Publication date: 25.05.2018
Privacy Statement by btr Consulting GmbH
We welcome you to our website and thank you for your interest in our company. In order to give you a good feeling with regard to how your personal data is handled, we would like to elucidate what happens to the produced data and which safety measures are taken by us. Furthermore, you will be informed about your legally stipulated rights in connection with the processing of this data.
Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference of name, birthday, address, telephone number, Email-address, IP-Address or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Name and Address of the Controller
Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:
btr Consulting GmbH
Hanauer Landstraße 188
Phone: +49 69 800 8966-0
Telefax: +49 69 800 8966-20
Rights of the Data subject
Each data subject has several rights granted by the European legislator specified in the following:
- Each data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
- Each data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay.
- Each data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:
- The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
- The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use instead.
- The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
- The data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
- Each data subject shall have the right to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format. Furthermore, the data subject shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
- Each data subject shall have the right to withdraw his or her consent to processing of his or her personal data at any time.
If the data subject wishes to exercise his/her rights, he or she may, at any time, contact us via Email firstname.lastname@example.org or by following address:
btr Consulting GmbH
Hanauer Landstraße 188
Legal basis for the processing
Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1) lit. b GDPR.
The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. Is our company subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR.
In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1) lit. d GDPR.
Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).
Routine erasure and blocking of personal data
The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to. If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements.
We have implemented technical and organizational measures in order to protect your data against accidental or deliberate manipulation, loss, destruction or against unauthorized access. We update our security measures on an ongoing basis in line with technical developments.
User Profiles / Web Tracking
User profiles are not compiled. In the event that we have the intention of compiling user profiles in the future, we will give you due warning when you visit our website, so you have the possibility of filing an objection. We will then of course respect your wishes and will not compile this type of profile on you.
We will only collect, process or use data for consultation, advertising or market-research purposes if you have given us your prior consent for this. Naturally you can revoke any consent you have given at any time.
XING’s Share button
LinkedIn Share button
Our Website uses a button operated by the social network, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA. You can recognize the blue ‘in’ logo on the button. If you click this button on our Webpage, your browser will connect directly with the LinkedIn server, and the content of the plug-in will be transmitted back to your browser and integrated into the Website. Moreover, LinkedIn will be notified that you have visited our Website. If you are logged into your personal LinkedIn account during your visit, LinkedIn can identify you as the person visiting our Website. If you do not wish to have such information transmitted to your LinkedIn account, you must log out from that account before visiting our Website.
Changes to this privacy statement
We may modify or amend this privacy statement from time to time. To let you know when we make changes to this privacy statement, we will amend the revision date at the top of this page. The new modified or amended privacy statement will apply from that revision date. Therefore, we encourage you to periodically review this statement to be informed about how we are protecting your information.