Statement on Data Protection

We are pleased you are interested in our Internet offerings

Der Schutz und die Sicherheit Ihrer Daten haben für uns oberste Priorität. Nachfolgend finden Sie Informationen über die Verarbeitung Ihrer personenbezogenen Daten und über Ihre Rechte im Rahmen der Nutzung unserer Website www.kienbaum.com. Gesetzesänderungen oder Änderungen unserer unternehmensinternen Prozesse können eine Anpassung dieser Datenschutzerklärung nach sich ziehen. Wir bitten Sie daher, diese Datenschutzerklärung regelmäßig zu lesen.

Für die Verarbeitung Ihrer personenbezogenen Daten im Rahmen unserer Events gelten ergänzend unsere Erklärung „Datenschutz bei unseren Veranstaltungen“, die Sie hier einsehen können.

1. Data Controller and Data Protection Officer; Contacts

The data controller in the sense of the Data Protection Act is:
Kienbaum Consultants International GmbH
Edmund Rumpler Strasse 5
51149 Cologne, GERMANY
Phone: +49 (221) 801 72-0
Fax: +49 (221) 80172-172
Email: contact@kienbaum.com

Please contact us if you have any questions or suggestions regarding data protection. Our Data Protection Officer may be reached at the following address:
Attorney Dr. Gregor Scheja
Scheja und Partner Rechtsanwälte mbB
Adenauerallee 136
53113 Bonn
www.scheja-partner.de
https://www.scheja-partner.de/kontakt/kontakt.html

2. Object of Data Protection: Personal information

Data protection covers the protection of personal information. Such data are defined as all information relating to an identified or identifiable natural person (‘data subject’). This includes information such as name, address, telephone number or email address; as well as information that may necessarily be gathered during the use of our website, www.kienbaum.com.

3. Purpose, nature, scope and legal basis of data processing

In the following section, we offer you an overview of the purpose, nature and scope of the processing of your personal information; as well as the legal basis justifying our processing of your data.

3.1 Accessing and using the www.kienbaum.com website

For technical reasons, as occurs everywhere in the Internet, when you access and use our website, traces of this use remain on our servers. In this process, the following data are transmitted by your Internet browser to our server and collected in ‘log files’:

  • Date and time of access
  • Client’s IP address
  • Port number
  • Method of issuing commands
  • URI star schema and URI query
  • Protocol status
  • Win32 status
  • Elapsed time
  • Browser type/version
  • Operating system used

We process this information to enable you to use our website and to ensure technical stability and security as well as to diagnose errors and resolve breakdowns. We also process this information in an anonymized way for statistical purposes (quantity of users and web hits) and to ensure quality.
Our processing of these data is justified under Art. 6 Par. 1 lett. f) GDPR. The data processing is required to further our justified interest in allowing our clients and interested parties to utilize our website and to ensure its technical functionality.
When you access our website, this information is automatically processed. If this information cannot be made available, it will not be possible for you to use our services.

We generally delete data after 4 weeks unless we need to retain it in exceptional cases for a longer period for the purposes outlined above. In such a case, we delete the information promptly once there is no longer a reason for retaining it.

3.2 Cookies

This website uses cookies. Cookies are small text files that are stored on your hard drive and assigned to your browser. They are used (by us in this case) to collect certain information from the cookie’s position. Cookies can neither execute programs nor transmit viruses to your computer. Their general purpose is to make the Internet offering more user-friendly and effective. We use cookies to personalize contents and advertisements, to be able to offer functionality for social media, and to analyze access to our website. In addition, we share information regarding your use of our website with our partners for social media, promotions and analysis (see more about this below). Our partners can combine this information with other data that you may have made available to them or that they have collected in the course of your use of their services. You grant your consent for our use of cookies when you continue to use our website.

We use what are known as ‘session cookies’. These are automatically deleted when you terminate your browser session.

We also use persistent cookies for the primary purpose of being able to provide permanent, recurring settings to you as a visitor to our website. This allows us to customize our website in accordance with your individual preferences. Persistent cookies also permit us to perform analyses of a visitor’s usage behavior but only for as long as the cookie remains active. Persistent cookies are automatically deleted after a specified length of time that can vary from one cookie to another. You can delete the cookies at any time in your browser’s security settings.

In addition, other cookies (‘third-party’ cookies) may be deposited in connection with your usage of specific third-party services by the providers of those services.

You can configure your browser setting in accordance with your preferences; for example, you can decline to accept third-party cookies – or all cookies. Please be aware that the functionality and range of our offerings can be restricted in this way. We place some of our cookies only after obtaining your prior consent (see below). You may also avail yourself of special options to contest the use of certain cookies.

Moreover, you can modify or revoke your consent at any time through the cookie statement at our website.

3.3 Contact form

When you use our contact form to make contact with us, the information you share with us is stored for the purpose of responding to your questions or making ourselves available to you for further questions.

We process the data collected through the contact form based exclusively on your consent (Art. 6 Par. 1 lett. a) GDPR). You may revoke your consent at any time. This can be done via email without the use of a form. The legal basis of any data processing procedures occurring prior to the revocation remains unaffected by the revocation. We retain information transmitted via the contact form until you request that it be deleted or until there is no further need for the retained information, unless mandatory legal provisions require that it not be deleted.

3.4 Newsletter

You can subscribe to our newsletter by giving your consent for this to be sent to you. To sign up for the newsletter requires a ‘double opt-in’ procedure. This means that once we receive your sign-up request, we send an email to the email address you provided in which we request confirmation that you wish to subscribe to the newsletter. If you do not confirm within 30 days your intention to subscribe, your information will be blocked and afterward deleted automatically. We also store your IP address settings and the date and time of your sign-up request and confirmation.
Following your confirmation, we retain your personal information for the purpose of customizing the contents of the newsletter and sending it to you. The legal basis for this is Art. 6 Par. 1 lett. a) GDPR.

You may revoke your consent to receive, and unsubscribe from, the newsletter at any time. You can send us your revocation by clicking on the link contained in each newsletter email or by sending a message to the contact address provided in the masthead.

We point out that we assess your anonymous user behavior each time we send you the newsletter. In this assessment process, the emails we send out contain ‘web beacons’ or tracking pixels that consist of one-pixel image files stored on our website. We use the data collected in this way to create a user profile for the purpose of tailoring the newsletter to your specific interests. In this process, we monitor when you read our newsletter and which of its links you click on, in this way drawing conclusions regarding your personal interests. We match this information to actions you perform at our website.

Tracking of this sort cannot be performed if you routinely deactivate the display of images in your email program. In that case, you will not be able to display the newsletter in its entirety and you may not be able to make use of all its functions. When you manually permit the display of images, this action enables the tracking described above.
Our deletion of personal information occurs upon your request when you unsubscribe from the newsletter, or no later than 2 years after the newsletter was discontinued if no other clear statement of your intent has been received.

3.5 Google Analytics

This website uses functions provided by the web analysis service Google Analytics. This service is offered by Google Inc.,1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.

Google Analytics uses cookies. These are text files stored on your computer that make possible an analysis of your usage of the website. The information generated by the cookie regarding your use of this website is usually transmitted to a Google server in the United States and stored there. Storage of Google Analytics cookies is based on Art. 6 Par. 1 lett. f) GDPR. The website operator has a justified interest in analyzing user behavior to optimize both its web offering and its promotions.

The Google Corporation is certified for the U.S.-European ‘Privacy Shield’ data protection agreement. The purpose of this data protection agreement is to maintain the level of data protection applicable within the EU.
The placement of cookies allows the following personal information to be collected:

  • Date and time of access
  • Duration of the session
  • Terminal type
  • Operating system used
  • The functions you use
  • Quantity of data sent
  • Type of event
  • IP address
  • Domain name
  • Location (country and city) of the terminal used
  • Language
  • Operating system
  • Terminal resolution
  • Browser used
  • Source of visitors
  • Advertisements clicked during the Google search
  • Individual on-line shop pages visited
IP anonymization

We have activated the IP anonymizer function on this website. This displays your IP address only in abbreviated format within the European Union member states or in other signatory states of the Agreement on the European Economic Area prior to the transmission of the data to the U.S. In exceptional cases only, the complete IP address is transmitted to a Google server in the U.S. and abbreviated there. On behalf of this website’s operator, Google uses this information to evaluate your usage of the website, to compile reports on website activities and to provide the website operator with other services linked to usage of the website and the Internet. The IP address transmitted by your browser in the context of Google Analytics is not merged with other Google data.

Browser plug-in

You can prevent the placement of cookies by changing the corresponding setting of your browser software; we point out, however, that doing so could result in your not being able to make full use of all functions of this website. You can also block Google from collecting the personal information generated by the cookie related to your usage of the website (including your IP address) as well as its processing of this information by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=de.

Objection to data collection

You can prevent the collection of your data by Google Analytics by blocking statistics cookies when you visit our web pages. You can make the corresponding setting adjustments here. You will find more information on the way Google Analytics manages user data in the Google page on safeguarding data: https://support.google.com/analytics/answer/6004245?hl=de. #Cookies

3.6 Integration of Vimeo Videos

To integrate and display video contents, our website utilizes plug-ins from the Vimeo video portal. The provider of this video portal is Vimeo Inc., 555 West 18th Street, New York, New York 10011, United States.

When a page containing an integrated Vimeo plug-in is accessed, a link is produced between your browser and the Vimeo servers. In this way, Vimeo detects which of our pages you have accessed. Vimeo detects your IP address even if you are not logged into the video portal and even if you do not have a Vimeo account. The information captured by Vimeo is transmitted to the video portal’s server in the United States. Vimeo can directly associate your web-surfing history with your personal profile. You can block this by logging out beforehand.

Utilization of Vimeo occurs in the interests of featuring an attractive display at our website. This represents a justified interest in the sense of Art. 6 Par. 1 lett. f) GDPR. Details on management of user data can be found at the Vimeo page on safeguarding data: https://vimeo.com/privacy.

3.7 Use of social media plug-ins

We currently utilize the following social media plug-ins: Facebook, Twitter, Xing, LinkedIn. For these, we use the ‘two-click’ approach. This means in principle that when you visit our site, no personal information is initially disclosed to the plug-in providers. You can identify the plug-in provider from the marking on the box above its initial letter or from its logo. We provide you with the option to contact the plug-in provider directly via the button. The plug-in provider receives the information that you have accessed the corresponding website of our on-line offer only if you activate the marked field by clicking on it. With Facebook and Xing, according to information from the respective providers in Germany, the IP address is anonymized immediately upon collection. When you activate the plug-in, your personal information is transferred in this fashion to the respective plug-in provider and stored there (with the American providers in the U.S.). Since the plug-in provider uses coolies to carry out data collection, we recommend that you erase all cookies using the security settings of your browser prior to clicking on the grayed box.

We do not have influence over the data collected or the data processing procedures, nor are we aware of the full scope of data collection, the purposes of data processing or the data retention periods. We also have no information available to us regarding deletion of the data by the plug-in provider.

The plug-in provider stores the data it collects regarding you as a user profile and uses it for the purposes of promotion, market research and/or needs-based customization of its website. Such evaluation takes place especially (even for users not logged into the site) for the purpose of presenting needs-based promotions and informing other social network users about your activities at our website. You have the right to contest the establishment of this user profile and must contact the respective plug-in provider to exercise this right. Regarding plug-ins, we offer you the option to interact with the social networks and other users so that we can improve our offerings and make them more interesting to you as the user. The legal basis for the use of plug-ins is Art. 6 Par. 1 lett. f) GDPR.

The data transfer occurs regardless whether you have an account with the plug-in provider and are logged into that account. If you are logged in with the plug-in provider, the data we collected regarding you are directly associated with your existing account with the plug-in provider. If you touch the activate button and link to the page, for example, the plug-in provider also stores this information in your user account and shares your contacts publicly. We recommend that you regularly log off after using a social network, especially before activating the button, since in this way you can prevent the plug-in provider from creating a correlation with your profile.

You can access further information regarding the purpose and scope of data collection, as well as its processing by the plug-in provider, through the following data protection statements issued by these providers. There you will also receive additional information regarding your rights in this area as well as options for settings to protect your privacy.

Addresses of the respective plug-in providers and URLs with their data protection notices:

  1. a) Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, United States; http://www.facebook.com/policy.php; additional information on data collection: http://www.facebook.com/help/186325668085084,, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook subscribes to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
  2. b) Twitter Inc., 1355 Market St, Suite 900, San Francisco, California 94103, United States; https://twitter.com/privacy. Twitter subscribes to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
  3. c) Xing AG, Gänsemarkt 43, 20354 Hamburg, Germany; http://www.xing.com/privacy.
  4. d) LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, United States; http://www.linkedin.com/legal/privacy-policy. LinkedIn subscribes to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

3.8 Google Remarketing

We use the Google Remarketing application at our website. This service is offered by Google Inc.,1600 Amphitheatre Parkway, Mountain View, CA 94043, United States. This function serves the purpose of analyzing visitor behavior and visitor interests. To conduct analyses of website use to establish a basis for creating interest-related ads, it employs Google cookies. These cookies are used to record visits to the website and collect anonymized data regarding website usage. No personal information on website visitors is stored. If you subsequently visit another website in the Google Display network, you will be shown ads that are very likely to relate to previously viewed product and information areas. Your data may also be transmitted to the United States.

Regarding data transfers to the U.S., the European Commission has adopted an adequacy decision. Processing is justified under Art. 6 Par. 1 lett. f) GDPR. Our justified interest is to target website visitors for promotions by directing personalized, interest-related ads to these visitors when they access other websites within the Google Display network. Under Art. 6 Par. 1 lett. f) GDPR, you have the right at any time, based on your own particular situation, to contest this processing of your personal information. You can also permanently deactivate the use of cookies by Google by linking to the following site, where you can download and install the available plug-in: https://support.google.com/ads/answer/7395996?hl=de

Alternatively, you can deactivate the use of cookies by third party providers by visiting the Network Advertising Initiative’s deactivation page at https://www.networkadvertising.org/choices/ and utilizing the more detailed opt-out information found there. The Google Corporation is certified for the U.S.-European ‘Privacy Shield’ data protection agreement. The purpose of this data protection agreement is to maintain the level of data protection applicable within the EU. You can find additional information on Google Remarketing and its related data protection statement at: https://www.google.com/privacy/ads/

3.9 Google Web Fonts

On rare occasions, our website uses Google Web Fonts. This service is offered by Google Inc.,1600 Amphitheatre Parkway, Mountain View, CA 94043, United States.

Utilization of these web fonts allows us to display our website to you in our preferred format regardless of the fonts available to you locally. This occurs when a Google server in the U.S. is used to access Google Web Fonts and the related transfer of your data to Google takes place. This involves your IP address and the information regarding which of our pages you visited. Use of Google Web Fonts is justified under Art. 6 Par. 1 lett. f) GDPR. As the operator of this website, we have a justified interest in the optimal presentation and transmission of our web presence.

The Google Corporation is certified for the U.S.-European ‘Privacy Shield’ data protection agreement. The purpose of this data protection agreement is to maintain the level of data protection applicable within the EU.

You can find details regarding Google Web Fonts at: https://www.google.com/fonts#AboutPlace:about and further information contained in the Google data protection statements: https://policies.google.com/privacy/partners?hl=de

4. Receivers of personal information

Within Kienbaum Consultants International GmbH, only those staff who require this information for the purposes designated in this data protection statement may have access to it.

We then disclose your personal information to external receivers outside Kienbaum Consultants International GmbH only where this information is required for the processing or handling of your request, we have your consent to do this, or other legal authorization exists for such action.

External receivers can be:

a) order processors

Kienbaum Consultants International GmbH companies or external service providers contracted by us for the provision of services, such as those in the technical infrastructure and maintenance areas in support of the Kienbaum Consultants International GmbH offerings or in the preparation of contractually relevant contents. We take great care in selecting these order processors, and conduct periodic reviews to ensure the safeguarding of your privacy. Service providers must use the information exclusively for the purposes specified by us.

b) public bodies

Authorities and governmental institutions – such as prosecutors’ offices, courts or tax authorities – to which we have an obligation under the law to disclose personal information.

c) private bodies

Cooperative partners or aides to whom the data is transmitted based on consent or a legal framework.

5. Transmission of your data to a third country

To the extent that we transmit or disclose your information to service providers in a third country – i.e., outside the European Union (EU) or the European Economic Area (EEA) – such action only occurs based on your consent, a legal obligation or a legal or contractual authorization. Subject to legal or contractual authorization, the service providers process your data in a third country only when the special requirements of Art. 44 ff GDPR are met – i.e., the processing takes place based on special guarantees such as an officially recognized determination of a data protection level corresponding to the EU or through the application of standard data protection provisions established by the EU Commission.

6. Retention period

For information on the retention period of personal information, please consult the chapter on data processing. In general, the following also applies: We retain your personal information for only as long as required for the fulfillment of our purposes or – where consent has been given – until you revoke that consent. If you declare your opposition to this retention, we delete your personal information unless its continued processing is permitted under relevant legal provisions. We also delete your personal information when we are legally required to do this.

7. Rights of data subjects

With respect to the processing of your personal information, you are entitled as a data subject to assert your rights against us. We outline below the rights granted to you as a data subject:

Right of information: You have the right to demand information concerning your personal data processed by us.

Right of correction: You can demand the correction and complementation of incorrect or incomplete personal information concerning you.

Right of deletion: Where legal preconditions are met, you have the right to demand deletion of your personal information.

Restriction of processing: Where legal preconditions have been met, you can demand that the processing of your personal information be restricted.

Data portability: Where legal preconditions have been met, you have the right to receive the personal information you made available to us in a structured, standard and machine-readable format, and to transmit this information to another responsible party without hindrance, or to have us transmit it to another responsible party.

Opposition to cookies: You may oppose the use of cookies at any time.

Revocation of consent: If you have consented to our processing of your data, you may revoke this consent at any time for future effect. Any processing of your personal information prior to your revocation of consent remains lawful.

Right to appeal to supervisory authority: If you believe that the processing of your personal information is in violation of data protection law, you can file an appeal with the responsible supervisory authority. You should contact the supervisory authority of your place of residence, yourworkplace, or the place of the suspected violation.

 

 

Opposition to data processing: Where data processing is based on ‘justified interest’ in accordance with Art. 6 Par. 3 lett. f) GDPR, you can raise an objection to the processing of your personal information at any time based on your own particular situation. Where your data are processed for the purposes of direct advertising, you can object to this at any time without the need to provide a reason.

How to contact us: You can contact us free of charge with questions regarding the processing of your personal information and your rights as a data subject. To claim your rights identified above, please send an email to contact@kienbaum.com or write us at the address provided under #1 above. Please ensure that we will be clearly able to identify you.

Version: The most current version of this data protection statement shall apply. Version of April 26, 2019.