Privacy

privacy-abbildung

Privacy
is important to us


Privacy

In this Data Privacy Declaration, we inform you what personal data we process when you visit our website, and what rights you have with respect to that data. For definitions of the terms used in this document, please refer to Art. 4 of the General Data Protection Regulation (GDPR).

Personal data means all information that relates to an identified or identifiable natural person. This includes, for instance, your name, address, and communication details or e-mail address.

Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

A data subject is any identified or identifiable natural person whose personal data is processed by the controller.

A controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Users includes all categories of data subjects who are affected by data processing. This group includes our business partners and other visitors to our website.

1. Name and address of the controller

dhmp GmbH & Co. KG

Auditing Firm
Tax Advising Firm

Zur Gießerei 16
76227 Karlsruhe
Phone 0 721 – 981 75-0
Fax 0 721 – 981 75-500
E-mail: info@dhmp.de

Name and address of the controller’s representative

dhmp Verwaltungs GmbH

Zur Gießerei 16
76227 Karlsruhe
Phone 0 721 – 981 75-0
E-mail: info@dhmp.de

2. Data Protection Officer

You can contact our Data Protection Officer by e-mail to datenschutz@dhmp.de or by regular mail to the above mailing address, with the note “C/O the Data Protection Officer”.

3. Provision of the website and log files

3.1. Scope of data processing

When you visit our website, your browser transmits certain data to our web servers for technical reasons. This includes the following data (so-called server log files):

  • IP address
  • Date and time of the inquiry
  • Content of the request (specific page)
  • Operating system and its access status / HTTP status code
  • Quantity of data transmitted
  • Website from which the request comes (“Referrer URL”)
  • Browser, language and version of browser software
  • Files accessed

This data is never saved alongside other personal information belonging to the user.

3.2. Purpose of data processing

The temporary storage of the user’s IP address by our web server is technically required to display the website. The user’s IP address must remain stored for the duration of the session.

The above data is stored in log files in order to ensure the proper function of our website. Furthermore, we use this data to optimize the website and to ensure the security of our information technology systems (such as to identify attacks). Data is never evaluated for marketing purposes in this context.

3.3. Legal basis for data processing

Art. 6 para. 1 lit. f) GDPR forms the legal basis for temporary storage of this data and the log files. We have a legitimate interest in operating and ensuring the security of our website.

3.4. Duration of storage

The above data will be deleted as soon as it is no longer required for the purposes for which it was collected. If data is collected for the purpose of providing the website, it will no longer be required once the specific session is ended.

This will be a maximum of seven days for data stored in the log files. Data may be stored for longer than this if the data is required (for instance to investigate attacks, misuse, or fraudulent actions). Data that must be stored longer in order to serve as evidence will not be deleted until the incident in question has been thoroughly investigated.

3.5. Right to object and right to data deletion

Collecting data required to provide the website and storing this data in log files are required for us to operate our website. Therefore, you have no right to object to this collection or storage.

4. Contact

4.1. Contact form

4.1.1. Scope of data processing

You can contact us via the inquiry form. If you do so, we will process the following data from you:

Salutation, academic title, first name*, last name*, company name, e-mail address, subject*, message, callback request with telephone number. Data marked with an * indicates mandatory fields.

4.1.2. Purpose of data processing

We process your personal data to handle your inquiry.

4.1.3. Legal basis for data processing

The legal basis for processing data transmitted when a contact inquiry is sent is Art. 6 para. 1 lit. f) GDPR (our legitimate interests as a controller). If the contact is sent for the purpose of concluding an agreement, Art. 6 para. 1 lit. b) GDPR also serves as the legal basis for processing (fulfilling a contract).

4.1.4. Recipients of the data

Your personal data is transmitted to the internal offices at dhmp GmbH & Co. KG responsible for processing your inquiry.

4.1.5. Data transmission to third countries

Your personal data will not be transmitted to a third country or international organization.

4.1.6. Duration of storage

Data transmitted to us is deleted once it is no longer necessary to achieve the purpose for which it was collected. For personal data entered into the input screen on the contact form, this is the case once the conversation in question with the user has ended, and once circumstances indicate that the matter in question has been fully clarified, and there are no statutory retention obligations for the data.

4.1.7. Right to object and right to data deletion

You have the right to object to the processing of your personal data at any time. If you do so, we will not be able to continue our conversation. Please send your objection to info@dhmp.de. All personal information saved during the course of contacting the user will then be deleted, unless it is subject to a retention requirement.

4.2. Contacting us via e-mail

4.2.1. Scope of data processing

You can contact us via our provided e-mail address. In this case, we will store the personal data transmitted along with your inquiry.

4.2.2. Purpose of data processing

We process your personal data to handle your inquiry.

4.2.3. Legal basis for data processing

The legal basis for processing data transmitted when an e-mail is sent is Art. 6 para. 1 lit. f) GDPR (our legitimate interests as a controller). If the contact is sent for the purpose of concluding an agreement, Art. 6 para. 1 lit. b) GDPR also serves as the legal basis for processing (fulfilling a contract).

4.2.4. Recipients of the data

Your personal data is transmitted to the internal offices at dhmp GmbH & Co. KG responsible for processing your inquiry.

4.2.5. Data transmission to third countries

Your personal data will not be transmitted to a third country or international organization.

4.2.6. Duration of storage

Data transmitted to us is deleted once it is no longer necessary to achieve the purpose for which it was collected. For personal data sent via e-mail, this is the case once the conversation in question with the user has ended, and once circumstances indicate that the matter in question has been fully clarified, and there are no statutory retention obligations for the data.

4.2.7. Right to object and right to data deletion

You have the right to object to the processing of your personal data at any time. If you do so, we will not be able to continue our conversation. Please send your objection to info@dhmp.de. All personal information saved during the course of contacting the user will then be deleted, unless it is subject to a retention requirement.

4.3. Contacting us by telephone

4.3.1. Scope of data processing

If you contact us by telephone, we will process the data you provide to us (name, telephone number, your company name, any e-mail address and inquiry) in order to handle your contact inquiry and answer your questions.

4.3.2. Purpose of data processing

We process your personal data in order to handle your inquiry and to provide you with the desired information.

4.3.3. Legal bases for processing

The legal basis for processing data provided during the telephone call is Art. 6 para. 1 lit. f) GDPR for general inquiries. We have a legitimate interest in handling your request. If the telephone call is made for the purpose of concluding a contract, then Art. 6 para. 1 lit. b) GDPR also serves as the legal basis for processing.

4.3.4. Recipients of the data

Your personal data is transmitted to the internal offices at dhmp GmbH & Co. KG responsible for processing your inquiry.

4.3.5. Data transmission to third countries

Your personal data will not be transmitted to a third country or international organization.

4.3.6. Duration of storage

We delete personal data once it is no longer required to achieve the purpose for which it was collected, or we restrict the data if statutory retention obligations apply. This is the case for personal data you have provided us by telephone once circumstances indicate that the matter in question or the inquiry has been fully clarified.

4.3.7. Right to object and right to data deletion

You can object to the storage of your personal data at any time. If you do so, we will not be able to continue our conversation. Please send your objection to info@dhmp.de.

5. Newsletter

5.1. Scope of data processing

You may subscribe to our free newsletter “Steuerbescheid” on our website. It will inform you each month about important tax law-related news and news from our firm.

We will collect your e-mail address, last name, and first name when you register for the newsletter. You may also provide your salutation, title and company name.

We use a double opt-in process for newsletter registration. After you register for the newsletter, you will receive an e-mail requesting that you confirm your registration. We use this process so that no one can register using a third party’s e-mail address. We log newsletter registrations in order to certify that our registration process meets statutory requirements. This includes the date, time, and user’s IP address at the time of registration.

Your consent will be obtained to process the data during the registration process, and you will be referred to this Data Privacy Declaration. The data is used only to send the newsletter.

5.2. Purpose of data processing

We process your personal data to send the newsletter.

5.3. Legal basis for data processing

The legal basis for processing your personal data after you register for the newsletter is Art. 6 para. 1 lit. a) GDPR.

5.3.1. Recipients of the data

Your personal data is transmitted to our Marketing department.

The newsletter is sent as part of contract processing under data privacy law in accordance with Art. 28 GDPR, and is carried out by our service provider WIADOK KG, Am Speicher 2, D-49090 Osnabrück.

5.3.2. Data transmission to third countries

Your personal data will not be transmitted to a third country or international organization.

5.4. Right to object and right to data deletion

You can cancel your subscription to our newsletter at any time, thereby revoking your consent. There is a link to unsubscribe in every newsletter. Alternatively, you can also simply contact us by e-mail at marketing@dhmp.de.

We will delete the data you provided to us in order to subscribe to the newsletter after you unsubscribe from the newsletter. Data we have saved for other purposes shall remain unaffected.

6. Cookies

Our website uses cookies. Cookies are small text files stored on your computer (or on a tablet or smartphone) when you access the website. Cookies do not harm your computer, and do not contain any malware such as viruses or Trojans.

We only use cookies that are technically required to operate our website (called essential cookies).

The cookie PHPSESSID stores your current session with reference to PHP applications, thereby ensuring that all functions can be displayed when the user requests a page.

The cookie _icl_current_language controls the language selection and stores the user’s preferred language on our website. It is only used if you would like to display our website in another language.

6.1.1. Purpose of data processing

The essential cookies are technically required to access our website and also allow users to select from different languages.

6.1.2. Legal basis for data processing

The legal basis for using essential cookies that are technically required to operate the website is Art. 6 para. 1 lit. f) GDPR. We have a legitimate interest in operating and ensuring the proper function of our website.

6.1.3. Duration of storage

The cookie PHPSESSID is a so-called session cookie which is deleted automatically at the end of the browser session.

The cookie _icl_current_language is valid for one year, and will then be deleted automatically.

6.1.4. Right to object and right to data deletion

As a user you have full control over how cookies are used. You can delete cookies at any time. You can change the settings on your web browser so that no cookies are ever saved, or so that cookies are deleted automatically at the end of your web session.

To delete cookies, select “Extras > Internet options > General > Browser process > Delete” in Microsoft Internet Explorer. You can set general rules for how data will be handled under “Extras > Internet options > Data protection > Expanded settings.”

In Firefox, select “Settings > Data protection and safety > Cookies and Website data”.

To do so in Google Chrome, select “Settings > Extended > Data protection and safety > Website settings > Cookies and website data”.

If you use another internet browser, please see the browser’s help function for instructions on how to prevent or delete cookies.

Please note that, if you do deactivate cookies, you may not be able to use all of the function of our website in full.

7. Social Media

Our website contains buttons and hyperlinks to the social networks XING and LinkedIn, where we maintain publicly accessible profiles. We use these profiles to communicate with users and inform them about our services and professional opportunities.

When you simply visit our page, no personal data is transmitted to these platforms. Data is only transmitted to the platforms if you click on the specific button or hyperlinks. If you do so, the provider on which you clicked receives the information that you have accessed the specific page of our website (e.g. the date, time, IP address, website accessed) If you are logged into the social media provider, data collected on our page may be associated directly to your account with the provider. We recommend that you regularly log out after using social networks, in particular before activating the button, since this can prevent your activities from being associated with your profile at the plug-in provider.

It is possible that the provider of the service or content in question may process your data for other purposes of their own. However, since we have no influence over the data collected by third parties or their processing of that data, we cannot provide any binding information on the purpose and scope for which your data is processed.

Therefore, please see the Data Privacy Notice of the provider responsible under data protection law for further information on the purpose and scope in which your data is collected and processed. This Notice will also provide further information on how your data is processed, and your options for objecting to the processing. For a detailed description of processing and your options for objection (opt-out), please see the following links to information from the providers.

Xing (New Work SE, Dammtorstraße 30, 20354 Hamburg, Germany); Data Privacy Declaration: https://privacy.xing.com/de/datenschutzerklaerung

LinkedIn (LinkedIn Ireland Unlimited Company any, Wilton Place, Dublin 2, Ireland); Data Privacy Declaration: https://www.linkedin.com/legal/privacy-policy; Opt-out procedure: https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

8. Data security

We take technical and organizational measures to ensure the security of data processing based on state of the art technology. By doing so, we ensure that we comply with the specifications of data protection law, in particular the General Data Protection Regulation, and that the data we process is protected against destruction, loss, change and unauthorized access. These security measures include the encrypted transmission of data between your browser and our web server. Please note that SSL/TLS encryption for transmissions over the internet is only activated if the lock symbol appears in the bottom menu bar of your browser window, and if the address begins with https://. SSL/TLS encryption protects data transmissions against illegal third party access to the data with an encryption technology. If this option is not available, therefore, you can also decide not to send certain data over the internet. Our web server is located in the Federal Republic of Germany.

9. Transmission of data to third parties and third party providers

Data is only transmitted to third parties in accordance with the law. We only transmit user data to third parties if users have consented to the transfer (Art. 6 para. 1 lit. a GDPR), if data transmission is required for contractual purposes (Art. 6 para. 1 lit. b GDPR), or insofar as we have a legitimate interest in the economical and effective operation of our company (Art. 6 para. 1 lit. f GDPR).

Within the framework of contract processing under data protection law, in accordance with Art. 28 GDPR, we engage service providers for the operation, maintenance and servicing of our website and IT systems. These providers may receive access to your personal data in the course of maintaining and servicing the IT systems. Therefore, we have taken appropriate legal, technical and organizational measures with you to ensure the protection of your personal data in accordance with valid law.

Your personal data will not be transmitted to a third country or international organization.

10. Your rights

If we process your personal data, you are a data subject in the sense of the General Data Protection Regulation (GDPR), and you have the following rights towards us with respect to your personal data:

  • The right to information (Art. 15 GDPR)
  • The right to rectification (Art. 16 GDPR)
  • The right to deletion (Art. 17 GDPR)
  • The right to restrict data processing (Art. 18 GDPR)
  • The right to data portability (Art. 20 GDPR)
  • The right to object to data processing (Art. 21 GDPR)

Furthermore, you have the right to submit complaints to a data protection supervisory authority (Art. 77 GDPR). An overview of German supervisory authorities is available at
https://www.datenschutzkonferenz-online.de/datenschutzaufsichtsbehoerden.html

The supervisory authority responsible for our company is:

The State Office for Data Protection and Freedom of Information
Königstrasse 10 a
D-70173 Stuttgart

Website with further contact details: https://www.baden-wuerttemberg.datenschutz.de

11. Amendments to the Data Privacy Declaration

We reserve the right to amend the Data Privacy Declaration in order to adapt it to a changing legal situation, or if the services or data processing change. However, this only applies to declarations on data processing. If the user’s consent is required, or if parts of the Data Privacy Declaration contain regulations regarding the contractual relationship with the user, then amendments will only be made with the user’s approval.

Please review the content of the Data Privacy Declaration regularly.

Data Privacy Declaration last updated on: 9/7/2020