1. An overview of data protection
General
The following gives a simple overview of what happens to your personal information when you visit our website. Personal information is any data by means of which you could be personally identified.
Data collection on our website
How do we collect your data?
Some data are collected when you provide it to us. This could, for example, be data you enter on a contact form.
Other data are collected automatically by our IT systems when you visit the website. These data are primarily technical data such as the browser and operating system you are using or the time you access the page. Such data are collected automatically as soon as you enter our website.
What rights do you have regarding your data?
You have the right at any time to request information about your stored data, its origin, its recipients, and the purpose of its collection at no charge. You also have the right to request that it be corrected, blocked, or erased. In addition, you have the right to restrict processing of your data (Art. 18 GDPR) and the right to portability (Art. 20 GDPR).
If your personal data are processed on the basis of Art. 6 (1) f GDPR (data processing on grounds of legitimate interest), you have the right to object to its being processed at any time for reasons relating to your particular situation. If you lodge an objection, your personal data will no longer be processed unless we can show evidence of compelling, legitimate reasons for processing it which outweigh your interests, rights and freedoms, or if processing the information serves to assert, exercise or defend our rights or legal claims.
If your personal data are processed on the grounds of “consent”, you have the right at any time to revoke your consent with future effect.
Processing of your data remains legal until such time as you exercise your right to object or revoke consent.
You can contact us at any time using the address given in the Masthead if you have further questions about the issue of privacy or data protection. You may also file a complaint with the competent supervisory authorities. In particular, you may lodge a complaint with a supervisory authority in the Member State of your habitual residence, place of work or place of the alleged infringement.
2. General information and mandatory information
Data protection
The operators of this website take the protection of your personal data very seriously. We treat your personal data as confidential and in accordance with the statutory data protection regulations and this privacy statement.
When you use this website, various pieces of personal data will be collected. Personal information is any data by means of which you could be personally identified. This privacy statement explains what information we collect and what we use it for. It also explains how and for what purpose this happens.
Please note that data transmitted via the internet (e.g. via email communication) may be subject to security breaches. Complete protection of your data from third-party access is not possible.
Responsible controller
The controller responsible for processing data on this website is:
Deekeling Arndt Advisors in Communications GmbH
Toulouser Allee 25
40211 Düsseldorf
Germany
T +49 211 51332-0
olaf.arndt(at)h-advisors(dot)global
Data protection officer
We have appointed a data protection officer for our company:
datenschutz süd GmbH
Wörthstrasse 15
97082 Würzburg
Germany
T +49 221 179186-0
F +49 221 179186-10
office(at)datenschutz-sued(dot)de
SSL or TLS encryption
This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as the orders or enquiries you send to us as the site operator. You can recognise an encrypted connection in your browser’s address line when it changes from “http://” to “https://” and the lock icon is displayed in your browser’s address bar.
When SSL or TLS encryption is activated, the data you transfer to us cannot be read by third parties.
3. Data collection on our website
Server log files
The website provider automatically collects and stores information that your browser automatically transmits to us in “server log files”. This includes:
_ Browser type and browser version
_ Operating system used
_ Referrer URL
_ Host name of the accessing computer
_ Time of the server request
_ IP address
These data will not be combined with data from other sources.
The legal basis for data processing is Art. 6 (1) f GDPR.
The data will be stored for the term of the hosting agreement. Your data will be erased as soon as it is no longer necessary for us to process your personal data.
Cookies
Our website uses cookies, which are necessary to enable use of the website.
Cookies are small text files that are saved on your terminal and can be read. A distinction is made between “session cookies”, which are deleted as soon as you close your browser, and “permanent cookies”, which are stored beyond the end of your session.
Although these cookies are necessary, we do not use them for analytical, tracking or advertising purposes.
Sometimes these cookies contain only information on particular settings, and cannot be associated with an individual person. They may also be necessary in order to enable user guidance and security and to make the site operational.
We use these cookies on the basis of Art. 6 (1) f GDPR.
You can set your browser to notify you each time a cookie is saved, making their use transparent for you. You can also delete cookies at any time via the relevant browser setting and prevent new cookies from being set. Please note, however, that this may mean our website can no longer be displayed, and that some functions may no longer be available for technical reasons.
Contact form
You can contact us using our contact form. In order to use the contact form, we need you to supply the data in the fields marked as mandatory.
We use these data in order to answer your enquiry on the basis of Art. 6 (1) f GDPR.
You may also decide whether you would like to provide us with further details. Such additional detail is provided voluntarily and is not essential in order to contact us. We process your voluntary details on the basis of your consent in accordance with Art. 6 (1) a GDPR.
You may revoke this consent at any time. An informal email message to us will suffice. The legality of any data processed prior to revocation of your consent remains unaffected by this. Please use the email address provided in the Masthead for this purpose.
We will retain the data you provide on the contact form until you request its erasure, revoke your consent for its storage, or the purpose for storing it has passed. Any mandatory statutory provisions, especially those regarding mandatory data retention periods, remain unaffected by this provision.
Registering for our newsletter, newsletter distribution
You can subscribe to the newsletter “Transformation Quarterly” via our website. Note that we require certain personal details when you register for the newsletter (your given name, surname and email address as a minimum).
The newsletter will be sent only pursuant to your express consent in accordance with Art. 6 (1) a GDPR. Once your order via our website is complete, you will receive a confirmation email at the email address you provided (i.e. we use a double opt-in process). You may revoke this consent at any time. Each newsletter contains a link to unsubscribe, which offers an uncomplicated means for you to revoke consent.
When you subscribe to the newsletter, in addition to the data already mentioned we will also save other data if they are necessary for us to prove that you have ordered our newsletter. This may include storing the full IP address at the time of order or confirmation of the newsletter, and a copy of the confirmation email we send out. We process these data on the basis of Art. 6 (1) f GDPR and for the purpose of being able to account for the legality of sending out the newsletter.
Please note that we make use of the service provider MailChimp to send out the newsletter. That means your data will be processed in the US, and thus outside the EU/EEA. This creates the risk that authorities will be able to access data for security or surveillance purposes without your being advised of the fact or being able to submit an appeal. If you have registered to receive the newsletter, your data will be transmitted on the basis of Art. 49 (1) a GDPR.
Embedded videos
Our website occasionally uses embedded videos, which we previously uploaded to Vimeo and are not stored on our own web server. Initially, you will see only locally stored preview images from the embedded videos to prevent third-party content from being automatically downloaded when you access pages on our site that contain videos. This does not transmit any information to the third-party provider.
Content from the third-party provider will be downloaded only when you click on the preview image. This tells the third-party provider that you have accessed our website and transmits the usage data that are necessary in this connection for technical reasons. The third-party provider will then also be able to use tracking technologies. We have no influence on the further processing of your data by the third-party provider. When you click on the preview image, you authorise us to download content from the third-party provider.
Videos from Vimeo are incorporated as a “do not track” version as standard.
Embedding is based on your consent in accordance with Art. 6 (1) a GDPR, which you provide by clicking on the preview image. Note that the use of embedded images may mean your data is processed in the US, and thus outside the EU/EEA. This creates the risk that authorities will access data for security or surveillance purposes without your being advised of the fact or being able to submit an appeal. If you have given your consent by clicking on the preview image, your data will be transmitted on the basis of Art. 49 (1) a GDPR.
Data transfer to third parties
In accordance with Art. 28 GDPR, we transfer your data as part of a contract processing agreement with service providers who help us with the operation of our website and related processes. Our service providers are bound by our strict instructions and contractually obliged to adhere to them.
We use the following service provider:
Hosting service provider:
DIALOOP GMBH
SUMME DIGITALER KOMMUNIKATION
Marienstrasse 75
42105 Wuppertal
Germany
T +49 202 97901-0
mail(at)dialoop(dot)de
We have a contract data processing agreement with dialoop GmbH.
Social media
See here for a detailed Privacy statement on our social media pages.
Last updated: 06 November 2020