The use of our website is usually possible without disclosing personal data. If personal data (for example, name, address, email addresses or IP address) is collected on our site, this is done on a voluntary basis as far as possible. This data will not be forwarded to third parties without your explicit consent.
We must point out that data transmission in the internet (e.g. when communicating by email) may have gaps in security. Complete protection of data from third-party access is not possible.
The controller in accordance with data protection law
Contact details for the Data Protection Officer
Definition of terms
Data processing when visiting our website
When you call up our website, it is technically necessary to transmit data via your internet browser to our web server. The following data is recorded during a connection to communicate between your internet browser and our web server:
Date and time of the request
Page from which the file was requested
Access status (file transferred, file not found etc.)
Web browser used and operating system used
IP address of the requesting computer
Data quantity transmitted
We collect the data listed here to guarantee a smooth connection is made to the website and to enable the user to use our website conveniently. In addition, the log file evaluates system security and stability and is used for administrative purposes. The legal basis for temporary storage of data and log files is Art. 6 (1) f of the GDPR.
For technical security reasons, in particular to defend against attempted attacks on our web server, we store this data briefly. It is not possible to draw any conclusions about individuals from this data. After seven days at the latest, the data will be anonymised by shortening the IP address at domain level, so that it will no longer be possible to make a connection to an individual user.
For statistical evaluation, this website uses functions of the web analysis service “Matomo” (formerly “PIWIK”). Matomo is an open source web analytics tool. With Matomo, no data is transmitted to servers that are beyond the control of GP+S Consulting. Matomo is deactivated when you visit our website. Your usage behavior will only be recorded anonymously if you give your active consent.
Matomo uses so-called “cookies”. These are text files that are stored on your computer and that enable an analysis of your use of the website. For this purpose, the information about usage obtained by the cookie is transmitted to the server of this website and stored so that usage behavior can be evaluated. Your IP address will be anonymized immediately; this way you remain anonymous as a user. The information generated by the cookie about your use of this website will not be passed on to third parties.
The processing takes place in accordance with Article 6 Paragraph 1 Letter f GDPR and Section 15 Paragraph 3 TMG on the basis of our legitimate interest in the statistical analysis of user behavior for optimization and marketing purposes.
You have the option of subsequently objecting to the collection of the data generated by the cookie and related to your use of the website (including your IP address) and the processing of this data by Matomo by revoking your consent under the following link (opt-out):
You may choose to prevent this website from aggregating and analyzing the actions you take here. Doing so will protect your privacy, but will also prevent the owner from learning from your actions and creating a better experience for you and other users.
Our website uses “Simple Analytics”, an internet analysis service from Simple Analytics, Hooftlaan 4, 1401 ED Bussum, the Netherlands. With the help of this service certain user data from site visitors (date and time of access, user agent of the browser) will be collected, evaluated and prepared in automatic reports in an anonymised form.
The legal basis is our legitimate interest as per Art. 6 (1) f of the GDPR to continuously optimize our online offers, and on the other hand, to recognise and rectify any technical problems, such as error messages when calling up the site or search engine problems. Simple Analytics operates via a simple script code here, without using any cookies or the IP address. This means that Simple Analytics will not place cookies on your terminal at any time.
The software only tracks the following metrics:
The information processed through Simple Analytics will not relate to any person at any time and therefore, will not allow any conclusions to be drawn about you.
You will find further information about data processing by and the data protection of Simple Analytics at https://docs.simpleanalytics.com/what-we-collect?ref=simpleanalytics.com.
1) We use “Google Web Fonts”, on our website. This is a service provided by Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google Web Fonts enable us to use external fonts, known as Google Fonts. For this purpose, when you call up our website the Google Font required will be loaded by your web browser in your browser cache. This is necessary so your browser can also show a visually-improved presentation of our texts. If your browser does not support this function, a standard font from your computer will be used for the display. These Web Fonts will be integrated by a server fetch, usually using a Google server in the USA. In the process, which page you have visited on our website will be transmitted to the server. Google will also store the IP address of the browsers on the visitor’s terminal.
2) We use Google Web Fonts for optimization purposes, in particular to improve use of our website for you and to make its design more user-friendly.
3) Our legitimate interest here can also be found in Art. 6 (1) f of the GDPR.
4) Google has agreed to comply with the Privacy-Shield Treaty concluded between the European Union and the USA, and is certified accordingly. As a result, Google is obliged to comply with the standards and regulations of European data protection law. You will find more detailed information at the following link: https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active
5) Information about the third provider: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001.
There is more detailed information about Google Web Fonts at http://www.google.com/webfonts/,https://developers.google.com/fonts/faq?hl=de-DE&csw=1 and https://www.google.com/fonts#AboutPlace:about.
6) We use web fonts on our website provided by the services “Fonts.com”. This service records the IP addresses of accesses. This log data will be erased after 30 days and then no more personal data will be processed afterwards. The appropriate data protection guideline can be found in detail here: https://www.monotype.com/legal/privacy-policy/web-font-tracking-privacy-policy/.
If you send us enquiries via the contact form, we will store your disclosures from the enquiry form including the contact data you have given there for the purposes of processing the enquiry and in the event of any subsequent questions. We will not forward this data without your consent. The legal basis for processing the data is our legitimate interest in answering your enquiries as per Art. 6 (1) f of the GDPR and, if applicable, Art. 6 (1) b of the GDPR, if your enquiry is intended to conclude a contract. Your data will be erased after your enquiry has been conclusively dealt with, if no legal retention obligations contradict this.
Pre-condition for claiming free-of-charge services
Consent to send emails may be set as the pre-condition to claim free-of-charge services (e.g. access to certain contents or participation in certain actions). If the user wants to claim a free-of-charge service without registering for the newsletter, please contact us.
If you would like to receive the newsletter offered on our website, with regular information about our offers and products, we require your name, email address and company name as mandatory information.
To send the newsletter we use the WordPress plugin “Download After Email – Subscribe & Download Form Plugin –”. This means that we will only send you our newsletter by email if you have explicitly confirmed that you give your consent to newsletters being sent. In the first step, you will receive an email with a download link. Using this link you can confirm that, as the holder of the relevant email address, you want to receive the newsletter in the future. By sending this confirmation you give us your consent as per Art. 6 (1) a of the GDPR that we are allowed to use your personal data for the purpose of sending the newsletter requested.
When you register for the newsletter, in addition to the email address required to send it we will store the IP address you used to register for the newsletter, as well as the date and time of the registration and confirmation, in order to be able to trace any possible misuse at a later point in time.
You can unsubscribe from the newsletter at any time via the link contained in every newsletter or by sending an email to the person responsible as detailed above. After you have unsubscribed, your email address will be erased from our newsletter mailing list, if you have not explicitly given consent to continued use of the data collected or continued processing is not otherwise legally permissible.
Our email newsletter is sent by a technical service provider to whom we pass your data provided when registering for the newsletter. We have concluded a processing agreement with our email service providers. This obliges them to protect our clients’ data and not to forward this data to any third parties.
Service provider: CleverReach GmbH & Co. KG
Objection to advertising emails
We hereby object to the use of the contact details published within the scope of the obligation to publish a legal notice to send advertising and information material not explicitly requested by us The operator of this site reserves the right to take legal steps in the event of the unsolicited sending of advertising information, such as through spam emails.
Data transfer and recipients
Your data will not be transferred to third parties, except if we have explicitly pointed this out in the description of the relevant data processing.
If you have given consent in accordance with Art. 6 (1) 1 a of the GDPR, transfer as per Art. 6 (1) 1 f of the GDPR is required to assert, exercise or defend against legal claims and there is no reason to assume that you have an interest requiring protection in the non-transfer of your data that overrides this, in cases where there is a legal obligation to transfer this is carried out as per Art 6 (1) 1 c of the GDPR and if this, as per Art. 6 (1) 1 b of the GDPR, is necessary for the performance of a contract with you.
Furthermore, we use external service providers to carry out our services, which we have carefully selected and commissioned in writing. These providers are tied to our instructions and we regularly check them. We have also concluded processing contracts with them as per Art. 28 of the GDPR. In detail, these are service providers for web hosting, sending emails as well as for maintaining and updating our IT systems. The service providers will not transfer this data to third parties.
Duration of storage of personal data
The duration of storage of personal data is set in accordance with relevant legal retention obligations (e.g. resulting from commercial law and tax law). After the expiry of the relevant period the corresponding data is routinely erased. If any data is required to fulfil or initiate a contract, or if we have a legitimate interest in continuing storage, the data will be erased if it is no longer required for these purposes or if you exercise your right to withdraw consent or to object.
In the following sections you will find information about which data subject rights you are granted towards the controller by data protection law with regard to the processing of your personal data:
The right, as per Art. 15 of the GDPR, to demand to be informed about your personal data that we process. In particular, you can demand to be informed about the purposes of processing, the category of personal data, the categories of recipients that disclosures of your data are or were made to, the planned storage period, the right to rectification, erasure, restriction of processing or objection, the right to complain, the origin of your data if we did not collect this and any automatic decision-making including profiling and, if necessary meaningful information about the details of these.
The right, as per Art. 16 of the GDPR, to demand the rectification of incorrect data or completion of your personal data that we store.
The right, as per Art. 17 of the GDPR, to demand the erasure of your personal data that we store if the processing is not required to exercise the right of freedom of speech and information, to meet a legal obligation, for reasons of public interest or to assert, exercise or defend against legal claims.
The right, as per Art. 18 of the GDPR, to demand the restriction of processing of your personal data if you dispute the accuracy of the data, processing is illegal, but you reject erasure and we no longer require the data, however, you require this to assert, exercise or defend against legal claims or if you have objected as per Art. 21 GDPR.
The right, as per Art. 20 of the GDPR, to demand receipt of your personal data that you have provided to us in a structured, common and machine-readable format or transmission to another controller.
The right, as per Art. 77 of the GDPR, to complain to a supervisory authority. You can usually make complaints to the supervisory authority in the federal state of our registered office, as detailed above, at of your usual place of residence or workplace, if applicable.
Right to withdraw any consent given as per Art. 7 (3) of the GDPR. You have the right to withdraw any consent you have given to the processing of data with effect in the future. In the event of a withdrawal of consent we will erase the relevant data without delay, if further processing cannot be based on a legal basis of processing without consent.
Any withdrawal of consent does not affect the lawfulness of processing based on consent before the withdrawal.
Right to object
If we process your personal data on the basis of a legitimate interest as per Art. 6 (1) 1 f of the GDPR, you have the right, as per Art. 21 of the GDPR, to object to the processing of your personal data, if there are grounds resulting from your particular situation. If a withdrawal of consent to the processing of personal data relates to the purposes of direct advertising, you have a general right to withdraw consent without any requirement to disclose a particular situation.
Protecting your personal data is very important to us. In the following sections you will find information about how we handle your data that is recorded through your use of our social media accounts on social networks and platforms. Your data will be processed in accordance with legal regulations.
Facebook Fan page
If the data you have transmitted to us is also, or exclusively, processed by Facebook in addition to us, or in place of us, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland, will be the controller for data processing in accordance with the GDPR. We have concluded a contract for this with Facebook as per Art. 26 of the GDPR as joint controllers when processing data (Controller Addendum). This contract sets the data processing procedures for which we or Facebook are the controllers, if you visit our Facebook Fan page. You can view this contract at the following link: https://www.facebook.com/legal/terms/page_controller_addendum.
If you wish to exercise any of your rights as a visitor (information, rectification, erasure, restriction, data portability, complaint to a supervisory authority, withdrawal of consent or objection), you can contact both Facebook and us.
You can adjust your advertising settings independently in your user account. To do this, click on the following link and log in: https://www.facebook.com/settings?tab=ads or http://www.youronlinechoices.com
Facebook Data Protection Officer
To contact the Facebook Data Protection Officer you can use the online contact form provided by Facebook at the following link: https://www.facebook.com/help/contact/540977946302970.
Data processing for statistical purposes using page insights
Facebook provides what are called page insights for our Facebook Fan page: https://www.facebook.com/business/a/page/page-insights. This is summarised data that provides information about how people interact with our website. Page insights can be based on personal data that is recorded in connection with a visit or interaction people make on or with our website, and in connection with the contents provided. Please consider which personal data you share with us through Facebook. Your data can be processed for market research and advertising purposes, even if you are not logged in to Facebook or do not have a Facebook account. User profiles can be created in this way e.g. from user behaviour and the resulting interests of users. In turn, user profiles can be used to e.g. place advertisements inside and outside the platforms, which presumably correspond to the user’s interests. This data is recorded through cookies that are stored on your terminal. Furthermore, data can also be stored in user profiles independently of the devices used by the user; this occurs in particular if the user is a member of the relevant platforms and is logged in to these. The legal basis for this processing is Art. 6 (1) f of the GDPR. Our legitimate interest is in optimizing the presentation of our offer, providing effective information and communicating with clients, as well as in the targeted placement of advertisements. Please consider that we do not have any influence over data collection and the further processing carried out by Facebook. As a result, we cannot provide any information about the scope, location and duration of data storage by Facebook. Moreover, we cannot make any statements about the extent to which Facebook meets its erasure obligations, which evaluations and links with the data are carried out by Facebook or to whom Facebook transfers the data. If you want to avoid any processing of your personal data by Facebook, please contact us via a different channel.
Other social media providers
If your personal data is processed by one of the providers detailed below, this provider will be the controller for data processing in accordance with the GDPR. In order to assert your data subject rights we must point out that you can do this most effectively by asserting these rights against the relevant provider. Only these providers have access to the data collected from you. If you require any help nevertheless, please contact us at any time.
We have online presences on the social media platforms of the following providers:
LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
XING SE, Dammtorstrasse 29-32, 20354 Hamburg, Germany
Data Protection Officer
You will find information about how to contact the Data Protection Officer of the other social media providers here:
LinkedIn Ireland Unlimited Company: https://www.linkedin.com/help/linkedin/ask/TSO-DPO
General disclosures about social media platforms made by GP+S Consulting GmbH
The controller for data processing in accordance with the GDPR is the following point, if we process data you transmit to us via one of the social media platforms:
GP+S Consulting GmbH
61352 Bad Homburg
Telephon: +49 6172 – 4 95 56 0
Our Data Protection Officer
If you have any concerns about data processing carried out by us as the controller, you can reach our Data Protection Officer using the following contact details:
General data processing on social media platforms
Data processing for market research and advertising
Personal data is usually processed on the company website for market research and advertising purposes. A cookie is placed in your browser to do this, which enables the relevant provider to recognise you again if you visit a website. Usage profiles can be created using the collected data. This data is used inside and outside the platform to place advertisements that will presumably meet your interests. Furthermore, data can also be stored in user profiles independently of the devices used by the user. This is usually the case if you are a member of the relevant platforms and are logged in to these.
Data processing when making contact
We collect personal data ourselves if e.g. you contact us using the contact form or through a messenger service, such as Facebook Messenger. Which data is collected depends on your disclosures and the contact data you have entered or approved. We will store this data for the purposes of dealing with your enquiry and if there are any follow-up questions. We will not transfer this data to third parties under any circumstances without your consent. The legal basis for processing the data is our legitimate interest in answering your enquiries as per Art. 6 (1) f of the GDPR and, if applicable, Art. 6 (1) b of the GDPR, if your enquiry is intended to conclude a contract. Your data will be erased after your enquiry has been conclusively dealt with, if no legal retention obligations contradict this. We will assume your enquiry has been conclusively dealt with when the circumstances indicate that the relevant matter has been conclusively clarified.
Data processing to carry out contracts
If the aim of your contact via a social network or any other platform is to conclude a contract with us to deliver goods or provide services, we will process your data to fulfil the contract or to conduct pre-contractual measures or to provide the desired services. The legal basis for processing your data in this case is Art. 6 (1) b of the GDPR. Your data will be erased when it is no longer required to carry out the contract or it can be identified that the pre-contractual measures will not lead to the conclusion of a contract in accordance with the purpose of making contact. However, please note that even after the conclusion of a contract it may be necessary to store the personal data of our contractual partners in order to meet contractual or legal obligations.
Data processing on the basis of consent
If you are asked to give consent to processing for a certain purpose by the relevant providers of the platforms, the legal basis for this processing is Art. 6 (1) a, Art. 7 of the GDPR. Any consent given can be withdrawn at any time with effect in the future.
Data transfer and recipients
Please note that through use of social media platforms data processing may take place outside the EU and the European Economic Area, so that the European level of data protection cannot necessarily be guaranteed. The social media providers detailed based in the USA are certified for the US-European data protection treaty “Privacy Shield”, which guarantees compliance with the level of data protection that applies in the EU.
In the following sections you will find information about which data subject rights you are granted towards the controller.
You have the right,
to demand to be informed about your personal data that we process; Art. 15 GDPR. In particular, you can demand to be informed about the purposes of processing, the category of personal data, the categories of recipients that disclosures of your data are or were made to, the planned storage period, the right to rectification, erasure, restriction of processing or objection, the right to complain, the origin of your data if we did not collect this and any automatic decision-making, including profiling, and, if necessary meaningful information about the details of these.
to demand the rectification of incorrect data or completion of your personal data that we store; Art. 16 GDPR.
to demand the erasure of your personal data that we store if the processing is not required to exercise the right of freedom of speech and information, to meet a legal obligation, for reasons of public interest or to assert, exercise or defend against legal claims; Art. 17 GDPR.
to demand the restriction of processing of your personal data if you dispute the accuracy of the data, processing is illegal, but you reject erasure and we no longer require the data, however, you require this to assert, exercise or defend against legal claims or as per Art. 21 GDPR if you have objected to processing; Art. 18 GDPR.
to demand receipt of your personal data that you have provided to us in a structured, common and machine-readable format or transmission to another controller; Art. 20 GDPR.
as per Art. 77 DSGVO to complain to a supervisory authority. You can usually make complaints to the supervisory authority in the federal state of our registered office, as detailed above, or of your usual place of residence or workplace.
You can withdraw any consent given to process data at any time with effect in the future; Art. 7 (3) GDPR. In the event of a withdrawal of consent we will erase the relevant data without delay, if further processing cannot be based on a legal basis of processing without consent. Any withdrawal of consent does not affect the lawfulness of processing based on consent before the withdrawal.
Right to object
If we process your personal data on the basis of a legitimate interest as per Art. 6 (1) f of the GDPR, you have the right, as per Art. 21 of the GDPR, to object to the processing of your personal data, if there are grounds resulting from your particular situation. If a withdrawal of consent to the processing of personal data relates to the purposes of direct advertising, you have a general right to withdraw consent without any requirement to disclose the particular grounds.
Length of storage
The personal data we have collected will be erased from our system if this data is no longer required for the purpose set on collection or if you have exercised your right to withdraw consent or to object. Legal retention periods remain unaffected. We do not have any influence over the duration of storage of your data that is stored by social media providers for their own purposes. For details about this, please contact the relevant provider directly.