1. Data protection at a glance

General information

The following notes provide a simple overview of what happens to your personal data when you visit our website www.consileon.de/en. According to Art. 4 (1) DSGVO, personal data is any data with which you can be personally identified. For detailed information on the subject of data protection, please refer to our privacy policy listed below this text.

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

Data collection on our website

Who is responsible for the data collection on this website?

Data processing on this website is carried out by the website operator Consileon Business Consultancy GmbH, Maximilianstr. 5, 76133 Karlsruhe, Germany. You can find their contact details in the imprint of this website or in section 2.1 of this privacy policy.

How do we collect your data?

On the one hand, your data is collected by you providing it to us. This can be, for example, data that you enter in a contact form.

Other data is collected automatically by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). The collection of this data takes place automatically as soon as you enter our website.

What do we use your data for?

Some of the data is collected to ensure error-free provision of the website. Other data may be used to analyze your user behavior.

What rights do you have regarding your data?

In accordance with Chapter III of the GDPR, you have the right to receive information free of charge at any time about the origin, recipient and purpose of your stored personal data. You also have a right to request the correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of data protection, you can contact us at any time at the address given in the imprint. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

2. General notices and mandatory information

2.1 Notice regarding the responsible body and data protection officer

The responsible party for data processing on this website is:

Consileon Business Consultancy GmbH
Maximilianstr. 5
76133 Karlsruhe
Vertreten durch Dr. Joachim Schü

Telefone: +49 721 35460-80
Fax: +49 721 35460-89
E-Mail: info[at]consileon.de

The controller is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

You can reach the data protection officer of the responsible person at:

natalie.dittrich[at]consileon.de

or in written form to the address of the data controller with the corresponding note “Attn: Data Protection Officer”.

2.2 Viewing of our Website

When you access our website, information is automatically sent to the server of our website by the so-called browser used on your end device. This is the following data, which is collected without your intervention and stored until automated deletion:

• IP address of the requesting computer
• Date and time of access
• Browser used and, if applicable, the operating system of your computer as well as the name of your access provider
• Amount of data transferred
• Message about successful retrieval

The data is also stored in the log files of our system. A storage of this data together with other personal data of the user does not take place.

The temporary storage of the above data by the system is necessary to enable delivery of the website to the user’s computer as well as to ensure the functionality and optimization of our website and to ensure the security of the information technology systems.

The aforementioned data collection is based on our legitimate interest in the secure provision and functionality of our website in accordance with Art. 6 (1) p. 1 lit. f DSGVO.

Your personal data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. This is the case in the storage of data in the log files after 3 months.

The collection of data for the provision of the website and the storage of the data in log files is mandatory for the operation of the website.

2.3 Plugins and Tools

a) Google Maps

This site uses the map service Google Maps via an API. The provider is Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA (hereinafter: Google).

To use the functions of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there. The provider of this site has no influence on this data transmission.

The use of Google Maps on our homepage takes place exclusively on the basis of your consent and only if you have given your consent in the context of our cookie notice along with the consent option. The legal basis is then Art. 6 para. 1 p. 1 lit. a DSGVO.

Here you can renew or change your cookie consent.

For more information on how Google handles user data, please see Google’s privacy policy: https://www.google.de/intl/de/policies/privacy/.

b) econda Analytics

In order to be able to ensure a demand-oriented design and optimization of our homepages, pseudonymized data is collected and stored by solutions and technologies of econda GmbH (Zimmerstraße 6, 76137 Karlsruhe, Germany, www.econda.de) and usage profiles are created from this data using pseudonyms. econda is our order processor and a corresponding order processing agreement has been concluded. A transfer of the data to third parties or a transfer to third countries is excluded.

We process your personal data within the scope of the use of the econda tool for the purpose of analyzing homepage visits and optimizing our online offer.

Without your consent (opt-in), the econda solutions work in anonymous mode based on the current session. No personal data, such as the IP address, is additionally processed or stored by the tool. No cookies are set. You will not be recognized in later visits and profiling is not possible.

With your consent (opt-in), cookies are used for the above-mentioned purpose, which enable the recognition of an Internet browser. However, usage profiles are not combined with data about the bearer of the pseudonym without the express consent of the visitor. In particular, IP addresses are made unrecognizable immediately after receipt, which means that it is not possible to assign usage profiles to IP addresses. You can, of course, revoke your consent at any time.

To implement this, we use:

• cookies
• local memory

The use of anonymized tracking is carried out in accordance with Article 6 (1) f DSGVO due to our legitimate interest in carrying out a range measurement in order to continuously optimize our online presence.

Personalized tracking only takes place with your consent, which is then the legal basis for the processing (Article 6(1)(a) DSGVO).

We collect the following data:

• Information about the device used, including device ID
• IP address
• Information about viewed pages within the website visit

The processing and storage of personal data is deleted when the purpose ceases to apply, which in most cases is immediately after the end of the website visit.

Click here for more information: https://www.econda.de/service/datenschutz/

c) YouTube components with extended data

On our website we use components (videos) of the company YouTube, LLC 901 Cherry Ave, 94066 San Bruno, CA, USA, a company of Google Inc, Amphitheatre Parkway, Mountain View, CA 94043, USA.

Here we use the option provided by YouTube ” – extended data protection mode – “.

When you visit a page that has an embedded video, a connection to the YouTube servers is established and the content is displayed on the website by notifying your browser. According to the information provided by YouTube, in ” – extended data protection mode -” only data is transmitted to the YouTube server, in particular which of our Internet pages you have visited when you watch the video. If you are logged into YouTube at the same time, this information will be assigned to your member account at YouTube. You can prevent this by logging out of your member account before visiting our website.

Further information on YouTube privacy is provided by Google at the following link:

https://www.google.de/intl/de/policies/privacy/

The use of YouTube on our homepage takes place exclusively on the basis of your consent and only if you have given your consent in the context of our cookie notice along with the consent option. The legal basis is then Art. 6 para. 1 p. 1 lit. a DSGVO.

Here you can renew or change your cookie consent

2.4 Online presence in social media

We maintain online presences within social networks and platforms in order to be able to communicate with the customers, interested parties and users active there and to inform them about our services there. When calling up the respective networks and platforms, the terms and conditions and data processing guidelines of the respective operators apply.

Unless otherwise stated in our privacy policy, we process the data of users if they communicate with us within the social networks and platforms, e.g. write posts on our online presences or send us messages.

a) Facebook

We would like to point out that Facebook provides us with aggregated data as part of the Insights feature, which provides us with information about how our Fanpage users interact with it. These Page Insights may be based on personal data collected from you in connection with a visit to or interaction with our Fan Page. We receive this data only as anonymized evaluations. Facebook itself, however, has the ability to attribute your usage data on our Fanpage directly to you and to use your personal data in a non-anonymized manner, provided you are a Facebook member paired with your other voluntarily provided data.

According to the case law of the ECJ, we are co-responsible for the personal data collected by Facebook, to which we predominantly have access only in anonymized form, pursuant to Art. 26 of the GDPR. We have therefore entered into an agreement with Facebook pursuant to Art. 26 DSGVO. However, the primary responsibility regarding the processing of the Insights data remains with Facebook. This means that Facebook is responsible for complying with the data protection provisions according to DSGVO and BDSG. We as the operator of the Fanpage cannot make any decisions regarding the processing of Insights data and regarding the information obligations pursuant to Art. 13 DSGVO, the legal basis of the processing, and the storage period of cookies and personal data.

At the following link Facebook, provides you with the essentials from the Page Insights supplement:

https://www.facebook.com/legal/terms/page_controller_addendum

Please note that you can submit requests directly to Facebook and to us. You can submit your request to Facebook at the following link: https://www.facebook.com/help/contact/308592359910928

b) Xing

XING is a social network of XING SE based in Hamburg, Germany, which enables the creation of private and professional profiles. Users can maintain their existing contacts and make new ones. Companies can create profiles on which photos and other company information are uploaded. Other XING users have access to this information and can write their own articles and share this content with others.

The focus is on professional exchange on specialist topics with people who have the same professional interests. In addition, XING is frequently used by companies and other organizations to recruit employees and present themselves as an interesting employer.

Further information on XING can be found at: https://corporate.xing.com/de/unternehmen/

Further information on data protection at XING can be found at: https://privacy.xing.com/de/datenschutzerklaerung.

We do not collect or process any personal data via our XING Company Page.

c) LinkedIn

LinkedIn is a social network of LinkedIn Inc. based in Sunnyvale, California, USA, which enables the creation of private and professional profiles. Users can maintain their existing contacts and make new ones. Companies can create profiles on which photos and other company information can be uploaded. Other LinkedIn users have access to this information and can write their own articles and share this content with others.

The focus is on professional exchange on specialized topics with people who have the same professional interests. In addition, LinkedIn is often used by companies and other organizations to recruit employees and present themselves as an interesting employer.

For more information about LinkedIn, please visit: https://about.linkedin.com/.

For more information about LinkedIn’s privacy practices, please visit: https://www.linkedin.com/legal/privacy-policy

We do not collect or process any personal data via our LinkedIn company page.

d) Kununu

e) Instagram page (a service of Meta Platforms, Inc.).

When you visit our Instagram page, Instagram collects, among other things, your IP address and other information that is available in the form of cookies on your PC. This information is used to provide us, as operators of the Instagram pages, with statistical information about the use of the Insta-gram page. Instagram provides more detailed information on this under the following link: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect .

By means of the transmitted statistical information, it is not possible for us to draw conclusions about individual users. We only use this information to respond to the interests of our users and to continuously improve our online presence and ensure its quality.

We collect your data via our Instagram page only to realize a possible provision for communication and interaction with us. This collection usually includes your name, message content, comment content, and the profile information you provide “publicly”.

The processing of your personal data for our above-mentioned purposes is based on our legitimate business and communicative interest in offering an information and communication channel pursuant to Art. 6 para. 1 f) DSGVO. If you, as a user, have given your consent to the data processing vis-à-vis the respective provider of the social network, the legal basis of the processing extends to Art. 6 (1) a), Art. 7 DSG-VO.

Due to the fact that the actual data processing is carried out by the provider of the social network, our access to your data is limited. Only the provider of the social network is authorized to fully access your data. Due to this, only the provider can directly take and implement appropriate measures to fulfill your user rights (information request, deletion request, objection, etc.). The assertion of corresponding rights is therefore most effective directly against the respective provider.

We are jointly responsible with Instagram for the personal content of the fan page. Data subject rights can be asserted with Meta, Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland as well as with us.

Under the GDPR, the primary responsibility for processing by Instagram lies with Meta and Instagram/Meta complies with all obligations under the GDPR with regard to processing.

We do not make any decisions regarding the processing of usage data within the Instagram platform, in particular also not regarding a legal basis, the identity of the person responsible or the storage period of cookies on user devices.

You can find further information directly at Instagram: https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect

3. Sharing your data

Except for our website operator and hosting provider, Google Analytics as well as Google Maps, your data will not be communicated by us to third parties. We also take appropriate measures and carry out regular checks to ensure that the data we collect cannot be viewed or accessed by third parties from outside.

4. Rights concerned

4.1 Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke an already given consent at any time. For this purpose, an informal communication by e-mail to us is sufficient. The legality of the data processing carried out until the revocation remains unaffected by the revocation.

4.2 Right of appeal to the competent supervisory authority

In the event of violations of data protection law, the data subject shall have the right to lodge a complaint with the competent supervisory authority.

The competent supervisory authority for data protection issues for Consileon Business Consultancy GmbH, Maximilianstraße 5, 76133 Karlsruhe is the State Data Protection Commissioner of Baden-Württemberg. This can be reached at https://www.baden-wuerttemberg.datenschutz.de/.

Consileon Frankfurt GmbH, Neue Mainzer Straße 74, 60311 Frankfurt am Main the State Data Protection Commissioner of Hesse. He can be reached at https://datenschutz.hessen.de/.

4.3 Right to data portability

You have the right to have data that we process automatically on the basis of your consent or in fulfillment of a contract handed over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another controller, this will only be done insofar as it is technically feasible.

4.4 Information, blocking, deletion

Within the framework of the applicable legal provisions from Chapter III DSGVO, you have the right at any time to free information about your stored personal data, its origin and recipient and the purpose of data processing and, if applicable, a right to immediate correction, blocking or deletion of this data. For this purpose, as well as for further questions on the subject of personal data, you can contact us at any time using the contact information provided in the privacy policy, at the address given in the imprint or by e-mail to datenschutz@consileon.de.

5. Right to appeal

If your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) p. 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, provided that there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.

If you wish to exercise your right of revocation or objection, simply send an e-mail to datenschutz@consileon.de.

6. Contact form

For questions of any kind, we offer you the possibility to contact us via a form provided on the website. In doing so, it is necessary to provide your name and a valid e-mail address so that we know from whom the inquiry originates and so that we can answer it. Further information can be provided voluntarily.

Data processing for the purpose of contacting us is carried out in accordance with Art. 6 para. 1 p. 1 lit. b DSGVO on the basis of a contract-like relationship in the sense of initiating a contract.

The personal data collected by us for the use of the contact form will be automatically deleted after completion of your request.

7. Application form

You can apply directly to the website operator using our application form. You enter the data you wish to submit yourself. The legal basis for this processing is § 26 BDSG. Please take note of our separate data protection information for applicants.

8. SSL or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.

9. Links to websites of other providers

Our websites may contain links to websites of other providers to which this data protection declaration does not extend. Insofar as the collection, processing or use of personal data is associated with the use of the websites of other providers, please observe the data protection information of the respective providers.

10. Other

We would like to point out that data transmission on the Internet (e.g. when communicating by e-mail) can have security gaps. A complete protection of the data against access by third parties is not possible.

This privacy policy is current as of February 2020.