PRIVACY POLICY

The operator of this site takes the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with legal data protection regulations and this Privacy Policy.

The use of our website is usually possible without disclosing personal data. If personal data (for example, name, address, email addresses or IP address) is collected on our site, this is done on a voluntary basis as far as possible. This data will not be forwarded to third parties without your explicit consent.

We must point out that data transmission in the internet (e.g. when communicating by email) may have gaps in security. Complete protection of data from third-party access is not possible.

The controller in accordance with data protection law

GP+S Consulting GmbH
Nehringstrasse 2
61352 Bad Homburg
Telephone: +49 6172 – 4 95 56 0
Fax: +49 6172 – 4 95 56 125
Email:

 

Contact details for the Data Protection Officer

PROLIANCE GmbH / www.datenschutzexperte.de
Data Protection Officer: Dominik Fünkner
Leopoldstr. 21
80802 Munich
E-Mail:

 

Definition of terms

Our Privacy Policy should be simple and comprehensible to everyone. The Privacy Policy usually uses the official terms from the General Data Protection Regulation (GDPR). The official terms are explained in Art. 4 of the GDPR.

 

Data processing when visiting our website

When you call up our website, it is technically necessary to transmit data via your internet browser to our web server. The following data is recorded during a connection to communicate between your internet browser and our web server:

Domain visited
Date and time of the request
Page from which the file was requested
Access status (file transferred, file not found etc.)
Web browser used and operating system used
IP address of the requesting computer
Data quantity transmitted

We collect the data listed here to guarantee a smooth connection is made to the website and to enable the user to use our website conveniently. In addition, the log file evaluates system security and stability and is used for administrative purposes. The legal basis for temporary storage of data and log files is Art. 6 (1) f of the GDPR.

For technical security reasons, in particular to defend against attempted attacks on our web server, we store this data briefly. It is not possible to draw any conclusions about individuals from this data. After seven days at the latest, the data will be anonymised by shortening the IP address at domain level, so that it will no longer be possible to make a connection to an individual user.

 

Google Analytics

This website uses functions from the web analysis service Google Analytics. The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, (hereinafter described as: “Google”). Google Analytics uses so-called cookies. These are text files that are stored on your computer and enable an analysis of your use of the website. The information generated by the cookies about your use of this website is usually sent to a Google server in the USA and stored there.

If IP anonymisation is activated on this website, your IP address will be shortened in advance by Google within member states of the European Union or in other contracting states to the European Economic Area. The full IP address will only be transmitted to a Google server in the USA and shortened there in exceptions. Google will use this information on behalf of the user of this website to evaluate your use of the website, compile reports about website activities and to provide further services associated with website use and internet use to the website provider. The IP address transmitted within the scope of Google Analytics from your browser will not be brought together with other data by Google. Google Inc. based in the USA, is certified for the US-European data protection treaty “Privacy Shield”, which guarantees compliance with the level of data protection that applies in the EU. Processing is carried out as per Art. 6 (1) f of the GDPR and section 15 (3) of the TMG on the basis of our legitimate interest in statistical analysis of user behaviour for optimization and marketing purposes.

You can prevent the storage of cookies by setting your browser software accordingly; however, we must point out that in this case you may not be able to use all the functions of this website in full. Furthermore, you can prevent the recording of the data generated by the cookies relating to your use of the website (including your IP address) by Google and the processing of this data by Google by downloading and installing the browser plugin available on the following link: http://tools.google.com/dlpage/gaoptout?hl=de

Clicking on the following link will prevent recording by Google Analytics by setting what is known as an opt-out cookie: Deactivating Google Analytics

The conditions of use of Google Analytics and data protection information can be called up via the following links: http://www.google.com/analytics/terms/de.html as well as at https://www.google.de/intl/de/policies/.

You will find information about how user data is handled at Google Analytics in the Google Privacy Policy: https://support.google.com/analytics/answer/6004245?hl=de

 

Simple Analytics

Our website uses “Simple Analytics”, an internet analysis service from Simple Analytics, Hooftlaan 4, 1401 ED Bussum, the Netherlands. With the help of this service certain user data from site visitors (date and time of access, user agent of the browser) will be collected, evaluated and prepared in automatic reports in an anonymised form.

The legal basis is our legitimate interest as per Art. 6 (1) f of the GDPR to continuously optimize our online offers, and on the other hand, to recognise and rectify any technical problems, such as error messages when calling up the site or search engine problems. Simple Analytics operates via a simple script code here, without using any cookies or the IP address. This means that Simple Analytics will not place cookies on your terminal at any time.

The software only tracks the following metrics:

Site retrievals
Referrer
Top pages
Monitor size
Browser
Countries

The information processed through Simple Analytics will not relate to any person at any time and therefore, will not allow any conclusions to be drawn about you.

If you do want any future processing of the information specified, you can prevent this by deactivating JavaScript in your browser. Alternatively, you can also deactivate JavaScript code by installing a JavaScript blocker (e.g. https://noscript.net or https://www.ghostery.com). However, if you do so it is highly likely that you will not able to use all the functions of the website in full.

You will find further information about data processing by and the data protection of Simple Analytics at https://docs.simpleanalytics.com/what-we-collect?ref=simpleanalytics.com.

 

Cookies

1) We use “Google Web Fonts”, on our website. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Web Fonts enable us to use external fonts, known as Google Fonts. For this purpose, when you call up our website the Google Font required will be loaded by your web browser in your browser cache. This is necessary so your browser can also show a visually-improved presentation of our texts. If your browser does not support this function, a standard font from your computer will be used for the display. These Web Fonts will be integrated by a server fetch, usually using a Google server in the USA. In the process, which page you have visited on our website will be transmitted to the server. Google will also store the IP address of the browsers on the visitor’s terminal.

2) We use Google Web Fonts for optimization purposes, in particular to improve use of our website for you and to make its design more user-friendly.

3) Our legitimate interest here can also be found in Art. 6 (1) f of the GDPR.

4) Google has agreed to comply with the Privacy-Shield Treaty concluded between the European Union and the USA, and is certified accordingly. As a result, Google is obliged to comply with the standards and regulations of European data protection law. You will find more detailed information at the following link: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

5) Information about the third provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.

You will find further information about data protection in the Google Privacy Policy: http://www.google.de/intl/de/policies/privacy

There is more detailed information about Google Web Fonts at http://www.google.com/webfonts/,https://developers.google.com/fonts/faq?hl=de-DE&csw=1 and https://www.google.com/fonts#AboutPlace:about.

6) We use web fonts on our website provided by the services “Fonts.com”. This service records the IP addresses of accesses. This log data will be erased after 30 days and then no more personal data will be processed afterwards. The appropriate data protection guideline can be found in detail here: https://www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy/.

 

Contact form

If you send us enquiries via the contact form, we will store your disclosures from the enquiry form including the contact data you have given there for the purposes of processing the enquiry and in the event of any subsequent questions. We will not forward this data without your consent. The legal basis for processing the data is our legitimate interest in answering your enquiries as per Art. 6 (1) f of the GDPR and, if applicable, Art. 6 (1) b of the GDPR, if your enquiry is intended to conclude a contract. Your data will be erased after your enquiry has been conclusively dealt with, if no legal retention obligations contradict this.

 

Pre-condition for claiming free-of-charge services

Consent to send emails may be set as the pre-condition to claim free-of-charge services (e.g. access to certain contents or participation in certain actions). If the user wants to claim a free-of-charge service without registering for the newsletter, please contact us.

If you would like to receive the newsletter offered on our website, with regular information about our offers and products, we require your name, email address and company name as mandatory information.

To send the newsletter we use the WordPress plugin “Download After Email – Subscribe & Download Form Plugin –”. This means that we will only send you our newsletter by email if you have explicitly confirmed that you give your consent to newsletters being sent. In the first step, you will receive an email with a download link. Using this link you can confirm that, as the holder of the relevant email address, you want to receive the newsletter in the future. By sending this confirmation you give us your consent as per Art. 6 (1) a of the GDPR that we are allowed to use your personal data for the purpose of sending the newsletter requested.

When you register for the newsletter, in addition to the email address required to send it we will store the IP address you used to register for the newsletter, as well as the date and time of the registration and confirmation, in order to be able to trace any possible misuse at a later point in time.

You can unsubscribe from the newsletter at any time via the link contained in every newsletter or by sending an email to the person responsible as detailed above. After you have unsubscribed, your email address will be erased from our newsletter mailing list, if you have not explicitly given consent to continued use of the data collected or continued processing is not otherwise legally permissible.

Our email newsletter is sent by a technical service provider to whom we pass your data provided when registering for the newsletter. We have concluded a processing agreement with our email service providers. This obliges them to protect our clients’ data and not to forward this data to any third parties.

Service provider: CleverReach GmbH & Co. KG
Adress: Schafjückenweg 2, 26180 Rastede, GermanyPrivacy Policy: https://www.cleverreach.com/de/datenschutz/

 

Objection to advertising emails

We hereby object to the use of the contact details published within the scope of the obligation to publish a legal notice to send advertising and information material not explicitly requested by us The operator of this site reserves the right to take legal steps in the event of the unsolicited sending of advertising information, such as through spam emails.

Our Privacy Policy for job applications
https://www.gps-consulting.com/datenschutz-bewerber/

Our Privacy Policy for self-employed consultants and businesspeople
https://www.gps-consulting.com/datenschutz-berater-und-unternehmer/

 

Data transfer and recipients

Your data will not be transferred to third parties, except if we have explicitly pointed this out in the description of the relevant data processing.

If you have given consent in accordance with Art. 6 (1) 1 a of the GDPR, transfer as per Art. 6 (1) 1 f of the GDPR is required to assert, exercise or defend against legal claims and there is no reason to assume that you have an interest requiring protection in the non-transfer of your data that overrides this, in cases where there is a legal obligation to transfer this is carried out as per Art 6 (1) 1 c of the GDPR and if this, as per Art. 6 (1) 1 b of the GDPR, is necessary for the performance of a contract with you.

Furthermore, we use external service providers to carry out our services, which we have carefully selected and commissioned in writing. These providers are tied to our instructions and we regularly check them. We have also concluded processing contracts with them as per Art. 28 of the GDPR. In detail, these are service providers for web hosting, sending emails as well as for maintaining and updating our IT systems. The service providers will not transfer this data to third parties.

 

Duration of storage of personal data

The duration of storage of personal data is set in accordance with relevant legal retention obligations (e.g. resulting from commercial law and tax law). After the expiry of the relevant period the corresponding data is routinely erased. If any data is required to fulfil or initiate a contract, or if we have a legitimate interest in continuing storage, the data will be erased if it is no longer required for these purposes or if you exercise your right to withdraw consent or to object.

 

Your rights

In the following sections you will find information about which data subject rights you are granted towards the controller by data protection law with regard to the processing of your personal data:

The right, as per Art. 15 of the GDPR, to demand to be informed about your personal data that we process. In particular, you can demand to be informed about the purposes of processing, the category of personal data, the categories of recipients that disclosures of your data are or were made to, the planned storage period, the right to rectification, erasure, restriction of processing or objection, the right to complain, the origin of your data if we did not collect this and any automatic decision-making including profiling and, if necessary meaningful information about the details of these.

The right, as per Art. 16 of the GDPR, to demand the rectification of incorrect data or completion of your personal data that we store.

The right, as per Art. 17 of the GDPR, to demand the erasure of your personal data that we store if the processing is not required to exercise the right of freedom of speech and information, to meet a legal obligation, for reasons of public interest or to assert, exercise or defend against legal claims.

The right, as per Art. 18 of the GDPR, to demand the restriction of processing of your personal data if you dispute the accuracy of the data, processing is illegal, but you reject erasure and we no longer require the data, however, you require this to assert, exercise or defend against legal claims or if you have objected as per Art. 21 GDPR.

The right, as per Art. 20 of the GDPR, to demand receipt of your personal data that you have provided to us in a structured, common and machine-readable format or transmission to another controller.

The right, as per Art. 77 of the GDPR, to complain to a supervisory authority. You can usually make complaints to the supervisory authority in the federal state of our registered office, as detailed above, at of your usual place of residence or workplace, if applicable.

Right to withdraw any consent given as per Art. 7 (3) of the GDPR. You have the right to withdraw any consent you have given to the processing of data with effect in the future. In the event of a withdrawal of consent we will erase the relevant data without delay, if further processing cannot be based on a legal basis of processing without consent.

Any withdrawal of consent does not affect the lawfulness of processing based on consent before the withdrawal.

 

Right to object

If we process your personal data on the basis of a legitimate interest as per Art. 6 (1) 1 f of the GDPR, you have the right, as per Art. 21 of the GDPR, to object to the processing of your personal data, if there are grounds resulting from your particular situation. If a withdrawal of consent to the processing of personal data relates to the purposes of direct advertising, you have a general right to withdraw consent without any requirement to disclose a particular situation.

If you want to exercise your right to withdraw consent or to object, just send an email to: .

 

Privacy Policy for our social media accounts at Facebook, Xing and LinkedIn

 

Introduction

Protecting your personal data is very important to us. In the following sections you will find information about how we handle your data that is recorded through your use of our social media accounts on social networks and platforms. Your data will be processed in accordance with legal regulations.

 

Providers

Facebook Fan page

 

Data controller

If the data you have transmitted to us is also, or exclusively, processed by Facebook in addition to us, or in place of us, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, will be the controller for data processing in accordance with the GDPR. We have concluded a contract for this with Facebook as per Art. 26 of the GDPR as joint controllers when processing data (Controller Addendum). This contract sets the data processing procedures for which we or Facebook are the controllers, if you visit our Facebook Fan page. You can view this contract at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.

If you wish to exercise any of your rights as a visitor (information, rectification, erasure, restriction, data portability, complaint to a supervisory authority, withdrawal of consent or objection), you can contact both Facebook and us.

You can adjust your advertising settings independently in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads or http://www.youronlinechoices.com

Please take further details from the Facebook Privacy Policy: https://www.facebook.com/about/privacy/

 

Facebook Data Protection Officer

To contact the Facebook Data Protection Officer you can use the online contact form provided by Facebook at the following link: https://www.facebook.com/help/contact/540977946302970.

 

Data processing for statistical purposes using page insights

Facebook provides what are called page insights for our Facebook Fan page: https://www.facebook.com/business/a/page/page-insights. This is summarised data that provides information about how people interact with our website. Page insights can be based on personal data that is recorded in connection with a visit or interaction people make on or with our website, and in connection with the contents provided. Please consider which personal data you share with us through Facebook. Your data can be processed for market research and advertising purposes, even if you are not logged in to Facebook or do not have a Facebook account. User profiles can be created in this way e.g. from user behaviour and the resulting interests of users. In turn, user profiles can be used to e.g. place advertisements inside and outside the platforms, which presumably correspond to the user’s interests. This data is recorded through cookies that are stored on your terminal. Furthermore, data can also be stored in user profiles independently of the devices used by the user; this occurs in particular if the user is a member of the relevant platforms and is logged in to these. The legal basis for this processing is Art. 6 (1) f of the GDPR. Our legitimate interest is in optimizing the presentation of our offer, providing effective information and communicating with clients, as well as in the targeted placement of advertisements. Please consider that we do not have any influence over data collection and the further processing carried out by Facebook. As a result, we cannot provide any information about the scope, location and duration of data storage by Facebook. Moreover, we cannot make any statements about the extent to which Facebook meets its erasure obligations, which evaluations and links with the data are carried out by Facebook or to whom Facebook transfers the data. If you want to avoid any processing of your personal data by Facebook, please contact us via a different channel.

 

Other social media providers

Data controller

If your personal data is processed by one of the providers detailed below, this provider will be the controller for data processing in accordance with the GDPR. In order to assert your data subject rights we must point out that you can do this most effectively by asserting these rights against the relevant provider. Only these providers have access to the data collected from you. If you require any help nevertheless, please contact us at any time.

We have online presences on the social media platforms of the following providers:

LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland

XING SE, Dammtorstrasse 29-32, 20354 Hamburg, Germany

 

Data Protection Officer

You will find information about how to contact the Data Protection Officer of the other social media providers here:

LinkedIn Ireland Unlimited Company: https://www.linkedin.com/help/linkedin/ask/TSO-DPO

XING SE:

General disclosures about social media platforms made by GP+S Consulting GmbH

 

Data controller

The controller for data processing in accordance with the GDPR is the following point, if we process data you transmit to us via one of the social media platforms:

GP+S Consulting GmbH
Nehringstrasse 2
61352 Bad Homburg
Telephon: +49 6172 – 4 95 56 0
Email:
Web: www.gps-consulting.com

Our Data Protection Officer

If you have any concerns about data processing carried out by us as the controller, you can reach our Data Protection Officer using the following contact details:

PROLIANCE GmbH / www.datenschutzexperte.de
Datenschutzbeauftragter: Dominik Fünkner
Leopoldstr. 21
80802 Munich
Email:

 

General data processing on social media platforms

Data processing for market research and advertising

Personal data is usually processed on the company website for market research and advertising purposes. A cookie is placed in your browser to do this, which enables the relevant provider to recognise you again if you visit a website. Usage profiles can be created using the collected data. This data is used inside and outside the platform to place advertisements that will presumably meet your interests. Furthermore, data can also be stored in user profiles independently of the devices used by the user. This is usually the case if you are a member of the relevant platforms and are logged in to these.

Data processing when making contact

We collect personal data ourselves if e.g. you contact us using the contact form or through a messenger service, such as Facebook Messenger. Which data is collected depends on your disclosures and the contact data you have entered or approved. We will store this data for the purposes of dealing with your enquiry and if there are any follow-up questions.  We will not transfer this data to third parties under any circumstances without your consent. The legal basis for processing the data is our legitimate interest in answering your enquiries as per Art. 6 (1) f of the GDPR and, if applicable, Art. 6 (1) b of the GDPR, if your enquiry is intended to conclude a contract. Your data will be erased after your enquiry has been conclusively dealt with, if no legal retention obligations contradict this. We will assume your enquiry has been conclusively dealt with when the circumstances indicate that the relevant matter has been conclusively clarified.

Data processing to carry out contracts

If the aim of your contact via a social network or any other platform is to conclude a contract with us to deliver goods or provide services, we will process your data to fulfil the contract or to conduct pre-contractual measures or to provide the desired services. The legal basis for processing your data in this case is Art. 6 (1) b of the GDPR. Your data will be erased when it is no longer required to carry out the contract or it can be identified that the pre-contractual measures will not lead to the conclusion of a contract in accordance with the purpose of making contact. However, please note that even after the conclusion of a contract it may be necessary to store the personal data of our contractual partners in order to meet contractual or legal obligations.

Data processing on the basis of consent

If you are asked to give consent to processing for a certain purpose by the relevant providers of the platforms, the legal basis for this processing is Art. 6 (1) a, Art. 7 of the GDPR. Any consent given can be withdrawn at any time with effect in the future.

Data transfer and recipients

Please note that through use of social media platforms data processing may take place outside the EU and the European Economic Area, so that the European level of data protection cannot necessarily be guaranteed. The social media providers detailed based in the USA are certified for the US-European data protection treaty “Privacy Shield”, which guarantees compliance with the level of data protection that applies in the EU.

We do not have any influence over the processing and how your personal data is handled by the relevant provider. We do not have any information about this either. If you require any further information, please check the privacy policy of the relevant provider:

LinkedIn Privacy Policy: https://www.linkedin.com/legal/privacy-policy, Opt out: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out, Privacy Shield: https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active

XING Privacy Policy: https://privacy.xing.com/de/datenschutzerklaerung, Opt out: https://privacy.xing.com/de/datenschutzerklaerung/welche-rechte-koennen-sie-geltend-machen/widerspruchsrecht

 

Your rights

In the following sections you will find information about which data subject rights you are granted towards the controller.

You have the right,

to demand to be informed about your personal data that we process; Art. 15 GDPR. In particular, you can demand to be informed about the purposes of processing, the category of personal data, the categories of recipients that disclosures of your data are or were made to, the planned storage period, the right to rectification, erasure, restriction of processing or objection, the right to complain, the origin of your data if we did not collect this and any automatic decision-making, including profiling, and, if necessary meaningful information about the details of these.

to demand the rectification of incorrect data or completion of your personal data that we store; Art. 16 GDPR.

to demand the erasure of your personal data that we store if the processing is not required to exercise the right of freedom of speech and information, to meet a legal obligation, for reasons of public interest or to assert, exercise or defend against legal claims; Art. 17 GDPR.

to demand the restriction of processing of your personal data if you dispute the accuracy of the data, processing is illegal, but you reject erasure and we no longer require the data, however, you require this to assert, exercise or defend against legal claims or as per Art. 21 GDPR if you have objected to processing; Art. 18 GDPR.

to demand receipt of your personal data that you have provided to us in a structured, common and machine-readable format or transmission to another controller; Art. 20 GDPR.

as per Art. 77 DSGVO to complain to a supervisory authority. You can usually make complaints to the supervisory authority in the federal state of our registered office, as detailed above, or of your usual place of residence or workplace.

You can withdraw any consent given to process data at any time with effect in the future; Art. 7 (3) GDPR. In the event of a withdrawal of consent we will erase the relevant data without delay, if further processing cannot be based on a legal basis of processing without consent. Any withdrawal of consent does not affect the lawfulness of processing based on consent before the withdrawal.

 

Right to object

If we process your personal data on the basis of a legitimate interest as per Art. 6 (1) f of the GDPR, you have the right, as per Art. 21 of the GDPR, to object to the processing of your personal data, if there are grounds resulting from your particular situation. If a withdrawal of consent to the processing of personal data relates to the purposes of direct advertising, you have a general right to withdraw consent without any requirement to disclose the particular grounds.

If you want to exercise your right to withdraw consent or to object, just send an email to .

 

Length of storage

The personal data we have collected will be erased from our system if this data is no longer required for the purpose set on collection or if you have exercised your right to withdraw consent or to object. Legal retention periods remain unaffected. We do not have any influence over the duration of storage of your data that is stored by social media providers for their own purposes. For details about this, please contact the relevant provider directly.

 

Amendments to the Privacy Policy

We reserve the right to amend this Privacy Policy at any time in compliance with the applicable provisions of data protection law. We will inform you about any material amendments to the Privacy Policy by means of a clearly visible notice on our website.

This Privacy Policy was drawn up by www.datenschutzexperte.de.

Version of this Privacy Policy 16 February 2021