btr Consulting

Privacy Statement

                                                                                                                                                             Publication date: 25.05.2018

Privacy Statement by btr Consulting GmbH

We welcome you to our website and thank you for your interest in our company. In order to give you a good feeling with regard to how your personal data is handled, we would like to elucidate what happens to the produced data and which safety measures are taken by us. Furthermore, you will be informed about your legally stipulated rights in connection with the processing of this data.

Personal data means any information relating to an identified or identifiable natural person (“data subject”). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference of name, birthday, address, telephone number, Email-address, IP-Address or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

 

Name and Address of the Controller

Controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union and other provisions related to data protection is:

btr Consulting GmbH
Hanauer Landstraße 188
60314 Frankfurt
Phone: +49 69 800 8966-0
Telefax: +49 69 800 8966-20
www.btr-consulting.de
info@btr-consulting.de

Compliance Contact

compliance@btr-consulting.de

 

Rights of the Data subject

Each data subject has several rights granted by the European legislator specified in the following:

  1. Each data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
  1. Each data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay, and the controller shall have the obligation to erase personal data without undue delay.
  1. Each data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:
  • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
  • The processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use instead.
  • The controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims.
  • The data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.
  1. Each data subject shall have the right to receive the personal data concerning him or her, which was provided to a controller, in a structured, commonly used and machine-readable format. Furthermore, the data subject shall have the right to have personal data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
  1. Each data subject shall have the right to withdraw his or her consent to processing of his or her personal data at any time.

If the data subject wishes to exercise his/her rights, he or she may, at any time, contact us via Email compliance@btr-consulting.de or by following address:

btr Consulting GmbH
Hanauer Landstraße 188
60314 Frankfurt

 

Legal basis for the processing

Art. 6(1) lit. a GDPR serves as the legal basis for processing operations for which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is party, as is the case, for example, when processing operations are necessary for the supply of goods or to provide any other service, the processing is based on Article 6(1) lit. b GDPR.

The same applies to such processing operations which are necessary for carrying out pre-contractual measures, for example in the case of inquiries concerning our products or services. Is our company subject to a legal obligation by which processing of personal data is required, such as for the fulfillment of tax obligations, the processing is based on Art. 6(1) lit. c GDPR.

In rare cases, the processing of personal data may be necessary to protect the vital interests of the data subject or of another natural person. This would be the case, for example, if a visitor were injured in our company and his name, age, health insurance data or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6(1) lit. d GDPR.

Finally, processing operations could be based on Article 6(1) lit. f GDPR. This legal basis is used for processing operations which are not covered by any of the abovementioned legal grounds, if processing is necessary for the purposes of the legitimate interests pursued by our company or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Such processing operations are particularly permissible because they have been specifically mentioned by the European legislator. He considered that a legitimate interest could be assumed if the data subject is a client of the controller (Recital 47 Sentence 2 GDPR).

Routine erasure and blocking of personal data

The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which the controller is subject to. If the storage purpose is not applicable, or if a storage period prescribed by the European legislator or another competent legislator expires, the personal data are routinely blocked or erased in accordance with legal requirements.

Data Security

We have implemented technical and organizational measures in order to protect your data against accidental or deliberate manipulation, loss, destruction or against unauthorized access. We update our security measures on an ongoing basis in line with technical developments.

Cookies

Our Website uses cookies, which are small files sent by a Web server to your computer and often maintained on your hard drive. These are not programs that can damage your machine; they simply enable us to recognize your browser when you revisit our site. No personal information is stored in a cookie nor can such information be used to identify you. You may disable cookies in your browser; for more details please refer to the help function of your browser. However, please note that some of our Website features or services may not function properly without cookies.

User Profiles / Web Tracking

User profiles are not compiled. In the event that we have the intention of compiling user profiles in the future, we will give you due warning when you visit our website, so you have the possibility of filing an objection. We will then of course respect your wishes and will not compile this type of profile on you.

We will only collect, process or use data for consultation, advertising or market-research purposes if you have given us your prior consent for this. Naturally you can revoke any consent you have given at any time.

XING’s Share button

The “XING share button” is in use on this Website, operated by XING AG (“XING”), Gänsemarkt 43, 20354 Hamburg, Germany. You can recognize the blue ‘X’ logo on the button. If you click the button when accessing this Website, your browser will connect for a short time to the XING AG (“XING”) servers that provide the “XING share button” features (including the visitor counter). XING does not save any of your personal information via our Website. XING does not store IP addresses, nor does it use cookies to monitor your behavior with regard to the XING share button. Please visit the following Website to view the latest privacy policy for the XING share button and other related information: https://www.xing.com/app/share?op=data_protection or http://www.xing.com/privacy or http://www.xing.com/terms.

LinkedIn Share button

Our Website uses a button operated by the social network, LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA. You can recognize the blue ‘in’ logo on the button. If you click this button on our Webpage, your browser will connect directly with the LinkedIn server, and the content of the plug-in will be transmitted back to your browser and integrated into the Website. Moreover, LinkedIn will be notified that you have visited our Website. If you are logged into your personal LinkedIn account during your visit, LinkedIn can identify you as the person visiting our Website. If you do not wish to have such information transmitted to your LinkedIn account, you must log out from that account before visiting our Website.

Please visit https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy for more information on LinkedIn’s privacy policy and user agreement https://www.linkedin.com/legal/user-agreement?trk=uno-reg-guest-home-user-agreement and the scope of the information collected and processed by LinkedIn.

Changes to this privacy statement

We may modify or amend this privacy statement from time to time. To let you know when we make changes to this privacy statement, we will amend the revision date at the top of this page. The new modified or amended privacy statement will apply from that revision date. Therefore, we encourage you to periodically review this statement to be informed about how we are protecting your information.