Privacy Policy

Privacy policy

- www.hoeveler-holzmann.com -

 

1. Provider of www.hoeveler-holzmann.com  

1.1 HÖVELER HOLZMANN CONSULTING GmbH, Bahnstraße 16, 40212 Düsseldorf, Germany, Tel.: +49 (0) 211 56 38 75 0, Fax: +49 (0) 211 56 38 75 69, E-Mail: infodontospamme@gowaway.hoeveler-holzmann.com (hereinafter "Provider"), operates the website which can be called up at www.hoeveler-holzmann.com together with its sub-pages (hereinafter "Website").

1.2 The provider takes the protection of your personal data very seriously and observes the applicable data protection regulations, in particular the Basic Data Protection Regulation (DSGVO) and the Federal Data Protection Act (BDSG). The following declaration gives you an overview of how the provider guarantees this protection and what kind of data is collected for what purpose.

1.3 If you have questions or problems with data protection issues, please contact the provider's data protection officer (see item 12).

 

2. Collection, Processing and use of General Data 

2.1 The provider automatically collects and stores information when you call up the website, which your browser - unless the corresponding functions are deactivated - transmits to the provider. This data is evaluated exclusively to ensure trouble-free operation of the website and to improve the service and does not allow the provider to draw any conclusions about your person. 
The access logs of the web servers record which pages were called up at which time. They contain the following data: IP, directory protection user, date, time, pages called up, logs, status code, data volume, referrer, user agent, host name called up.
The IP addresses are stored anonymously. For this purpose the last three digits are removed, i.e. 127.0.0.1 becomes 127.0.0.*. IPv6 addresses are also anonymized. The anonymized IP addresses are stored for 60 days. Details of the directory protection user used are anonymized after one day. Error logs, which log incorrect page views, are deleted after seven days. In addition to the error messages, these logs contain the accessing IP address and, depending on the error, the website called up. 
Accesses via FTP are logged anonymously and kept for 60 days. The mail logs for sending e-mails from the web environment are anonymised after one day and then retained for 60 days. During anonymization, all data on the sender/recipient etc. is removed. Only the data on the time of sending and information on how the e-mail was processed (queue ID or not sent) are retained. Mail logs for sending via the provider's mail servers are deleted after four weeks. The longer retention period is necessary to ensure the functionality of the mail services and to combat spam.

 

3. Personal Data

3.1 Personal data is only collected, processed and used in the context of the use of the website as described below. Personal data are all individual details about personal or factual circumstances of a specific or determinable natural person (not included: legal entities, such as a GmbH or AG). Personal data includes above all information such as the name, address, e-mail address or professional circumstances of a person.

 

4. Collection, Processing and use of Personal Data

4.1 The provider collects, processes and stores your personal data, if you provide the provider with this data in the context of a contact (e.g. by e-mail or telephone).
Within the framework of the above-mentioned interaction with you, the data required for this purpose is collected. In addition, further data may be requested which is helpful for consultation and information tailored to your needs; however, the entry of this data is voluntary and marked accordingly. The provider will use the data you provide to process your enquiries or for contract processing. In order that you do not have to repeatedly provide the provider with the same information in the event of inquiries or during ongoing consultations, the provider stores this information for as long as it is needed to clarify the inquiry or for the customer relationship.

Data processing is carried out on the basis of Art. 6 Para. 1 Sentence 1 lit. b DSGVO if it serves the purpose of contract processing or contract preparation measures. Insofar as you have consented to data collection and data processing, the data processing is based on Art. 6 para. 1 sentence 1 lit. a DSGVO. For justified internal purposes (such as market research, marketing, internal company statistics or offer optimisation) data will be processed in accordance with Art. 6 para. 1 sentence 1 lit. f) DSGVO. Insofar as data processing is carried out to fulfil a legal obligation, this is done in accordance with Art. 6 Abs. 1 lit. c) DSGVO.

4.2 All personal data is stored or processed on servers in Germany or within the EU. A data transfer to places outside the EU is only carried out in accordance with Art. 44 ff. DSGVO permissible framework.

4.3 You have the right to object to the collection of data for direct marketing purposes. In order to exercise this right of withdrawal, you can send an informal message to info@hoeveler-holzmann.com stating your e-mail address and indicating your intention to withdraw.

 

5. Data Transfer to Third Parties

5.1 The provider will only pass on your personal data to third parties in the following cases:

5.1.1 If a service provider, in whose services you are interested, requires this data to prepare an individual offer for you or to contact you. Unless you are expressly informed otherwise and you give your consent, these service providers are only entitled to use your data to the extent that this is necessary for the respective purpose or is approved by you; or

5.1.2 If the transmission is otherwise necessary for the provision of a service requested or commissioned by you (e.g. newsletter registration); or

5.1.3. where there is a mandatory administrative or judicial order

 

6. Deletion and Correction of Data

6.1 Upon request or after termination of the contract with the provider, your personal data will be deleted immediately if this is not contrary to tax or commercial law storage or documentation obligations or if the safeguarding of the legitimate interests of the provider is at risk.

6.2 As long as not all contractual obligations have been fulfilled and your data is required for this purpose, there is no claim to data deletion.

6.3 Should data be faulty, it will be corrected as soon as it becomes known or at your request.

 

7. right of information / further rights

7.1 Upon request, the provider will provide you with information about 

  • the collection of personal data,
  • the purpose of the data processing, 
  • the categories of data processed, and
  • where appropriate, the recipients to whom data are disclosed as a result of legal obligations or contractual relations.

7.2 Upon request, the provider will provide you with a copy of the data collected and processed by you.

7.3 Upon request, your data may be provided in a format readable by you and any subsequent service provider, in order to enable rapid transmission.

7.4 In the event of violations of data protection regulations, you have a right of complaint, which you can exercise at the responsible supervisory authority, the State Commissioner for Data Protection and Freedom of Information of North Rhine-Westphalia https://www.ldi.nrw.de/.

 

8. Cookies

8.1 The website uses so-called "cookies" in several places. They serve, among other things, to make the offer of the website more user-friendly, effective and secure. Cookies are text information that a website transfers to the cookie file of the browser on your computer hard drive or other terminal device so that the website can remember which terminal device accessed it, among other things. A cookie typically contains the name of the domain from which the cookie originates, the "lifetime" of the cookie, and a value, usually a randomly generated unique number. The website uses the following types of cookies:

8.1.1 Session Cookies: These are temporary cookies that remain in the cookie file of your browser until you leave the website. Session cookies make it possible to identify the terminal device during the period of use. This information is no longer stored after you have left the website.

8.1.2 Persistent Cookies: These remain in the cookie file of your browser for a longer period of time. The time frame depends on the "lifetime" of the specific cookie. After this lifetime the cookie deletes itself. The purpose of using these permanent cookies is to ensure the functionality of the website (e.g. affiliate links to current coupon codes and offers). The permanent cookies contain no personal data. Name, IP address etc. are not stored in them. 

8.1.3 Web Beacons: These are electronic characters (also called "clear GIFs" or "web bugs") that allow us to count the number of users who have visited the website. 

8.2 If you do not wish to accept cookies or web beacons, you may refuse them and prevent access to previously stored information by selecting the appropriate setting in the cookie banner that appears when you visit the Site. Please note, however, that you may not be able to use all the features of the website if cookies and/or web beacons are disabled.

8.3 Google Analytics, Google Tag Manager, Google Data Studio, Google ReCaptcha

The Provider uses Google Analytics, Google Tag Manager and Google Data Studio, web analytics services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). Google Analytics, Google Tag Manager and Google Data Studio also use cookies (cf. the description in section 8.1.), which enable an analysis of your use of the website. The information generated by cookies about your use of the website is usually transferred to a Google server in the USA and stored there. On this website, IP anonymisation has been activated so that the IP address of Google users within member states of the European Union or in other contracting states of the Agreement on the European Economic Area is shortened beforehand. Only in exceptional cases is the full IP address transferred to a Google server in the USA and shortened there. On behalf of the provider, Google will use this information to evaluate your use of the website, to compile reports on the website activities and to provide further services to the provider in connection with the use of the website and the internet. The IP address transmitted by your browser in the context of Google Analytics, Google Tag Manager and Google Data Studio is not combined with other data from Google.
You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. You can also prevent the collection of data generated by the cookie and related to your use of the website (including your IP address) to Google and the processing of this data by Google by downloading and installing the browser plugin available under the following link: https://tools.google.com/dlpage/gaoptout?hl=de  

ReCaptcha: We incorporate the "ReCaptcha" function to detect bots when entering data in online forms. The behavioral information of the users (e.g. mouse movements or queries) is evaluated in order to be able to differentiate between people and bots. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheater Parkway, Mountain View, CA 94043, USA; Website: https://www.google.com/recaptcha/; Data protection declaration: https://policies.google.com/privacy; Opposition option (opt-out): opt-out plug-in: https://tools.google.com/dlpage/gaoptout?hl=de, settings for displaying advertisements: https://adssettings.google.com/authenticated

Google Ads and conversion measurement: We use the online marketing method "Google Ads" to place ads in the Google advertising network (e.g., in search results, in videos, on web pages, etc.) so that they are displayed to users who have a presumed interest in the content. Furthermore, we measure the conversion of the ads. We only receive the anonymous total number of users who clicked on our ad and were redirected to a page tagged with a so-called "conversion tracking tag". We do not receive any information that identifies users. Service provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, parent company: Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; website: marketingplatform.google.com; privacy policy: policies.google.com/privacy.

8.4 Youtube Videos

Youtube videos are embedded on this page. The advanced privacy mode is used, so that when you visit the page with the embedded YouTube video, no cookies are set by YouTube, an offer from Google. A transmission of data to Youtube only takes place when the video is started. Independent of a playback of the embedded videos, a connection to Google is established each time this website is called up (previously: double-click), which can trigger further data processing processes without our influence. As soon as the page of this homepage equipped with a YouTube video is called and you start the playback, a connection to the servers of YouTube is established. This tells the Youtube server which specific page of this website was visited. If you are logged in, your surfing behavior will be assigned to your personal profile. You can prevent this possibility if you log out of Youtube before. For more information about the collection and use of your data by YouTube, please refer to the privacy policy at www.youtube.com. Further information on data protection at "Youtube" can be found in the provider's privacy policy at: www.google.de/intl/de/policies/privacy/. 

8.5 Mailchimp

For the sending of newsletters, the provider uses Mailchimp, a service of The Rocket Science Group LLC, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA ("Rocket Science"), on the basis of a contract processing relationship. For this purpose, your e-mail address as well as your IP address will be processed within the scope of the newsletter dispatch. Rocket Science may use data in pseudonymized form (i.e. without attribution to you as a person) to improve its own services or to compile statistics. However, Rocket Science does not use the data to contact you as a newsletter recipient independently or to pass on your data to third parties. Further details about the processing and compliance of data protection by Rocket Science can be found at mailchimp.com/legal/privacy/.  
Rocket Science has joined the Privacy Shield Agreement (see www.privacyshield.gov/participant) and has thus committed itself to comply with the European data protection standards.

8.6 Web Fonts

Google Fonts are integrated on the server side of the website. However, for technical reasons, Google fonts are still used in some cases. Google Fonts is a service of Google. The integration of these Web Fonts is done by a server call, usually a Google server in the USA. Through this, the server is informed which internet pages of the provider the users have visited. The IP address of the browser of the end device of the visitor to this website is also stored by Google. Further information on Google's privacy policy can be found at www.google.de/intl/de/privacy or www.google.com/intl/de/policies/privacy/.
8.8 A general objection to the use of cookies used for online marketing purposes can be declared for a variety of services, especially in the case of tracking, via the US site www.aboutads.info/choices/ or the EU site www.youronlinechoices.com. Furthermore, the storage of cookies can be achieved by deactivating them in the browser settings. Please note that not all functions of this online offer can be used then.

 

9. Social Plugins

The provider maintains online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about services. When accessing the respective networks and platforms, the terms and conditions and data processing guidelines of their respective operators apply. Unless otherwise stated in the Provider's data protection declaration, the Provider processes the data of the users if they communicate with the Provider within the social networks and platforms, e.g. write articles on online presences or send messages to the Provider. 

9.1 Facebook

On the basis of legitimate interests (i.e. interest in the analysis, optimisation and economic operation of the online offer within the meaning of Art. 6 para. 1 lit. f. DSGVO) Social Plugins ("Plugins") of the social network facebook.com, which is operated by Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland ("Facebook"). The Plugins can display interaction elements or content (e.g. videos, graphics or text contributions) and can be recognized by one of the Facebook logos (white "f" on blue tile, the terms "Like", "Like" or a "thumbs up" sign) or are marked with the addition "Facebook Social Plugin". The list and appearance of the Facebook Social Plugins can be viewed here: developers.facebook.com/docs/plugins/. 
Facebook has joined the Privacy Shield Agreement (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active) and has thus committed itself to comply with European data protection standards. When a user calls up a function of this online offer that contains such a plugin, his or her device establishes a direct connection with the Facebook servers. The content of the plugin is transmitted by Facebook directly to the user's device and integrated into the online offer by the user. User profiles can be created from the processed data. The provider therefore has no influence on the scope of the data that Facebook collects with the help of this plugin and therefore informs the users accordingly about this level of knowledge.
By integrating the plugins, Facebook receives the information that a user has called up the corresponding page of the online offer. If the user is logged in to Facebook, Facebook can assign the visit to his or her Facebook account. If users interact with the plugins, for example, by pressing the Like button or posting a comment, the corresponding information is transmitted directly from your device to Facebook and stored there. If a user is not a member of Facebook, it is still possible for Facebook to find out his or her IP address and store it. According to Facebook, in Germany only
According to Facebook, only an anonymised IP address is saved in Germany.
The purpose and scope of the data collection and the further processing and use of the data by Facebook, as well as the relevant rights and setting options to protect the privacy of users, can be found in the Facebook data protection information: www.facebook.com/about/privacy/ 
If a user is a Facebook member and does not want Facebook to collect data about him or her via this website and link it to his or her membership data stored on Facebook, he or she must log out of Facebook and delete his or her cookies before using this website of the provider. Further settings and objections to the use of data for advertising purposes are possible within the Facebook profile settings: www.facebook.com/settings; or via the US site www.aboutads.info/choices/ or the EU site www.youronlinechoices.com The settings are platform-independent, i.e. they are applied to all devices, such as desktop computers or mobile devices.

9.2 Xing

On this website, the "XING Share-Button" offered by XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany ("Xing") is used. When you call up this website, your browser will establish a short-term connection to XING servers, which will be used to perform the "XING Share Button" functions (in particular the calculation/display of the counter value). XING does not store any personal data about you when you access this website. In particular, XING does not store IP addresses. There is also no evaluation of your usage behavior through the use of cookies in connection with the "XING Share Button". The latest data protection information on the "XING Share Button" and supplementary information can be found on this website:
https://www.xing.com/app/share?op=data_protection 

9.3 Linkedin

Within the online offer of the provider, functions and contents of the service LinkedIn, offered by the LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland ("LinkedIn"), can be integrated. This may include, for example, content such as images, videos or text and buttons with which users can share content from this website within LinkedIn. The provider also uses conversion tracking and retargeting from Linkedin Corporation. This technology enables visitors to this website to play personalized advertisements on LinkedIn. There is also the possibility of creating anonymous reports on the performance of the advertisements and information on website interaction. For this purpose, the LinkedIn Insight Tag is integrated on this website, which creates a connection to the LinkedIn server if you visit this website and are logged in to your LinkedIn account.

You can find more information on data collection and use, as well as the options and rights to protect your privacy, in LinkedIn's privacy policy at https://www.linkedin.com/legal/privacy-policy. If you are logged in to LinkedIn, you can deactivate data collection at any time using the following link: https://www.linkedin.com/psettings/enhanced-advertising.

Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our internet pages with your IP address. When you click on LinkedIn's "Recommend" button and are logged into your LinkedIn account, LinkedIn is able to associate your visit to our site with you and your account. We would like to point out that we, as the provider of these pages, have no knowledge of the content of the transmitted data or its use by LinkedIn. The use of the LinkedIn plugin is based on art. 6 para. 1 lit. f DSGVO. The website operator has a legitimate interest in the widest possible visibility in the social media.

If users are members of the LinkedIn platform, LinkedIn can assign the call for the above-mentioned content and functions to the user profiles there. LinkedIn's privacy policy: www.linkedin.com/legal/privacy-policy. LinkedIn has joined the Privacy Shield Agreement (https://www.privacyshield.gov/participant?id=a2zt0000000L0UZAA0&status=Active) and has thus committed itself to comply with European data protection standards. Further information can be found at www.linkedin.com/legal/privacy-policy; notes on opting out: www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

 

10. Data Protection in the context of the career section

In the "Career" section, the provider provides the opportunity to apply for jobs advertised by the provider. In this context, the personal data of the applicant is processed by the Provider. The following, possibly deviating or supplementary regulations apply:

10.1 Data Processing within the Application Process

The Provider processes personal information about you for the purpose of your application for employment to the extent necessary to make a decision about establishing an employment relationship with the Provider. The legal basis for this is Section 26 (1) in conjunction with (8) sentence 2 of the BDSG and, where applicable, Article 6 (1) lit. b DSGVO for the initiation or execution of contractual relationships. Furthermore, the provider may process personal data about you to the extent that this is necessary to defend against legal claims asserted against the provider in the application process (legal basis: Art. 6 para. 1 lit. f DSGVO - the legitimate interest is, for example, a duty of proof in proceedings under the General Equal Treatment Act) or to fulfil legal obligations (legal basis: Art. 6 para. 1 lit. c DSGVO). If an employment relationship should arise between you and the provider, the provider may, pursuant to Section 26 (1) of the BDSG, continue to process the personal data already received from you for the purposes of the employment relationship to the extent that this is necessary to implement or terminate the employment relationship or to exercise or fulfil the rights and obligations of employee representation arising from a law or a collective agreement, works or service agreement (collective agreement).

10.2 Information on Data processed in the Application Process

The provider only processes the data that are related to your application. This can be general data about you (such as name, address and contact details), information on professional qualifications, school education and further vocational training or other information that you provide to the provider in connection with your application. Furthermore, the Provider may process job-related information that you have made publicly available, such as a profile on professional social media networks. The Provider shall only store your personal data for as long as is necessary to decide on your application. If an employment relationship between you and the Provider does not materialize, the Provider may also store data for an additional period of time if this is necessary to defend against possible legal claims. In this case, the application documents will be deleted 6 months after notification of the rejection decision, unless longer storage is necessary due to existing or impending legal disputes.

 

11. Lead Forensics

For marketing and optimization purposes, this website uses products and services from LeadForensics (Communication House, 26 York Street, London, W1U 6PZ United Kingdom). Lead Forensics determines the actual course of your visit to this website, including all pages visited and viewed by you, and how long you spent on this page. As far as IP addresses are collected, these will be anonymized immediately after collection. On behalf of the operator of this website, Lead Forensics will use the information collected to evaluate your visit to the website, to compile reports on website activity and to provide other services related to website usage and internet usage to the website https://www.leadforensics.com/privacy-andcookies/. As far as we process personal data, we do so because of our legitimate interests to better design our website. The legal basis is the protection of legitimate interests in accordance with Art. 6 (1) (f) GDPR. You can object to data processing at any time with effect for the future by clicking on the following link: http://lfwebproxy.westeurope.cloudapp.azure.com:5000/?clientID=72829 . We will not save any additional data.

 

12. Modification of this Privacy Policy

The provider reserves the right to adapt security and data protection measures, as far as this is necessary due to technical or legal developments. In these cases, the provider will also adapt this declaration on data protection accordingly. Therefore, please note the current version of the provider's data protection declaration.

 

13. Questions and Contact

You have a right to free information about the data stored by the provider about your person as well as a right to correction, blocking or deletion of this data. If you have any questions about the collection, processing or use of your personal data, about information, correction, blocking or deletion of data as well as revocation of any consents granted or objection to a specific use of data, please contact infodontospamme@gowaway.hoeveler-holzmann.com 

 

14. Data Protection Officer

The provider has appointed an external company data protection officer, whom you can contact as follows:
Mr. Patrick Rayermann
(TÜV-certified data protection officer)
CERTITUT - Society for Compliance and Data Protection
E-Mail: dsb [at] certitut [dot] de