With this privacy statement we would like to inform you about the type of personal data we process during your visit to our website and the rights you have regarding this. We therefore ask you to carefully read the following statement.
Personal data. All types of information which are related to an identified or identifiable natural person are defined as personal data. This includes a person’s name, address and communication data or a person’s email address.
Processing of personal data hereinafter referred to as ‘processing’ shall mean any operation or set of operations carried out in the context of personal data, whether or not by automatic means, such as the collection, recording, organisation, arrangement, storage, adaptation or alteration, reading, retrieval, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, limitation, erasure or destruction.
'Data subject’ refers to any identified or identifiable natural person, whose personal data are processed by the controller in charge of processing.
'Controller' or ‘controller in charge of processing’ shall mean the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data.
‘User’ includes all categories of data subjects. This includes our business partners and other visitors of our website.
Regarding the terminology used, we would like to further refer to the definitions in Article 4 of the Data Protection Regulation (DS-GVO). The terms used, such as ‘user’ for example, can be understood as gender neutral terms.
1. Name and address of the responsible organisation
O+P Consult GmbH
Waldhofer Straße 102
Tel: +49 6221 43 337 0
Fax: +49 6221 43 337 37
The organisation’s representatives are the managing directors Thomas Frey and Markus Hedrich.
2. Data protection supervisor
You can contact our Data Protection Supervisor via E-mail (datenschutz[at]op-consult.de) or via our postal address for the attention of the Data Protection Supervisor.
3. Processing of personal data
3.1. Visiting our website
3.1.1. Extent of data processing
When visiting our website, your browser transvers certain types of data to our webserver for technical reasons. This includes the following types of data (so-called server log files):
- IP address
- Date and time of the server request
- Time difference to Greenwich Mean Time (GMT)
- Content of the server request (specific site)
- Operating system and its status of access/ HTTP status code
- Transferred data volume
- Website the request has come from (‘referrer-URL’)
- Type of browser, language and version of the browser software
3.1.2. Purpose of data processing
Saving the data in log files is necessary in order to ensure the functioning of the website. This seves as a means of ensuring the security of our information technology systems.
3.1.3. Legal basis of processing
We retrieve the data on the basis of our legal interest according to Article 6 para. 1 lit. f) DS-GVO, in order to display our website content and to ensure the website’s security.
3.1.4. Duration of data storage
For security reasons, the information saved in the log files is saved for four weeks (e.g. in order to allow investigations regarding abuse or fraud) and deleted afterwards. Data which need to be stored further for possible evidence purposes are excluded from the deleting process until the final settlement of the incident in question.
3.1.5. Objection and deletion options
The collection of data in order to offer access to the website and the data storage process in log files is mandatory for the operation of the site due to technical reasons. Therefore, the user does not have the right to object.
3.2. Email contact
3.2.1. Extent of data processing
If you contact us via email, the personal data transmitted through the email are processed by us.
3.2.2. Reason for data processing
The processing of personal data when contacting us via email serves as a means of handling your request and as a means of providing you with the information needed.
3.2.3. Legal basis of data processing
When sending us a contact enquiry, your data are processed for the purpose of handling and processing your enquiry in line with Article 6, para. 1 lit. b) DSGVO.
3.2.4. Recipient of the data processing
When contacting us, your personal data are processed by the relevant internal authorities in charge of the request.
3.2.5. Duration of storage
Personal data, which are no longer necessary for the purpose of achieving the aim in question - on the basis of which the data was collected -, are deleted. For any personal data forwarded to us via email this is the case when the respective conversation with the user has ended. The conversation has ended when it becomes evident through the circumstances that the issue in question or the request for information has been conclusively clarified.
3.2.6. Objection and deletion options
You can revoke your consent to the processing of your personal data at any time. If you contact us via email, you can revoke your consent to the storage of your personal data at any time. In this case, our conversation can of course not be continued any further. Please address your withdrawal to bunt[at]op-consult.de.
Any personal data stored in the course of making contact with us, will then be deleted.
3.3.1. Extent of data processing
- Transient cookies are deleted automatically when closing the browser. In particular, this includes so-called session cookies. These session cookies save a so-called session-ID which makes it possible to associate different requests from your browser with a joint session. When you return to our website, your computer can be identified. The session cookies are deleted, once you log out or close the browser.
- Persistent cookies are deleted automatically after a pre-set duration, which can vary depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
3.3.2. Purpose of data processing
3.3.3. Legal basis of data processing
The legal basis for processing personal data while using the technically essential cookies is Ar-ticle 6 para 1 lit. f DS-GVO.
3.3.4. Duration of storage
Session cookies are deleted as soon as the browser is closed. Persistent cookies are deleted automatically after a pre-set duration.
3.3.5. Options for objection and deletion
As the user, you have complete control regarding the way cookies are used. You can change the settings of your browser to prevent cookies from being stored in the first place or to have them deleted directly at the end of your internet session. In order to do so, please select the following in your browser settings: ‘do not accept cookies’. In your Microsoft Internet Explorer, please select the following: ‘extras > internet options > data security > settings’; Using Firefox, please select the following: ‘extras > settings > data security > cookies’. If you use a different internet browser, please refer to the ‘help-section’ of the browser for further instructions on how to deactivate or delete cookies. Please note, that in this case you might not be able to use all the functions provided on our website.
4. Data security
We adopt technical, legal and organisational measures regarding the security of data pro-cessing, in line with the latest technical standards. Thereby we ensure that the regulations of the data protection law, especially the General Data Protection Regulation, are adhered to and any data processed by us are protected against destruction, loss, changes and unauthorised ac-cess. These security measures include the encrypted transmission of data from your browser to our servers. Please note, that the encryption process in any online data transmission process is only activated when the key symbol appears in the lower menu part of your browser window and the address starts with http://www. Due to SSL (Secure Socket Layer) data processing is protected against any unauthorised data access by any third party through a specific encryption technology. In case this option is not available, you can also decide not to forward certain data online.
Any information transmitted to us by you, is stored and processed through servers in Germany.
5. Cooperating with external processors and third parties
Forwarding your data to any third party occurs solely in accordance with legal regulations. We will forward the data to a third party only if this is required for contract purposes on the basis of Article 6 para. 1 lit. b) DS-GVO, if we are legally obligated to do so (Article 6 para. 1 lit. c) DS-GVO) or on the basis of legitimate interest regarding the economical and effective running of our business in line with Article 6 para. 1 lit. f) DS-GVO.
We employ subcontractors to provide our services (in line with Article 28 DS-GVO), especially for the running, maintenance and hosting of our website and our IT systems. We have adopted adequate legal precautions and technical as well as organisational measures to ensure the se-curity of personal data in accordance with the legal requirements.
7. Your rights
When processing your personal data, you are a data subject in the sense of the DS-GVO (General Data Protection Regulation) and you have the following rights regarding the personal data that concerns you:
- Right of access to information (Art. 15 DS-GVO)
- Right to correct data (Art. 16 DS-GVO)
- Right to delete data (Art. 17 DS-GVO)
- Right to restrict the processing (Art. 18 DS-GVO)
- Right to data portability (Art. 20 DS-GVO)
- Right to object to any data processing (Art. 21 DS-GVO)
- Right to file a complaint with a data protection supervisory authority (Art. 77 DS-GVO)