Privacy Policy
1. Data Protection at a glance
GENERAL INFORMATION
The following information provides a simple overview of what happens to your personal data when you visit this website. Personal data are all data with which you can be personally identified. You can find detailed information about the topic of data protection in our data protection declaration below this text.
DATA COLLECTION ON THIS WEBSITE
Who is responsible for data collection on this website?
The data processing on this website is performed by the website operator. You can find their contact details in the imprint of this website.
How do we collect your data?
On the one hand, your data is collected by you communicating it to us. This can be, for example, data that you enter in a contact form.
Other data is automatically collected by our IT systems or with your consent when you visit the website. This is primarily technical data (e.g. internet browser, operating system or time of the page visit). This data is recorded automatically as soon as you enter this website.
What do we use your data for?
Part of the data is collected to ensure that the website is provided correctly. Other data can be used to analyze your user behavior.
What rights do you have regarding your data?
You have the right to receive information about the origin, recipient and purpose of your stored personal data, free of charge and at any time. You also have the right to request that these data be corrected or deleted. If you have given your consent to data processing, you can revoke this consent at any time for the future. Under certain circumstances, you also have the right to request that the processing of your personal data be restricted. Furthermore, you have the right to lodge a complaint with the responsible supervisory authority.
If you have any further questions about data protection, you can contact us at any time at the address given in the imprint.
ANALYSIS TOOLS AND THIRD-PARTY COOKIES
When you visit this website, your surfing behavior can be statistically evaluated. This is done primarily with cookies and with so-called analysis programs.
Detailed information on these analysis programs can be found in the following data protection declaration.
2. Hosting and Content Delivery Networks (CDN)
EXTERNAL HOSTING
This website is hosted by an external service provider (Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany ). The personal data collected on this website is stored on the hoster’s servers. This includes, among others, the IP address, the browser used, the time and date, and the system used by a website visitor. We only store anonymized IP addresses of website visitor. On the web server level, this is done by storing an IP address 123.123.123.1XXX in the log file instead of the actual IP address of the visitor, for example 123.123.123.123, where XXX is a random value between 1 and 254. Making a personal reference is no longer possible.
The host is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 Para. 1 lit. b GDPR), and in the interest of a safe, fast and efficient provision of our online service by a professional provider (Art. 6 Para 1 lit.f GDPR).
Our hoster will only process your data to the extent necessary to fulfill its performance obligations and to follow our instructions in relation to this data.
Conclusion of data processing agreement
In order to guarantee general data protection-compliant processing, we have concluded a data processing agreement with our host.
3. General Information and Mandatory Information
Privacy
The operators of these web pages take the protection of your personal data very seriously. We treat your personal data confidentially and in accordance with the statutory data protection regulations and this data protection declaration.
When you use this website, various personal data are collected. Personal data are data with which you can be personally identified. This data protection declaration explains what data we collect and what we use it for. It also explains how and for what purpose this is done.
We would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. It is not possible to completely protect data from third-party access.
Information about the responsible body
The responsible body for data processing on this website is:
ELIXIR Management Consultants – Templin Kriegeskotte Partnerschaft
Thadenstraße 79
22767 Hamburg
Phone: +49 (0) 15251071659
Email: info@elixir-consultants.com
The responsible body is the natural or legal person who, alone or together with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).
Revocation of your consent to data processing
Many data processing operations are only possible with your explicit consent. You can revoke your consent at any time. An informal notification to us by email is sufficient. The legality of the data processing performed before the revocation remains unaffected by the revocation.
Right to objection against data collection in special cases and direct advertising (Art. 21 GDPR)
If data processing is based on Art. 6 Abs. 1 Lit. E or F GDPR, you have the right at any time to object the processing of your personal data for reasons for your special situation; this also applies to profiling based on these provisions. the relevant legal basis on which processing is based is taken from this privacy statement. If you revoke, we will not process your relevant personal data, unless we can prove mandatory protection worthy causes for processing, that predominate your interests, rights and freedoms. or the processing purposes of enforcement, exertion or defense of legal claims (revokation under Art. 21 (1) GDPR).
If your personal data are processed to operate direct advertising, you have the right to revoke at any time to process your personal data for the purpose of such advertising; this is also applicable to profiling, as far as it is connected with such direct advertising. if you revoke, your personal data will no longer be used for the purpose of direct advertising (obligation under Art. 21 (2) GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, the affected person has the right to lodge a complaint with a supervisory authority, in particular in the member state of their habitual residence, their place of work or the place of the alleged violation. The right to lodge a complaint exist without prejudice to other administrative or judicial remedies.
Right to data portability
You have the right to let issue data that we process automatically based on your consent or in fulfillment of a contract hand over to you or to a third party in a common, machine-readable format. If you request the direct transfer of the data to another responsible person, this will only take place if it is technically feasible.
SSL or TLS encryption
For security reasons and to protect the transmission of confidential content, such as orders or inquiries that you send to us as the website operator, this page uses SSL or TLS encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http: //” to “https: //” and by the lock symbol in your browser line.
If SSL or TLS encryption is activated, the data that you transmit to us cannot be read by third parties.
Information, deletion and correction
Within the frame of the applicable legal provisions, you have the right to get information about your stored personal data, its origin and recipient and the purpose of data processing and, if necessary, the right to correct or delete this data, for free. You can contact us at any time at the address given in the imprint if you have any further questions on the subject of personal data.
Right to restriction of processing
You have the right to request that the processing of your personal data is restricted. You can contact us at any time at the address given in the imprint. The right to restrict processing exists in the following cases:
- If you contest the accuracy of your personal data stored by us, we usually need time to check this. For the duration of the examination, you have the right to request that the processing of your personal data is restricted.
- If the processing of your personal data happened / happens unlawfully, you can request the restriction of the data processing instead of the deletion.
- If we no longer need your personal data, but you need it to exert, defend or assert legal claims, you have the right to request that the processing of your personal data is restricted instead of being deleted.
- If you have filed a revocation in accordance with Art. 21 Para. 1 GDPR, you and our interests must be weighed up. As long as it is not clear whose interests outweigh the rights, you have the right to request that the processing of your personal data be restricted.
If you have restricted the processing of your personal data, this data – apart from its storage – may only be obtained with your consent or to assert, exert or defend legal claims or to protect the rights of another natural or legal person or for reasons of important public interest of the European Union or a Member State.
Revocation to advertising emails
We hereby revoke to the use of contact data published within the frame of the imprint obligation for sending unsolicited advertising and information material. The operators of the pages expressly reserve the right to take legal action in the event of unsolicited sending of advertising information, such as spam e-mails.
4. Data Collection on this website
Cookies
Our website uses so-called “cookies”. Cookies are small text files and do not damage your device. They are either stored temporarily on your device for the duration of a session (session cookies) or permanently (permanent cookies). Session cookies are automatically deleted at the end of your visit. Permanent cookies remain on your device until you delete them yourself or they are automatically deleted by your web browser.
In some cases, third-party cookies can also be stored on your device when you enter our website (third-party cookies). These enable us or you to use certain third-party services.
Cookies have different functions. Numerous cookies are technically necessary because certain website functions would not work without them (e.g. the shopping cart function or the display of videos). Other cookies are used to evaluate user behavior or to display advertising.
Cookies that are required to perform the electronic communication process (necessary cookies) or to provide certain functions you want (functional cookies) or to optimize the website (eg cookies for measuring the web audience) are saved on basis of Art. 6 para. 1 lit. f GDPR, unless another legal basis is specified. The website operator has a legitimate interest in storing cookies for the technically error-free and optimized provision of its services. If consent to the storage of cookies has been requested, the storage of the relevant cookies takes place exclusively on the basis of this consent (Art. 6 Para. 1 lit. a GDPR); the consent can be revoked at any time.
You can set your browser in a way that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of this website may be restricted.
Insofar, as cookies from third-party companies or for analysis purposes are used, we will inform you about this separately in the context of this data protection declaration and, if necessary, ask for consent.
Cookie consent with GDPR Pixelmate
Our website uses the cookie consent technology GDPR Pixelmate to obtain your consent to the storage of certain cookies in your browser and to document them in accordance with general data protection regulations. The provider of this technology is Soulsites and Lawlikes (https://elopage.com/s/lawlikes/wordpress-dsgvo-plugin ).
The tool is applied locally. It does not store any personal data that can identify the user and is therefore GDPR-compliant .
DSGVO Pixelmate is used to obtain the statutory consent for the use of cookies required by law. The legal basis for this is Art. 6 para. 1 sentence 1 lit. c GDPR.
Server log files
The provider of the website automatically collects and stores information in so-called server log files, which your browser automatically transmits to us. These are:
- Browser type and browser version (if transmitted by the user)
- Operating system used
- Referrer URL
- Host name of the accessing computer
- Date and time of the server request
- the number of visits,
- the time spent on the website
- IP address
These data are not merged with other data sources.
These data are recorded on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the technically error-free presentation and optimization of his website – the server log files must be recorded for this.
Contact form
If you send us inquiries using the contact form, your details from the inquiry form, including the contact details you provided there, will be stored by us for the purpose of processing the inquiry and in the event of follow-up questions. We will not pass on these data without your consent.
These data are processed on the basis of Art. 6 Para. 1 lit. b GDPR, if your request is related to the fulfillment of a contract or is necessary to perform pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 Para. 1 lit. GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was queried.
The data you enter in the contact form will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory legal provisions – especially retention periods – remain unaffected.
Request by email, phone or fax
If you contact us by email, phone or fax, your request, including all personal data resulting from it (name, request), will be stored and processed by us for the purpose of processing your request. We will not pass on this data without your consent.
This data is processed on the basis of Art. 6 Para. 1 lit. b GDPR, if your request is related to the fulfillment of a contract or is necessary to perform pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of inquiries addressed to us (Art. 6 Para. 1 lit. GDPR) or on your consent (Art. 6 Para. 1 lit. a GDPR) if this was queried.
The data you send to us via contact requests will remain with us until you request deletion, revoke your consent to storage or the purpose for data storage no longer applies (e.g. after your request has been processed). Mandatory statutory provisions – especially statutory retention periods – remain unaffected.
5. Social Media and External Links
Our online offer contains links to other websites. We have no influence on whether their operators comply with data protection regulations. In addition to this website, we can also be found on various social media channels.
SOCIAL MEDIA PLUGINS ON THE WEBSITE
Shariff wrapper plugin
Plugins from social media are used on this website (e.g. XING, LinkedIn).
You can usually recognize the plugins by the respective social media logos. To ensure data protection on this website, we only use these plugins together with the so-called “Shariff” solution. This application prevents the plugins integrated on this website from transferring data to the respective provider as soon as you first enter the page.
Only when you activate the respective plug-in by clicking the associated button a direct connection to the server of the provider will be established (consent). As soon as you activate the plugin, the respective provider receives the information that you have visited this website with your IP address. If you are logged into your respective social media account (e.g. LinkedIn , Xing ) at the same time , the respective provider can assign your visit to this website to your user account .
Activating the plugin constitutes consent within the meaning of Art. 6 Para. 1 lit. a GDPR. You can revoke this consent at any time with future effect.
Xing button on website
The “XING Share Button” is used on this website. Only by activating the button by clicking, a connection to the server of XING is set up shortly via your browser, with which the “XING Share Button” functions are performed. XING does not save any of your personal data when you access this website. In particular, XING does not save any IP addresses. There is also no evaluation of your usage behavior via the use of cookies in connection with the “XING Share Button”. The current data protection information on the “XING Share Button” and additional information can be found on this website: https://www.xing.com/app/share?op=data_protection
LinkedIn button on website
The “LinkedIn Share Button” is used on this website. Only when the button is activated by clicking will the plugin establish a direct connection between your browser and the LinkedIn server. LinkedIn receives the information that you have visited this website with your IP address. If you click the LinkedIn “Share” button while you are logged into your LinkedIn account, LinkedIn is able to assign your visit to our website to you and your user account.
We would like to point out that, as the provider of the Website, we have no knowledge of the content of the transmitted data or their use by LinkedIn.
The LinkedIn plug-in is used on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the greatest possible visibility in social media.
Further information can be found in LinkedIn’s data protection declaration at: https://www.linkedin.com/legal/privacy-policy .
AN OVERVIEW OF OUR SOCIAL MEDIA APPEARANCES
Data processing through social networks
We maintain publicly available profiles on social networks. The individual social networks we use can be found below.
Social networks can generally analyze your user behavior comprehensively if you visit their website or a website with integrated social media content (e.g. like buttons or advertising banners). By visiting our social media presences, numerous data protection-related processing processes are triggered. In detail:
If you are logged into your social media account and visit our social media presence, the operator of the social media portal can assign this visit to your user account. Under certain circumstances, your personal data can also be recorded if you are not logged in or do not have an account with the respective social media portal. In this case, these data are collected, for example, using cookies that are stored on your end device or by recording your IP address.
With the help of the data collected in this way, the operators of the social media portals can create user profiles in which their preferences and interests are stored. In this way, you can be shown interest-based advertising inside and outside the respective social media presence. If you have an account with the respective social network, the interest-based advertising can be displayed on all devices on which you are logged in or were logged in.
Please also note that we cannot track all processing processes on the social media portals. Depending on the provider, further processing operations may therefore be performed by the operators of the social media portals. Details can be found in the terms of use and data protection provisions of the respective social media portals.
Legal basis
Our social media presence is designed to ensure the widest possible presence on the Internet. This is a legitimate interest within the meaning of Art. 6 para. 1 lit. f GDPR. The analysis processes initiated by the social networks may be based on different legal bases that must be specified by the operators of the social networks (e.g. consent within the meaning of Art. 6 Para. 1 lit. a GDPR).
Responsible and assertion of rights
Please note that despite the shared responsibility with the social media portal operators, we do not have any full influence on the data processing processes of the social media portals. Our options depend largely on the company policy of the respective provider.
Storage period
We have no influence on the storage period of your data, which are saved by the operators of the social networks for their own purposes. For details, please contact the operators of the social networks directly (e.g. in their data protection declaration, see below).
Company profile on XING
We have a XING profile. The provider is New Work SE, Dammtorstraße 29-32, 20354 Hamburg, Germany. You can find details on how they handle your personal data in XING’s data protection declaration: https://privacy.xing.com/de/datenschutzerklaerung.
Company profile on LinkedIn
We have a LinkedIn profile. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. LinkedIn is certified according to the EU-US Privacy Shield. LinkedIn uses advertising cookies.
You can find details on how they handle your personal data in LinkedIn’s privacy policy: https://www.linkedin.com/legal/privacy-policy.
6. Analysis tools and advertising
GOOGLE ANALYTICS
This website uses functions of the web analytics service Google Analytics. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
Google Analytics uses so-called “cookies”. These are text files that are stored on your computer and that enable an analysis of your use of the website. The information generated by the cookie about your use of this website is usually transmitted to a Google server in the USA and stored there.
Google Analytics cookies are stored on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in analyzing user behavior in order to optimize both its website and its advertising.
IP anonymization
We have activated the IP anonymization function on this website. This means that your IP address will be shortened by Google within member states of the European Union or in other contracting states of the Agreement on the European Economic Area before it is transmitted to the USA. The full IP address is only transferred to a Google server in the USA and abbreviated there in exceptional cases. On behalf of the operator of this website, Google will use this information to evaluate your use of the website, to compile reports on website activity and to provide the website operator with other services related to website and internet use. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.
Browser plugin
You can prevent the storage of cookies by setting your browser software accordingly; however, we would like to point out that in this case you may not be able to use all functions of this website to their full extent. You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading the browser plug-in available under the following link and install: https://tools.google.com/dlpage/gaoptout?hl=de.
Data processing agreement
We have concluded a data processing agreement with Google and fully implement the strict requirements of the data protection authorities when using Google Analytics.
Demographic characteristics in Google Analytics
This website uses the “demographic features” function of Google Analytics. This allows reports to be created that contain information about the age, gender and interests of the website visitors. These data come from interest-based advertising from Google and visitor data from third-party providers. These data cannot be assigned to a specific person. You can deactivate this function at any time via the ad settings in your Google account or generally prohibit the collection of your data by Google Analytics as shown in the point “Revocation to data collection”.
WORDPRESS STATS
This website uses the WordPress tool Stats to statistically evaluate visitor access. The provider is Automattic Inc., 60 29th Street # 343, San Francisco, CA 94110-4929, USA.
WordPress Stats uses cookies that are stored on your computer and that allows an analysis of the use of the website. The information generated by the cookies about the use of our website is stored on servers in the USA. Your IP address is anonymized after processing and before storage.
“WordPress Stats” cookies remain on your device until you delete them.
“WordPress Stats” cookies are stored on the basis of Art. 6 Para. 1 lit. f GDPR. The website operator has a legitimate interest in the anonymized analysis of user behavior in order to optimize both its website and its advertising.
You can set your browser so that you are informed about the setting of cookies and only allow cookies in individual cases, exclude the acceptance of cookies for certain cases or in general, and activate the automatic deletion of cookies when the browser is closed. If cookies are deactivated, the functionality of our website may be restricted.
You can revoke the collection and use of your data for the future by clicking on this link to set an opt-out cookie in your browser.
If you delete the cookies on your computer, you have to set the opt-out cookie again.
8. Plugins and tools
GOOGLE WEB FONTS
Our website uses web fonts from Google. The provider is Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA.
By using these web fonts, it will be possible to present our website to you as desired, regardless of which fonts are available locally. This is done by accessing the Google Web Fonts from a Google server in the USA and the associated transfer of your data to Google. This is your IP address and which page you have visited. Google Web Fonts are used on the basis of Art. 6 Para. 1 lit. f GDPR. As the operator of this website, we have a legitimate interest in the optimal presentation and transmission of our website.
The company Google is certified for the US- European data protection convention “Privacy Shield”. This data protection agreement is intended to ensure compliance with the data protection level applicable in the EU.
You can find details about Google Web Fonts at: https://www.google.com/fonts#AboutPlace:about and further information in Google’s data protection regulations: https://policies.google.com/privacy/partners?hl=de
WORDFENCE
This page uses the security plugin WORDFENCE to protect the website from hacker attacks etc. The provider is DEFIANT, 800 5th Ave Ste 4100, Seattle, WA 98104.
The provided GDPR-compliant data processing agreement has been concluded.
WORDFENCE currently uses three cookies and the following explains what each cookie does, who set the cookie and why the cookie helps protect the site.
wfwaf-authcookie- (hash) What it does: This cookie is used by the Wordfence firewall to perform a capability check of the current user before WordPress has been loaded. Who gets this cookie: This is only set for users that are able to log into WordPress.How this cookie helps: This cookie allows the Wordfence firewall to detect logged in users and allow them increased access. It also allows Wordfence to detect non-logged in users and restrict their access to secure areas. The cookie also lets the firewall know what level of access a visitor has to help the firewall make smart decisions about who to allow and who to block.
wf_loginalerted_ (hash) What it does: This cookie is used to notify the Wordfence admin when an administrator logs in from a new device or location. Who gets this cookie: This is only set for administrators. How this cookie helps: This cookie helps site owners know whether there has been an admin login from a new device or location.
wfCBLBypass What it does: Wordfence offers a feature for a site visitor to bypass country blocking by accessing a hidden URL. This cookie helps track who should be allowed to bypass country blocking. Who gets this cookie: When a hidden URL defined by the site admin is visited, this cookie is set to verify the user can access the site from a country restricted through country blocking. This will be set for anyone who knows the URL that allows bypass of standard country blocking. This cookie is not set for anyone who does not know the hidden URL to bypass country blocking. How this cookie helps: This cookie gives site owners a way to allow certain users from blocked countries, even though their country has been blocked.
You can find more information on handling user data in DEFIANT’s data protection declaration: https://www.WORDFENCE.com/privacy-policy/
YOAST SEO
We use the plugin “YOAST SEO” to support the search engine optimization of the site. The provider is Yoast BV , Don Emanuelstraat 3 , 6602 GX Wijchen , The Netherlands
The tool does not store any personal data and is therefore GDPR-compliant.
You can find more information on the handling of user data in the data protection declaration of Yoast BV : https://yoast.com/privacy-policy/