With this privacy policy, we inform you about the scope of the processing of your personal data (hereinafter "data").
Responsible for data processing in accordance with the provisions of the General Data Protection Regulation (GDPR) is:
Bette Westenberger Brink Attorneys at Law PartGmbB
Große Langgasse 1A
55116 Mainz
Tel.: +49 (0)6131 28770 0
Fax: +49 (0)6131 28770 99
Web: www.bwb-law.de
E-Mail: mainz@bwb-law.de
Sarah Tavcer
RMPrivacy GmbH
Große Langgasse 1A
55116 Mainz
Web: www.rmprivacy.de
E-Mail: datenschutz@bwb-business.de
In the course of our business and website operations, we process data.
This also includes disclosure by transfer to third parties and, if applicable, to so-called third countries outside the European Union ("EU") and the European Economic Area ("EEA"). Insofar as we transfer data outside the EU or the EEA, we have marked this accordingly below.
The individual data concerned, processing purposes, legal bases, recipients and, where applicable, transfers to third countries are listed below:
a) Webpage visit log file
We log your website visit. In doing so, we process:
The legal basis for data processing is our overriding legitimate interest in the ongoing provision and security of our website pursuant to Art. 6 para. 1 f) GDPR.
The log file is deleted after seven days, unless it is needed to prove or clarify specific legal violations that have become known within the retention period.
b) Hosting via Webflow
To provide our online presence, we use the services of web hosting providers who process the above-mentioned data and all data to be processed in connection with the operation of this website (log file when visiting the website) on our behalf.
The legal basis for data processing is our overriding legitimate interest in the provision of our website pursuant to Art. 6 para. 1 f) GDPR.
For our hosting we use Webflow, Inc., 398 11th Street, 2nd Floor, San Francisco, CA 94103 ("Webflow"). It is possible that this may also involve data transfers in the USA. Webflow is certified under the EU-US Data Privacy Framework, and to this extent falls under the EU Commission's adequacy decision for data transfers to the USA.
c) Contact
If you contact us, we process the following data from you for the purpose of processing and handling your request: Name, contact details - if provided by you - and your message.
The legal basis for the data processing is our obligation to fulfill the contract and/or to fulfill our pre-contractual obligations pursuant to Art. 6 para. 1 b) GDPR and/or our overriding legitimate interest in processing your request pursuant to Art. 6 para. 1 f) GDPR.
d) Contact for applications
If you contact us to send us your application as an employee:in, e.g. by e-mail or via a contact form, the data you provide (e.g. name, e-mail address, desired location, etc.), your message and the application documents submitted will be processed solely for the purpose of processing and handling your application request.
The legal basis for data processing is primarily Section 26 BDSG. Accordingly, the processing of data required in connection with the decision on the establishment of an employment relationship is permissible.
Should the data be necessary for legal prosecution after completion of the application process, data processing may be carried out to safeguard our legitimate interests pursuant to Art. 6 para. f) GDPR, namely for the assertion and/or defense of claims.
e) Applicantpool
If you give us your consent to continue to store your application documents after the application process has been completed, we will store them in our applicant pool for the purpose of contacting you about future vacancies that fit your profile. The legal basis for processing within the scope of our applicant pool is your prior consent pursuant to Art. 6 para. a) GDPR.
f) Newsletter
In order to provide you with regular information about our company and offers, we offer the dispatch of an e-mail newsletter. With your newsletter registration, we process the data you entered during registration (e-mail address and other voluntary information). In order to prevent misuse, we will send you an e-mail after your registration in which we ask you to confirm your registration (double opt-in procedure). In order to be able to prove the registration process in a legally compliant manner, your registration is logged. This concerns the time of registration and confirmation as well as your IP address.
The legal basis for sending the newsletter is your consent pursuant to Art. 6 para. 1 a) GDPR. The data processing in connection with the sending of the confirmation email for your registration and the associated data logging is carried out pursuant to Art. 6 para. 1 f) GDPR due to our legitimate interest in the proof of your proper registration.
If you give us your consent, we also evaluate in the newsletters whether you have opened the newsletter and the scrolling and clicking behavior in the newsletter. This is done for the purpose of optimally tailoring our newsletter to your interests and improving the content of our newsletter. The legal basis for the analysis of the newsletter is your consent in accordance with Art. 6 para. 1 a) GDPR.
For the dispatch of the newsletter, we use a service provider to whom we transmit the named data.
g) Cookies use
We use so-called cookies on our website. Cookies are small text files that are stored on your end device (PC, smartphone, tablet, etc.) and saved by your browser.
Information about the specific cookies we use, their providers and purposes can be found at our Consent-Banner. There you can give your consent to the respective services, revoke it or subsequently adjust your settings.
Our Consent Banner
In order to document your selection of certain data processing procedures and to fulfill our obligations under data protection law, we use a consent banner. When you call up our website, your cookie preferences are requested via a banner. We then set a cookie in which data on consent given or revoked is stored. The data processing is carried out for the fulfillment of our legal obligations according to Art. 6 para. 1 c) GDPR.
h) Typeform
To create and integrate online forms, we use the TYPEFORM service of TYPEFORM, Carrer Bac de Roda, 163 (Local), 08018 Barcelona ("Typeform"). In doing so, we process the contact details you have provided as well as the content of your message.
The legal basis for the data processing is our legitimate interest in functioning online forms to Art. 6 para. 1 f) GDPR.
When using the service, the hosting is taken over by servers of Amazon Web Services Inc, 2021 Seventh Ave, Seattle, Washington 98121 ("Amazon"). This also results in data transfers to the USA. Amazon is certified under the EU-US Data Privacy Framework, and to this extent falls under the EU Commission's adequacy decision for data transfers to the USA.
i) Analysis / Marketing
Google services
We use various services of Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google") on our website. It is possible that this may also result in data transfers to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043 in the USA. Google is certified under the EU-US Data Privacy Framework, and to this extent falls under the EU Commission's adequacy decision for data transfers to the USA.
Google Analytics
We use the Google Analytics tracking tool from Google on our website. We use Google Analytics to evaluate your use of the website, to compile reports on the activities within this website and to provide other services related to the use of the website and thus improve the user experience.
When Google Analytics is used, the interactions of website visitors are primarily recorded and systematically evaluated with the help of cookies.
We use Google Analytics with the extension "anonymizeIp()". This shortens IP addresses within the member states of the EU or EEA. If a transmission to Google's servers in the USA takes place, the full IP address is only transmitted in exceptional cases and shortened there. A direct reference to a person is therefore generally excluded. In particular, an assignment to the called computer or terminal of the website visitor is no longer possible.
Through the use of Google Analytics, the following data is processed:
Legal basis and revocation
The legal basis for data processing within the scope of the aforementioned Google services is your prior consent pursuant to Art. 6 (1) a) GDPR.
You can revoke your consent at any time with future effect by adjusting your preferences in our Consent Banner.
j) External content
We use dynamic content ("Content") from third parties to optimize the presentation and the offer of our website. When visiting the website, a request is automatically made to the server of the respective content provider by means of an interface, during which certain log data (e.g. the user's IP address) is transmitted. The dynamic content is then transmitted to our website and displayed there.
We use external content in connection with the following functionalities:
aa) Google Maps
We use the map service "Google Maps" from Google on our website to provide you with an interactive map. When displaying the map, data including your IP address and your location are transmitted to Google servers and stored there. The legal basis for the processing is your prior consent pursuant to Art. 6 (1) a) GDPR.
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google") is responsible for data processing for Maps. It cannot be ruled out that a data transfer to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA takes place. Google is certified under the EU-US Data Privacy Framework, and to this extent falls under the EU Commission's adequacy decision for data transfers to the USA.
bb) Google reCaptcha
We use the captcha service "Google reCaptcha" from Google on our website to protect our website from interactions with bots. When you visit the website, data including your IP address, the referrer URL, information about the operating system, information about cookies, mouse movements and keyboard strokes, as well as the dwell time and the settings of your terminal device are transmitted to Google. The legal basis for the processing is our legitimate interest according to Art. 6 para. 1 f) GDPR in securing our website.
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland (hereinafter "Google") is responsible for data processing for Maps. It cannot be ruled out that a data transfer to Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA takes place. Google is certified under the EU-US Data Privacy Framework, and to this extent falls under the EU Commission's adequacy decision for data transfers to the USA.
cc) Appointment booking Calendly
You can easily book appointments with our staff on your own using the Calendly booking platform. When you make an online appointment booking on our website, we use the Calendly service of Calendly, Inc, 115 E Main St, Ste A1B, Buford, GA 30518, USA.
When booking an appointment online, we process the personal data contained in the booking form. This includes: Salutation, name, telephone number, e-mail address and, if applicable, the company and additional notes or messages.
The legal basis for data processing is our overriding legitimate interest in providing a simple appointment booking system pursuant to Art. 6 para. 1 f) GDPR.
When using the service, data is transferred to the USA. Calendly is not certified under the EU-US Data Privacy Framework, and therefore does not fall under the EU Commission's adequacy decision for data transfers to the USA. Calendly ensures an adequate level of data protection via the EU standard contractual clauses. We will provide a copy of the contractual clauses upon request. Please contact datenschutz@bwb-business.de for this purpose.
We store personal data only as long as it is necessary for the purposes for which it is processed or if you have revoked your consent. Insofar as statutory retention obligations must be observed, the storage period for certain data can be up to 10 years, regardless of the processing purposes.
a) Information
Upon request, you will receive information free of charge at any time about all personal data that we have stored about you.
b) Correction, deletion, restriction of processing (blocking), objection
If you no longer agree to the storage of your personal data or if this data has become incorrect, we will arrange for the deletion or blocking of your data or make the necessary corrections (insofar as this is possible under the applicable law) in response to a corresponding instruction. The same applies if we are only to process data in a restrictive manner in the future. You have a right of objection in particular in cases where your data is required due to the performance of a task that is in the public interest or the data processing is based on our legitimate interest, as well as profiling based on this. You also have such a right of objection in the event of data processing for the purpose of direct advertising.
c) Right of revocation for consents with effect for the future
You can revoke consents granted at any time with effect for the future. Your revocation does not affect the lawfulness of the processing until the time of revocation.
d) Data portability
If data processing takes place on the basis of a contract, pre-contractual negotiations, consent or with the help of automated processes, you have the right to data portability. Upon request, we will provide you with your data in a common, structured and machine-readable format so that you can transfer the data to another responsible party upon request.
e) Restriction of processing
Data for which we are not able to identify the data subject, e.g. if it has been anonymized for analysis purposes, is not covered by the above rights. Information, deletion, blocking, correction or transfer to another company may be possible in relation to this data if you provide us with additional information that allows us to identify you.
f) Exercise of your data subject rights and right of appeal
If you have any questions regarding the processing of your personal data, if you wish to obtain information, correct, block, object to or delete data, or if you wish to have your data transferred to another company, please contact us at datenschutz@bwb-business.de.
You also have the possibility to complain to a supervisory authority about your data protection rights.
