Plutoneo Consulting GmbH
60325 Frankfurt am Main
External data protection officer:
Rechtsanwalt Tim Steininger
to be reached by mail:
bzw. E-Mail: firstname.lastname@example.org
a. When you visit our websites, we store certain information about the browser and operating system you use, the date and time of your visit, the access status (e.g. whether you were able to access a web page or received an error message), the use of web page functions, the search terms you may have entered, the frequency with which you access individual web pages, the name of accessed files, the amount of data transferred, the web page from which you accessed our web pages, and the web page you visit from our web pages, whether by clicking on links on our web pages or by entering a domain directly in the input field of the same tab (or window) of your browser in which you opened our web pages. In addition, we store your IP address and the name of your Internet service provider for a period of seven days for security reasons, in particular to prevent and detect attacks on our websites or fraud attempts.
b. We only store other personal data if you provide us with this data, e.g. as part of a registration, a contact form, a chat, a survey, a competition or for the performance of a contract, and even in these cases only to the extent that we are permitted to do so on the basis of consent given by you or in accordance with the applicable legal provisions (for more information, see the section "Legal basis for processing" below).
c. You are under no legal or contractual obligation to provide us with your personal data. However, it is possible that certain functions of our websites depend on the provision of personal data. If you do not provide personal data in these cases, this may result in functions not being available or only being available to a limited extent.
a. We use the personal data collected during a visit to our websites in order to operate them as conveniently as possible for you and to protect our IT systems from attacks and other illegal activities.
b. If you provide us with further personal data, e.g. in the context of a registration, a chat, a contact form, a survey, a competition or for the execution of a contract, we will use this data for the aforementioned purposes, for customer administration purposes and - if necessary - for the purposes of processing and billing any business transactions, in each case to the extent required for this purpose.
c. For further purposes (e.g. display of personalized content or advertising based on your usage behavior), we and, if necessary, selected third parties will use your data, provided that you give your consent (= approval) to this within the framework of our Consent Management System.
d. In addition, we use personal data insofar as we are legally obligated to do so (e.g. storage for the fulfillment of commercial or tax law retention obligations, release according to official or court order, e.g. to a law enforcement agency).
a. Our websites may also contain offers from third parties. If you click on such an offer, we will transfer data to the respective provider to the extent necessary (e.g. the information that you found this offer on our website and, if applicable, further information that you have already provided for this purpose on our websites).
b. If we use so-called "social plug-ins" of social networks such as Facebook and Twitter on our websites, we integrate them as follows:
When you visit our websites, the social plug-ins are deactivated, i.e. no transmission of any data to the operators of these networks takes place. If you wish to use one of the networks, click on the respective social plug-in to establish a direct connection with the server of the respective network.
If you have a user account with the network and are logged in there at the moment of activating the social plug-in, the network can assign your visit to our websites to your user account. If you wish to avoid this, please log out of the network before activating the social plug-in. A social network cannot assign a visit to other Plutoneo Consulting GmbH websites until you have also activated a social plug-in available there.
The social plug-in remains active until you deactivate it or delete your cookies (see section 5.d).
c. When you click on the link to an offer or activate a social plug-in, personal data may be transferred to providers in countries outside the European Economic Area that, from the perspective of the European Union ("EU"), do not ensure an "adequate level of protection" for the processing of personal data in line with EU standards. Please consider this circumstance before clicking on a link or activating a social plug-in and thereby triggering a transfer of your data.
d. We also use qualified service providers (e.g. IT service providers, marketing agencies) to operate, optimize and secure our websites. We only pass on personal data to them insofar as this is necessary for the provision and use of the websites and their functionalities, for the pursuit of legitimate interests, for the fulfillment of legal obligations or insofar as you have consented to this (see section 7).
a. Cookies may be used when visiting our websites. Technically, these are so-called HTML cookies and similar software tools such as Web/DOM storage or local shared objects (so-called "flash cookies"), which we refer to collectively as cookies.
b. Cookies are small files that are stored on your desktop, notebook or mobile device while you are visiting a website. From these, we can recognize, for example, whether there has already been a connection between the device and the websites, take into account your preferred language or other settings, offer you certain functionalities (e.g. online store) or recognize your interests on a usage basis. Cookies may also contain personal data.
e. The consent (= approval) to as well as rejection or deletion of cookies are bound to the device used and furthermore to the web browser used in each case. If you use several devices or web browsers, you can make the decisions or settings differently in each case.
Wir setzen technische und organisatorische Sicherheitsmaßnahmen ein, um Ihre durch uns verwalteten Daten gegen Manipulationen, Verlust, Zerstörung und gegen den Zugriff unberechtigter Personen zu schützen. Wir verbessern unsere Sicherheitsmaßnahmen fortlaufend entsprechend der technologischen Entwicklung.
a. Insofar as you have given us consent for the processing of your personal data, this constituted the legal basis for the processing (Art. 6 para. 1 letter a DSGVO).
b. For a processing of personal data for the purpose of initiating or fulfilling a contract with you, Art. 6 (1) letter b DSGVO is the legal basis.
c. Insofar as the processing of your personal data is necessary for the fulfillment of our legal obligations (e.g. for data retention), we are authorized to do so pursuant to Art. 6 para. 1 lit. c DSGVO.
d. We also process personal data for the purposes of safeguarding our legitimate interests as well as the legitimate interests of third parties pursuant to Art. 6 (1) (f) DSGVO. Maintaining the functionality of our IT systems, the (direct) marketing of our own and third-party products and services (unless this is done with your consent) and the legally required documentation of business contacts are such legitimate interests. Within the framework of the respective necessary balancing of interests, we take into account in particular the type of personal data, the purpose of processing, the circumstances of processing and your interest in the confidentiality of your personal data.
We delete your IP address and the name of your Internet service provider, which we only store for security reasons, after seven days. Otherwise, we delete your personal data as soon as the purpose for which we collected and processed the data no longer applies. Beyond this point in time, storage only takes place insofar as this is required in accordance with the laws, regulations or other legal provisions to which we are subject, in the EU or in accordance with legal provisions in third countries, if an appropriate level of data protection is provided there in each case. Insofar as deletion is not possible in individual cases, the relevant personal data will be marked with the aim of restricting its future processing.
a. As a data subject, you have the right of access (Art. 15 GDPR), rectification (Art. 16 GDPR), data erasure (Art. 17 GDPR), restriction of processing (Art. 18 GDPR) and data portability (Art. 20 GDPR).
b. If you have consented to the processing of your personal data by us, you have the right to revoke your consent at any time. The lawfulness of the processing of your personal data until a revocation is not affected by the revocation. Likewise, further processing of this data on the basis of another legal basis, such as for the fulfillment of legal obligations (see section "Legal bases of processing"), remains unaffected.
c. Right of objection
You have the right to object at any time, on grounds relating to your particular situation, to the processing of personal data concerning you which is carried out on the basis of Article 6(1)(e) DSGVO (data processing in the public interest) or Article 6(1)(f) DSGVO (data processing on the basis of a balance of interests). If you object, we will only continue to process your personal data insofar as we can demonstrate compelling legitimate grounds for doing so that override your interests, rights and freedoms, or insofar as the processing serves to assert, exercise or defend legal claims. If we process your personal data for the purpose of direct marketing to protect legitimate interests on the basis of a balance of interests, you also have the right to object to this at any time without stating reasons.
d. We ask you to send your claims or declarations to the following contact address if possible: email@example.com firstname.lastname@example.org
e. If you believe that the processing of your personal data violates legal requirements, you have the right to lodge a complaint with a competent data protection supervisory authority (Art. 77 DSGVO).
If you subscribe to a newsletter offered on our website, the data provided during the newsletter registration will only be used for sending the newsletter, unless you agree to further use. You can unsubscribe at any time using the unsubscribe option provided in the newsletter.
a. When using service providers (see section 4. d.) and transferring data with your consent (= approval) to third parties (see section 3.c), personal data may be transferred to recipients in countries outside the European Union ("EU"), Iceland, Liechtenstein and Norway (= European Economic Area) and processed there, in particular USA, India.
b. The following countries are considered by the EU to have an adequate level of protection for the processing of personal data in line with EU standards (so-called adequacy decision): Andorra, Argentina, Canada (limited), Faroe Islands, Guernsey, Israel, Isle of Man, Japan, Jersey, New Zealand, Switzerland, Uruguay. With recipients in other countries, we agree to use EU standard contractual clauses, binding corporate rules, or other permissible mechanisms to provide an "adequate level of protection" in accordance with legal requirements. We will be happy to provide you with information on this via the contact details provided in Section 9.d. above.