Privacy notice

§ 1 Name and Address of the Controller

Controller in terms of the General Data Protection Regulation and other national privacy laws of the member states of the European Union as well as further privacy provisions is:

SKO Consulting 

Stefanie Koch, Diplom-Betriebswirtin (BA)

Brandheide 4

22397 Hamburg, Germany

§ 2 Privacy Officer

You can reach the appointed privacy officer under:
 

Stefanie Koch

Brandheide 4

22397 Hamburg, Germany

Mobil        + 49 (0) 171 93 44 145

E-Mail:      sko@sko-consulting.eu    

Internet:   www.sko-consulting.com

§ 3 Business Correspondence

If you correspond with us via email, we collect, store and process your name, email address and all contents of the correspondence. This data is processed for the purpose of initiating or conducting a contractual relationship with the controller that you represent.

As a rule, the legal basis for the processing is Art. 6 (I) lit. f GDPR, whereby our legitimate interest lies in the establishment and support of business relationships. In individual cases, processing may also be based on Art. 6 (1) lit. a GDPR if you have given us your consent for contact and/or correspondence. In the rare cases where we enter into contracts with natural persons, the communication required for this is based on Art. 6 (1) lit. b GDPR. 

Where required for the fulfilment of a contract or by law, we disclose or transfer personal data of our customers to third parties if and insofar as this serves the provision of our services pursuant to Art. 6 (1) lit b. GDPR, is required by law according to Art. 6 (1) lit c. GDPR, serves our interests or those of our customers in the efficient and cost-effective provision of services as a legitimate interest pursuant to Art. 6 (1) lit. f. GDPR, or in the context of consent pursuant to Art. 6 (1) lit. a. GDPR. Possible third parties to whom your personal data may be transferred are
• external professionals involved in the provision of services, and
• third parties necessarily or typically involved in the performance of the contract, such as companies in the insurance chain.

As a matter of principle, your data will only be kept for as long as it is needed to process the correspondence. In addition, we are legally obliged to retain business correspondence for a period of 6 years. In individual cases, a retention period of 10 years under tax law may also be relevant. In this respect, your data is stored based on Art. 6 (1) lit. c GDPR for the fulfilment of the statutory retention obligations. After expiry of these retention obligations, your data will be deleted, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

§ 4Your Rights

1. Right of Access

You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed. Upon request we gladly inform you in writing about which personal data are being processed by us, including their origin, any recipients of your personal data as well as the purpose of processing.

2. Right to rectification

You have the right to obtain from us rectification of personal data concerning you to the extent we save such data and provided it is inaccurate.

3. Right to restriction of processing

You have the right, under the preconditions of art. 18 sec. 1 GDPR (for example if the accuracy of the data is disputed or the processing is unlawful), to obtain from us restriction of processing, which means that we may only process your personal data subject to such restriction under the preconditions of art. 18 sec. 2 GDPR (for example with your consent or for the exercise or defence of legal claims).

4. Right to erasure

You have the right to obtain from us the erasure of your personal data under the preconditions of art. 17 sec. 1 lit. a-f GDPR (for example if the personal data is no longer needed or processing is unlawful) unless exceptions following art. 17 sec. 3 lit. a-e GDPR apply (for example if there are legal obligations to process the personal data).

5. Right to data portability

You have the right to receive from us your personal data that you have provided to us in a structured, commonly used and machine-readable format and to transmit those data to another controller without hindrance from us.

6. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority, if you feel our processing of your personal data is unlawful. The supervisory authority responsible for us is:
Der Hamburgische Beauftragte für Datenschutz und Informationsfreiheit
https://datenschutz-hamburg.de

7. No automated Decision-Making

While using our services, you are not subject to any exclusively automatic decision-making process – including profiling – that takes legal effect or affects you significantly in any similar manner.

§ 5 IT Security Notice

For our website we make use of ssl encryption (secure socket layer) with the highest encryption level supported by your browser. Usually this will be 256-bit encryption. If your browser doesn’t support this, our website falls back to 128-bit technology. Most browsers show encryption status by displaying a closed lock icon next to the URL or in the status bar.

We may need to update our Privacy Notice. The latest version of the Privacy Notice is always available on our website. We will communicate any material changes to the Privacy Notice, for example how we use your personal data, the identity of the Controller or your rights.