services, to recognize you when you visit our website again, and/or to adapt our offer to your personal preferences.
Cookies are small text files that are stored on a visitor’s computer and contain data on the respective user in order to enable access to various functions. Both session cookies and persistent cookies are used on our website. A session cookie is temporarily stored on your computer as you navigate through the site. A session cookie is deleted as soon as you close your Internet browser or as soon as your session has expired after a certain period of time. A persistent cookie remains on your computer until it is deleted. The storage of a cookie ensures that you do not have to repeatedly enter your personal settings and preferences every time you visit our website. This saves you time and makes using our website more convenient for you.
We may work with third parties on some of our websites and therefore, when you visit such a website, cookies from partner companies may also be stored on your hard drive (third-party cookies). We inform you below about the use of such cookies and the scope of the data collected in each case.
You can delete permanently installed cookies via the settings of your browser. Most browsers accept cookies automatically – so if you want to suppress the use of cookies, you may have to actively delete or block cookies or prevent the storage of cookies by setting your browser software. Please note, however, that if you choose not to accept cookies, you may still be able to visit our website, but some features may not work as intended.
We use necessary cookies, which are required to enable the performance of the services we are obliged to provide. The data processing in this respect is then based on Art. 6 para. 1 s. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
In addition, we may use cookies which are indispensable for the functionality of our website. This data processing is then carried out in accordance with Art. 6 para. 1 s. 1 letter f GDPR, which permits data processing to serve the legitimate interests of the data controller, unless the interests or the fundamental rights and freedoms of the data subject outweigh the interest of the data controller in processing the data.
We may obtain your consent for the use of other, unnecessary cookies. The data processing is then carried out on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent at any time. The legality of the data processing already carried out remains unaffected by the revocation.
2.8 Cookiebot
This website uses the Cookiebot of Cybot A/S, Havnegade 39, 1058 Copenhagen, Denmark which sets cookies to save your browser’s cookie preference. Cookiebot does not process any personal data. The Cookiebot stores the chosen preference that was selected when you entered the website via the browser you are using. If you wish to revoke these settings for the specific browser, simply delete the cookies in your browser. When you re-enter/reload the website, you will then be asked again for your cookie preference. For more information about Cookiebot privacy, please visit “cookiebot.com”.
2.9 Google Analytics
This website may use Google Analytics – integrated via the Google Tag Manager, a web analysis service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as “Google”), if you have consented to this data processing. Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server and stored there, and may also be transferred to the servers of Google LLC in the USA.
However, since IP anonymisation is activated on our website when using Google Analytics, your IP address will be shortened by Google in member states of the European Union or in other signatory states to the Agreement on the European Economic Area before this is done. Only in exceptional cases will the full IP address be transferred to a Google LLC. server in the USA and shortened there. Google will use this information for the purpose of evaluating your use of the website in question, compiling reports on website activity and providing other services relating to website activity and internet usage.
We may also use the “demographic features” feature of Google Analytics in conjunction with Google Analytics. This allows us to generate reports that include information about the age, gender and interests of site visitors. This data is derived from interest-based advertising by Google and from visitor data from third parties. This data cannot be attributed to any specific person. You can disable this feature at any time by changing the ad settings in your Google Account, or generally prohibit Google Analytics from collecting your information as shown below.
The data transmitted by your browser within the framework of Google Analytics is not merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your anonymised IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link: tools.google.com/dlpage/gaoptout.
For more information on terms of use and data protection, please visit www.google.com/analytics/terms/de.html or www.google.de/intl/de/policies/. We would like to point out once again that on this website Google Analytics has been extended by the code “anonymizeIp” to ensure an anonymized collection of IP addresses (so-called IP-Masking).
Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.
The storage of Google cookies and the evaluation for statistical purposes is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g. e-mail, letter). The legality of the data processing operations that have already taken place remains unaffected by the revocation.
2.10 Google Maps
This website uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer.
Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.
The aforementioned data processing is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent at any time, f.e. by sending a message to the contact data mentioned under point 1 (e.g. e-mail, fax, letter). The legality of the data processing operations that have already taken place remains unaffected by the revocation.
2.11 YouTube
On some of our websites we may use plug-ins from the YouTube website. The operator of these sites is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in advanced privacy mode. According to YouTube, this mode means that YouTube does not store any information about visitors to this website before they watch the video. However, the advanced privacy mode does not necessarily exclude the sharing of information with YouTube partners. For example, YouTube connects to the Google DoubleClick network whether or not you are watching a video.
As soon as you start a YouTube video on our website, a connection to the YouTube servers is established. This tells the YouTube server which of our pages you have visited. If you are logged in to your YouTube account, you enable YouTube to assign your surfing behaviour directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube can store various cookies on your end device after starting a video. These cookies enable YouTube to obtain information about visitors to our website. This information is used, among other things, to gather video statistics, improve the user experience and prevent fraud. The cookies remain on your terminal device until you delete them.
If necessary, further data processing procedures may be triggered after the start of a YouTube video, over which we have no influence. For more information about YouTube’s privacy policy, please see their privacy policy at policies.google.com/privacy.
If cookies are set by YouTube, personal data is processed on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR in conjunction with Art. 49 para. 1 s. 1 lit. a GDPR. You may revoke your consent at any time with effect for the future. The legality of the data processing already carried out remains unaffected by the revocation.
2.12 Data processing in the context of our Facebook corporate website
We operate a company page (fan page) in the social network facebook.com. We are jointly responsible with Facebook for the operation of the Facebook fan page in accordance with Art. 26 GDPR. The agreement on shared responsibility can be found here: www.facebook.com/legal/terms/page_controller_addendum. Primarily responsible for data processing is Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”).
The type and scope of the information you provide to Facebook, the associated purposes of data processing by Facebook, its legality and information on the exercise of your rights can be found in the Data Policy, as well as other information provided by Facebook on the processing of “Insights data”. de-de.facebook.com/policy.php.
Facebook provides us with so-called page insights for our site. Page Insights (https://www.facebook.com/business/a/page/page-insights) is aggregated data that allows us to understand how people interact with our site. The creation and provision of these page insights is the responsibility of Facebook, we have no influence on it. This also applies to data processing, which is carried out exclusively for the purposes of Facebook. Facebook also assumes all obligations under the GDPR with regard to the processing of Insights data (including articles 12 and 13 GDPR, articles 15 to 22 GDPR and articles 32 to 34 GDPR).
The purpose of data processing of the data provided by Facebook by us is the statistical evaluation of the use of our fan page. This enables us, for example, to determine the preferred visiting and contribution times of our users and to use this information to optimise our contributions and our fan page. In addition, we process personal data made publicly available by you on Facebook (e.g. clear names in the user profile) as well as data directly related to activities on our fan page (e.g. posts, posts, likes, markers), also for the purpose of communicating with you.
The basis for data processing is Art. 6 para. 1 s. 1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures, insofar as the data is processed in accordance with the Facebook terms of use, otherwise, insofar as we have a data protection responsibility, Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data for the purpose of safeguarding the controller’s legitimate interests, unless the interests or fundamental rights and freedoms of the data subject outweigh these. Our interest lies in the provision of content and communication with Facebook users and in improving the reach and effectiveness of our contributions.
Please assert your rights to information, correction, deletion, restriction of processing and data transferability of your stored Insights data vis-à-vis Facebook, as Facebook has assumed the corresponding obligations:
Facebook Ireland Ltd.
4 Grand Canal Square, Grand Canal Harbour
Dublin 2, Ireland
Privacy policy: https://www.facebook.com/about/privacy/
Opt-out: https://www.facebook.com/settings?tab=ads
2.13 LinkedIn Page Analytics, Ads and Insight Tags
We operate a corporate site on the social network linkedin.com operated by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”) and receive page analytics from LinkedIn regarding our services. We and LinkedIn are joint controllers for the operation of the LinkedIn company website within the meaning of Article 26 of the GDPR.
For the nature and scope of the information provided to LinkedIn, the related purposes of LinkedIn’s data processing, its lawfulness and information on how to exercise your rights, please refer to LinkedIn’s privacy policy at the URL www.linkedin.com/legal/privacy-policy and the joint controller agreement, available at the URL legal.linkedin.com/pages-joint-controller-addendum.
LinkedIn Ads (https://business.linkedin.com/de-de/marketing-solutions/ads) offers the possibility to place target group specific ads on LinkedIn. The data processing is used for the purposes of conversion tracking, advertising, remarketing, and to optimise our advertising and site activities. For this purpose, a cookie is set, and pixels and ad tags are used. The following data is processed for this purpose: IP Address, User Agent Data, Device ID, Search Terms, Viewed Articles, Visited Pages, Viewed Ads, Tags, Links, Videos viewed, Profile Information, Advertising ID, Operating System Information, Device Information.
Page Analytics (https://www.linkedin.com/help/linkedin/answer/4499/linkedin-page-analytics-overview) is aggregated data that allows us to understand how people interact with our site. LinkedIn is responsible for creating and providing this page analytics, we have no influence on it. LinkedIn assumes all obligations under the GDPR with regard to the processing of Insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Articles 32 to 34 GDPR).
The purpose of data processing of the data provided by LinkedIn by us is the statistical evaluation of the use of our fan page. This enables us, for example, to determine the preferred visiting and contribution times of our users and to use this information to optimise our contributions and our fan page. In addition, we process personal data made publicly available by you on Facebook (e.g. clear names in the user profile) as well as data directly related to activities on our fan page (e.g. posts, posts, likes, markers), also for the purpose of communicating with you.
The basis for the above data processing is Art. 6, para. 1 s. 1 lit. a GDPR. If you have given LinkedIn permission to do so, you may revoke this permission at any time with effect for the future. Insofar as you have granted us consent in this regard, you may revoke this consent at any time with effect for the future.
Otherwise, the basis for our data processing is Art. 6 para. 1 s. 1 lit. f GDPR, which permits the processing of data for the purpose of safeguarding the controller’s legitimate interests, unless the interests or fundamental rights and freedoms of the data subject outweigh these. Our interest lies in providing content and communication with LinkedIn users and in improving the range and effectiveness of our contributions.
Please assert your rights to information, correction, deletion, restriction of processing and data transferability of your stored Insights data vis-à-vis LinkedIn, as LinkedIn has assumed the corresponding obligations:
LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2
Irland
Privacy Policy: https://www.linkedin.com/legal/privacy-policy
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
2.14 Online presence in social networks
We have set up online presences in various social networks to communicate with you, interested parties and customers and to inform them about our services and current offers. In addition to our interaction with you, the social networks process data from visitors to their websites for the purpose of market research and advertising, i.e. that from the respective visit or usage behavior and the preferences and interests of a visitor derived from this, a user profile may be created by the respective operator of the social network. Such user profiles can be used, among other things, to display advertisements within the respective social network and possibly on other websites, which are individually adapted to the respective user profile. Cookies (see above) may be stored on the visitors’ devices, with the help of which data on usage behavior can be collected. The collection of this data can, especially in the case of logged-in members of the respective social network, also be realized across several browsers and/or end devices used by a user. Even if a visitor does not have a profile with the respective social network, it cannot be ruled out that personal data on this visitor will be stored when visiting the respective website. Requests for information regarding the data stored in social networks via our online presence or the use of other relevant rights of affected persons (see below) can be addressed to the provider of the respective service. Only the providers of the social networks have access to the respective data stored there and can provide the corresponding information, etc. With regard to the purpose and scope of data processing by the various social networks, we refer additionally to their respective data protection notices and the respective contact options:
Twitter Inc.
One Cumberland Place
Fenian Street
Dublin 2, D02 AX07, Ireland
Datenschutzerklärung: https://twitter.com/de/privacy
Opt-out: https://twitter.com/personalization
New Work SE (XING)
Dammtorstraße 29-32
20354 Hamburg, Deutschland
Datenschutzerklärung: https://privacy.xing.com/de/datenschutzerklaerung
LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2, Irland
Datenschutzerklärung https://www.linkedin.com/legal/privacy-policy
Opt-out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out
YouTube LLC
901 Cherry Ave.
San Bruno, CA 94066, USA
vertreten durch:
Google Inc.
1600 Amphitheatre Parkway
Mountain View, CA 94043, USA
Datenschutzerklärung: https://policies.google.com/privacy?hl=de&gl=de
Opt-out: https://adssettings.google.com/authenticated
The processing of data in the context of our online presences in social networks takes place insofar as a data protection responsibility exists on our part due to our legitimate interest in effective information and direct communication with interested parties and customers of our company. The basis for data processing is Art. 6 (1) p. 1 lit. f DSGVO, which permits the processing of data to protect the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject are not overridden. Our interest lies in providing content and communicating with users of the respective social networks and improving the reach and effectiveness of our posts.
2.15 Data processing for the purposes of legitimate interests
We also process your data if it is necessary for purposes of legitimate interests of us or third parties. This may be the case in particular to guarantee IT security and IT operation, especially for support requests, to be able to understand and prove facts in case of legal disputes, for market and opinion surveys, to analyze the use of our website and/or to advertise other products from us or our cooperation partners.
The basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the data processing listed afore. Our interest is either in IT security, in ensuring support for better usability of our website or in our legal interest or in our evaluation and advertising interest.
2.16 Other data processing based on your consent
It may also happen that we ask for your consent to process personal data. Any granting of consent and the relevant data processing is voluntary and you will not suffer any disadvantages if you do not consent.
The data processing is then carried out on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. An informal notification to us is sufficient for this purpose. The legality of the data processing operations already carried out remains unaffected by the revocation.
2.17 Data processing for the fulfilment of legal obligations
In addition, we process your data to fulfil legal obligations (e.g. regulatory requirements, commercial and tax storage and proof obligations). For this reason we collect e.g. your VAT number for contracts, as well as the VAT ID for international contracts.
The basis for data processing is Art. 6 para. 1 s.1 lit. c GDPR, which permits processing for the fulfilment of a legal obligation.
3 Categories of recipients of the personal data
Your personal data will only be transferred or otherwise transmitted to third parties if this is necessary for the purpose of contract processing or billing or if you have previously consented or if there is a legal basis for the transfer.
Your contract and communication data will be forwarded to the responsible office and the responsible employees within our company for answering your inquiries, for communication, for the execution of the order or for the fulfilment of contractual obligations.
If necessary for the purpose of contract processing or for the dispatch and delivery of products or for the provision of our services, data is passed on to partner companies that have been commissioned to support the contract processing. Our partners commit themselves to comply with and observe the data protection regulations. Our partners are not permitted to use the data for any other purpose than the execution of the contract.
The basis for data processing is Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
We disclose personal data to third parties who process personal data on their own responsibility (so-called controllers, cf. Art. 4 (7) GDPR), such as postal and delivery services, house bank, tax advisor/auditor or authorities within the scope of legal permissibility and necessity.
Insofar as we make use of the services of third parties to carry out our services, we process personal data according to the provisions of the GDPR. Service providers who support us in providing our services to you are hosting providers, e-mail service providers, IT service providers, software (SaaS) providers, consulting service providers; document shredding service providers, archiving service providers.
4 Duration of data storage
In principle, we delete your data as soon as it is no longer required for the above-mentioned purposes, unless temporary storage is still necessary. We store your data on the basis of legal proof and storage obligations, which result among other things from the German Commercial Code and the German Tax Code, according to which the storage periods are up to ten full years. In addition, we keep data for the period during which claims can be asserted against our company (statutory limitation period of three years until the end of the year).
5 Data Security
Your personal data will be transmitted securely by us through encryption. We use the coding system SSL (Secure Socket Layer). You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. Furthermore, we secure our websites and other systems by technical and organizational measures against loss, destruction, access, alteration or distribution of your data by unauthorized persons.
6 Rights of the data subject
You have the right to request information about your stored personal data, their origin and recipients and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the scope of the applicable legal provisions.
You may also have the right to restrict the processing of your data and to have the data you provided received back and also transmitted in a structured, common and machine-readable format.
If you have given us your consent to process personal data for specific purposes, you can revoke your consent at any time with effect for the future.
If we process your data to protect legitimate interests, you may object to such processing for reasons arising from your particular situation.
You also have the right to contact a data protection supervisory authority and lodge a complaint.
7. Use of SalesViewer® technology:
This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.
In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.
The data stored by Salesviewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.
The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.
We take the protection of personal data very seriously. Therefore, we strictly adhere to the rules of the data protection laws of the Federal Republic of Germany (BDSG) and the European Data Protection Regulation (GDPR).
Controller
Controller of the processing of your personal data is
Pawlik Consultants GmbH,
Zirkusweg 2,
20359 Hamburg,
E-Mail: datenschutz@pawlik.de.
You can reach our data protection officer at the above-mentioned postal address, with the addition ” To the Data Protection Officer ” or at the e-mail address: dpo@wiehl.legal.
Data processing for the provision of contractual services
You can contact us via our website and our contact data to request contractual services. You can also use the contact form on our website for this purpose. If you provide us with personal data this way or in another way with this purpose, we process your data for the answer of your requests, for the performance of the order/contract as well as for invoicing. We need your (company) name, your address data as well as your e-mail address. These data are necessary to enter into a contract with us.
In addition, we collect further data you provide within the contractual initiation or performance of the contract, which are not absolutely necessary for the performance of the contract, but which support the purpose and are useful for it, in particular to be able to provide better consulting services. For example, we may collect information about contact persons in your company (name, telephone number, e-mail address, department, position in the company) and information about your company (business sector, planned measures and budget plans, if you provide them).
Depending on the order/contract, we may require additional data; we will inform you on a case-by-case basis.
In the case of suppliers/service providers, we process the provided personal data to order and claim services and to pay for the services provided. For this we need the name, the name of your company (if different) the address data as well as the bank account data. We also use further data you provide in this way or another way for this purpose, but those data are not necessary to enter into a contract. Depending on the order/contract, we may require additional data; we will inform you on a case-by-case basis.
The basis for data processing is Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
Data processing for communication with you
In addition to the contract data, we process your communication data (names of contact persons, address, telephone number, fax number, e-mail address) in order to be able to contact you and communicate with you. Personal data that you provide to us by e-mail, the contact form on our website, by post or telephone will only be processed for correspondence with you or only for the purpose for which you have made the data available to us. For communication via the contact form on our website, we need at least your full name and e-mail address. If you would like us to call you back, we also need your telephone number.
The basis for this data processing is also Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
Data processing for job applications
You can send us applications for jobs and apprenticeships in our company via our website and the contact details provided there. For information on data processing for applications, see https://www.pawlik.de/wp-content/uploads/2018/11/Informationspflichten-für-Bewerber-Pawlik-1.pdf.
Data processing for contact arrangement for applications
We broker potential candidates for jobs as agents. In this context, we address suitable candidates in social networks (of course within the scope of the local terms and conditions) and we ask whether there is interest in getting in contact with our clients.
If you do not give us your consent for the processing of your data, we will save your name and the date of our inquiry for the purpose of documenting our approach, not approaching you again and for respecting any objections.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. We are interested in the efficient approach of potential candidates as well as in the avoidance of double approaches and approaches of persons who do not want to be approached by us.
If, after our approach, you send us application documents unasked or if you provide us with data in follow-up interviews/conversations or in any other way in this context, and you do not give us your express consent to process and/or to forward this data to our client/provider of a job, we process the data in preparation for the transfer to our client/provider of a job until we receive your consent or the contract with our client ends.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. We are interested in the preparation for the transfer of to our client/provider of a job in the event that the corresponding consent, which we regularly ask for, is given. In this case, we do not have to request all data again.
Data processing for applications via our JobPortal
On our website, you have the possibility to send applications to us for jobs we broker as agents via our JobPortal. Information on data processing in the JobPortal can be found at https://jobportal.pawlik.de/pdf/datenschutzerklaerung_jobportal_10_2018.pdf.
Newsletter (Performance Impulse)
If you wish to subscribe to our newsletter, we need your first and last name, an e-mail address and information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receiving the newsletter. For this purpose, we will send a confirmation e-mail with a link (double opt-in) to the registered e-mail address. Only after clicking on this link the registration will be completed. The purpose of the procedure is to prove your registration and, if necessary, to clarify any possible abuse of your personal data. We do not collect any further data in this context. We use these data exclusively for the dispatch of the requested newsletter. If we use an order processor to send the newsletter, we will of course comply with the applicable data protection laws.
If you subscribe, you agree that we will send e-mails containing information on our Area of Expertise and on specialist blog contributions as well as on events, products and services of our company group to the deposited e-mail address on a regular basis. You can revoke your consent to receive these e-mails at any time. A text message to the contact data mentioned under point 1 (e.g. e-mail, fax, letter) is sufficient.
This data processing is based on your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. You can revoke your consent at any time with immediate effect for the future.
Data processing for advertising purposes
We use the provided address data to send you product/service information, current price advantages and product/service offers of our company group by post.
The basis for data processing is Art. 6 para. 1 s. 1 f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. Our interest is the promotion and sale of our products and services.
In addition, we use your e-mail address for recommendations and information about our products and services of our company group by e-mail if you have already purchased products or services from us. You will receive these recommendations from us regardless of having subscribed to a newsletter. In this way we would like to provide you with information about other similar products and services that may be of interest to you based on your recent purchases/orders. Of course, we will strictly comply with legal requirements.
In addition, we use your telephone number to provide you with recommendations and information on our products and services by telephone. Of course we will also comply with legal requirements in this case.
If you no longer wish to receive any recommendations on products or services or any advertising messages from us, you can object at any time. A message in text form to the contact data (e.g. e-mail, fax, letter) mentioned above is sufficient.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override Our interest is economic and lies in the promotion and sale of our products and services.
Log files
Every time our website is accessed, usage data is transmitted through the respective internet browser and stored in log files, the so-called server log files. The data records stored in this way contain the following data: Date and time of access, name of the page accessed, IP address, referrer URL (originating URL from which you accessed the website), the amount of data transferred, as well as product and version information of the browser used and the operating system of your PC. The IP addresses of the users are deleted or made anonymous after the end of use. No evaluation or analysis of the data, except for statistical purposes and then only in anonymous form, take place. No personal “surf profiles” or similar are created or processed.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. We are interested in ensuring data security on our website and in optimizing our website.
Cookies
Tracking with Matomo (formerly Piwik )
Our website uses the web analysis service Matomo for the analysis of the use of the pages. For this purpose, the information generated by a Matomo cookie about the use of this website is stored on our server. In contrast to other statistical programs, Matomo does not transmit any data to an external server; the program is installed on one of our servers located in Germany. IP addresses are anonymized before storage. Matomo cookies remain on your device until you delete them. The information generated by the cookie about the use of this website will not be disclosed to third parties. You can prevent the cookies from being placed on your computer by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.
If you do not agree with the storage and use of your data, you can deactivate the storage and usage. In this case, an opt-out cookie will be stored in your browser to prevent Matomo from storing usage data. If you delete your cookies, this will result in the Matomo Opt-Out cookie also being deleted. The opt-out must be reactivated when you visit our site again.
Klicken Sie auf den unteren Button, um den Inhalt von stats.pawlik.de zu laden.
Matomo cookies are stored on the basis of Art. 6 para. 1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. We are interested in the anonymous analysis of user behaviour in order to optimise both our website and any advertising on it.
Google Maps
This website uses the Google Maps map service via an API. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the functions of Google Maps, it is necessary to save your IP address. This information is usually transferred to a Google server in the USA and stored there. We have no influence on this data transfer. You can find more information on the handling of user data in Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.
We use Google Maps in our interest to make our company locations indicated by us on the website easier to find.
Youtube
On our website videos are embedded. The videos are hosted on www.youtube.com, operated by YouTube LLC, 901 Cherry Ave. San Bruno, CA 94066, USA, a company of Google Inc, and can be played directly from our site. The videos are all embedded in “privacy-enhanced mode”, so no personal data about you will be transmitted to YouTube if you do not click play. Only when you click on the video to play it, the data transfer as described below occurs, on which we have no influence.
After clicking on the video, a direct connection is established between your browser and the YouTube servers and data will be exchanged. Information about your use of this website (including your IP address) will be transmitted. The YouTube plug-in provides us with statistical values for retrieving individual videos embedded in the website without reference to the respective user. YouTube also does not store any data on user activity according to its own data protection declaration due to the privacy-enhanced mode. Further information can be found in the privacy policy of YouTube/Google (https://policies.google.com/privacy?hl=en&gl=en).
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. We are interested in the appealing representation of our website and online services, also using videos.
Social Plugins Sharrif
We use “Shariff”-Social-Media-Buttons from heise on our website. This tool prevents that your data is already transferred to the social networks when you call up the page, as it would otherwise happen with the usual share buttons. “Shariff” integrates these share buttons of the social networks on our website only as a graphic, which contains a link to the corresponding social network. However, if you actively click on the graphic, the corresponding data will be transmitted by you to the respective social network and you will be redirected to the service of the respective social network. We integrate the following social networks with “Shariff” on our website (including a link to the respective data protection settings / privacy policy):
– Facebook – https://www.facebook.com/about/privacy/
–LinkedIn – https://www.linkedin.com/legal/privacy-policy
– XING – https://privacy.xing.com/de/datenschutzerklaerung
– Twitter – https://twitter.com/de/privacy.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. Unsere Interessen sind wirtschaftlich und liegen in der Werbung für unserer Produkte und Dienstleistungen sowie in der leichteren Verbreitung der Inhalte unserer Website. Our interests are economic and lie in the advertising of our products and services as well as in the easier distribution of the contents of our website.
Data processing for the purposes of legitimate interests
We also process your data if it is necessary for purposes of legitimate interests of us or third parties. This may be the case in particular to guarantee IT security and IT operation, especially for support requests, to be able to understand and prove facts in case of legal disputes, for market and opinion surveys, to analyze the use of our website and/or to advertise other products from us or our cooperation partners.
The basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the data processing listed afore.
Data processing for the fulfilment of legal obligations
In addition, we process your data to fulfil legal obligations (e.g. regulatory requirements, commercial and tax storage and proof obligations). For this reason we collect e.g. your VAT number for contracts, as well as the VAT ID for international contracts.
The basis for data processing is Art. 6 para. 1 s.1 lit. c GDPR, which permits processing for the fulfilment of a legal obligation.
Categories of recipients of the personal data
Your contract and communication data will be forwarded to the responsible office and the responsible employees within our company for answering your inquiries, for communication, for the execution of the order or for the fulfilment of contractual obligations.
If necessary for the purpose of contract processing or for the dispatch and delivery of products or for the provision of our services, data is passed on to partner companies that have been commissioned to support the contract processing. Our partners commit themselves to comply with and observe the data protection regulations. Our partners are not permitted to use the data for any other purpose than the execution of the contract.
The basis for data processing is Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
A transfer of applicant data for the purpose of brokering to employers/providers of a job, possibly supplemented by a statement, within the context of our agency contract with the respective employer, will only happen after prior consultation with you. This transfer of your provided data is based on your consent in accordance with Art. 6 Para. 1 S. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. A message in text form (e.g. e-mail, fax, letter) is sufficient.
In other cases your personal data will only be passed on or otherwise transferred to third parties outside our company if this is necessary for the purpose of contract processing or invoicing or if you have given your prior consent or if there is a legal basis or obligation for the transfer.
Insofar as we make use of the services of third parties to carry out our services, we process personal data according to the provisions of the GDPR. Service providers who support us in providing our services to you are hosting providers, e-mail service providers, IT service providers, software-as-a-service providers, consulting service providers.
Duration of data storage
In principle, we delete your data as soon as it is no longer required for the above-mentioned purposes, unless temporary storage is still necessary. We store your data on the basis of legal proof and storage obligations, which result among other things from the German Commercial Code and the German Tax Code, according to which the storage periods are up to ten full years. In addition, we keep data for the period during which claims can be asserted against our company (statutory limitation period of three years until the end of the year).
Data integrity
Your personal data is transmitted securely by encryption. We use the SSL (Secure Socket Layer) coding system. Furthermore, we protect our website and other systems using technical and organizational measures against unauthorized access, modification, distribution, destruction or loss of your data. Our security measures are constantly revised an improved in accordance with technical developments. However, we expressly point out that data transmission on the Internet has security gaps and cannot be completely protected against access by third parties, which applies in particular and above all to communication by e-mail.
Links to third-party sites
You will find links to third-party sites on our site. The respective site operators are responsible for the data processing there. Data processing begins as soon as you click on the respective link or follow the URL it contains.
On our site there is a link to the potential analysis tool scan.up, operated by scan.up AG, Zirkusweg 2, D-20359 Hamburg. The link is behind the button “Analysis of Potential”. The purpose and scope of the data collection and the further processing and use of the data by scan.up as well as the relevant rights can be found in scan.up’s privacy policy: https://www.scan-up.com/home/datenschutzerklaerung/
Our site also contains links to the social network LinkedIn, operated by LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. The link is recognizable by the LinkedIn logo (white „in“ in a black circle). The purpose and scope of the data collection and the further processing and use of the data by LinkedIn as well as the relevant rights can be found in LinkedIn’s privacy policy:
https://www.linkedin.com/legal/privacy-policy.
Our site further contains links to the social network XING, operated by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. The link can be recognized by the logo (stylized “X”). The purpose and scope of the data collection and the further processing and use of the data by XING as well as the relevant rights and privacy settings for users can be found in XING’s privacy policy: https://privacy.xing.com/en/privacy-policy
Finally, our site contains links to videos hosted on YouTube, part of Google Inc., located in San Bruno, California, USA. The purpose and scope of the data collection and the further processing and use of the data by YouTube/Google as well as the relevant rights can be found in Google’s privacy policy: www.google.de/intl/de/policies/privacy/.
Rights of the data subject
You have the right to request information about your stored personal data, their origin and recipients and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the scope of the applicable legal provisions.
You may also have the right to restrict the processing of your data and to have the data you provided received back and also transmitted in a structured, common and machine-readable format.
If you have given us your consent to process personal data for specific purposes, you can revoke your consent at any time with effect for the future.
If we process your data to protect legitimate interests, you may object to such processing for reasons arising from your particular situation.
You also have the right to contact a data protection supervisory authority and lodge a complaint.
Use of SalesViewer® technology:
This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.
In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.
The data stored by Salesviewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.
The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.
Pawlik Digital AG takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the legal regulations of the relevant data protection laws, in particular the EU General Data Protection Regulation (GDPR) as well as this privacy policy.
This Privacy Policy covers the use of our digital services, including our social media profiles on PCs, smartphones, tablets and all other Internet-enabled mobile devices.
The digital services may contain links to other third party service provider websites that are not covered by this privacy statement.
1. Controller
The controller for the processing of your personal data is
Pawlik Digital AG
vertreten durch den Vorstand: Stephan A. Paxmann (Vorsitzender), Layla Dolfen, Stefan Roßbach,
Hamburger Allee 26-28
60486 Frankfurt am Main
Deutschland
E-Mail: info@pawlik-digital.com
You can reach our data protection officer at the above-mentioned postal address, with the addition ” To the Data Protection Officer ” or at the e-mail address: dpo@wiehl.legal. If you wish to assert your so-called data subject rights, have questions about this privacy policy or our data protection practices, please feel free to contact our data protection officer.
2. Purposes and legal basis of data processing
2.1 Data processing for the provision of contractual services
We process personal data in order to process the contractual relationships and to be able to submit contractual offers tailored to your requirements. The collection of the data takes place in particular for the conclusion and/or for the performance of a contract.
We collect with all forms obligatorily only those personal data, which are absolutely necessary for the completion of the contractual relations and/or for your information inquiry. This information is marked with an asterisk. The collection of data, which is not absolutely necessary, but in which we are interested in order to optimize the fulfilment of the purpose, is only optional. In this case you decide on a voluntary basis if and which data you want to give us.
You can contact us via our website and our contact data to request contractual services. You can also use the contact form on our website for this purpose. If you provide us with personal data this way or in another way with this purpose, we process your data for the answer of your requests, for the performance of the order/contract as well as for invoicing. We need your name, your address data as well as your e-mail address. These data are necessary to enter into a contract with us.
In addition, we collect further data you provide within the contractual initiation or performance of the contract, which are not absolutely necessary for the performance of the contract, but which support the purpose and are useful for it, in particular to be able to provide better consulting services. For example, we may collect information about contact persons in your company (name, telephone number, e-mail address, department, position in the company) and information about your company (business sector, planned measures and budget plans, if you provide them).
Depending on the order/contract, we may require additional data; we will inform you on a case-by-case basis.
In the case of suppliers/service providers, we process the provided personal data to order and claim services and to pay for the services provided. For this we need the name, the name of your company (if different) the address data as well as the bank account data. We also use further data you provide in this way or another way for this purpose, but those data are not necessary to enter into a contract. Depending on the order/contract, we may require additional data; we will inform you on a case-by-case basis.
The basis for data processing is Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
2.2 Data processing for communication with you (contact form, etc.)
In addition to the contract data, we process your communication data (names of contact persons, address, telephone number, fax number, e-mail address) in order to be able to contact you and communicate with you within the contractual relationship. Personal data that you provide to us by e-mail, the contact form on our website, by post or telephone will only be processed for correspondence with you or only for the purpose for which you have made the data available to us. For communication via the contact form on our website, we need at least your full name and your e-mail address. If you would like us to call you back, we also need your telephone number.
The basis for this data processing is also Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
2.3 Data processing for advertising purposes
We use the provided address data to send you product/service information, current price advantages and product/service offers of our company group by post.
The basis for data processing is Art. 6 para. 1 s. 1 f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. Our interest is the promotion and sale of our products and services.
In addition, we use your e-mail address for recommendations and information about our products and services of our company group by e-mail if you have already purchased products or services from us. You will receive these recommendations from us regardless of having subscribed to a newsletter. In this way we would like to provide you with information about other similar products and services that may be of interest to you based on your recent purchases/orders. Of course, we will strictly comply with legal requirements.
In addition, we use your telephone number to provide you with recommendations and information on our products and services by telephone. Of course we will also comply with legal requirements in this case.
If you no longer wish to receive any recommendations on products or services or any advertising messages from us, you can object at any time. A message in text form to the contact data (e.g. e-mail, fax, letter) mentioned above is sufficient.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override Our interest is economic and lies in the promotion and sale of our products and services.
2.4 Log-Data
Each time our websites are accessed, usage data is transmitted by the respective Internet browser and stored in log files, the so-called server log files. The stored data records contain the following data: Browser type and browser version, operating system used, referrer URL, time of server request, shortened IP address.
These data cannot be assigned to specific persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.
The data processing is based on Art. 6 para. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the data controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail. We have an interest in the prosecution, prevention and punishment of illegal use of our offer.
2.5 Cookies
We use so-called cookies on some of our websites, among other things to be able to offer you website-specific services, to recognize you when you visit our website again, and/or to adapt our offer to your personal preferences.
Cookies are small text files that are stored on a visitor’s computer and contain data on the respective user in order to enable access to various functions. Both session cookies and persistent cookies are used on our website. A session cookie is temporarily stored on your computer as you navigate through the site. A session cookie is deleted as soon as you close your Internet browser or as soon as your session has expired after a certain period of time. A persistent cookie remains on your computer until it is deleted. The storage of a cookie ensures that you do not have to repeatedly enter your personal settings and preferences every time you visit our website. This saves you time and makes using our website more convenient for you.
We may work with third parties on some of our websites and therefore, when you visit such a website, cookies from partner companies may also be stored on your hard drive (third-party cookies). We inform you below about the use of such cookies and the scope of the data collected in each case.
You can delete permanently installed cookies via the settings of your browser. Most browsers accept cookies automatically – so if you want to suppress the use of cookies, you may have to actively delete or block cookies or prevent the storage of cookies by setting your browser software. Please note, however, that if you choose not to accept cookies, you may still be able to visit our website, but some features may not work as intended.
We use necessary cookies, which are required to enable the performance of the services we are obliged to provide. The data processing in this respect is then based on Art. 6 para. 1 s. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
In addition, we may use cookies which are indispensable for the functionality of our website. This data processing is then carried out in accordance with Art. 6 para. 1 s. 1 letter f GDPR, which permits data processing to serve the legitimate interests of the data controller, unless the interests or the fundamental rights and freedoms of the data subject outweigh the interest of the data controller in processing the data.
We may obtain your consent for the use of other, unnecessary cookies. The data processing is then carried out on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent at any time. The legality of the data processing already carried out remains unaffected by the revocation.
2.6 Cookiebot
This website uses Cookiebot Cybot A/S, Havnegade 39, 1058 Kopenhagen, Denmark, which sets technically necessary cookies to store the cookie preference of your browser. Cookiebot does not process any personal data. The Cookie stores the chosen preference that was selected when you entered the website via the browser you are using. If you wish to revoke these settings for the specific browser, simply delete the cookies in your browser. When you re-enter/reload the website, you will then be asked again for your cookie preference. For more information about Cookiebot privacy, please visit https://www.cookiebot.com/en/privacy-policy/.
2.7 Newsletter
With your consent, you can subscribe to our newsletter, with which we inform you about our current interesting offers. The respective content of a newsletter is explained in the respective declaration of consent. If you would like to receive a newsletter offered by us, we require an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. For this purpose, we will send you an e-mail with a confirmation link (double opt-in) to the e-mail address you have entered. If you do not confirm your registration, your information will be blocked and automatically deleted after one month.
Your e-mail address is the only mandatory information for sending the newsletter. The entering of further, separately marked data is voluntary and will be used to address you personally. In addition, we store the IP addresses you use and the dates of registration and confirmation. The purpose of the procedure is to prove your registration and, if necessary, to clarify any possible misuse of your personal data. We do not collect any further data in this context. We use these data exclusively for the dispatch of the requested newsletter.
Data processing takes place on the basis of your consent pursuant to Art. 6 Para. 1 lit. a GDPR. You can revoke your consent to the sending of a newsletter at any time and cancel the respective subscription. You can declare your revocation by clicking on the link provided in every e-mail or by sending us a message via the contact details mentioned under point 1. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
2.8 Google Analytics
This website may use Google Analytics – integrated via the Google Tag Manager, a web analysis service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as “Google”), if you have consented to this data processing. Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server and stored there, and may also be transferred to the servers of Google LLC in the USA.
However, since IP anonymisation is activated on our website when using Google Analytics, your IP address will be shortened by Google in member states of the European Union or in other signatory states to the Agreement on the European Economic Area before this is done. Only in exceptional cases will the full IP address be transferred to a Google LLC. server in the USA and shortened there. Google will use this information for the purpose of evaluating your use of the website in question, compiling reports on website activity and providing other services relating to website activity and internet usage.
We may also use the “demographic features” feature of Google Analytics in conjunction with Google Analytics. This allows us to generate reports that include information about the age, gender and interests of site visitors. This data is derived from interest-based advertising by Google and from visitor data from third parties. This data cannot be attributed to any specific person. You can disable this feature at any time by changing the ad settings in your Google Account, or generally prohibit Google Analytics from collecting your information as shown below.
The data transmitted by your browser within the framework of Google Analytics is not merged with other data from Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of the data generated by the cookie and related to your use of the website (including your anonymised IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de.
For more information on terms of use and data protection, please visit http://www.google.com/analytics/terms/de.html or www.google.de/intl/de/policies/. We would like to point out once again that on this website Google Analytics has been extended by the code “anonymizeIp” to ensure an anonymized collection of IP addresses (so-called IP-Masking).
Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.
The storage of Google cookies and the evaluation for statistical purposes is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g. e-mail, letter). The legality of the data processing operations that have already taken place remains unaffected by the revocation.
2.9 Google Maps
This website uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA.
To use the functions of Google Maps it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transfer. For more information on how Google handles user data, please refer to Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.
The processing takes place on the basis of your consent in accordance with Art. 6 para. 1 sentence 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by sending a message to the contact data mentioned under section 1. The legality of the data processing operations that have already taken place remains unaffected by the revocation.
2.10 YouTube
We may use plugins from the website YouTube. The operator of the pages is Google Ireland Limited (“Google”), Gordon House, Barrow Street, Dublin 4, Ireland.
We use YouTube in extended data protection mode. According to YouTube, this mode means that YouTube does not store any information about users of our service before they watch the video. However, the transfer of data to YouTube partners is not necessarily excluded by the extended data protection mode. Thus, YouTube – regardless of whether you watch a video – establishes a connection to the Google DoubleClick network.
As soon as you start a YouTube video within our service, a connection to YouTube’s servers is established. This tells the YouTube server which of our pages you have visited. If you are logged into your YouTube account, you enable YouTube to assign your surfing behavior directly to your personal profile. You can prevent this by logging out of your YouTube account.
Furthermore, YouTube can save various cookies on your end device after starting a video. With the help of these cookies, YouTube can obtain information users of our app/website. This information is used, among other things, to collect video statistics, improve the user experience and prevent fraud attempts. Cookies remain on your terminal device until you delete them.
If necessary, further data processing operations may be triggered after the start of a YouTube video, over which we have no control. You can find more information about data protection at YouTube in their privacy policy at: policies.google.com/privacy.
If cookies are set by YouTube, the processing of personal data is based on your consent pursuant to Art. 6 (1) p. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. The legality of the data processing already carried out remains unaffected by the revocation.
2.11 Data processing in the context of our LinkedIn company page
We have a company page on the social network linkedin.com of LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland (“LinkedIn”) and are provided with so-called page analytics by LinkedIn. We are jointly responsible with LinkedIn for this operation of the LinkedIn company page within the meaning of Art. 26 GDPR.
The type and scope of the information processed or provided by LinkedIn, the associated purposes of the data processing by LinkedIn, its lawfulness as well as information on the exercise of data subject rights can be found in LinkedIn’s data privacy policy at the URL www.linkedin.com/legal/privacy-policy and in the joint responsibility agreement, which can be found at the URL legal.linkedin.com/pages-joint-controller-addendum. Page analytics involves aggregated data that allows us to understand how people interact with our pages. The generation and provision of these page analytics is the responsibility of LinkedIn, over which we have no control. LinkedIn assumes all obligations under the GDPR with regard to the processing of insights data (including Articles 12 and 13 GDPR, Articles 15 to 22 GDPR and Articles 32 to 34 GDPR).
The purpose of the data processing by us of the data provided by LinkedIn is the statistical evaluation of the use of our company page. This enables us, for example, to determine preferred visiting and posting times and to use this data to optimise our posts and our company page. In addition, we process personal data made publicly available on LinkedIn (e.g. clear names in the user profile) as well as data directly related to activities on our company page (e.g. contributions, posts, likes, marks), also for the purpose of communication.
The basis for the above data processing is nature 6 para. 1 p. 1 lit. a GDPR. Insofar as a corresponding consent has been given to LinkedIn, this consent can be revoked at any time with effect for the future. Insofar as consent has been granted to us in this regard, this consent can be revoked at any time with effect for the future. Otherwise, the basis for our data processing is nature 6 para. 1 p. 1 lit. f GDPR, which permits the processing of data to protect the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject are not overridden. Our interest is to provide content and communication with LinkedIn users and to improve the reach and effectiveness of our posts.
The rights of access, rectification, deletion, restriction of processing and data portability of stored insights data can be asserted against LinkedIn, as LinkedIn has assumed the corresponding obligations:
LinkedIn Ireland Unlimited Company
Wilton Place
Dublin 2
Ireland
Privacy policy www.linkedin.com/legal/privacy-policy
2.12 Online presence in social networks
We have set up online presences in various social networks to communicate with you, interested parties and customers and to inform them about our services and current offers. In addition to our interaction with you, the social networks process data from visitors to their websites for the purpose of market research and advertising, i.e. that from the respective visit or usage behavior and the preferences and interests of a visitor derived from this, a user profile may be created by the respective operator of the social network. Such user profiles can be used, among other things, to display advertisements within the respective social network and possibly on other websites, which are individually adapted to the respective user profile. Cookies (see above) may be stored on the visitors’ devices, with the help of which data on usage behavior can be collected. The collection of this data can, especially in the case of logged-in members of the respective social network, also be realized across several browsers and/or end devices used by a user. Even if a visitor does not have a profile with the respective social network, it cannot be ruled out that personal data on this visitor will be stored when visiting the respective website. Requests for information regarding the data stored in social networks via our online presence or the use of other relevant rights of affected persons (see below) can be addressed to the provider of the respective service. Only the providers of the social networks have access to the respective data stored there and can provide the corresponding information, etc. With regard to the purpose and scope of data processing by the various social networks, we refer additionally to their respective data protection notices and the respective contact options:
New Work SE (XING)
Dammtorstraße 29-32
20354 Hamburg, Deutschland
Datenschutzerklärung: https://privacy.xing.com/de/datenschutzerklaerung
The processing of data in the context of our online presences in social networks takes place insofar as a data protection responsibility exists on our part due to our legitimate interest in effective information and direct communication with interested parties and customers of our company. The basis for data processing is Art. 6 (1) p. 1 lit. f DSGVO, which permits the processing of data to protect the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject are not overridden. Our interest lies in providing content and communicating with users of the respective social networks and improving the reach and effectiveness of our posts.
2.13 Data processing for applications
Via our websites and our contact data provided there, applications for jobs in our company can be sent to us. Insofar as personal data is transmitted to us in this way or in any other way when applications are submitted, we process this data for the purpose of reviewing, processing and responding to the application and, if necessary, for preparing the employment relationship.
We kindly ask you to send job applications via the following website: https://karriere.pawlik-consultants.de/
We process your personal data from the job applications in joint controllership according to Art. 26 GDPR with Pawlik Consultants GmbH, Zirkusweg 2, 20359 Hamburg. The essence of the agreement and the privacy policy for job applicants can be found at: Informationspflichten Bewerber – PAWLIK Consultants (pawlik-consultants.de)
2.14 Data processing for the purposes of legitimate interests
We also process your data if it is necessary for purposes of legitimate interests of us or third parties. This may be the case in particular to guarantee IT security and IT operation, especially for support requests, to be able to understand and prove facts in case of legal disputes, for market and opinion surveys, to analyze the use of our website and/or to advertise other products from us or our cooperation partners.
The basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the data processing listed afore. Our interest is either in IT security, in ensuring support for better usability of our website or in our legal interest or in our evaluation and advertising interest.
2.15 Other data processing based on your consent
It may also happen that we ask for your consent to process personal data. Any granting of consent and the relevant data processing is voluntary and you will not suffer any disadvantages if you do not consent.
The data processing is then carried out on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. An informal notification to us is sufficient for this purpose. The legality of the data processing operations already carried out remains unaffected by the revocation.
2.16 Data processing for the fulfilment of legal obligations
In addition, we process your data to fulfil legal obligations (e.g. regulatory requirements, commercial and tax storage and proof obligations). For this reason we collect e.g. your VAT number for contracts, as well as the VAT ID for international contracts.
The basis for data processing is Art. 6 para. 1 s.1 lit. c GDPR, which permits processing for the fulfilment of a legal obligation.
3. Categories of recipients of the personal data
Your personal data will only be transferred or otherwise transmitted to third parties if this is necessary for the purpose of contract processing or billing or if you have previously consented or if there is a legal basis for the transfer.
Your contract and communication data will be forwarded to the responsible office and the responsible employees within our company for answering your inquiries, for communication, for the execution of the order or for the fulfilment of contractual obligations.
If necessary for the purpose of contract processing or for the dispatch and delivery of products or for the provision of our services, data is passed on to partner companies that have been commissioned to support the contract processing. Our partners commit themselves to comply with and observe the data protection regulations. Our partners are not permitted to use the data for any other purpose than the execution of the contract.
The basis for data processing is Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
We disclose personal data to third parties who process personal data on their own responsibility (so-called controllers, cf. Art. 4 (7) GDPR), such as postal and delivery services, house bank, tax advisor/auditor or authorities within the scope of legal permissibility and necessity.
Insofar as we make use of the services of third parties to carry out our services, we process personal data according to the provisions of the GDPR. Service providers who support us in providing our services to you are hosting providers, e-mail service providers, IT service providers, software (SaaS) providers, consulting service providers; document shredding service providers, archiving service providers.
4. Duration of data storage
In principle, we delete your data as soon as it is no longer required for the above-mentioned purposes, unless temporary storage is still necessary. We store your data on the basis of legal proof and storage obligations, which result among other things from the German Commercial Code and the German Tax Code, according to which the storage periods are up to ten full years. In addition, we keep data for the period during which claims can be asserted against our company (statutory limitation period of three years until the end of the year).
5. Data Security
Your personal data will be transmitted securely by us through encryption. We use the coding system SSL (Secure Socket Layer). You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. Furthermore, we secure our websites and other systems by technical and organizational measures against loss, destruction, access, alteration or distribution of your data by unauthorized persons.
6. Rights of the data subject
Within the framework of the applicable legal provisions, data subjects have the right at any time to free information about their personal data stored by us, its origin and recipients and the purpose of the data processing and, if applicable, a right to correction or deletion of this data.
For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time using the contact details given in section 1.
Data subjects may also have a right to restrict the processing of their data and a right to receive the data they have provided in a structured, common and machine-readable format.
If you have given us consent to process personal data for specific purposes, you may withdraw your consent at any time with future effect. If we process your data to protect legitimate interests, you may object to this processing on grounds relating to your particular situation. If we cannot substantiate compelling legitimate reasons for further processing that outweigh your interests, rights and freedoms, or if we process the data in question from you for the purpose of direct marketing, we will then no longer process your data.
In addition, data subjects have the possibility of contacting a data protection supervisory authority (right of complaint).
7. Use of SalesViewer® technology:
This website uses SalesViewer® technology from SalesViewer® GmbH on the basis of the website operator’s legitimate interests (Section 6 paragraph 1 lit.f GDPR) in order to collect and save data on marketing, market research and optimisation purposes.
In order to do this, a javascript based code, which serves to capture company-related data and according website usage. The data captured using this technology are encrypted in a non-retrievable one-way function (so-called hashing). The data is immediately pseudonymised and is not used to identify website visitors personally.
The data stored by Salesviewer® will be deleted as soon as they are no longer required for their intended purpose and there are no legal obligations to retain them.
The data recording and storage can be repealed at any time with immediate effect for the future, by clicking on https://www.salesviewer.com/opt-out in order to prevent SalesViewer® from recording your data. In this case, an opt-out cookie for this website is saved on your device. If you delete the cookies in the browser, you will need to click on this link again.