Privacy policy

Daten Experts Institut Beratungs GmbH: our handling of your data and your rights – information in accordance with Art. 13, 14 and 21 of the EU General Data Protection Regulation (GDPR)

When you visit our website, a range of personal data is automatically collected. With the following information we would like to give you an overview of the processing of your personal data by us and your resulting rights. Which data is processed in detail and how it is used depends largely on the services requested or agreed in each case. Therefore, not all statements contained herein may apply to you.

In addition, this data protection information may be updated from time to time. You can find the latest version at any time on our website here under PRIVACY POLICY.

+ Why is a privacy policy required?

The creation of a privacy policy is partly due to the fact that such a policy is prescribed by law (in this case the EU with the General Data Protection Regulation, GDPR for short, but also national legislation via the Federal Data Protection Act, BDSG), but we ourselves are also very keen to explain to you in a transparent and understandable way what data is collected when you visit our website, how it is collected and processed and what rights and options you have to be able to influence at least part of the data collection.

We are very interested in safeguarding your right to the protection of your personal data. Our business purpose is not the extended processing of your personal data when you visit this website, but the trusting cooperation in the implementation of our services, consulting and services that we offer as business content.

+ Who is responsible for data processing and who can I contact?

The responsible body for data protection is

Experts Institut Beratungs GmbH
Kirchwiesenstrasse 5
67434 Neustadt / Wine Route

Managing Directors: Wolfgang Rudloff & Christian Reinfelder

If you have any questions about data protection, please contact us at the following address:

Data Protection Officer: Carsten Pickel
datenschutz@expertsinstitut.de
Tel: 0951 519393311

+ What types of personal data are collected?

Depending on the type of your visit, different data is processed, whereby cookies (see following section) are always part of the data generated. In principle, personal data is all information that directly identifies you as a person or can be used to draw conclusions about your person and thus achieve indirect identification.


Cookies:
In the case of a purely informational visit, only data that enables the visit to the website itself is processed (“cookies”). Such cookies (small text data that are stored on your device) may be of a mandatory nature (without them, it is not possible to address the site to you correctly), which you cannot refuse. They may be used for anonymous statistical purposes in order to optimize the website (you can object to this). Some cookies store preferences (such as language or country settings), which you can also object to. The last group consists of advertising and tracking cookies (“third-party cookies”), which are used to display personalized advertising tailored to your needs. These cookies are also optional. You can find more detailed information on cookies and an option to manage your preferred settings via the following link.


Shopping cart and payment functions:
All data entered by customers during order processing is stored. These include, for example:

If absolutely necessary for order processing, data will be passed on to third party service providers. As soon as the purpose of processing your data no longer applies, storage is no longer necessary or is required by law, it will be deleted.


Contact request:
However, it is possible to contact one of our employees by clicking on the “Contact us” button. However, if you do not limit yourself to using the telephone number alone, you can also send us an e-mail requesting the following information:

  • Your surname and first name are mandatory
  • Your e-mail address is mandatory
  • Optionally, the company where you are employed and the telephone number where you can be reached
  • Select a subject area in which you are interested and enter a descriptive text of your choice
  • As spam protection, the textual answer to a comprehension question is mandatory.

For this information, your consent to the processing of this data is requested (ticking a checkbox), without which you cannot send the contact request.


Newsletter registration
Registration for the newsletter naturally requires an e-mail address. Optionally, you can also enter your surname and first name here. A Captcha query is only intended to prevent unlawful auto mechanisms from being used to take advantage of this function. Of course, you can unsubscribe from the newsletter at any time; you will no longer receive the newsletter by the time the next but one issue is published. However, we will not be able to delete the e-mail address, as it will be marked with a blocking notice and the blocking date in order to definitively exclude further deliveries.

The newsletter is processed by a service provider on our behalf. We have concluded a corresponding contract for this. The service provider is ZOHO Corporation GmbH and is based in Düsseldorf, Germany.

Social media (plugins):

Facebook and instagram: Experts-Institut does not operate its own website on facebook or instagram, both of which are part of the US “meta” group. Therefore, no data is generated here and transferred to this group.

Twitter: Experts-Institut does not have its own Twitter account either. Data transfers to this US company are also omitted here.

YouTube: YouTube is a video service and part of the US company “Alphabet”, which also owns Google. It includes a service for searching and playing videos that have been posted on this platform. Experts-Institut has stored a number of videos on this platform. A click on the YouTube logo will take you directly to the collection of our videos on this platform. An upstream query from YouTube informs you about the data protection of this website and enables you to make special settings. However, there is no automated transfer of information to this service without clicking the button.

LinkedIn: this is a platform for presenting professional or business-related profiles of people and companies. The platform was acquired by Microsoft Corporation in 2016 and is therefore part of this US company. Clicking on the button establishes a connection to the profile page of the Experts Institute, which is also preceded by a query to set the data protection options. This allows you to control your individual settings yourself. However, the Experts Institute profile does not require registration (login) with LinkedIn.

No other social media platforms are linked to this website.


Server log files:
Our website is provided by an external provider on its servers (“Provider”). With its technical implementation, it ensures the data security of access, the up-to-dateness of the software used and protection against attempted attacks (“hacking”) on this site. In the course of this implementation and to secure the IT systems in the event of errors, log files are created and stored on these servers from access to this website, which record information about the accessing end device. This includes

– the IP address of the end device,
– the operating system used,
– the type of browser used
– Timestamp of the visit (incl. length of stay)
– and various other technical settings (e.g. monitor resolution).

However, these server log files are always automatically deleted after 14 days.

For this hosting, we have concluded a corresponding contract with the service provider for commissioned data processing.

+ On what legal basis is this data processed?

We process personal data in accordance with the provisions of the European General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG):

Fulfillment of contractual obligations (Art. 6 para. 1 letter b GDPR)

Currently, no contractual business processes such as services, qualifications, validation, sales, training and other services are mapped via the website. In this respect, the relevant legal basis on which such contract processing is based is also no longer applicable. For our business transactions, data is processed and processes are used that are described in the “General data protection declaration. Information about the conditions for a business transaction can also be found in our General Terms and Conditions (GTC), which you are welcome to request from us.

Legal requirements (Art. 6 para. 1 letter c GDPR)

We are subject to various legal obligations that entail data processing. These also do not fall within the scope of this website visit, but are described in more detail in our “General Privacy Policy“.

The balancing of interests (Art. 6 para. 1 f GDPR)

In addition to the processing of pure visitor data, which also serves to ensure security, integrity and confidentiality, your data may – where necessary – be processed beyond the actual fulfillment of the contract to protect our legitimate interests or those of third parties. Examples of such cases are

  • Processing in our CRM system (“customer information system”, which is used to manage customer and prospective customer data)
  • Processing and management of newsletter subscriptions

+ Who gets my data?

Within our company

  • Employees for contact with you and contractual cooperation (including the fulfillment of pre-contractual measures)

In the context of order processing

Your data may be passed on to service providers who work for us as processors:

  • Support, maintenance and hosting of technical systems or IT applications
  • ZOHO for the implementation of the newsletter dispatch

All service providers are contractually bound and in particular obliged to treat your data confidentially. A contract for commissioned data processing was concluded in each case.

Other third parties

Data will only be passed on to recipients outside our company in compliance with the applicable data protection regulations. Recipients of personal data may be, for example

  • Public bodies and institutions (e.g. financial or law enforcement authorities) in the event of a legal or official obligation
  • Credit and financial service providers (processing of payment transactions)
  • Tax consultant or business and payroll tax and tax auditor (statutory audit mandate)
  • Transportation and communication service provider

The above-mentioned “third parties” are already subject to special industry-related confidentiality and processing regulations due to their business activities; therefore, no further contract for commissioned data processing is concluded with these service providers. However, apart from the connection data with the communication service providers, such data is not collected when you visit our website and is therefore not passed on.

+ Will data be transferred to a third country or an international organization?

Your data will only be processed within the European Union and countries within the European Economic Area (EEA) with an equivalent level of data protection. An exception to this is the data that is generated when you click on the social media plugins. As a rule, these are sent to the USA, where adequate data protection within the meaning of the GDPR cannot currently be guaranteed. Therefore, only access the connections to these services if you consent to the transfer of this data to non-European storage locations. Further information on this data (contained in the so-called “cookies”) can be found on our information page for cookies.

+ How long will my data be stored?

We process and store your personal data as long as this is necessary for the fulfillment of our contractual and legal obligations. If the data is no longer required for the fulfillment of contractual or legal obligations, it is regularly deleted.

The log files for the website are deleted or overwritten at regular intervals. This cycle is 14 days. The following deadlines apply to newsletter registration: if Experts-Institut no longer sends newsletters for a period of two years, the legal basis for consent expires and the data is deleted. In all other cases, the data will be stored; however, in the event of an objection to further receipt of a newsletter, the data will be deleted except for the e-mail address and marked with a blocking note.

Currently, no further deletion regulations result from the operation of our website; however, further deletion regulations in the context of normal business relationships can be found in the
General data protection declaration
described in more detail.

+ What data protection rights do I have?

You have the right of access under Article 15 GDPR, the right to rectification under Article 16 GDPR, the right to erasure under Article 17 GDPR, the right to restriction of processing under Article 18 GDPR, the right to object under Article 21 GDPR and the right to data portability under Article 20 GDPR.

Restrictions may apply to the right to information and the right to erasure in accordance with Sections 34 and 35 BDSG.

In addition, there is a right of appeal to a competent data protection supervisory authority (Article 77 GDPR in conjunction with Section 19 BDSG). The supervisory authority responsible for us is

The State Commissioner for Data Protection and Freedom of Information Rhineland-Palatinate
Hintere Bleiche 34
55116 Mainz

Tel.: 061 31/208-24 49
Fax: 061 31/208-24 97
E-mail: poststelle@datenschutz.rlp.de
Internet: www.datenschutz.rlp.de

Data portability (usually only relevant in connection with profiles on social networks) does not apply to this website insofar as we have not stored any further data about you. However, you can of course request further information about data relating to business activities at any time.

+ Is there an obligation for you to provide data?

No, there is no such obligation. In the context of a possible contractual relationship, however, you must provide the personal data that is necessary for the commencement, execution and termination of the contractual relationship and for the fulfillment of the associated contractual obligations or that we are legally obliged to collect. Without this data, we will generally not be able to conclude or execute the contract with you.

+ Information about your right to object in accordance with Article 21 of the General Data Protection Regulation (GDPR)

Individual right of objection

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6(1)(f) GDPR (data processing on the basis of a balancing of interests); this also applies to profiling based on this provision within the meaning of Article 4(4) GDPR.

If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves the establishment, exercise or defense of legal claims.

Recipient of an objection

The objection can be made informally with the subject “Objection”, stating your name, address and date of birth, and should be addressed to:

Experts Institute
Data protection (at) expertsinstitut.de
+49 (0)6321-3995566

Status: 24.03.2022