Data protection

Data Privacy Policy of the Horváth & Partners Group

Introduction
We take the protection of your personal data very seriously during its collection, processing and use in line with legal provisions. Personal data is only collected on this website to the extent that is technically necessary. 
This policy provides an overview of how we ensure this protection and what type of data is used for what purpose.

Personal data
Personal data is all data that can be associated with an individual or could be used to identify that individual, e.g. name, address, email address, user behavior. Horváth & Partners places great importance on lawful processing of your data that will protect it in accordance with the provisions set forth in the legal regulations.

Collection of personal data
Our website may be used for informational reasons only, i.e. if you do not register or transmit information to us otherwise, without entering personal data. We will only collect the personal data that your browser transmits to our server and that we require from a technical perspective to display our website and ensure its stability and security (the legal basis for this is point (f) first sentence of Article 6(1) EU General Data Protection Regulation (GDPR)). 

This anonymous data is stored separately from any personal data you may provide and can therefore not be used to draw conclusions about any specific person. It is evaluated for statistical purposes and to enable us to optimize our website and our offerings. We collect your IP address, the data and time of the query, the website requested, the browser type, access status/HTTP status code, the website from which you visit our website (referrer URL) and your operating system.

In addition to the aforementioned data, cookies are also stored on your computer when you use our website. Cookies are small text files that are stored on your hard disk by the browser you use, and they transmit specific information to the site that has placed the cookie on your computer (in this case us). Cookies cannot execute programs or transmit viruses to your computer. Their purpose is to enable us to make our internet offerings more user-friendly and effective. You can read more about cookies later in this Privacy Policy.

Purpose of processing and legal basis
We process personal data in accordance with the provisions set forth in the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (Bundesdatenschutzgesetz, “BDSG”) in order to fulfill contractual obligations, based on your consent, within the scope of the balancing of interests and on the basis of legal provisions or in the public interest.

When you contact us by email or using a contact form, we store the data you provide (your email address, possibly your name and your telephone number) in order to respond to your queries. We delete any data provided in this context as soon as its storage is no longer necessary, or limit its processing if there is a statutory obligation to retain it.
It may be necessary to register in order to avail of specific services provided via our website. This also applies if you would like to receive up-to-date information from us in the future, e.g. about events, current studies, services, etc. The provision of this information is also subject to your consent. After you have given your consent, your personal data will be processed in accordance with point (a) Article 6(1) GDPR. You may withdraw your consent at any time by email to addressmanagement@horvath-partners.com.

If you register on our website for a service that requires registration, or to receive information in the future, we will store personal data in our Customer Relationship Management (CRM) system once the consent process is complete. Applicant details will be stored in our HR system. You may withdraw your consent at any time, whereupon the data will be deleted for all purposes or for specific purposes depending on the content of your withdrawal of consent.

Your data will not be used for automated decision-making processes including profiling (Article 22 GDPR).

You can access the option to register in order to receive information and the option to withdraw your consent by email to addressmanagement@horvath-partners.com.

Recipient categories
Data recipients include

a) Horváth & Partners internal sites concerned in the execution of the respective business processes, e.g.
    accounting, human resources, marketing.
b) Public bodies that receive data on the basis of legal provisions (in the case of overriding legal
    provisions), e.g. social insurance agencies, financial authorities.
c) External contractors in accordance with Section 11 BDSG and Section 28 GDPR, e.g. payment service   
    providers, shipping service providers.
d) External bodies for the fulfillment of the aforementioned purposes.

Email newsletter
By giving your consent, you can subscribe to our newsletter, through which we will keep you informed about the latest topics, studies, training opportunities, etc. (www.horvath-partners.com/e-news).

We use the double opt-in process when you register for our newsletter. This means that after you have registered, we send an email to the email address you provide, in which we ask you to confirm that you would like to receive our newsletter. If you do not confirm your registration within 48 hours, your information will be blocked and deleted automatically after one week. We also store your IP address and the time of registration and confirmation. The purpose of this process is to verify your registration and clarify any possible misuse of your personal data where applicable. The legal basis for this process is point (a) first sentence of Article 6(1) GDPR.

You may withdraw your consent to receive our newsletter at any time and unsubscribe from the newsletter. You can withdraw your consent by clicking the link provided in each newsletter email, on the website www.horvath-partners.com/abbestellen, by sending an email to addressmanagement@horvath-partners.com or by sending a message using the contact details specified in the Legal Notice.

Storage duration and deletion of data
We will process and store your personal data for as long as required for the fulfillment of our contractual and legal obligations and for as long as the purpose of the processing exists. If the data is no longer required for the fulfillment of contractual or legal obligations or if the purpose of the data storage ceases to exist, the data will be deleted on a regular basis unless its – limited – further processing is necessary for the following purposes:

a) fulfillment of data retention obligations under commercial or tax law which may arise from the
    German Commercial Code and the German Fiscal Code, for example. The periods for data storage or the
    keeping of documentation specified therein are generally between 2 and 10 years.
b) Preservation of evidence within the scope of the statutory limitation periods. Pursuant to Sections 195ff. 
    of the German Civil Code, these limitation periods may be up to 30 years, where the usual limitation 
    period is 3 years.

External links
Our website contains links to external third-party websites, the content of which we have no control over. We can therefore assume no liability for these websites. The respective provider or operator of the website is always responsible for the content of the linked sites. The websites were checked for any legal infringements at the time of creation of the link and no unlawful content was detected at that time. However, constant monitoring of the content of linked sites is not reasonable without any specific indication of a legal infringement. As soon as we become aware of any legal infringement, we will remove such links immediately.

Your rights
You have the right at any time to request information about the personal data concerning you that we have stored, free of charge. Furthermore, you also have the right to obtain the rectification or erasure of your data unless this is prevented by legal regulations or statutory data retention periods. You may also obtain the restriction of processing of your data and object to the processing of your data. Furthermore, you have the right to data portability. You may contact us at any time in relation to this or should you have any other questions with regard to data protection using the address provided in the Legal Notice. In addition, you are entitled to lodge a complaint with the competent data protection supervisory authority with regard to our processing of your personal data.

Should you have any questions concerning the collection, processing or use of your personal data or with regard to rectification, erasure, restriction, objection or withdrawing your consent, you may contact us free of charge (datenschutz@horvath-partners.com).

Controller
Horváth AG
Phoenixbau
Königstraße 5
D-70173 Stuttgart, Germany

Cell phone: +49 711 66919-0
Fax: +49 711 66919-1075
Email: info@horvath-partners.com
Internet: http://www.horvath-partners.com

You can contact our data protection officer at datenschutz@horvath-partners.com or using our postal address, adding “Data Protection Officer”.

Please note that the transmission of data via the internet is subject to security loopholes and that the complete protection of such data against access by third parties is therefore impossible.

Analytical tools and third-party provider tools

Cookies
We use cookies on our website to recognize repeat use of our offerings by the same user. Cookies are small text files placed on your computer by your browser and stored there. We use them to optimize our website and our offerings. Most cookies are “session cookies”, which are deleted when your visit ends.

However, some cookies also provide information that enables us to recognize you automatically when you visit our website again. This recognition is based on the IP address stored in the cookies. We use the information we obtain in this manner to optimize our offerings and allow you to access our website more easily.

You can prevent the installation of cookies by selecting the appropriate settings in your browser; however, please be aware that if you do so, you may not be able to enjoy all of the functions of our website to their full extent.

a) This website uses the following types of cookies, the extent and functioning of which is explained below:
    –     Transient cookies (see b)

b) Transient cookies are automatically deleted when you close your browser window. These include session
    cookies in particular. These store what is known as a session ID, which can be used to associate various
    requests from your browser with the shared session. This means that your computer can be recognized
    when you return to our website. Session cookies are deleted when you log out or close your browser.  

c) You can configure your browser settings as you prefer and, for example, prevent the acceptance of third-
    party cookies or all cookies. Please note that you may not be able to use all functions of this website if
    you do so.

d) The Flash cookies we use are not collected by your browser, but instead by your Flash plugin.
Furthermore, we also use HTML5 storage objects, which are stored on your end device. These objects
    store the necessary data regardless of the browser you use and have no automatic expiry date. If you do
    not wish Flash cookies to be processed, you must install a corresponding add-on, e.g. “Better Privacy”
    for Mozilla Firefox or the Adobe Flash Killer cookie for Google Chrome. You may prevent the use of
    HTML5 storage objects by using private mode in your browser. We also recommend that you delete your
    cookies and clear your browser history on a regular basis.

Use of social media plug-ins
We currently use the following social media plug-ins: Facebook, Twitter, XING, and LinkedIn. With these, we use the “two-click” solution. This means that when you visit our site, no personal data is passed on to the provider of the plug-ins in the first instance. You can identify the plug-in provider by the branding on the box above its initial letters, or the logo. We enable you to use the button to communicate directly with the provider of the plug-in. The plug-in provider only receives the information that you have access the corresponding website within our online offering if you click the marked field and activate it. In addition, the data stated in the next but one paragraph of this statement – “The plug-in provider” – are transferred. With Facebook and XING, the respective providers state that the IP address is immediately anonymized in Germany after it is gathered. By activating the plug-in, personal data concerning you is transferred to the respective plug-in provider and stored there (with US American providers in the USA). As the plug-in provider in particular captures data through the use of cookies, we recommend that you delete all cookies using your browser’s security settings before clicking on the grayed-out box.

We do not have any influence on the captured data or the data processing procedures, and we are not aware of the full scope of data capture, the purposes of processing, and the storage periods. We also do not have any information regarding the erasure of the collected data by the plug-in provider.

The plug-in provider stores the data captured that concerns you in the form of usage profiles, and uses these for the purposes of advertising, market research, and/or needs-appropriate design of its website. An evaluation of this type is performed in particular (including for users who are not logged in) to display needs-appropriate advertising and in order to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles; to do so you must contact the respective plug-in provider. Through plug-ins, we also offer you the opportunity to interact with social networks and other users to enable us to improve our offering and make it more interesting for you as a user. The legal basis for using the plug-ins is point (f) of the first sentence of Article 6(1) GDPR.

The data is transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, the data concerning you that is captured from our website is allocated directly to the account you have with the plug-in provider. If you press the activated button and for example link the page, the plug-in provider also stores this information in your user account and publicly shares it with your contacts. We recommend regularly logging out after using the social network, however in particular before activating this button as this will enable you to avoid an allocation to your profile with the plug-in provider.

Additional information on the purpose and scope of data capture and their processing by the plug-in provider is available in these providers’ data privacy statements as communicated in the following. This also includes additional information on your rights in this respect and settings options for the protection of your privacy.

Addresses for the respective plug-in providers and URL with their data protection information:

Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; additional information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

XING AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.

LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; www.linkedin.com/legal/privacy-policy. LinkedIn has committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Integration of YouTube videos
We have integrated YouTube videos into our online offering, which are stored at http://www.YouTube.com and can be played directly from our website. All of these are integrated in “Expanded data protection mode”, i.e. no data concerning you as a user are transferred to YouTube if you do not play the videos. Only when you play the videos are the data stated in Paragraph 2 transferred.  We do not have any influence on this data transfer.

When you visit the website, YouTube receives the information that you have accessed the corresponding sub-page on our website. In addition, the data stated in the next paragraph of this declaration – “Additional information” – are transferred This occurs regardless of whether YouTube provides a user account through which you are logged in, and regardless of whether a user account exists. If you are logged into Google, your data are allocated directly to your account. If you would not like these data to be allocated to your profile with YouTube, you must log out before activating the button. YouTube stores your data in form of usage profiles and uses these for the purposes of advertising, market research, and/or needs-appropriate design of its website. An evaluation of this type is performed in particular (even for users who are not logged in) to provide needs-appropriate advertising and in order to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles; to do so you must contact YouTube.

Additional information on the purpose and scope of data capture and their processing by YouTube is available in the data privacy statement. This also includes additional information on your rights and settings options for the protection of your privacy: https://policies.google.com/privacy. Google also processes your personal data in the USA, and has committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.

Additional information
Your trust is important to us. For this reason we are available at any time to provide you with information about the processing of your personal data. If you have any questions that this data protection statement does not answer, or if you would like more in-depth information regarding any aspect, please contact us at the following email address at any time: datenschutz@horvath-partners.com.

Security information
We strive to use all technical and organizational measures necessary to store your personal data in such a way that it is not accessible to third parties. However, we cannot fully guarantee complete data security during email communications, and so recommend sending confidential information by post.

Stuttgart, May 2018

Diese Webseite verwendet Cookies. Durch die Nutzung der Webseite stimmen Sie der Verwendung von Cookies zu. Datenschutzinformationen