Datenschutzerklärung Bild

Data protection at a glance

General information

The following information will provide you with an easy to navigate overview of what will happen with your personal data when you visit this website. The term ‘personal data’ comprises all data that can be used to personally identify you. For detailed information about the subject matter of data protection, please consult our Data Protection Declaration below.

  1. Data collection on this website

Who is the responsible party for the recording of data on this website (i.e. the ‘controller’)?

The data processing on this website is carried out by the website operator. You can find the contact details in the ‘Note on the responsible party’ section of this data protection declaration.

How do we collect your data?

On the one hand, your data is collected when you provide it to us. This may be data that you send us by email, for example.

Other data are collected by our IT systems automatically or with your consent when you visit the website. These are mainly technical data (e.g. internet browser, operating system or time of page view). These data are collected automatically as soon as you enter this website.

What do we use your data for?

Some of the data is collected to ensure that the website is error-free. Other data can be used to analyse your user behaviour.

What rights do you have regarding your data?

You have the right at any time to receive information free of charge about the origin, recipient and purpose of your stored personal data. You also have the right to request the correction or deletion of this data. If you have given your consent to the data processing, you can revoke this consent at any time for the future. In addition, you have the right to request the restriction of the processing of your personal data under certain circumstances. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.

Please do not hesitate to contact us at any time if you have questions about this or any other data protection related issues.

  1. Hosting

External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the host’s servers. This may include, but is not limited to, IP addresses, contact requests, metadata and communications, contract information, contact information, names, web page access, and other data generated through a web site.

The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b GDPR) and in the interest of secure, fast and efficient provision of our online services by a professional provider (Art. 6 para. 1 lit. f GDPR).

Our hoster will only process your data to the extent necessary to fulfil its performance obligations and will follow our instructions with regard to this data.

We use the following hoster:

Alfahosting GmbH
Ankerstraße 3b
06108 Halle

Contract data processing

We have concluded a contract for order processing (AVV) with the provider named above. This is a contract prescribed by data protection law that ensures that the personal data of our website visitors is processed only in accordance with our instructions and in compliance with the GDPR.

  1. General information and mandatory information

Data protection

The operators of these pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this privacy policy.

When you use this website, various personal data is collected. Personal data is data that can be used to personally identify you. This privacy policy explains what data we collect and what we use it for. It also explains how and for what purpose this is done.

We would like to point out that data transmission over the internet (e.g. when communicating by email) can have security gaps. It is not possible to provide seamless protection of data from access by third parties.

Note on the responsible party

The responsible party for data processing on this website is:

Maike Klüwer
Tremsbütteler Weg 98c
22941 Bargteheide, Germany

Telephone: 49 (0) 4532-27 67 853
Email:info@capi-consulting.de

The responsible party is the natural or legal person who alone or jointly with others decides on the purposes and means of processing personal data (names, email addresses, etc.).

Storage duration

Unless a more specific storage period has been specified in this data protection declaration, your personal data will remain with us until the purpose for which it was collected no longer applies. If you assert a justified request for deletion or revoke your consent to data processing, your data will be deleted, provided that we have no other legally permissible reasons for storing your personal data (e.g. tax or commercial law retention periods); in the latter case, the deletion will take place after these reasons cease to apply.

Note on data transfer to the USA and other third countries

Among other things, we use tools from companies based in the USA or other third countries that are not secure in terms of data protection. When these tools are active, your personal data may be transferred to and processed in these third countries. We would like to point out that these countries cannot guarantee a level of data protection comparable to that in the EU. For example, US companies are obliged to release personal data to security authorities without you as the data subject being able to take legal action against this. It cannot therefore be ruled out that US authorities (e.g. secret services) may process, evaluate and permanently store your data on US servers for monitoring purposes. We have no influence over these processing activities.

Revocation of your consent to data processing

Many data processing operations are only possible with your express consent. You can revoke consent that you have already given at any time. The legality of the data processing carried out up to the point of revocation remains unaffected by the revocation.

Right to object to data collection in special cases and to direct advertising (Art. 21 GDPR)

If data processing is carried out on the basis of Art. 6 (1) lit. e or f GDPR, you have the right to object to the processing of your personal data at any time for reasons arising from your particular situation; this also applies to profiling based on these provisions. The respective legal basis for processing can be found in this data protection declaration. If you file an objection, we will no longer process your personal data concerned unless we can prove compelling reasons for the processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims (objection according to art. 21 para. 1 GDPR).

Where your personal data are processed for direct marketing purposes, you have the right to object at any time to processing of personal data concerning you for such marketing, which includes profiling to the extent that it is related to such direct marketing. If you object, your personal data will no longer be processed for direct marketing purposes (objection pursuant to Article 21(2) GDPR).

Right to lodge a complaint with a supervisory authority

In the event of violations of the GDPR, data subjects are entitled to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint exists regardless of other administrative or judicial remedies.

Right to data portability

You have the right to have data which we process based on your consent or in fulfilment of a contract automatically delivered to yourself or to a third party in a standard, machine-readable format. If you require the direct transfer of data to another responsible party, this will only be done to the extent technically feasible.

SSL and/or TLS encryption

This site uses SSL or TLS encryption for security reasons and to protect the transmission of confidential content, such as orders or requests that you send to us as the site operator. You can recognise an encrypted connection by the fact that the browser’s address line changes from ‘http://’ to ‘https://’ and by the lock symbol in your browser line.

If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.

Information, deletion and correction

Within the framework of the applicable legal provisions, you have the right at any time to free information about your stored personal data, its origin and recipients and the purpose of the data processing and, if necessary, a right to correction or deletion of this data. Please do not hesitate to contact us at any time if you have further questions on the topic of personal data.

Right to restriction of processing

You have the right to request the restriction of the processing of your personal data. You can contact us at any time regarding this. The right to restriction of processing applies in the following cases:

  • If you dispute the accuracy of your personal data stored by us, we usually need time to verify this. For the duration of the verification, you have the right to request the restriction of the processing of your personal data.
  • If the processing of your personal data was/is carried out unlawfully, you can request the restriction of data processing instead of deletion.
  • If we no longer need your personal data, but you need it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of deletion.
  • If you have objected to processing pursuant to Article 21(1) GDPR, your rights and our rights will have to be weighed against each other. While it is not yet clear whose interests prevail, you have the right to demand a restriction of the processing of your personal data.

If you have restricted the processing of your personal data, these data – apart from their storage – may only be processed with your consent or for the purpose of asserting, exercising or defending legal claims or protecting the rights of another natural or legal person or on grounds of an important public interest of the European Union or a Member State.

  1. Data collection on this website

Cookies

Cookies are small text files that are stored on your computer and saved by your browser. They enable an analysis of the use of the website.

No cookies are set via the web application of our hosting provider Alfahosting GmbH.

Server log files

The website provider automatically collects and stores information that your browser automatically transmits to us in ‘server log files’. These are:

  • Browser type and browser version
  • Operating system used
  • Referrer URL
  • Host name of the accessing computer
  • Time of the server request
  • IP address

This data is not merged with other data sources.

This data is recorded on the basis of Art. 6 Sect. 1 lit. f GDPR. The operator of the website has a legitimate interest in the technically error free depiction and the optimization of the operator’s website. In order to achieve this, server log files must be recorded.

Enquiries submitted by e-mail, telephone or fax

If you contact us by email, telephone or fax, your request, including all resulting personal data (name, request) will be stored and processed by us for the purpose of processing your request. We will not share this information without your consent.

The processing of these data is based on Art. 6 para. 1 lit. b GDPR, provided that your request is related to the execution of a contract or is required for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 para. 1 lit. f GDPR) or on your consent (Art. 6 para. 1 lit. a GDPR), provided that this has been requested.

The data you send to us via contact requests will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have finished processing your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

  1. Plugins and tools

Google Web Fonts

This site uses so-called web fonts, which are provided by Google, for the uniform display of fonts. When you access a page, your browser loads the required web fonts into your browser cache to display texts and fonts correctly.

To do this, the browser you use must connect to Google’s servers. This gives Google knowledge that this website has been accessed via your IP address. Google Web Fonts are used on the basis of Art. 6 Sect. 1 lit. f GDPR. The website operator has a legitimate interest in a uniform presentation of the font on the operator’s website. If a corresponding agreement has been requested (e.g. an agreement to the storage of cookies), the processing takes place exclusively on the basis of Art. 6 para. 1 lit. a GDPR; the agreement can be revoked at any time.

If your browser does not support web fonts, a standard font will be used by your computer.

Further information about handling user data, can be found at and in Google’s privacy policy at.

  1. Audio and video conferences

Data processing

We use online conferencing tools, among other things, to communicate with our customers. The tools we use in detail are listed below. When you communicate with us via video or audio conference over the internet, your personal data is collected and processed by us and the provider of the respective conferencing tool.

The conference tools collect all the data that you provide/use to use the tools (email address and/or your telephone number). Furthermore, the conference tools process the duration of the conference, the start and end (time) of participation in the conference, the number of participants and other ‘context information’ related to the communication process (metadata).

Furthermore, the tool provider processes all technical data required to handle the online communication. This includes, in particular, IP addresses, MAC addresses, device IDs, device type, operating system type and version, client version, camera type, microphone or loudspeaker, and the type of connection.

If content is exchanged, uploaded or otherwise provided within the tool, this is also stored on the servers of the tool providers. Such content includes, in particular, cloud recordings, chat/instant messages, voicemails, uploaded photos and videos, files, whiteboards and other information shared while using the service.

Please note that we do not have full influence on the data processing operations of the tools used. Our options are largely determined by the company policy of the respective provider. For more information on data processing by the conference tools, please refer to the data protection declarations of the tools used, which we have listed below this text.

Purpose and legal basis

The conference tools are used to communicate with prospective or existing contractual partners or to offer certain services to our customers (Art. 6 para. 1 lit. b GDPR). Furthermore, the use of the tools serves to generally simplify and accelerate communication with us or our company (legitimate interest in the sense of Art. 6 para. 1 lit. f GDPR). If consent has been requested, the tools in question are used on the basis of this consent; consent can be revoked at any time with effect for the future.

Storage period

The data collected directly by us via the video and conference tools will be deleted from our systems as soon as you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies. Stored cookies remain on your device until you delete them. Mandatory statutory retention periods remain unaffected.

We have no influence over the storage duration of your data stored by the operators of the conference tools for their own purposes. For details, please contact the operators of the conference tools directly.

Conference tools used

We use the following conference tools:

Zoom

We use Zoom. This service is provided by Zoom Communications Inc., San Jose, 55 Almaden Boulevard, 6th Floor, San Jose, CA 95113, USA. For details on data processing, please refer to Zoom’s privacy policy: .

Data transmission to the US is based on the Standard Contractual Clauses (SCC) of the European Commission. Details can be found here: .

MS Teams

Google Meet