Our privacy policy

General

Responsible for data processing:

The person responsible in accordance with Article 4 Paragraph 7 of the General Data Protection Regulation (GDPR) is [GBC General Business Consulting Inh. Tobias Riemenschneider], see our [Imprint].

Contracted service providers:

The general provision and maintenance of our websites and e-mail systems is carried out with the support of IT service providers who work on our behalf and can therefore also view (receive) your data to the extent required.

Data protection officer:

You can contact our data protection officer at info@general-business-consulting.de.

Collection and use of your data:

The scope and type of collection and use of your personal data differs depending on whether you visit our website only to retrieve information or whether you use any services we may offer.

If we use other (IT) service providers for individual functions of our offer or would like to use your data for advertising purposes, we will inform you in detail below about the respective processes (all data processing). We also state the specified criteria for the storage period and the applicable legal basis for data processing.

Informational use:

For informational use of our website, we only collect the personal data that your browser automatically transmits to us, such as:

• IP address
• Date and time of the request
• Time zone difference to Greenwich Mean Time (GMT)
• Content of the request (specific page)
• (File transfer, file not found etc.)
• Website from which the request came
• Operating system and its interface
• Language and version of your browser.

Storage period:

These data (logs) are stored for 14 days.

Legal basis (s) for data processing:

The above data is technically necessary to display our website to you and to ensure stability and security, in accordance with Art. 6 Paragraph 1 lit. f) GDPR.

contact form

When you contact us via the contact form or by e-mail, the data you provide (your name, your e-mail address, possibly your telephone number and your message) will be saved by us in order to answer your question (s) . Mandatory information required for this is marked separately; further information is voluntary.

Storage period:

We delete the data arising in this context after the storage is no longer required, or we restrict the processing if there are statutory retention requirements (max. Ten years within the framework of the archiving of business e-mails required under commercial and tax law).

Legal basis (s) for data processing:

Processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures that are carried out at the request of the data subject, in accordance with Art. 6 Paragraph 1 lit. b) GDPR.

Applications / job postings

We process the data that you have sent us in connection with your application in order to check your suitability for the position (or other open positions, if applicable) and to carry out the application process.

Your application will be viewed by the HR department upon receipt. Suitable applications are then passed on to the branch and department managers for the respective vacant or suitable position. Then the further process will be coordinated. In the entire company, only those persons have access to your data who need it for the proper flow of our application process.

Storage period:

Applicants' data will be deleted after 6 months if they are rejected. [In the event that you have consented to your personal data being stored further, we will include your data in our applicant pool. There the data will be deleted after 2 years.]

If you have been accepted for a position as part of the application process, your data will be transferred to our personnel information system.

Legal basis for data processing:

The processing of your data as part of the application process is permissible for the decision on the establishment of an employment relationship, in accordance with Section 26 of the Federal Data Protection Act (BDSG nF).

Should the data be required for legal prosecution after the application process has been completed, data can be processed to safeguard legitimate interests in accordance with Article 6 (1) (f) GDPR. Our interest then lies in the assertion or defense of claims.

Use of cookies:

We do not use any cookies for our websites. Cookies are small text files that are sent from our web server to your browser when you visit our website and are stored by your browser on your computer for later retrieval. They serve to make the Internet offer more user-friendly and effective overall.

Social Media Links:

There are links to various social media with the corresponding logos on our website. These are not social media plug-ins, but merely a link to our offers within these media. If you click on one of these links, your IP address will be transmitted to the operators of the various platforms. If you use one of these services and are logged in with your specific account, information on your surfing behavior may also be recorded by the social media operator. The transmission of your IP address to the operator of the accessed websites is technically necessary and applies to all websites.

Processing of your personal data in countries outside the EU and the EEA (third countries):

Your personal data will not be processed in countries outside the European Union and the European Economic Area.

Newsletter

In order to be able to receive our newsletter regularly, in addition to your data protection consent, we need at least your e-mail address (mandatory) to which the newsletter is to be sent. Any further information is voluntary and is used in order to be able to address you personally and to clarify any queries about the e-mail address.

[For registration we use the so-called double opt-in procedure, ie we will only send you the newsletter if you have previously confirmed your registration via a link contained in a confirmation e-mail sent to you for this purpose. We want to ensure that only you, as the owner of the specified email address, can register for the newsletter. Your confirmation in this regard must be made promptly after receipt of the confirmation email, otherwise your newsletter registration will be automatically deleted.]

Revocation of your consent:

You can unsubscribe from a newsletter that you have subscribed to from us at any time - by clicking on the corresponding link at the end of the newsletter or by sending a message to the contact details given in the legal notice.

Newsletter success measurement:

We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the e-mails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files and are stored on our website.

The data is only collected anonymously, so the IDs are not linked to your other personal data, a direct personal reference is excluded.

With the data obtained in this way, we create a user profile in order to tailor the newsletter to your individual interests. We record when you read our newsletters, which links you click in them and deduce your personal interests from this.

Contracted service providers:

Our newsletter is provided by the contracted service provider:

CleaverReach GmbH & Co.KG

Storage period:

If you do not confirm your registration within 30 days, your information will be automatically deleted.

After a successful registration, your data will be saved for as long as you have subscribed to the newsletter. After you unsubscribe, we will save your email address on a so-called black list. The black list guarantees that you do not wish to receive any more e-mails from us.

Legal basis for data processing:

The subscription to the newsletter takes place with your personal consent, in accordance with Art. 6 Para. 1 lit. a) GDPR.

The evaluation of your personalized user behavior (measurement of the success of our newsletter) is based on your personal consent, in accordance with Art. 6 Para. 1 lit. a) GDPR.

In the case of a permanent contractual relationship on the subject of data protection, you will receive the newsletter on the basis of Art. 6 Para. 1 lit. b) GDPR (processing is necessary for the performance of a contract to which the data subject is a party.)

Your rights

You have the following rights vis-à-vis us with regard to your personal data:

• Right to information,
• Right to correction or deletion,
• Right to restriction of processing,
• Right to data portability.

Right to complain to a supervisory authority:

You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.

You can contact the supervisory authority here.

Right of objection and right of withdrawal

If you have given your consent to the processing of your data, you can revoke this at any time. Such a revocation affects the permissibility of the processing of your personal data after you have given it to us.

If we base the processing of your personal data on the balancing of interests (the legal basis is then Art. 6 Para. 1 lit. f) GDPR), you can object to the processing. This is the case if the processing is not particularly necessary to fulfill a contract with you, which we address in each case in the explanation of the individual data processing and functions on our websites above in this data protection declaration. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust the data processing or show you our compelling reasons worthy of protection on the basis of which we will continue processing.

Right to object to direct mail:

You can object to the processing of your personal data for the purposes of advertising and data analysis at any time, e.g. even if you receive advertising in the form of a newsletter, customer magazine or information material by post from us as part of a business relationship.

If we use your data in the context of functions of our website for direct advertising and an associated data analysis, we will inform you about this data processing above in this data protection declaration, including the possibility of exercising your right of revocation using technical means, if necessary.

Contact options regarding your rights:

You can contact us at any time to exercise your rights.

You are also welcome to use one of the contact options in our imprint or contact our data protection officer directly (contact details above).

Data security:

We also use technical and organizational security measures to protect any personal data that arises or that has been collected, in particular against accidental or deliberate manipulation, loss, destruction or against attacks by unauthorized persons. Our security measures are continuously improved in line with technological developments.

The transmission of your personal data is encrypted using SSL technology (https) to prevent access by unauthorized third parties.

Communication by email:

Our e-mail systems support encrypted communication using SSL technology (TLS 1.2 including PFS). The transmission of your e-mail can therefore always be encrypted. Please note, however, that the encryption also depends on the configuration of your e-mail program and we therefore cannot guarantee complete data security for the transport route.

For information that requires a high degree of confidentiality, we recommend that you send it by post.