top of page

Privacy notice

Privacy policy

 

I. General Information on Personal Data and Contact Information of the Controller

​

The protection of your personal data is important to us. Below, we would like to inform you about the handling of personal data. According to Art. 4 No. 1 of Regulation (EU) 2016/679 (hereinafter referred to as the “General Data Protection Regulation” or “GDPR”), personal data are all information relating to an identified or identifiable natural person. Your data will be stored and processed by us in compliance with the relevant provisions of national data protection laws and the GDPR. The controller for data processing within the meaning of the aforementioned regulations is:

 

BalgheimConsult GmbH

Managing Director Thomas Balgheim

Magdeburger Str. 4

63110 Rodgau

Email: info@balgheimconsult.com

Tel: +49 151 54410608

Fax: +49 6106 772019

 

The controller for the processing of personal data is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data.

 

Please be aware that in case of legal conflicts only the German version is applicable.

​

II. Your Rights

​

With regard to your personal data, you have the following rights against the controller. The conditions for exercising these rights are referred to the respective legal basis:

  • Right of access according to Art. 15 GDPR;

  • Right to rectification according to Art. 16 GDPR;

  • Right to erasure according to Art. 17 GDPR;

  • Right to restriction of processing according to Art. 18 GDPR;

  • Right to notification according to Art. 19 GDPR;

  • Right to data portability according to Art. 20 GDPR;

  • Right to withdraw consent according to Art. 7(3) GDPR;

  • Right to lodge a complaint according to Art. 77 GDPR.

 

Additionally, you have the right to object:

Data subjects have the right to object at any time, on grounds relating to their particular situation, to the processing of personal data concerning them which is based on Art. 6(1)(e) or (f) GDPR.

 

The controller will no longer process the personal data unless they can demonstrate compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or for the establishment, exercise, or defense of legal claims.

 

If personal data are processed for direct marketing purposes, data subjects have the right to object at any time to the processing of personal data concerning them for such marketing; this also applies to profiling to the extent that it is related to such direct marketing.

If data subjects object to processing for direct marketing purposes, the personal data will no longer be processed for these purposes.

 

Data subjects have the possibility to exercise their right to object in connection with the use of information society services, notwithstanding Directive 2002/58/EC, by means of automated procedures using technical specifications.

​

III. Legal Bases

​

If we obtain the consent of the data subject for processing operations of personal data, Art. 6(1)(a) GDPR serves as the legal basis.

If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, Art. 6(1)(b) GDPR serves as the legal basis. This also applies to processing operations that are necessary to carry out pre-contractual measures.

 

If the processing of personal data is necessary for compliance with a legal obligation to which our company is subject, Art. 6(1)(c) GDPR serves as the legal basis. In the event that vital interests of the data subject or another natural person make the processing of personal data necessary, Art. 6(1)(d) GDPR serves as the legal basis.

If the processing is necessary for the purposes of the legitimate interests pursued by our company or a third party and these interests are not overridden by the interests, fundamental rights, and freedoms of the data subject, Art. 6(1)(f) GDPR serves as the legal basis for the processing.

 

If it is stated below that data are processed in the USA, we point out that the European Court of Justice has assessed the level of data protection in the USA as inadequate. In particular, there is a risk that your data may be processed by US authorities for control and monitoring purposes without any legal remedies. If you have consented to the use of the respective service, you consent according to Art. 49(1)(a) GDPR that your data will be processed in the USA.

 

If cookies or similar technologies are used, we obtain prior consent (§ 25 TTDSG), unless this is not legally required. Consent is not necessary, in particular, if the storage and reading of information, including cookies, is absolutely necessary to provide a telemedia service expressly requested by the users (i.e., our online offer). The revocable consent is clearly communicated to the users and contains information on the respective cookie usage.

​

IV. Duration of Storage of Personal Data

​

The respective storage duration of personal data depends on the legal basis, the purpose of processing, and, if applicable, relevant statutory retention periods.

 

In principle:

If the data processing is based on consent according to Art. 6(1)(a) GDPR, the data will be stored until the consent is revoked.

If the data processing is based on Art. 6(1)(f) GDPR, the data will be stored until the data subject exercises their right to object according to Art. 21(1) GDPR, unless there are compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject, or the processing serves the establishment, exercise, or defense of legal claims.

 

If personal data are processed for direct marketing purposes based on Art. 6(1)(f) GDPR, the personal data will be stored until the data subject exercises their right to object according to Art. 21(2) GDPR.

 

Unless otherwise stated in the following information of this declaration on specific processing situations, personal data will otherwise be deleted when they are no longer necessary for the purposes for which they were collected or otherwise processed.

​

V. Specific Processing Situations

 

1. Processing of Personal Data When Visiting the Website

​

a. Description and Scope of Data Processing

When you visit our website (without registration or other contact), the following data (so-called log files) are transmitted by your browser to our servers or the servers of our hosting service provider:

​

  • IP address

  • Date and time of the request

  • Time zone difference to GMT

  • Content of the website

  • Access status (HTTP status)

  • Transferred data volume

  • Requesting website

  • Web browser

  • Operating system

  • Language and version of the browser

 

Our hosting service provider is IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, +49 (0) 721 170 5522, info@ionos.de, https://www.ionos.de.

 

b. Legal Basis for Data Processing

The legal basis for storing data and log files is Art. 6 para. 1 lit. f GDPR.

 

c. Purpose of Data Processing

Storing log files ensures the proper functioning of our website. It also serves to optimize and secure our systems. Data is not evaluated for marketing purposes in this context.

 

d. Duration of Storage

The data we store is deleted as soon as it is no longer necessary for the purpose for which it was collected. This is usually the case after the end of the respective session. Further storage is possible. In this case, the IP addresses of the users are deleted or anonymized so that it is no longer possible to assign the calling client.

 

e. Objection and Removal Possibility

The collection of the mentioned data is essential for the operation of the website. Therefore, the user has no possibility to object.

 

2. Processing of Personal Data by Cookies

​

a. Description and Scope of Data Processing

Our website uses cookies. Cookies are text files that are stored on the visitor’s computer system when they visit our websites. Cookies contain a string of characters that allows the browser to be uniquely identified when the website is called up again. We use the following types of cookies:

  • Transient cookies/session cookies: Deleted after the session ends

  • Persistent cookies: Deleted after the specified storage period

  • Technically necessary cookies

If cookies are also set on our websites for advertising and/or analysis purposes, we will inform you separately in this statement. You can configure your browser to inform you about the setting of cookies and to decide individually whether to accept them or to exclude the acceptance of cookies for certain cases or in general. If cookies are not accepted, the functionality of our website may be restricted. If cookies are also set on our websites for advertising and/or analysis purposes, we will inform you separately in this statement.

 

b. Legal Basis for Data Processing

The legal basis for processing personal data using necessary cookies is Art. 6 para. 1 lit. f GDPR.

 

c. Purpose of Data Processing

Technically necessary cookies simplify the use of websites. Some functions of the website or online shop cannot be offered without the use of cookies. For these, it is necessary that the browser is recognized even after a page change. The user data collected through technically necessary cookies are not used to create user profiles.

 

d. Duration of Storage, Objection, and Removal Possibility

Cookies are stored on the user’s computer and transmitted to our site. Therefore, users have full control over the use of cookies. By changing the settings in your internet browser, you can disable or restrict the transmission of cookies. Already stored cookies can be deleted at any time. This can also be done automatically. If cookies are deactivated for our website, it may no longer be possible to use all functions of the website to their full extent.

 

3. Contact Form and Email

​

a. Description and Scope of Data Processing

We provide visitors to our website with a contact form for quick electronic contact. The data entered in the input mask is transmitted to us and stored. If you contact us via the contact form or email, you agree to email communication that is transport-encrypted but not content-encrypted. Please inform yourself about the associated risks, e.g., here: https://www.bsi-fuer-buerger.de. Additionally, the IP address of the user, as well as the date and time of transmission, are stored at the time of sending. Alternatively, contact can be made via the provided email address. In this case, the personal data transmitted with the email will be stored. The data will not be passed on to third parties. The data is used exclusively for processing the request.

 

b. Legal Basis for Data Processing

The legal basis for processing the data is Art. 6 para. 1 lit. a GDPR. The legal basis for processing the data transmitted in the course of sending an email is Art. 6 para. 1 lit. f GDPR. If the email contact aims at concluding a contract, the legal basis for processing is Art. 6 para. 1 lit. b GDPR.

 

c. Purpose of Data Processing

The processing of personal data serves solely to handle the contact. In the case of contact via email, this also constitutes the necessary legitimate interest in processing the data. The other personal data processed during the sending process serve to prevent misuse of the contact form and to ensure the security of our information technology systems.

 

d. Duration of Storage

The data will be deleted as soon as it is no longer necessary for the purpose for which it was collected. For personal data from the input mask of the contact form and those sent by email, this is the case when the respective conversation with the user is ended. The conversation is ended when it can be inferred from the circumstances that the relevant facts have been conclusively clarified. The additional personal data collected during the sending process will be deleted at the latest after a period of seven days. If the correspondence results in a business transaction, we are legally obliged to keep the exchanged correspondence for 6 years (starting from the end of the calendar year in which the respective letter was sent).

 

e. Objection and Removal Possibility

The user has the possibility to revoke their consent to the processing of personal data at any time. For this purpose, the user can contact the responsible party using the contact options provided on the website. If the user contacts us via email, they can object to the storage of their personal data at any time. In such a case, the conversation cannot be continued. If the storage of data results from a legal obligation, there is no right of objection.

bottom of page