Data privacy statement

holzenkamp business consulting (abbreviated here: hbc) offers management and marketing consulting for technically oriented industrial customers as well as data protection consulting.

• The management consulting ranges from the interim management of company units to strategy consulting to management mentoring - individually and in workshops - and the consulting of executives.
• The highly operative marketing consultancy serves the positioning in the market and the internal and external communication via all media channels and formats. The main goals are to retain and win customers and employees.
• Data protection advice is always included in the above consulting mandates, because personal data is almost always involved.

hbc processes your personal data for the following purposes:

a) Answering your requests for contact or consulting

b) Fulfillment of contractual performance obligations

c) Applications

Collection of personal data - directly when accessing this website

The IP address assigned to your end device - computer, smartphone or similar - is recorded in order to transmit the content you have accessed from my website to the end device you are using, e.g. texts, images and files made available for download (cf. Art. 6 paragraph 1 lit. b GDPR).

When you visit this website, my service provider automatically saves additional data that your browser transmits whenever you visit a website. In addition to the IP address, these server logs also contain your web request, browser type, browser language, date and time of your request and one or more cookies that clearly identify your browser. My legitimate interest in data processing lies in ensuring the proper functioning of my website and the inquiries sent to me via it (downloads, contact and advice requests) (cf. Art. 6 Para. 1 lit. f GDPR).

Your IP address and the other data are not accessible to me personally, but are only collected by my service provider to provide the service.

>>Google Analytics

This website does not use Google Analytics, the web analytics service provided by Google Inc. ("Google"). But if you got to my website via a Google search, you are still leaving traces on Google, which uses so-called "cookies", text files that are stored on your computer. The information generated by the cookie about your activities on the web is usually transmitted to a Google server in the USA and stored there.

>> Connection of social networks and web services

Our website uses buttons for these social networks or videos are embedded or web or cloud-based services are offered:

• XING | New Work SE, Dammtorstrasse 30, 20354 Hamburg, Germany
• LinkedIn | LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland
• Facebook | Meta Platforms Ireland Limited, 4 Grand Canal Square, Dublin 2, Ireland
• YouTube | YouTube, LLC, 901 Cherry Ave., San Bruno CA 94066, USA
• Zoom | Zoom Video Communications, Inc., California, USA
• Terminland.de | Terminland GmbH, Kreuzberger Ring 44a, 65205 Wiesbaden

The buttons are marked with the logo of the respective social network or service and/or are named. These are not functional (social) plugins, but are stored with links to the respective pages. The embedded videos can be viewed within the website. As soon as you click on one of the logo buttons of these social networks, you leave the hbc website and at the same time you declare your consent to communication with the servers of the social network with which the connection is established. After clicking on such a logo button, we no longer have any influence on the collected data and data processing procedures and are not responsible for this data processing and are therefore not responsible in this regard within the meaning of the GDPR. We are also not aware of the full scope of the data collection, its legal basis, the purposes and the storage periods. Therefore, the information provided here is not necessarily complete. The data is transmitted regardless of whether you actually have an account with the provider or are logged in there. If you are logged in to the provider, your data will be assigned directly to your account. The providers may also use cookies on your computer to track your web activity. To our knowledge, the provider saves this data in usage profiles, which it uses for advertising, market research and/or needs-based design of its website. Such an evaluation is carried out in particular (also for users who are not logged in) to display needs-based advertising. You have the right to object to the creation of these user profiles. To exercise this right of objection, please contact the respective provider. The purpose and scope of the data collection and the further processing and use of the data by the social network connected here as well as your rights in this regard and setting options for protecting your privacy can be found in the information at:

• XING | https://privacy.xing.com/de/datenschutzerklaerung
• facebook | https://www.facebook.com/about/privacy/update
• LinkedIn | www.linkedin.com/legal/privacy-policy
• YouTube | www.youtube.com/about/policies/#community-guidelines
• Zoom | https://zoom.us/de-de/privacy
• Terminland | https://www.terminland.de/datenschutz/ 

If you do not want the social networks and service websites to receive data about you, then you must not click on the respective button.

Collection of personal data voluntarily provided to us

In terms of data minimization, only the data necessary for communication and the fulfillment of service promises are collected. Here structured according to the purposes listed in point 1:

a) For your contact or consultation requests, we need your data (name and contact details) in order to be able to answer the requests by e-mail, telephone or post. These required data are only collected for the initiation of a contractual relationship.

b) Within the framework of an assignment, a contractual relationship is created and the necessary data that enable the order processing of consulting services through to invoicing must be transmitted to us (cf. Art. 6 Para. 1 lit. b DSGVO).

In terms of data minimization, only the data necessary for communication and the fulfillment of service promises are collected. Here structured according to the purposes mentioned in point 1:

a) In the case of your contact or consultation requests, we use your data to send you the desired information and offers etc. by e-mail, telephone or post. And of course we are happy to use your suggestions to improve our website or our services.

b) In the context of an order, the transmitted data will be used for correct order processing (cf. Art. 6 Para. 1 lit. b GDPR). Within the scope of this contractual relationship, we are also entitled to inform you about changes or additions to the service portfolio used or related.

c) Incoming application documents will be answered immediately and not passed on to third parties without your explicit consent.

We do not sell your data to third parties, nor do we otherwise market it.

The website-related data is temporarily stored with a carefully selected service provider based in Germany, where my website and email services are hosted.

If you send me your personal data by email, they only remain temporarily with the service provider. I then save the messages I receive on my in-house systems in order to process your inquiries or answer your questions. I handle it analogously for data given over the phone or in person.

If your inquiries lead to an order (Purpose 1b), then your data for contract-compliant order processing will only be stored in our own in-house IT systems and not in a cloud. Of course, I also comply with the statutory retention periods.

Unsolicited application documents (purpose 1c) will be stored for a maximum of 14 days in the event of rejection. After consent, also until a consulting mandate that has arisen has been completed.

• We may only delete documents with your personal data - such as contracts and invoices - after the statutory retention periods have expired. 
• Your contact or consulting requests that do not lead to an order will be deleted after a maximum of 24 months.
• Your application documents will be deleted after a maximum of 14 days or 6 months after the end of the mandate (see point 4).

Further processing or use of your personal data generally only takes place if this is permitted by law or if you have consented to the data processing or use. In the event of further processing for purposes other than those for which the data was originally collected, we will inform you of these other purposes before further processing and provide you with the other relevant information.

Of course, I have an IT security concept for my in-house information and communication technology regarding entry and access to ensure the confidentiality, integrity and availability of the data.

Insofar as processing companies are involved in fulfilling our performance obligations and interests, the GDPR requirements are also fully taken into account. As the person responsible, I comply with the required information and documentation obligations. The effectiveness of the security measures is checked regularly and the measures are continuously improved in line with technological developments.

If, despite all due care, a data breach should occur and you are affected, then I will inform you immediately (see Art. 33-34 GDPR).

In addition to your free right to information (cf. Art. 15 GDPR) about the personal data stored about you at any time, you of course also have the right to correction and deletion (cf. Art. 16-18 GDPR). In addition, you can object to the processing of your personal data at any time with effect for the future (see Art. 21 GDPR). If you would like to exercise one of these rights and others, please contact me.

Since, according to the General Data Protection Regulation (GDPR) and the new German BDSG, no company data protection officer has to be appointed, I remain the person responsible: Dipl.-Ing. Christa Holzenkamp, Oberfoehringerstr. 177, 81925 Munich. You can contact me for questions that need to be answered immediately in this context by e-mail to hbc.datenschutz [at] holzenkamp.de

If, contrary to expectations, I cannot resolve your data protection issue to your satisfaction, you have the right to lodge a complaint with the responsible supervisory authority >> Bavarian State Office for Data Protection Supervision (BayLDA)