Introduction
With the following privacy policy, we would like to inform you about the types of your personal data (hereinafter also referred to as “data”) we process, for what purposes and to what extent. The privacy policy applies to all personal data processing carried out by us, both in the context of providing our services and in particular on our websites, in mobile applications and within external online presences.
The terms used are not gender-specific.
Date: 18 February 2020
Controller
Norbert Reiling
Owner
Lerchenweg 11
76761 Rülzheim / Germany
Authorised representative: Norbert Reiling
Email address: n.reiling@reiling-consulting.com
Overview of Processing Activities
Types of data processed
- Inventory data (e.g. names, addresses)
- Content data (e.g. text entries, photographs, videos)
- Contact data (e.g. email, telephone numbers)
- Meta/communication data (e.g. device information, IP addresses)
- Usage data (e.g. websites visited, interest in content, access times)
- Contract data (e.g. subject matter of contract, term, customer category)
- Payment data (e.g. bank details, invoices, payment history)
Categories of data subjects
- Business and contractual partners
- Prospective customers
- Communication partners
- Users (e.g. website visitors, users of online services)
Purposes of processing
- Provision of our online offering and user-friendliness
- Contact requests and communication
- Office and organisational procedures
- Contractual services and service
- Administration and response to enquiries
Legal Bases
The following are the legal bases of the General Data Protection Regulation (GDPR) on which we process personal data:
- Consent (Art. 6(1)(a) GDPR) – The data subject has given consent to the processing of their personal data for a specific purpose.
- Performance of a contract (Art. 6(1)(b) GDPR) – Processing is necessary for the performance of a contract or to take steps prior to entering into a contract.
- Legal obligation (Art. 6(1)(c) GDPR) – Processing is necessary for compliance with a legal obligation.
- Legitimate interests (Art. 6(1)(f) GDPR) – Processing is necessary for the purposes of the legitimate interests pursued by the controller or a third party.
Security Measures
We implement appropriate technical and organisational measures to ensure a level of protection appropriate to the risk, including SSL encryption (https).
Use of Cookies
Cookies are text files that contain data from visited websites or domains and are stored by a browser on the user’s computer.
We distinguish between:
- Necessary cookies: required for the operation of the website
- Statistics and marketing cookies: for reach measurement and online marketing (only with consent)
Before processing data in connection with cookies, we ask users for consent that can be revoked at any time.
Contact Enquiries
When you contact us (e.g. via contact form, email, telephone), the information provided by the person making the enquiry is processed insofar as this is necessary to respond to the contact request.
- Types of data processed: Inventory data, contact data, content data
- Legal bases: Contract performance (Art. 6(1)(b) GDPR), Legitimate interests (Art. 6(1)(f) GDPR)
Provision of the Online Offering and Web Hosting
To provide our online offering, we use the services of web hosting providers. Data processed in this context may include all information relating to users of our online offering, in particular IP addresses.
Collection of access data and log files: Server log files may contain IP addresses, browser type, operating system, referring URL and access times.
- Legal bases: Legitimate interests (Art. 6(1)(f) GDPR)
Plugins and Embedded Functions
Google Fonts: We embed fonts provided by Google (with consent). Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland.
Deletion of Data
The data processed by us will be deleted in accordance with the statutory requirements as soon as the consent given for processing is revoked or other permissions cease to apply.
Rights of Data Subjects
Under the GDPR, you have the following rights:
- Right to object (Art. 21 GDPR)
- Right to withdraw consent
- Right of access (Art. 15 GDPR)
- Right to rectification (Art. 16 GDPR)
- Right to erasure (Art. 17 GDPR)
- Right to restriction of processing (Art. 18 GDPR)
- Right to data portability (Art. 20 GDPR)
- Right to lodge a complaint with a supervisory authority (Art. 77 GDPR)
To exercise your rights, please contact: n.reiling@reiling-consulting.com