This Privacy Notice applies to all processing of personal data of visitors to this website (www.privacysense.com), our clients, our service providers and other external communication partners carried out by us on behalf of the Privacysense brand.
We (the Controller), that is the
prohomo UG (haftungsbeschränkt)
Molthanstr. 6, 30169 Hannover
+49 (0)30 31012264
privacy[at]privacysense.com.
Quickly jump to the section of this privacy policy that interests you:
This data privacy notice is required by law and informs you about the data processing carried out by us.
This always involves the processing of so-called personal data. This is data that can be clearly assigned to a natural person. This can be data that directly identifies the person, but also data that only enables individualization of the person. Example: If you enter your name and email address in our contact form, we may be able to identify you from this data. If, on the other hand, you only browse our website, we could only individualize you through the use of cookies or other recognition technologies (we do not use recognition technology). Under special circumstances, however, individualization - and thus a personal reference - is also possible on the basis of data that you send to our servers for technical reasons in order to be able to access our website (e.g. IP address).
We have therefore summarized the most important information on our data processing:
Now to the details of the individual data processing operations. You will find the information required by law for each data processing operation (heading in bold):
| Website functionality | ||||||
| Purpose | Connection setup, content provision, ensuring system security | |||||
| Data Categories | Server log files, which may contain the following data, for example: IP address, operating system, web browser details, domain name of the internet service provider, referrer URL, date and time of access | |||||
| Data Recipients | The website is operated and maintained by a service provider based in Germany, which processes personal data as a so-called "Processor". | |||||
| Third country transfer | There is no data transfer to a non-EU/EEA country. | |||||
| Legal basis and necessity of data provision | Art. 6 (1) (f) GDPR. Our legitimate interest lies in the operation and protection of our website. The provision of data by you is neither legally nor contractually required. However, the website cannot be accessed without providing it. | |||||
| Processing time | Data in server log files is stored for a maximum of seven days. In exceptional cases, data is stored for longer if a security-related incident has occurred (e.g. DoS attack). | |||||
| Automated Decision-Making | No automated individual decision is made. | |||||
| Contact and request management | ||||||
| Purpose | Answering your electronic, telephone or postal inquiries (e.g. about our products) | |||||
| Data Categories | Contact details (e.g. name, e-mail address, telephone number), data on requested facts (e.g. interest in certain products) | |||||
| Data Recipients | We use email service providers as so-called "Processors" for receiving, sending and storing emails. As a minimum, emails are stored using end-to-end encryption, i.e. the email service provider itself cannot access the data. | |||||
| Third country transfer | Data is transferred to a secure third country (Switzerland). | |||||
| Legal basis and necessity of data provision | Art. 6 (1) (b) GDPR, in the event of the initiation of a business relationship. Art. 6 (1) (f) GDPR for responding to other inquiries, e.g. from authorities or private individuals. Our legitimate interest is to be able to respond to such inquiries appropriately. The provision of data by you is neither legally nor contractually required. However, we cannot process your request if you do not provide it. | |||||
| Processing time | If the data is subject to a statutory retention obligation (e.g. retention obligation under commercial or tax law), the data will be stored in accordance with the respective retention period (see processing “Client support and administration”). Otherwise, the data will be stored for as long as it is required to properly process your request. | |||||
| Automated Decision-Making | No automated individual decision is made. | |||||
| Client support and administration | ||||||
| Purpose | Support for our clients, provision of booked consulting services | |||||
| Data Categories | Inventory data (e.g. name, address, customer number), contact data (e.g. e-mail address, telephone number), contract data (e.g. term, customer category, object of service, place and time of service), service data (e.g. author of a document, time of creation, consultation appointments) | |||||
| Data Recipients | Depending on the case, data may have to be passed on to courts or authorities. We use email service providers as processors for receiving, sending and storing emails. As a minimum, emails are stored using end-to-end encryption, i.e. the email service provider cannot access the data. We store some contracts and consulting-related working documents in secure cloud services (end-to-end encryption), which are provided by so-called processors. | |||||
| Third country transfer | Data is transferred to a secure third country (Switzerland). | |||||
| Legal basis and necessity of data provision | Art. 6 (1) (b) or (f) GDPR (processing of booked consulting services) and Art. 6 (1) (c) GDPR (storage of documents subject to retention requirements). The provision of data is essentially contractually agreed. Without provision, we cannot provide the services you have booked. | |||||
| Processing time | If the data is subject to a statutory retention obligation (e.g. retention obligation under commercial or tax law), the data will be stored in accordance with the respective retention period. Otherwise, the data will be stored for as long as it is required for the proper fulfillment of the consulting service booked. | |||||
| Automated Decision-Making | No automated individual decision is made. | |||||
| Accounting and taxes | ||||||
| Purpose | Preparation, checking and management of incoming and outgoing invoices, dunning, payment transactions, account management, fulfillment of tax obligations | |||||
| Data Categories | Inventory data (e.g. name, address, customer number), contact data (e.g. e-mail address, telephone number), contract data (e.g. term, customer category, object of service, place of service, time of service), service data (e.g. author of a document, time of creation, consultation appointments) and financial data (booking transactions, payments, etc.). | |||||
| Data Recipients | We use email service providers as so-called "Processors" for receiving, sending and storing emails. As a minimum, emails are stored using end-to-end encryption, i.e. the email service provider cannot access the data. Data is exchanged with our tax advisor using end-to-end encryption. | |||||
| Third country transfer | In some cases, data is transferred to a secure third country (Switzerland). | |||||
| Legal basis and necessity of data provision | Art. 6 (1) (b) GDPR (verification and administration of invoices) and Art. 6 (1) (c) GDPR (fulfillment of accounting and tax obligations). The provision of data is essentially contractually agreed. Without provision, we cannot provide the services you have booked. | |||||
| Processing time | If the data is subject to a statutory retention obligation (e.g. retention obligation under commercial or tax law), the data will be stored in accordance with the respective retention period. Otherwise, the data will be stored for as long as it is required for the proper fulfillment of the consulting service booked. | |||||
| Automated Decision-Making | No automated individual decision is made. | |||||
| Marketing | ||||||
| Purpose | Planning and implementation of marketing campaigns, creation of advertising material, online marketing, postal advertising | |||||
| Data Categories | Contact details (e.g. name, e-mail address, telephone number, postal address) | |||||
| Data Recipients | We use email service providers as processors for receiving, sending and storing emails. As a minimum, emails are stored using end-to-end encryption, i.e. the email service provider cannot access the data. Data is exchanged with our tax advisor using end-to-end encryption. | |||||
| Third country transfer | In some cases, data is transferred to a secure third country (Switzerland). | |||||
| Legal basis and necessity of data provision | Art. 6 (1) (a) GDPR (in the case of consent to certain electronic advertising activities) and Art. 6 (1) (f) GDPR (for less sensitive advertising campaigns that do not require the consent of the person, e.g. postal advertising). There is neither a legal nor a contractual obligation for the person to provide data. | |||||
| Processing time | The data will only be processed for the respective advertising campaign. Data will be deleted earlier in the event that consent to or objection to our marketing activities is withdrawn. | |||||
| Automated Decision-Making | No automated individual decision is made. | |||||
Right of access
You have the right to request information about the data processing circumstances specified in Art. 15 (1) GDPR. In addition, you can request a copy of your data in accordance with Art. 15 (3) GDPR.
Right to rectification
You have the right to have incomplete or incorrect data about you completed or corrected by us in accordance with Art. 16 GDPR, if applicable.
Right to erasure
If one of the conditions specified in Art. 17 GDPR is met, you can request the erasure of your data.
Right to restriction of processing
In the constellations specified in Art. 18 GDPR, you have the right to request that the data processing concerning you be blocked.
Right to data portability
You have the right to receive the data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format or to request its transmission to another controller, subject to certain conditions set out in Art. 20 GDPR.
Right to object
Under certain conditions specified in Art. 21 GDPR, you have the right to object to the processing of your personal data at any time on grounds relating to your particular situation. An objection without any conditions is possible if the personal data concerning you are processed by us for the purpose of direct marketing.
Right of withdrawal
In accordance with Art. 7 (3) GDPR, you have the right to withdraw your consent at any time.
Right to lodge a complaint with the data protection supervisory authority
In accordance with Art. 77 (1) GDPR, you have the right to lodge a complaint with a data protection supervisory authority if you believe that the processing of your personal data violates data protection regulations.
You can reach our data protection officer as follows:
Data Protection Officer Privacysense (prohomo UG haftungsbeschränkt)
Molthanstraße 6, 30169 Hannover
privacy@privacysense.com.