Privacy Statement
Information Obligations according to Art. 12 et seq. EU GDPR
1. Name and Contact Details of the Controller
Your contact person as the controller within the meaning of the European General Data Protection Regulation (“EU GDPR”) and other national data protection laws of the member states as well as other data protection provisions is:
Rhino Management Consulting GmbH
Friedrich-Ludwig-Jahn-Str. 45A
61381 Friedrichsdorf
Germany
(hereinafter referred to as “we,” “us,” or “our”)
2. Contact Details of the Data Protection Officer
The protection of your personal data is of great importance to us. In case you have any questions beyond this document, please contact our Data Protection Officer:
Alexander Resin, Rhino Management Consulting GmbH
Email: dataprotectionofficer@rhino-mc.de, Telephone: +49 6172 944 6572
3. Data Processing on Our Website
3.1 Provision of the Website and Creation of Log Files
Legal Basis: The legal basis for the processing of your personal data in the provision of the website and the creation of log files is Art. 6(1)(f) EU GDPR.
Purpose: The temporary storage of your personal data by us is necessary to enable the delivery of the website to your computer. For this purpose, your personal data must be stored for the duration of the session. The storage of your personal data in log files is done to ensure the functionality of the website. Furthermore, your personal data serves to ensure the security of our information technology systems. There is no other processing of your personal data.
Storage Period: Your personal data will be deleted as soon as it is no longer required to achieve the purpose of its collection. In the case of collecting your personal data for the provision of the website, this is the case as soon as you leave the website. In the case of storing your personal data in log files, these will be deleted after a maximum of three months. If storage beyond this period occurs, your personal data will be anonymized, making it no longer identifiable.
Right to Object and Removal Option: The processing of your personal data for the provision of the website and the storage of your personal data in log files are mandatory for the operation of the website. Therefore, there is no option to object.
3.2 Use of Technically Necessary Cookies
Legal Basis: The legal basis for the processing of your personal data in the use of technically necessary cookies is Art. 6(1)(f) EU GDPR.
Purpose: The use of technically necessary cookies is intended to simplify your use of our website. Some functions of our website cannot be offered without the use of cookies. For these functions, it is necessary that your browser is recognized even after changing pages. There is no other processing of your personal data.
Storage Period: Your personal data will be deleted as soon as it is no longer required to achieve the purpose of its processing; this is particularly the case when leaving the website.
Right to Object and Removal Option: Cookies are stored on your computer in the permissions case and transmitted from there to our website. Therefore, you have full control over the use of cookies.
You can disable or restrict the transmission of cookies by changing the settings in your Internet browser. You can also delete already stored cookies at any time. This can also be done automatically. If cookies are disabled for our website, some functions of the website may not be fully available.
3.3 Improvement of Comfort, Website Optimization, User Behavior Analysis with the Inclusion of the “Google Analytics” Service
Legal Basis: The legal basis for the processing of your personal data in the context of web analysis using the Google Analytics service for the purpose of improving comfort, optimizing the website, and analyzing user behavior is our legitimate interest under Art. 6(1)(f) EU GDPR.
Purpose: The processing of your personal data enables us to optimize the user-friendliness of our website. To this end, we use the Google Analytics service. Your personal data is processed primarily for the purpose of analyzing your use of our website or the individual functions and offerings of our website. This evaluation allows us to continuously improve our website and tailor it to your needs. To this end, your personal data is processed exclusively on our servers.
Storage Period: Your personal data will be deleted as soon as it is no longer required to achieve the purpose of its processing. We typically delete your personal data when using the Google Analytics service after 186 days.
Right to Object and Removal Option: By changing the settings in your Internet browser, you can deactivate or restrict the analysis of your behavior in the context of our website by the Google Analytics service. You can also delete already stored cookies at any time. This can also be done automatically. If cookies for our website are disabled, not all functions of the website may be fully available.
3.4 Contact Form and Email Contact
Legal Basis: The legal basis for the processing of your personal data transmitted during contact is Art. 6(1)(f) EU GDPR. If the contact aims to conclude a contract, Art. 6(1)(b) EU GDPR provides an additional legal basis for the processing of your personal data.
Purpose: The processing of your personal data in the event of contact serves solely to process your request.
Storage Period: Your personal data will be deleted as soon as it is no longer required to achieve the purpose of its collection. For the personal data sent as part of the contact, this is the case when your request has been processed and legal retention periods do not prevent deletion.
Right to Object and Removal Option: You have the option to object to the processing of your personal data in the context of contact for the future. In this case, we will not be able to further process your data. All personal data that was stored as part of the contact will be deleted, unless legal retention periods prevent deletion.
4. Your Rights as a Data Subject
If your personal data is processed, you are a data subject within the meaning of the EU GDPR, and you have the following rights against us as the controller:
4.1 Right of Access (Art. 15 EU GDPR)
You have the right to request confirmation from us as to whether your personal data is being processed. If this is the case, you have the right to obtain access to this personal data and to the information specified in Art. 15 EU GDPR.
4.2 Right to Rectification (Art. 16 EU GDPR)
You have the right to request the immediate rectification of incorrect personal data concerning you. Furthermore, you have the right, taking into account the purposes of processing, to request the completion of incomplete personal data, including by means of providing a supplementary statement.
4.3 Right to Erasure (“Right to be Forgotten”) (Art. 17 EU GDPR)
You have the right to request that we delete your personal data without undue delay. We are obliged to delete your personal data immediately if one of the reasons specified in Art. 17 EU GDPR applies. This does not apply if processing is necessary for one of the purposes specified in Art. 17(3) EU GDPR.
4.4 Right to Restriction of Processing (Art. 18 EU GDPR)
You have the right to request the restriction of processing if one of the conditions specified in Art. 18 EU GDPR is met. In this case, your personal data will not be processed any further without your consent, but will still be stored.
4.5 Right to Data Portability (Art. 20 EU GDPR)
You have the right to receive your personal data that you have provided to us in a structured, common, and machine-readable format, and you have the right to transfer this data to another controller without hindrance by us, provided that the conditions specified in Art. 20 EU GDPR are met.
4.6 Right to Object (Art. 21 EU GDPR)
You have the right to object to the processing of your personal data at any time for reasons arising from your particular situation, provided that the legal requirements are met. We will then no longer process your personal data unless we can prove compelling reasons worthy of protection for the processing, which outweigh your interests, rights, and freedoms, or the processing serves the assertion, exercise, or defense of legal claims.
4.7 Right to Withdraw Consent (Art. 7(3) EU GDPR)
You have the right to withdraw your consent to the processing of your personal data at any time with effect for the future. In the event of withdrawal, we will immediately delete the data concerned, unless further processing can be based on a legal basis for processing without consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
4.8 Automated Decision-Making Including Profiling (Art. 22 EU GDPR)
You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal effect on you or significantly impairs you in a similar manner. This does not apply if the decision
– is necessary for the conclusion or performance of a contract between you and us,
– is permitted by law, or
– is based on your explicit consent.
4.9 Right to Lodge a Complaint with a Supervisory Authority (Art. 77 EU GDPR)
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the member state of your residence, place of work, or place of alleged infringement, if you believe that the processing of your personal data violates the EU GDPR.
If you wish to exercise any of these rights, please contact our data protection officer or another employee directly. You also have the right to contact the data protection supervisory authority responsible for us.
5. Provision of Personal Data
As a rule, you are not obliged to provide us with your personal data. However, if you do not provide us with personal data, we may not be able to make our website available to you, respond to your inquiries, or execute a contract with you.
6. Automated Decision-Making
We do not use automated decision-making or profiling within the meaning of Art. 22 EU GDPR.
7. Data Security
We take all reasonable and appropriate technical and organizational measures to protect your personal data against loss and misuse. Your data is stored in a secure operating environment that is not accessible to the public. In addition, each of our employees involved in data processing is trained in data protection and is obliged to comply with data protection regulations. Our technical and organizational measures are subject to continuous improvement.
8. Up-to-Date Nature and Amendment of this Data Protection Declaration
This data protection declaration is currently valid and has the status of December 2023. Due to the further development of our website and offerings thereof or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can access and print out the current data protection declaration at any time on the website at https://rhino-mc.de/privacy-statement.
9. Questions to the Data Protection Officer
If you have any questions about data protection, please send us an email or contact our data protection officer directly at any time:
Data protection officer: Alexander Resin, Rhino Management Consulting GmbH
Email: dataprotectionofficer@rhino-mc.de
Telephone: +49 6172 944 6572