Privacy policy - Batten & Company – die führende strategische Unternehmensberatung

Below we would like to inform you about the handling of your data according to Art. 13 General Data Protection Ordinance (GDPR).

1. Privacy Policy

Accountability

Responsible for the following data collection and processing is the place named in the imprint.

Storage of the IP address

We store the IP address provided by your web browser strictly earmarked for a period of seven days, in the interest of detecting, limiting and eliminating attacks on our websites. After this period of time, we delete the IP address. The legal basis is Art. 6 para. 1 lit. f) GDPR.

Usage data

When you visit our web pages, so-called usage data for statistical purposes are temporarily stored on our web server as a protocol in order to improve the quality of our web pages. This record consists of

•   the page from which the file was requested,
•   the name of the file,
•   the date and time of the query,
•   the amount of data transferred,
•   the access status (file transfer, file not found),
•   the description of the type of web browser used, the IP address of the requesting computer, which is deleted after seven days so that a personal reference is no longer producible.

The mentioned log data are only saved anonymously.

2. Data transmission to third parties

Data transmission to third parties

We transfer your data within the scope of an order processing, as per Art. 28 GDPR, to service providers who support us in the operation of our websites and related processes. Our service providers are strictly bound to our instructions and contractually obliged. We use the following service providers: Website service provider.

Data transmission to third countries

We sometimes transfer personal information to a third country outside the EU. In each case, we have taken care for an appropriate level of data protection.

3. Adobe Typekit

This website uses Adobe Typekit Webfonts. Typekit is a service, offered by the company Adobe.
This Service provides fonts, which are shown in the user’s web browser after a server call at Adobe (in the USA). In this process, at least the IP address of the browser of the user’s terminal is stored by Adobe. For further information, please refer to the privacy policy of Typekit which could be accessed here: https://www.adobe.com/de/privacy/policies/typekit.htmlv

4. Social Media Plugins

For data protection reasons, no social plugins are integrated directly into our website. Therefore, when going to our page no data is transferred so social-media services, e.g. Facebook, Twitter, XING or Google+. Hence, the creation of profiles by third parties is impossible.

Nevertheless, users have the possibility to share selected sites and articles by clicking on the Facebook, Twitter, XING or Google+ button. In addition, when going to such a site they are able to see how often the content already has been shared in the past. For that process we use the so called “Shariff” solution, developed by the c’t magazine, to offer a privacy compliant alternative to the regular social plugins.

What’s behind it ? In a first step, all data and functions which are necessary to display the Facebook, Twitter, Xing or Google+ buttons, are provided by our Webserver. Only if you are clicking on the particular button with the intent to share the site or the article, data is transferred to the operator of the respective social media service.

5. Explanations of security measures

Data security

In order to protect your data against unwanted access as comprehensively as possible, we take technical and organizational measures. We use an encryption method on our website. Your information will be transferred from your computer to our server and vice versa via the Internet by means of TLS encryption. You will recognize this by the fact that the lock symbol is closed in the status bar of your browser and the address bar starts with https: //.

6. Rights of the user

Your rights as a user

When processing your personal data, the GDPR grants you certain rights as a website user

1. Right to information (Article 15 GDPR):
You have the right to ask for confirmation of the processing of your personal data; If this is the case, you have a right to be informed about this personal data and to the information listed in detail in Art. 15 GDPR.

2. Right to rectification and cancellation (Articles 16 and 17 GDPR):
You have the right to immediately request the correction of incorrect personal data concerning you and, if necessary, the completion of incomplete personal data.

You also have the right to demand that personal data relating to you be deleted without delay, provided that one of the reasons listed in detail in Art. 17 GDPR applies, e.g. For example, when the data is no longer needed for the purposes pursued.

3. Right to restriction of processing (Art. 18 GDPR):
You have the right to demand the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, e.g., if you objected to processing for the duration of any examination.

4. Right to data portability (Article 20 GDPR):
In certain cases, which are listed in detail in Art. 20 GDPR, you have the right to receive the personal data concerning you in a structured, common and machine-readable format or to request the transmission of this data to a third party.

5. Right of objection (Article 21 GDPR):
Are data based on Art. 6 para. 1 lit. f) (data processing for the protection of legitimate interests), you have the right to object to the processing at any time for reasons that arise from your particular situation. We will then no longer process the personal data unless there are evidently compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the data subject, or the processing is for the purpose of enforcing, pursuing or defending legal claims.

6. Right of appeal to a supervisory authority
You have acc. to Art. 77 GDPR the right to complain to a supervisory authority if you believe that the processing of your data violates data protection regulations. In particular, the right of appeal may be invoked by a supervisory authority in the Member State of your place of residence, your place of work or the place of the alleged infringement.

7. Contact details Data protection officer

Contact details of the data protection officer

Our company data protection officer is at your disposal for information or suggestions concerning data protection:

Dr. Uwe Schläger
dataschutz nord GmbH
Web: www.datenschutz-nord-guppe.de
E-Mail: office(at)datenschutz-nord.de
Telephone: 0421 – 69 66 32 0

8. Contact

You have the opportunity to contact us via a web form. To use our contact form we need your name and your e-mail address. You may or may not provide further information. By submitting your message to us, you agree that we may process your personal data to process your request. Your request will be sent encrypted via https to our server.

The legal basis of the processing is Art. 6 para. 1 lit. b) GDPR. Your data will only be processed to answer your request and then deleted. A passing on to third does not take place.

9. Online applications

We process your personal data in accordance with the applicable data protection regulations on the basis of § 26 Federal Data Protection Act (BDSG). We process the data you provide to us as part of your online application for the sole purpose of selecting applicants. Data processing for other purposes does not take place.

You yourself determine the scope of the data that you would like to submit to us as part of your online application. Online applications are electronically transferred to our personnel department and processed there as quickly as possible. The transmission is encrypted. As a rule, applications are forwarded to the heads of the responsible specialist departments in our company. In addition, there is no disclosure of your data. Your information will be treated confidentially in our house. In case of an unsuccessful application, your documents will be deleted after expiration of 6 months.

In the event that we may also consider your application in other or future job advertisements, we ask for a note on the application. We then process your data on the basis of Art. 6 para. 1 lit. a GDPR.

Information according to Art. 13 General Data Protection Ordinance for Applicants

The compliance with data protection regulations has a high priority for our company. We would like to inform you about the collection of your personal data with us below:

Responsible body:
Data collection and processing is the responsibility of the company you applied to.

Data we need:
When applying, we process data from you that we need in the context of the application. This can be contact details, all data related to the application (CV, certificates, qualifications, answers to questions, etc.) as well as bank account details (to reimburse travel costs). The legal basis for this arises from § 26 Federal Data Protection Act (BDGS).

Data transfers to third countries:
Our company is part of an international agency network that has personnel responsibilities across departmental, corporate and national boundaries. That’s why competent supervisors in the UK and US can access your applicant data. This data processing is required by § 26 BDSG to decide on the creation of an employment relationship. The data transfers to the USA are secured by a so-called EU standard contract.

Data deletion:
If no statutory retention period exists, the data will be deleted as soon as storage is no longer required or the legitimate interest in storage has expired. If not hired, this will be the case at least six months after completing the application process.

In individual cases, it may lead to a longer storage of individual data (e.g. travel expenses). The duration of storage then depends on the statutory storage obligations, for example, from the Tax Code (6 years) or the Commercial Code (10 years).
If there has not been a recruitment, but your application continues to be interesting for us, we ask you, if we may keep your application for future appointments.

Confidential treatment of your data:
Of course, we treat your data confidentially and do not transmit it to third parties.

If necessary, we use strictly instruction-bound service providers, who provide us with e.g., in the areas of IT or the archiving and destruction of documents and with which separate contracts for order processing have been concluded.

Your privacy rights:
As the data subject, you have the right to obtain information about personal data concerning you, as well as the correction of incorrect data or cancellation, provided that one of the reasons stated in Art. 17 GDPR exists, e.g. if the data is no longer needed for the purposes pursued. There is also the right to restrict processing if one of the conditions set out in Art. 18 GDPR exists and, in the case of Art. 20 GDPR, the right to data portability.

Each data subject has the right to complain to a supervisory authority if it considers that the processing of the data concerning them is contrary to data protection provisions. In particular, the right of appeal may be invoked by a supervisory authority in the Member State of the residence or the workplace of the person concerned or the place of the alleged infringement.

Our data protection officer:
You also have the right to contact our data protection officer at any time, who is obliged to maintain secrecy regarding your request. You will find the contact details of our data protection officer in section 5 above.

10. Google Maps

This page uses the Google Maps map service via an API. Provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. To use the features of Google Maps, it is necessary to store your IP address. This information is usually transferred to a Google server in the USA and stored there as well. The provider of this site has no influence on this data transfer. The use of Google Maps is in the interest of an appealing presentation of our online offers and an easy retrievability of the places indicated by us on the website. This constitutes a legitimate interest within the meaning of Art. 6 para. 1 lit. f DSGVO. You can find more information on the handling of user data in Google’s data protection declaration.

11. Facebook company page

We operate under the URL https://de-de.facebook.com/batten.company an official Facebook page on the basis of Article 6 (1) lit. f GDPR. Facebook provides us with statistical data via so-called “Insights”, which enable us to recognize user interactions on or with the page. We use this data in aggregated form to make our contributions and activities on our Facebook page more attractive to users. Facebook also uses so-called web tracking methods on this page. Please be aware that: It cannot be ruled out that Facebook may use your profile data to analyze your habits, personal relationships, preferences, etc. We have no influence whatsoever on the processing of your data by Facebook. We will not conduct or initiate any other data processing. The data you enter on our Facebook page, such as comments, videos or images, will not be used or processed by us for any other purpose at any time.

User’s rights:

According to the decision of the European Court of Justice, the operator of a Facebook page is jointly responsible with Facebook for the processing of personal data. With regard to the provisions of the GDPR on joint responsibility, we have reached an agreement with Facebook under which Facebook assumes responsibility for the processing of “Insights” data and will fulfill all resulting obligations towards users under the GDPR. You can find out more about Facebook’s privacy statement here https://www.facebook.com/privacy/explanation

Requests for information about “Insights” that are addressed to us will be forwarded directly to Facebook.

[Translate to English:] 10. Online-Bewerbungen

[Translate to English:]

Wir verarbeiten Ihre personenbezogenen Daten gemäß den geltenden datenschutzrechtlichen Bestimmungen auf Grundlage von § 26 BDSG. Wir verarbeiten die Daten, die Sie uns im Rahmen Ihrer Online-Bewerbung preisgeben ausschließlich für den Zweck der Bewerberauswahl. Eine Datenverarbeitung zu anderen Zwecken erfolgt nicht.

Sie selbst legen den Umfang der Daten fest, die Sie im Rahmen Ihrer Online-Bewerbung an uns übermitteln möchten. Online-Bewerbungen werden elektronisch an unsere Personalableitung übertragen und dort schnellstmöglich bearbeitet. Die Übertragung erfolgt verschlüsselt. Im Regelfall werden Bewerbungen an die Leiter der zuständigen Fachabteilungen in unserem Haus weitergeleitet. Darüber hinaus findet eine Weitergabe Ihrer Daten nicht statt. Ihre Angaben werden in unserem Haus vertraulich behandelt. Bei erfolgloser Bewerbung werden Ihre Unterlagen nach Ablauf von 6 Monaten gelöscht.

Für den Fall, dass wir Ihre Bewerbung auch bei anderen oder zukünftigen Stellenausschreibungen berücksichtigen dürfen, bitten wir um einen entsprechenden Vermerk auf der Bewerbung. Wir verarbeiten Ihre Daten dann auf Grundlage von Art. 6 Abs. 1 lit. a DSGVO.

Information nach Art. 13 Datenschutzgrundverordnung für Bewerber

Die Einhaltung datenschutzrechtlicher Vorgaben hat einen hohen Stellenwert für unser Unternehmen. Wir möchten Sie nachfolgend über die Erhebung Ihrer personenbezogenen Daten bei uns aufklären:

Verantwortliche Stelle:
Für die Datenerhebung und -verarbeitung ist das Unternehmen verantwortlich, bei dem Sie sich beworben haben.

Daten, die wir benötigen:
Bei der Bewerbung verarbeiten wir Daten von Ihnen, die wir im Rahmen der Bewerbung benötigen. Dies können Kontaktdaten, alle mit der Bewerbung in Verbindung stehenden Daten (Lebenslauf, Zeugnisse, Qualifikationen, Antworten auf Fragen etc.) sowie ggf. Daten zur Bankverbindung (um Reisekosten zu erstatten) sein. Die Rechtsgrundlage hierfür ergibt sich aus § 26 Bundesdatenschutzgesetz.

Datentransfers in Drittländer:
Unser Unternehmen ist Teil eines internationalen Agenturnetzwerks, bei dem Personalzuständigkeiten über die Abteilungs-, Unternehmens- und Landesgrenzen hinweg bestehen. Aus diesem Grund haben können auch zuständige Vorgesetzte in UK und den USA auf Ihrer Bewerberdaten zugreifen. Diese Datenverarbeitungen sind nach § 26 BDSG zur Entscheidung über die Begründung eines Beschäftigungs¬verhältnisses erforderlich. Die Datentransfers in die USA sind über einen sog. EU-Standardvertrag abgesichert.

Datenlöschung:
Soweit keine gesetzliche Aufbewahrungsfrist existiert, werden die Daten gelöscht, sobald eine Speicherung nicht mehr erforderlich, bzw. das berechtigte Interesse an der Speicherung erloschen ist. Sofern keine Einstellung erfolgt, ist dies regelmäßig spätestens sechs Monate nach Abschluss des Bewerbungsverfahrens der Fall.

In Einzelfällen kann es zu einer längeren Speicherung von einzelnen Daten kommen (z. B. Reisekostenabrechnung). Die Dauer der Speicherung richtet sich dann nach den gesetzlichen Aufbewahrungspflichten bspw. aus der Abgabenordnung (6 Jahre) oder dem Handelsgesetzbuch (10 Jahre).
Sofern es nicht zu einer Einstellung gekommen ist, Ihre Bewerbung aber weiterhin für uns interessant ist, fragen wir Sie, ob wir Ihre Bewerbung für künftige Stellenbesetzungen weiter vorhalten dürfen.

Vertrauliche Behandlung Ihrer Daten:
Ihre Daten behandeln wir selbstverständlich vertraulich und übermitteln diese nicht an Dritte.
Ggf. setzen wir streng weisungsgebundene Dienstleister ein, die uns z. B. in den Bereichen EDV oder der Archivierung und Vernichtung von Dokumenten unterstützen und mit denen gesonderte Verträge zur Auftragsverarbeitung geschlossen wurden.

Ihre Datenschutzrechte:
Als betroffene Person haben Sie das Recht auf Auskunft über die Sie betreffenden personenbezogenen Daten sowie auf Berichtigung unrichtiger Daten oder auf Löschung, sofern einer der in Art. 17 DSGVO genannten Gründe vorliegt, z.B. wenn die Daten für die verfolgten Zwecke nicht mehr benötigt werden. Es besteht zudem das Recht auf Einschränkung der Verarbeitung, wenn eine der in Art. 18 DSGVO genannten Voraussetzungen vorliegt und in den Fällen des Art. 20 DSGVO das Recht auf Datenübertragbarkeit.

Jede betroffene Person hat das Recht auf Beschwerde bei einer Aufsichtsbehörde, wenn sie der Ansicht ist, dass die Verarbeitung der sie betreffenden Daten gegen datenschutzrechtliche Bestimmungen verstößt. Das Beschwerderecht kann insbesondere bei einer Aufsichtsbehörde in dem Mitgliedstaat des Aufenthaltsorts oder des Arbeitsplatzes der betroffenen Person oder des Orts des mutmaßlichen Verstoßes geltend gemacht werden.

Unser Datenschutzbeauftragter:
Sie haben zudem das Recht, sich jederzeit an unseren Datenschutzbeauftragten zu wenden, der bezüglich Ihrer Anfrage zur Verschwiegenheit verpflichtet ist. Die Kontaktdaten unseres Datenschutzbeauftragten finden sie oben unter Ziffer 10.

Google Analytics Datenschutzhinweis

This website uses Google ™ Analytics, a web analytics service provided by Google Inc. ( “Google”). Google Analytics uses. “Cookies”, text files that are stored on your computer and enable analysis of your use of the website. The information generated by the cookie about your use of this website (including your IP address) is transmitted to a Google server in the USA and stored there. Google will use this information to evaluate your use of the website, compiling reports on website activity for website operators and providing other with website and internet related services. Google may also transfer this information to third parties, unless required by law or where such third parties process the information on behalf of Google. Google will not associate your IP address with other data held by Google. You can refuse the use of cookies by changing the settings on your browser; however, we point out that you may not be able to use all features of this website in this case. By using this site you consent to the processing of data about you by Google in the manner described above and for the aforementioned purpose. The deactivation add-on for browsers from Google Analytics gives website visitors more control over what information is collected about sites visited by Google Analytics. If you do not want to store your data, please install the provided by Google De-activation tool.

We are also using Google Analytics to evaluate data from AdWords and the Double-cookie for statistical purposes. If you do not want this, you can disable it via the Ads Preferences Manager. For more information, see tools.google.com/dlpage/gaoptout or under www.google.de/intl/de/policies/ (general information about Google Analytics and data protection ). We point out that on this website Google Analytics code “gat._anonymizeIp ();” has been extended to an anonymous collection of IP addresses to ensure (so-called IP masking.). As an alternative to browser add-on or within browsers on mobile devices, please click this link to Google Analytics to disable and to the acquisition by Google Analytics on this website to prevent future (the opt-out only works in that browser and only for this domain). Here an opt-out cookie is stored on your device. Clear your cookies in this browser, you need to click on this <a href=”javascript:gaOptout()” onclick=”alert(‘Google Analytics deactivated’);” rte-keep=”1″>link</a>.