Privacy Policy
1. Principles and Terms
We take the protection of personal data very seriously. The processing of personal data within the framework of the website www.rsi-consulting.de ("Website") is carried out in accordance with the General Data Protection Regulation (GDPR) and the Federal Data Protection Act (BDSG). This privacy policy informs users (any natural person who uses the website or contacts us, hereinafter also "you") about the collection and processing of personal data.
The definitions according to Art. 4 GDPR apply to this privacy policy.
2. Data Controller
The responsible body for data processing on this website is:
Marius Kern
Römischer Ring 9
60486 Frankfurt am Main
You can contact us regarding all data protection inquiries.
3. Protection of Personal Data
We take appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved in line with technological developments.
Data transmission to our website is generally encrypted (HTTPS).
We point out that data transmission over the Internet can have security gaps. Complete protection of data against access by third parties is not possible.
4. Purposes and Legal Basis for Processing Personal Data
4.1. Collection and Processing of Personal Data upon Communication
Your data is collected when you expressly communicate it to us. This can be, for example, data you enter in our contact form or transmit to us by phone, email, or postal mail.
The purpose of using this data is to process your request, to establish, shape, change or terminate contractual relationships, to fulfill contractual obligations, and to open a possibility of contact, provided this is desired by you or necessary within the framework of the contractual relationship or legally permitted.
If your communication is in connection with the fulfillment of a contract or the implementation of pre-contractual measures with you personally and the processing of your personal data is necessary for this, the legal basis for this processing is Art. 6 Para. 1 Sentence 1 lit. b GDPR. In all other cases, processing is based on your consent according to Art. 6 Para. 1 Sentence 1 lit. a GDPR and/or our legitimate interest in the effective processing of the inquiries addressed to us according to Art. 6 Para. 1 Sentence 1 lit. f GDPR.
4.2. Collection and Processing of Personal Data when Visiting the Website
When you visit the website, your browser automatically sends information to the server of the hosting provider. The following information is stored in log files:
- Remote IP,
- Remote Identity,
- Remote User,
- Duration of the request,
- First Line of Request (what is requested),
- Status of the request,
- Transferred data (volume),
- Referrer,
- Useragent.
This data is processed for the following purposes:
- Providing the internet offer including all functions and contents,
- Ensuring a smooth connection setup of the website,
- Ensuring comfortable use of the website,
- Ensuring system security and stability,
- Anonymized statistical evaluation of accesses,
- Optimization of the website,
- Disclosure to law enforcement authorities if an illegal intervention/attack on the website has occurred,
- other administrative purposes.
The legal basis for data processing is Art. 6 Para. 1 S. 1 lit. f GDPR. Our legitimate interest follows from the purposes listed above for data collection. This information and personal data are required to deliver and optimize the content of the website correctly, to ensure network and information security, and to protect the website from attacks, disruptions, and damage.
5. Disclosure of Data
A transfer of your personal data to third parties for purposes other than those listed in this privacy policy does not take place. A disclosure is exclusively (a) within the framework of contract processing, or (b) for the purpose of fulfilling legal requirements according to which we are obliged to provide information, report, or disclose data, or (c) due to our legitimate interest or the legitimate interest of the third party or (d) if you have given consent for transmission to third parties.
6. Hosting Provider
The website and the email service are hosted externally. The personal data collected on the website and data processed in the context of email communication are stored on the servers of the hosting provider.
We use the following external hosting provider:
netcup GmbH
Daimlerstraße 25
76185 Karlsruhe
We have concluded a contract for order processing (AVV) with the hosting provider. This ensures that the hosting provider processes your personal data only according to our instructions and in compliance with the GDPR. Data processing by the hosting provider takes place exclusively in Germany at the server location Nuremberg.
7. Duration of Storage and Deletion of Personal Data
We process and store your personal data for the duration of the business relationship between you and us. This also includes the initiation of a contract (pre-contractual legal relationship) and the processing of a contract.
Furthermore, we process and store the personal data if this is required due to statutory retention and documentation obligations. Such obligations arise, among other things, from the Fiscal Code (AO). The deadlines specified there for retention or documentation are up to ten years beyond the end of the business relationship or the pre-contractual legal relationship. Furthermore, other legal regulations may require a longer retention period, such as the preservation of evidence within the framework of the statutory limitation rules. According to §§ 195 ff. of the Civil Code (BGB), the regular limitation period is three years; in certain cases, however, limitation periods of up to 30 years may also apply. The processing of this data is restricted according to Art. 18 GDPR and the data is not processed for other purposes.
If the data is no longer necessary for the fulfillment of contractual or legal obligations and rights, it is regularly deleted unless its further processing is necessary for the fulfillment of purposes justified by an overriding legitimate interest within the meaning of Art. 6 Para. 1 Sentence 1 lit. f GDPR. An overriding legitimate interest exists, for example, if deletion is not possible or only possible with disproportionately high effort due to the special type of storage and processing for other purposes is excluded by suitable technical and organizational measures.
The data collected in log files when visiting the website is stored for a maximum of fourteen days.
8. Rights of the Data Subject
You have the following rights:
8.1. Right to information about your personal data processed by us (Art. 15 GDPR).
8.2. Right to rectification of incorrect or completion of your personal data stored by us (Art. 16 GDPR).
8.3. Right to erasure of your personal data stored by us, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defense of legal claims (Art. 17 GDPR).
8.4. Right to restriction of processing, provided the accuracy of the data is disputed by you, the processing is unlawful, but you oppose its erasure and we no longer need the data, but you need it for the establishment, exercise or defense of legal claims or you have objected to processing pursuant to Art. 21 GDPR (Art. 18 GDPR).
8.5. Right to data portability in a structured, commonly used and machine-readable format to yourself or to another controller (Art. 20 GDPR).
8.6. Right to revoke consent given at any time, without affecting the lawfulness of processing based on consent before its withdrawal, if data processing is based on consent according to Article 6 Para. 1 lit. a or Article 9 Para. 2 lit. a GDPR.
8.7. Right to lodge a complaint with a supervisory authority (Art. 77 GDPR).
8.8. Right to object to processing if data processing is based on Art. 6 Para. 1 lit. e or lit. f GDPR (Art. 21 GDPR)
8.8.1. Right to object due to particular situation
If your personal data is processed on the basis of legitimate interests according to Art. 6 Para. 1 S. 1 lit. f GDPR, you have the right to object to the processing of your personal data according to Art. 21 GDPR, provided there are reasons for this arising from your particular situation or the objection is directed against direct marketing. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.
8.8.2. Addressee of the objection
Please address your objection to: E-Mail anzeigen .