1. Responsible authority
SOCA BUSINESS CONSULTING GmbH & Co.KG
Große Hamburger Str. 31
2. Collection and storage of personal data
a) Access data and log files
On the basis of our legitimate interests pursuant to Art. 6 paragraph 1 letter f GDPR we collect data about every access to the server on which this service is located (so-called server log files). This information is temporarily stored in a so-called log file. The access data includes the IP address of the requesting computer, date and time of access, name and URL of the file accessed, the website from which access is made (referrer URL), the browser used and, if applicable, your computer’s operating system and the name of your access provider.
For security reasons and to ensure the functionality of our website, log file information is stored for a maximum of seven days and then deleted. Data whose further storage is required for evidentiary purposes are excluded from deletion until the respective incident has been finally clarified.
b) Contact form
If you have any questions, we offer you the opportunity to contact us using the form provided on the website. It is necessary to provide a valid email address and name so that we know who sent the request and can respond to it. Further information can be provided voluntarily. The data will be processed for the purpose of contacting us in accordance with Art. 6 paragraph 1 sentence 1 letter a GDPR on the basis of your voluntary consent.
3. Passing on of data
Data will only be passed on to third parties within the framework of legal requirements. We only pass on user data to third parties if, for example, this is necessary for contractual purposes on the basis of Art. 6 paragraph 1 letter b GDPR or on the basis of legitimate interests pursuant to Art. 6 paragraph 1 letter f GDPR on the economic and effective operation of our business operations. If we commission third parties to provide our services, we take appropriate legal precautions as well as appropriate technical and organizational measures to ensure the protection of personal data in accordance with the relevant legal regulations.
If content, tools or other means from other providers (hereinafter jointly referred to as “third providers”) are used within the scope of this data protection declaration and their named registered office is in a third country, it is to be assumed that data is transferred to the countries in which the third providers have their registered office. Third countries are countries in which the GDPR is not directly applicable law, i.e. countries outside the EU or the European Economic Area. The transfer of data to third countries takes place either if an appropriate level of data protection, user consent or other legal permission is available.
4. Deletion of data
The data stored by us will be deleted as soon as it is no longer required for its intended purpose and there are no legal obligations to keep it in safekeeping. If the user’s data are not deleted because they are necessary for other and legally permissible purposes, their processing is restricted. This means that the data is blocked and not processed for other purposes. This applies, for example, to user data that must be retained for commercial or tax reasons.
5. Rights of the persons concerned
You have the right:
– pursuant to Art. 15 GDPR to request free information on your personal data processed by us upon request;
– pursuant to Art. 16 GDPR to request without delay the correction of incorrect or complete personal data stored by us;
– pursuant to Art. 17 GDPR to request the deletion of your personal data stored by us, unless the processing is necessary to exercise the right to freedom of expression and information, to fulfil a legal obligation, for reasons of public interest or to assert, exercise or defend legal claims;
– pursuant to Art. 18 GDPR to restrict the processing of your personal data;
– in accordance with Art. 20 GDPR to receive your personal data that you have provided to us in a structured, current and machine-readable format or to request transmission to another person responsible;
– in accordance with Art. 7 para. 3 GDPR to revoke your consent once granted to us with effect for the future.
– to complain to a superviser authority pursuant to Art. 77 GDPR. As a rule, you can contact the supervisory authority of your usual place of residence or workplace or our headquarters
6. Right of objection
If your personal data are processed on the basis of legitimate interests pursuant to Art. 6 paragraph 1 sentence 1 letter f GDPR, you have the right to object to the processing of your personal data pursuant to Art. 21 GDPR, provided that there are reasons for this which arise from your particular situation or the objection to direct advertising is directed. In the latter case, you have a general right of objection, which we will implement without specifying a particular situation.
If you would like to make use of your right of revocation or objection, an email to our above-mentioned email address is sufficient.
7. Data security
We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. You can tell whether a single page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use suitable technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.
8. Up-to-dateness and amendment of this data protection declaration
Due to the further development of our website and offers above or due to changed legal or official requirements, it may become necessary to change this data protection declaration. You can call up and print out the current data protection declaration at any time on the website under www.socaconsult.com/datenschutz/en/data-protection/.
Status: December 2022