DE | EN Germany | Luxembourg Suche

PRIVACY POLICY OF NOVENTUM CONSULTING GMBH

1. GENERAL

We appreciate your interest in our company and our services and would like you to feel safe when visiting our web pages, even with respect to the protection of your personal data. noventum is taking the protection of your personal data very seriously. Compliance with the provisions of the General Data Protection Regulation, the German Federal Data Protection Act (Bundesdatenschutzgesetz), as well as of any other applicable data protection regulations is a matter of course for noventum consulting.

2. YOUR POINT OF CONTACT IN CASE OF COLLECTION OF YOUR DATA

2.1 Controller within the meaning of the General Data Protection Regulation

In accordance with Art. 4 Par. 7 GDPR, the Controller is:

noventum consulting GmbH
Münsterstraße 111
48155 MünsterGermany
info@noventum.de

Available to you as editorially responsible party and point of contact in case of the collection of your data is:

noventum consulting GmbH
Dr. Matthias Rensing 
Münsterstraße 111
48155 Münster
Germany
Tel.: +49 163 49302-13
E-mail: matthias.rensing@noventum.de

2.2 Data Protection Officer of noventum

If you have any additional questions regarding our notes regarding data protection and the processing of your personal data, please contact the Data Protection Officer of noventum consulting GmbH,    Dr. Frank Gutberlet, directly. He will also be available to you as point of contact with respect to your rights as data subject, as well as for suggestions or complaints.

noventum consulting GmbH
Dr. Frank Gutberlet 
Münsterstraße 111
48155 Münster
Germany
Tel.: +49 163 49302-21
E-mail: frank.gutberlet@noventum.de

3. Personal data

At noventum, appropriate technical and organisational measures have been deployed to protect your personal data. We process your personal data based on the principles of Art. 5 Par. 1 GDPR: Lawfulness, transparency, fairness, purpose limitation, data minimisation, accuracy, storage limitation, and confidentiality. All employees and all third parties involved in the data processing are sworn to the General Data Protection Regulation and to the German Federal Data Protection Act and to the confidential handling of personal data.

Personal data is any and all information relating to an identified or identifiable natural person. In general, noventum is using the personal data you have made available to respond to your inquiries or to provide you with access to certain information or offers. noventum is processing your personal data collected within the context of the website exclusively for the intended purpose. 

To maintain customer relations, it may also be necessary for noventum consulting or a contracted service provider to use this personal data to inform you about product offers that are beneficial to your business activities or to perform online surveys to better serve the tasks and requirements of our customers. Of course, it will be respected if you do not want to grant your personal data for the support of customer relations (in particular for direct marketing or market research purposes). Therefore, noventum consulting will neither sell nor otherwise market your personal data to third parties.

The collection of personal data as well as its transfer to government institutions and offices entitled to said information will only take place within the framework of the applicable laws and/or if noventum consulting is required to do so due to a court order. 

noventum will store the data only as long as is necessary, in general, for responding to your inquiry, unless statutory retention periods apply. 

Listed below are the individual processing activities.

3.1 Data collection in case of informational utilisation of the website

In case of a merely informational utilisation of the website, i.e., if you do not actively communicate information to us, we only collect the personal data that your browser transmits to our server. If you want to use our website, we collect the following data that is technically required to display our website to your and that ensures stability and security (the legal basis is Art. 6 Par. 1 S. 1 lit. f GDPR):

• IP address• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• Access status / HTTP status code

Respective volume of data transmitted

• Website from which the request comes
• Browser
• Operating system and its user interface
• Language and version of the browser software

3.2 Data collection in case of utilisation of forms

On our website, various utilisation options are available to you in which a data collection occurs. You are neither legally nor contractually obligated to disclose your personal data. The data you have communicated will be deleted once its storage is no longer necessary, or the processing will be restricted if statutory storage obligations exist.

3.2.1 Data collection in case of utilisation of the contact form

You have the option to send an e-mail to us via our contact form. We treat the personal data entered as confidential and process it exclusively to respond to your contact inquiry. Once the e-mail has arrived on our server, it is exclusively read by the respective responsible employees of our company. Recipients of your personal data, in accordance with Art. 13 GDPR, are those employees who are responsible based on their area of responsibilities. A passing on to third parties outside our company is excluded. The transmission of your data is protected from access by third parties via SSL encryption. The legal basis for this processing is Art. 6 Par. 1 S. 1 lit. f GDPR. We have a legitimate business interest in the establishing of contact by (potential) customer via the contact form or, where applicable, by job applicants. Our contact form is a service we are providing, intended to facilitate a quick and uncomplicated establishing of contact for you as (potential) customer or job applicant. We want to provide you with good customer service this way. Often, the inquiries lead to the initiation of a contractual relationship. We can only respond to your contact inquiry if you fill out the specified mandatory fields.

3.2.2 Data collection in case of utilisation of the Business Culture Check-up

You have to option to participate in the Business Culture Check-up on our website. We will treat the personal data entered as confidential and process it exclusively for the analysis of the online survey. Recipients of your personal data, in accordance with Art. 13 GDPR, are those employees who are responsible based on their area of responsibilities. The transmission of your data is protected from access by third parties via SSL encryption. The legal basis for this processing is Art. 6 Par. 1 S. 1 lit. f GDPR. We have a legitimate business interest in the analysis of customer surveys conducted via contact form. The data entered into the questionnaires will be utilised only consolidated in anonymized form and for statistical purposes. If you wish to additionally be contacted by noventum, your consent in accordance with Art. 6 Par. 1 lit. a GDPR is required. A consent is a declaration of agreement in the form of a declaration with which you indicate to noventum that you agree to the processing of personal data concerning you. 

A declaration of agreement for purposes other than to establish contact is not granted with it and therefore does not take place. The option to provide your declaration of agreement is available to you as a check box below your data entries.

A declaration of consent may, in accordance with Art. 7 GDPR be withdrawn at any time by notifying the Controller specified under 2.1. The withdrawal will not affect the legality of the processing up until the withdrawal. However, any further processing it then excluded.

3.3 Data collection via COOKIES

In order to design our Internet presence as attractively and comfortable as possible, we are utilising so-called “cookies” on some pages. Cookies are small text files that your browser is storing on your computer that allow for an analysis of your utilisation of this website. The utilisation of these cookies is carried out maintaining the legitimate interests of noventum on the legal basis of Art. 6 Par.1 lit. f GDPR. 

Many cookies are being deleted when your browser session ends. The permanent cookies serve for recognising you again upon your next visit to our website, and make your visit easier and more effective. We are not able to directly associate your person therewith. Furthermore, cookies can neither execute programmes nor transmit viruses. They exclusively serve for making the Internet presence more user-friendly and effective, overall. You can turn off the storing of third party cookies or all cookies via the corresponding settings of your browser (no matter whether it is on a smart phone, tablet, or PC). This can, however, lead to functional restrictions when visiting our website.

3.4 Data collection by GOOGLE ANALYTICS

To gain better insights into the utilisation of our website and to continuously improve our online presence, noventum is, on the legal basis of Art. 6 Par.1 lit. f GDPR, using Google Analytics, a web analysis service of Google Inc. (hereinafter referred to as “Google”). In this case, Google is the Processor of noventum consulting GmbH in accordance with Art. 28 GDPR. 

Google Analytics uses “cookies” (see above). The information that the cookie generates about your use of this website (including your IP-address) is transferred to and stored on a server operated by Google in the USA. On our website, we have supplemented Google Analytics with the function of a anonymisation programme (“gat. anonymizeIp()”). The collection of your IP address is being anonymized thusly and a correlation with individual persons can be excluded. Google will use this information to evaluate your use of the website, compiling reports on website activity for the website operators and providing other services relating to website activity and internet usage. For exceptional cases in which personal data is transmitted to the USA, Google has subjected itself to the EU-US Privacy Shield Framework. Specifically, this means that a data transmission to the USA is permissible since Google is subject to the “Privacy Shield Framework” and therefore enforceable laws and effective judicial remedies are available to the data subjects. Additional information regarding this certification is available under the following link (see Data Privacy and Security): https://support.google.com/analytics#topic=1008008

Google may also transmit the collected data to third parties, if it is legally mandated to do this or to the extent where third parties are processing this data on behalf of Google. Under no circumstances will Google correlate your IP address with other Google data.

You can prevent the installation of the cookies through a corresponding setting in your browser software (see above). By downloading and installing a browser plug-in, you can, furthermore, prevent the collection of the data generated by the cookie and related to your utilisation of the website (including your IP address) by Google as well as the processing of this data by Google. The plug-in is available at: https://tools.google.com/dlpage/gaoptout?hl=en.In addition, you can deactivate (i.e., opt-out from) Google Analytics at any time. An opt-out cookie then prevents Google Analytics from collecting data upon your next visit to this website. To do so, click on: deactivate Google Analytics. 

For additional information from the Privacy Center of Google Analytics, see:
https://support.google.com/analytics/answer/6004245?hl=en

Information of the third party provider: 
Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland,Fax: +353 (1) 436 1001. 

Terms & conditions of use:
https://www.google.com/analytics/terms/gb.html

Privacy overview:
https://support.google.com/analytics/answer/6004245?hl=en

Privacy policy: 
https://policies.google.com/terms?hl=en&gl=de

3.5 Data collection by Google Maps

noventum is using the offer of Google Maps on the legal basis of Art. 6 Abs 1 S. 1 lit. f GDPR to display interactive maps to you on the website, and to enable you to comfortably use the map function. By visiting the website, Google receives information that you have called up the respective sub-page of our website. In addition, the data specified under “Collection of personal data in case of informational utilisation of the website” of this policy is being transmitted. This takes place independent of whether or not Google is providing a user account through which you are logged in or whether no user account exists. If you are logged in at Google, this data is linked directly to your account. If you do not wish for the linking with your profile to occur at Google, you must log out prior to activating the button. Google stores your data as a user profile and utilises it for purposes of advertising, market research and/or demand-oriented design of its website. Such an analysis is carried out, in particular (even for users who are not logged in), for the provision of demand-oriented advertising and in order to inform other users of the social network of your activities on our website. 
You have a right to object against the creation of these user profiles wherein you have to contact Google to exercise said right. For additional information regarding the purpose and scope of the data collection and its processing by the plug-in provider, see the privacy policies of said provider. There, you also receive additional information regarding your respective rights and setup options for the protection of your privacy: http://www.google.de/intl/de/policies/privacy. Google is also processing your data in the USA and has subjected itself to the EU-US Privacy Shield Framework, https://www.privacyshield.gov/EU-US-Framework.

3.6 External links

To design our Internet presence as attractively and comfortable as possible, noventum is utilising external links (e.g. Xing, Twitter, Facebook, Google Plus). If you are using external links that are offered in the context of our web pages, this data protection policy and therewith the collection of your personal data by the owners of the respective we pages shall not apply to those links. We do not constantly check external links. 

4. Rights of data subjects

Your rights in accordance with the General Data Protection Regulation

Right of Access, Art. 15 GDPR
You have the right to demand a confirmation from the responsible person under 2.1 whether personal data concerning you is being processed. If this is the case, you have the right to information about this personal data and to the information specified under Art. 15 of the General Data Protection Regulation.You will be provided with a copy of the personal data that is the subject of processing. For any other copies you would like to request, noventum reserves the right to demand reasonable remuneration based on the administrative costs.

Right to rectification, Art.16 GDPR 
It may happen that personal data is incomplete or incorrect. Taking into consideration the processing of your personal data for the purpose of fulfilling the services inquired about and to maintain your own legitimate business interests, you can effect a completion or correction of your personal data by means of a supplemental declaration. noventum will immediately change your data in accordance with your declaration. Please bring this to our attention and submit a supplemental declaration; you are also welcome to communicate this to us by phone. For the completion or correction of your data, please contact the responsible person specified under 2.1.

Right to erasure, Art. 17 GDPR
Your personal data will be processed by noventum only for a period of time reasonable and required for the processing activity and will be subsequently erased. Furthermore, you can contact the responsible person listed under 2.1 at any time to have your data erased subject to the reasons stated under Art. 17 of the General Data Protection Regulation.

Right to restriction of processing, Art. 18 GDPR 
You have the right to demand, from the responsible person under 2.1, the restriction of processing if one of the prerequisites stated in Art. 18 of the General Data Protection Regulation exists.

Right to data portability, Art. 20 GDPR
You have the right to demand, from the controller specified under 2.1, to receive the personal data concerning you in a structured, commonly used and machine-readable format. You have to right to transmit those data to another controller or to have them transmitted directly from one controller to another.

Right to object, Art. 21 GDPR
You have the right to object, at any time, to the processing of personal data concerning you if such a processing is carried out on the legal of accordance with Art. 6 Par. 1 S.1 lit. f GDPRVO to maintain the legitimate interests of noventum. 
Upon assertion of the objection, personal data will no longer be processed unless noventum can prove compelling legitimate grounds for the processing that prevail or if the processing serves the assertion, exercising, or defending of legal claims.
The objection can be directed to the person listed under 2.1.

Right to lodge a complaint with a supervisory authority, Art. 77 GDPR
You shall have the right to lodge a complaint with a supervisory authority if the processing of your personal data is in violation of the General Data Protection Regulation.

5. Versioning of the privacy policy

noventum consulting reserves the right to change the security and data protection measures if this becomes necessary due to legislative changes or technical developments. In these cases, the notes regarding data protection will be adjusted accordingly. Please do therefore pay attention to the respective current version of the data protection policy.

 

Copyright © 2018 - noventum consulting