Introduction
We
take the protection of your personal data very seriously during its collection,
processing and use in line with legal provisions. Personal data is only
collected on this website to the extent that is technically necessary.
This
policy provides an overview of how we ensure this protection and what type of
data is used for what purpose.
Personal
data
Personal
data is all data that can be associated with an individual or could be used to
identify that individual, e.g. name, address, email address, user behavior.
Horváth & Partners places great importance on lawful processing of your
data that will protect it in accordance with the provisions set forth in the
legal regulations.
Collection
of personal data
Our
website may be used for informational reasons only, i.e. if you do not register
or transmit information to us otherwise, without entering personal data. We
will only collect the personal data that your browser transmits to our server
and that we require from a technical perspective to display our website and
ensure its stability and security (the legal basis for this is point (f) first
sentence of Article 6(1) EU General Data Protection Regulation (GDPR)).
This anonymous data is stored separately from any personal data you may provide and can therefore not be used to draw conclusions about any specific person. It is evaluated for statistical purposes and to enable us to optimize our website and our offerings. We collect your IP address, the data and time of the query, the website requested, the browser type, access status/HTTP status code, the website from which you visit our website (referrer URL) and your operating system.
In
addition to the aforementioned data, cookies are also stored on your computer
when you use our website. Cookies are small text files that are stored on your
hard disk by the browser you use, and they transmit specific information to the
site that has placed the cookie on your computer (in this case us). Cookies
cannot execute programs or transmit viruses to your computer. Their purpose is
to enable us to make our internet offerings more user-friendly and effective.
You can read more about cookies later in this Privacy Policy.
Purpose
of processing and legal basis
We
process personal data in accordance with the provisions set forth in the EU
General Data Protection Regulation (GDPR) and the German Federal Data
Protection Act (Bundesdatenschutzgesetz, “BDSG”) in order to fulfill
contractual obligations, based on your consent, within the scope of the
balancing of interests and on the basis of legal provisions or in the public
interest.
When
you contact us by email or using a contact form, we store the data you provide
(your email address, possibly your name and your telephone number) in order to
respond to your queries. We delete any data provided in this context as soon as
its storage is no longer necessary, or limit its processing if there is a
statutory obligation to retain it.
It
may be necessary to register in order to avail of specific services provided
via our website. This also applies if you would like to receive up-to-date
information from us in the future, e.g. about events, current studies,
services, etc. The provision of this information is also subject to your
consent. After you have given your consent, your personal data will be
processed in accordance with point (a) Article 6(1) GDPR. You may withdraw your
consent at any time by email to addressmanagement@horvath-partners.com.
If you register on our website for a service that requires registration, or to receive information in the future, we will store personal data in our Customer Relationship Management (CRM) system once the consent process is complete. Applicant details will be stored in our HR system. You may withdraw your consent at any time, whereupon the data will be deleted for all purposes or for specific purposes depending on the content of your withdrawal of consent.
Your data will not be used for automated decision-making processes including profiling (Article 22 GDPR).
You can access the option to register in order to receive information and the option to withdraw your consent by email to addressmanagement@horvath-partners.com.
Recipient
categories
Data
recipients include
a)
Horváth & Partners internal sites concerned in the execution of the respective
business processes, e.g.
accounting, human resources, marketing.
b) Public bodies that receive data on the basis of legal provisions (in the
case of overriding legal
provisions), e.g. social insurance agencies, financial
authorities.
c) External contractors in accordance with Section 11 BDSG and Section 28 GDPR,
e.g. payment service
providers, shipping service providers.
d) External bodies for the fulfillment of the aforementioned purposes.
Email
newsletter
By
giving your consent, you can subscribe to our newsletter, through which we will
keep you informed about the latest topics, studies, training opportunities,
etc. (www.horvath-partners.com/e-news).
We use the double opt-in process when you register for our newsletter. This means that after you have registered, we send an email to the email address you provide, in which we ask you to confirm that you would like to receive our newsletter. If you do not confirm your registration within 48 hours, your information will be blocked and deleted automatically after one week. We also store your IP address and the time of registration and confirmation. The purpose of this process is to verify your registration and clarify any possible misuse of your personal data where applicable. The legal basis for this process is point (a) first sentence of Article 6(1) GDPR.
You may withdraw your consent to receive our newsletter at any time and unsubscribe from the newsletter. You can withdraw your consent by clicking the link provided in each newsletter email, on the website www.horvath-partners.com/abbestellen, by sending an email to addressmanagement@horvath-partners.com or by sending a message using the contact details specified in the Legal Notice.
Storage
duration and deletion of data
We
will process and store your personal data for as long as required for the
fulfillment of our contractual and legal obligations and for as long as the
purpose of the processing exists. If the data is no longer required for the fulfillment
of contractual or legal obligations or if the purpose of the data storage
ceases to exist, the data will be deleted on a regular basis unless its –
limited – further processing is necessary for the following purposes:
a)
fulfillment of data retention obligations under commercial or tax law which may
arise from the
German Commercial Code and the German Fiscal Code, for example.
The periods for data storage or the
keeping of documentation specified therein are generally between
2 and 10 years.
b) Preservation of evidence within the scope of the statutory limitation
periods. Pursuant to Sections 195ff.
of the German Civil Code, these limitation periods may be up to
30 years, where the usual limitation
period is 3 years.
External
links
Our
website contains links to external third-party websites, the content of which
we have no control over. We can therefore assume no liability for these
websites. The respective provider or operator of the website is always
responsible for the content of the linked sites. The websites were checked for
any legal infringements at the time of creation of the link and no unlawful
content was detected at that time. However, constant monitoring of the content
of linked sites is not reasonable without any specific indication of a legal
infringement. As soon as we become aware of any legal infringement, we will
remove such links immediately.
Your
rights
You
have the right at any time to request information about the personal data
concerning you that we have stored, free of charge. Furthermore, you also have
the right to obtain the rectification or erasure of your data unless this is
prevented by legal regulations or statutory data retention periods. You may
also obtain the restriction of processing of your data and object to the
processing of your data. Furthermore, you have the right to data portability.
You may contact us at any time in relation to this or should you have any other
questions with regard to data protection using the address provided in the Legal
Notice. In addition, you are entitled to lodge a complaint with the competent
data protection supervisory authority with regard to our processing of your
personal data.
Should you have any questions concerning the collection, processing or use of your personal data or with regard to rectification, erasure, restriction, objection or withdrawing your consent, you may contact us free of charge (datenschutz@horvath-partners.com).
Controller
Horváth
AG
Phoenixbau
Königstraße 5
D-70173 Stuttgart, Germany
Cell phone: +49 711 66919-0
Fax: +49 711 66919-1075
Email: info@horvath-partners.com
Internet: http://www.horvath-partners.com
You can contact our data protection officer at datenschutz@horvath-partners.com or using our postal address, adding “Data Protection Officer”.
Please note that the transmission of data via the internet is subject to security loopholes and that the complete protection of such data against access by third parties is therefore impossible.
Analytical tools and third-party provider tools
Cookies
We
use cookies on our website to recognize repeat use of our offerings by the same
user. Cookies are small text files placed on your computer by your browser and
stored there. We use them to optimize our website and our offerings. Most
cookies are “session cookies”, which are deleted when your visit ends.
However, some cookies also provide information that enables us to recognize you automatically when you visit our website again. This recognition is based on the IP address stored in the cookies. We use the information we obtain in this manner to optimize our offerings and allow you to access our website more easily.
You can prevent the installation of cookies by selecting the appropriate settings in your browser; however, please be aware that if you do so, you may not be able to enjoy all of the functions of our website to their full extent.
a)
This website uses the following types of cookies, the extent and functioning of
which is explained below:
– Transient cookies (see b)
b)
Transient cookies are automatically deleted when you close your browser window.
These include session
cookies in particular. These store what is known as a session ID,
which can be used to associate various
requests from your browser with the shared session. This means
that your computer can be recognized
when you return to our website. Session cookies are deleted when
you log out or close your browser.
c)
You can configure your browser settings as you prefer and, for example, prevent
the acceptance of third-
party cookies or all cookies. Please note that you may not be
able to use all functions of this website if
you do so.
d)
The Flash cookies we use are not collected by your browser, but instead by your
Flash plugin.
Furthermore, we also use HTML5 storage objects, which are stored on your end
device. These objects
store the necessary data regardless of the browser you use and
have no automatic expiry date. If you do
not wish Flash cookies to be processed, you must install a
corresponding add-on, e.g. “Better Privacy”
for Mozilla Firefox or the Adobe Flash Killer cookie for Google
Chrome. You may prevent the use of
HTML5 storage objects by using private mode in your browser. We
also recommend that you delete your
cookies and clear your browser history on a regular basis.
Use
of social media plug-ins
We
currently use the following social media plug-ins: Facebook, Twitter, XING, and
LinkedIn. With these, we use the “two-click” solution. This means that when you
visit our site, no personal data is passed on to the provider of the plug-ins
in the first instance. You can identify the plug-in provider by the branding on
the box above its initial letters, or the logo. We enable you to use the button
to communicate directly with the provider of the plug-in. The plug-in provider
only receives the information that you have access the corresponding website
within our online offering if you click the marked field and activate it. In
addition, the data stated in the next but one paragraph of this statement –
“The plug-in provider” – are transferred. With Facebook and XING, the
respective providers state that the IP address is immediately anonymized in
Germany after it is gathered. By activating the plug-in, personal data
concerning you is transferred to the respective plug-in provider and stored
there (with US American providers in the USA). As the plug-in provider in
particular captures data through the use of cookies, we recommend that you
delete all cookies using your browser’s security settings before clicking on
the grayed-out box.
We do not have any influence on the captured data or the data processing procedures, and we are not aware of the full scope of data capture, the purposes of processing, and the storage periods. We also do not have any information regarding the erasure of the collected data by the plug-in provider.
The plug-in provider stores the data captured that concerns you in the form of usage profiles, and uses these for the purposes of advertising, market research, and/or needs-appropriate design of its website. An evaluation of this type is performed in particular (including for users who are not logged in) to display needs-appropriate advertising and in order to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles; to do so you must contact the respective plug-in provider. Through plug-ins, we also offer you the opportunity to interact with social networks and other users to enable us to improve our offering and make it more interesting for you as a user. The legal basis for using the plug-ins is point (f) of the first sentence of Article 6(1) GDPR.
The data is transferred regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, the data concerning you that is captured from our website is allocated directly to the account you have with the plug-in provider. If you press the activated button and for example link the page, the plug-in provider also stores this information in your user account and publicly shares it with your contacts. We recommend regularly logging out after using the social network, however in particular before activating this button as this will enable you to avoid an allocation to your profile with the plug-in provider.
Additional information on the purpose and scope of data capture and their processing by the plug-in provider is available in these providers’ data privacy statements as communicated in the following. This also includes additional information on your rights in this respect and settings options for the protection of your privacy.
Addresses for the respective plug-in providers and URL with their data protection information:
Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; additional information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http://www.facebook.com/about/privacy/your-info#everyoneinfo. Facebook has committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
XING AG, Gänsemarkt 43, 20354 Hamburg, DE; http://www.xing.com/privacy.
LinkedIn Corporation, 2029 Stierlin Court, Mountain View, California 94043, USA; www.linkedin.com/legal/privacy-policy. LinkedIn has committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Integration
of YouTube videos
We
have integrated YouTube videos into our online offering, which are stored at http://www.YouTube.com and
can be played directly from our website. All of these are integrated in
“Expanded data protection mode”, i.e. no data concerning you as a user are
transferred to YouTube if you do not play the videos. Only when you play the
videos are the data stated in Paragraph 2 transferred. We do not have any
influence on this data transfer.
When you visit the website, YouTube receives the information that you have accessed the corresponding sub-page on our website. In addition, the data stated in the next paragraph of this declaration – “Additional information” – are transferred This occurs regardless of whether YouTube provides a user account through which you are logged in, and regardless of whether a user account exists. If you are logged into Google, your data are allocated directly to your account. If you would not like these data to be allocated to your profile with YouTube, you must log out before activating the button. YouTube stores your data in form of usage profiles and uses these for the purposes of advertising, market research, and/or needs-appropriate design of its website. An evaluation of this type is performed in particular (even for users who are not logged in) to provide needs-appropriate advertising and in order to inform other users of the social network about your activities on our website. You have a right to object to the creation of these user profiles; to do so you must contact YouTube.
Additional information on the purpose and scope of data capture and their processing by YouTube is available in the data privacy statement. This also includes additional information on your rights and settings options for the protection of your privacy: https://policies.google.com/privacy. Google also processes your personal data in the USA, and has committed to the EU-U.S. Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
Additional
information
Your
trust is important to us. For this reason we are available at any time to
provide you with information about the processing of your personal data. If you
have any questions that this data protection statement does not answer, or if
you would like more in-depth information regarding any aspect, please contact us
at the following email address at any time: datenschutz@horvath-partners.com.
Security
information
We
strive to use all technical and organizational measures necessary to store your
personal data in such a way that it is not accessible to third parties.
However, we cannot fully guarantee complete data security during email
communications, and so recommend sending confidential information by post.
Stuttgart, May 2018