Privacy policy
Data protection and legal information
Westfälische Corporate Finance GmbH is looking forward to your visit. Despite careful control of the content, we cannot accept any liability for external links to third-party content. The protection of your personal data during the collection, processing and use during your visit to our homepage is important to us. Your data is protected in accordance with legal regulations. We want you to feel safe when visiting our website.
This data protection declaration describes what data is collected during your visit to the homepage and how it is used.
The protection of your personal data is very important to us. Therefore, we process your data exclusively on the basis of the legal regulations.
The employees of Westfälische Corporate Finance GmbH are obliged to comply with special confidentiality obligations in accordance with Section 5 of the Federal Data Protection Act.
§ 1 Information about the collection of personal data and provider identification
(1) In the following we inform about the purpose, collection and processing of your personal data when using our website. Personal data are all data that can be related to you personally. B. Name, address, email addresses, user behavior.
(2) Service provider acc. § 13 Telemedia Act (TMG) and responsible body acc. Section 3 (7) of the Federal Data Protection Act (BDSG) is Westfälische Corporate Finance GmbH, Am Lotteberg 26, 33790 Halle Westfalen, represented by the managing director Mathias Westerbarkei, cf. our imprint.
(3) Responsible according to Art. 4 para. 7 EU General Data Protection Regulation (GDPR) is Mathias Westerbarkei, Westfälische Corporate Finance GmbH, Am Lotteberg 26, 33790 Halle Westfalen, mathias.westerbarkei@westfaelische-corporate-finance.de.
(4) If we use contracted service providers for individual functions of our offer or would like to use your data for other purposes, we will inform you in detail below about the respective processes. We also state the specified criteria for the storage period.
§ 2 rights to information and revocation
(1) You have the right to request information from us at any time regarding the personal data concerning you, the data we have stored about you, its origin, recipients or categories of recipients to whom this data is passed on and the purpose of the storage , such as
Right to information,
Right to correction or deletion,
Right to restriction of processing,
Right to object to processing,
• Right to data portability.
(2) You also have the right to complain to a data protection supervisory authority about the processing of your personal data by us.
(3) If you have given your consent to the processing of your data, you can revoke it at any time. Such a revocation affects the admissibility of processing your personal data after you have given it to us.
(4) If we base the processing of your personal data on the balancing of interests, you can object to the processing. This is the case if the processing is not particularly necessary to fulfill a contract with you, which is described by us in the following description of the functions. When exercising such an objection, we ask you to explain the reasons why we should not process your personal data as we have done. In the event of your justified objection, we will examine the situation and either stop or adjust the data processing or show you our compelling reasons worthy of protection, on the basis of which we will continue the processing.
(5) Of course, you can object to the processing of your personal data for advertising and data analysis purposes at any time. You can inform us of your objection to the address given under § 1 (3).
§ 3 data security
We maintain current technical measures to ensure data security, in particular to protect your personal data from dangers during data transmission and from knowledge of third parties. These are adapted to the current state of the art.
§ 4 Collection of personal data for informational use
(1) If you only use the website for information purposes, i.e. if you do not register or otherwise provide us with information, we only collect the personal data that your browser transmits to our server. If you would like to view our website, we collect the following data, which is technically necessary for us to display our website to you and to guarantee stability and security (legal basis is Art. 6 Para. 1 S. 1 lit. f GDPR ):
The name of the file and directories accessed, date and time of access, error codes, operating system information (including language and version of the browser software), web browser & querying domain & IP addresses of the requesting computers are also logged, as well as the content of the request (specific page), access status / HTTP status code, the amount of data transferred and the website from which the request came.
These are saved in a log file on the server of our provider.
(2) In addition to the aforementioned data, cookies are stored on your computer when you use our website. Cookies are small text files that are stored on your hard drive and assigned to the browser you are using and through which certain information flows to the location that sets the cookie (here by us). Cookies cannot run programs or transmit viruses to your computer. They serve to make the Internet offer more user-friendly and effective overall.
a) This website uses cookies to the following extent:
- Transient cookies (temporary use)
- Persistent cookies (temporary use)
- Third-party cookies (from third-party providers)
b) Transient cookies are automatically deleted when you close the browser. This includes session cookies in particular. These store a so-called session ID, with which various requests from your browser can be assigned to the joint session. This enables your computer to be recognized when you return to our website. The session cookies are deleted when you log out or close the browser.
c) Persistent cookies are automatically deleted after a specified period, which may differ depending on the cookie. You can delete the cookies in the security settings of your browser at any time.
d) You can configure your browser settings according to your wishes and e.g. B. refuse to accept third-party cookies or all cookies. We would like to point out that you may not be able to use all functions of this website.
e) The flash cookies used are not recorded by your browser, but by your flash plug-in. These save the necessary data regardless of the browser you use and do not have an automatic expiry date. If you do not want Flash cookies to be processed, you must install an appropriate add-on, e.g. B. "AdBlock for Firefox" for Mozilla Firefox (https://addons.mozilla.org/de/firefox/extensions/privacy-security/) or Adobe Flash Killer Cookie for Google Chrome. You can prevent the use of HTML5 storage objects by using the private mode in your browser. We also recommend that you regularly delete your cookies and browser history manually.
§ 5 establishment of contact
(1) When you contact us by email or via a contact form, the personal data you provide (such as your email address, your name, if applicable, or other data that you send us by email on a voluntary basis share) saved by us to answer your questions. These are special types of personal data that are collected, stored or used for the purpose of processing your request. We delete the data arising in this context after the storage is no longer necessary, or restrict the processing if there are statutory retention requirements. We would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. It is not possible to completely protect data from third-party access.
(2) When you send your online application by e-mail, we collect and process the following personal application data:
(Last name, first name, address, telephone number, email, application documents (application letter, curriculum vitae, photo, certificates, certificates, etc.)). Your personal application data is collected and processed exclusively for the purpose of filling positions within our company. As a matter of principle, your data will only be forwarded to the internal departments and specialist departments of our company responsible for the specific application process. Your personal application data will not be passed on to other companies without your prior express consent. Your application data will not be used or passed on to third parties beyond this. Your personal application data will generally be deleted no later than three months after the application process has been completed. This does not apply if statutory provisions prevent deletion, further storage is necessary for the purpose of providing evidence or you have expressly agreed to longer storage. According to Article 15 GDPR, you have the right to request information from us about the stored data or to revoke your consent to storage in accordance with §2.
§ 6 Further functions and offers on our website
(1) In addition to the purely informational use of our website, we offer various offers that you can use if you are interested. To do this, you generally have to provide further personal data that we use to provide the respective offers and for which the aforementioned data processing principles apply.
(2) We sometimes use external service providers to process your data. These have been carefully selected and commissioned by us, are bound by our instructions and are regularly checked.
(3) If our service providers or partners are based in a country outside the European Economic Area (EEA), we will inform you about the consequences of this in the description of the offer.
§ 7 administration, financial accounting, office organization, contact management
We process data in the context of administrative tasks as well as the organization of our company, financial accounting and compliance with legal obligations, such as archiving. We process the same data that we process as part of the provision of our contractual services. The processing bases are Art. 6 Para. 1 lit. c. GDPR, Art. 6 Para. 1 lit. f. GDPR. Customers, interested parties, business partners and website visitors are affected by the processing. The purpose and our interest in processing lies in administration, financial accounting, office organization, archiving of data, i.e. tasks that serve to maintain our business activities, perform our tasks and provide our services. The deletion of the data with regard to contractual services and contractual communication corresponds to the information mentioned in these processing activities.
We disclose or transmit data to the financial administration, consultants such as tax advisors or auditors as well as other fee agencies and payment service providers.
Furthermore, based on our business interests, we store information about suppliers, organizers and other business partners, e.g. for later contact. We generally store this mostly company-related data permanently.
§ 8 Use of social media plug-ins
(1) We currently use the following social media plug-ins: Facebook, LinkedIn and Twitter. The data mentioned under § 4 of this declaration will be transmitted. In the case of Facebook, according to the respective provider in Germany, the IP address is anonymized immediately after collection. By activating the plug-in, personal data is transmitted from you to the respective plug-in provider and stored there (for US providers in the USA).
(2) We have no influence on the data collected and data processing operations, nor are we aware of the full scope of the data collection, the purposes of the processing or the storage periods. We also have no information on the deletion of the data collected by the plug-in provider.
(3) The plug-in provider saves the data collected about you as usage profiles and uses them for the purposes of advertising, market research and / or the design of its website according to needs. Such an evaluation is carried out in particular (also for users who are not logged in) to display needs-based advertising and to inform other users of the social network about your activities on our website. You have the right to object to the creation of these user profiles, whereby you must contact the respective plug-in provider to exercise this right. With the plug-ins, we offer you the opportunity to interact with social networks and other users, so that we can improve our offer and make it more interesting for you as a user. The legal basis for using the plug-ins is Art. 6 Para. 1 S. 1 lit. f GDPR.
(4) The data is passed on regardless of whether you have an account with the plug-in provider and are logged in there. If you are logged in with the plug-in provider, your data collected from us will be assigned directly to your account with the plug-in provider. If you press the activated button and e.g. For example, if the page is linked, the plug-in provider also stores this information in your user account and shares it publicly with your contacts. We recommend that you log out regularly after using a social network, but especially before activating the button, as this way you can avoid being assigned to your profile by the plug-in provider.
(5) Further information on the purpose and scope of the data collection and its processing by the plug-in provider can be found in the data protection declarations of these providers given below. There you will also find further information about your rights and setting options to protect your privacy.
(6) Addresses of the respective plug-in providers and URL with their data protection information:
a) [Facebook Inc., 1601 S California Ave, Palo Alto, California 94304, USA; http://www.facebook.com/policy.php; Further information on data collection: http://www.facebook.com/help/186325668085084, http://www.facebook.com/about/privacy/your-info-on-other#applications and http: //www.facebook .com / about / privacy / your-info # everyoneinfo. Facebook has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
b) Twitter, Inc., 1355 Market St, Suite 900, San Francisco, California 94103, USA; https://twitter.com/privacy. Twitter has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
c) LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, https://www.linkedin.com/legal/privacy-policy?trk=hb_ft_priv. LinkedIn has submitted to the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework.
§ 9 Microsoft cloud services
We use the cloud offered by Microsoft and the cloud software services (so-called software as a service, e.g. Microsoft Office) for the following purposes: document storage and management, calendar management, e-mail dispatch, spreadsheets and presentations, exchange of documents, content and information with certain recipients or publication of websites, forms or other content and information as well as chats and participation in audio and video conferences.
Here, the personal data of the users are processed insofar as they become part of the documents and content processed within the services described or are part of communication processes. For this, e.g. Master data and contact details of users, data relating to processes, contracts, other processes and their content belong. Microsoft also processes usage data and metadata, which Microsoft uses for security purposes and service optimization.
As part of the use of publicly accessible documents, websites or other content, Microsoft can save cookies on the user's computer for the purposes of web analysis or to remember user settings.
We use the Microsoft cloud services based on our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR in efficient and secure administrative and collaboration processes. Furthermore, the processing is based on an order processing contract with Microsoft.
Further information can be found in Microsoft's data protection declaration (https://privacy.microsoft.com/de-de/privacystatement) and the security information for Microsoft cloud services (https://www.microsoft.com/de-de/trustcenter ). You can object to the processing of your data in the Microsoft Cloud according to the legal requirements. Incidentally, the deletion of the data within Microsoft's cloud services is determined by the other processing processes in which the data is processed (e.g., deletion no longer required for contractual purposes or storage for data required for taxation purposes).
Microsoft Cloud services are provided by Microsoft Corporation, One Microsoft Way, Redmond, WA 98052-6399 USA. Insofar as data is processed in the USA, we refer to Microsoft's certification under the Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000KzNaAAK&status=Active).
§ 10 Google cloud services
We use the cloud offered by Google and the cloud software services (so-called software as a service, e.g. Google Suite) for the following purposes: document storage and management, calendar management, e-mail dispatch, spreadsheets and presentations, exchange of documents, content and information with certain recipients or publication of websites, forms or other content and information as well as chats and participation in audio and video conferences.
Here, the personal data of the users are processed insofar as they become part of the documents and content processed within the services described or are part of communication processes. For this, e.g. Master data and contact details of users, data relating to processes, contracts, other processes and their content belong. Google also processes usage data and metadata, which are used by Google for security purposes and service optimization.
As part of the use of publicly accessible documents, websites or other content, Google can save cookies on the user's computer for the purposes of web analysis or to remember user settings.
We use Google Cloud services based on our legitimate interests in accordance with Art. 6 para. 1 lit. f GDPR in efficient and secure administrative and collaboration processes. Furthermore, the processing is based on an order processing contract with Google (https://cloud.google.com/terms/data-processing-terms).
Further information can be found in Google's data protection declaration (https://www.google.com/policies/privacy) and the security information for Google cloud services (https://cloud.google.com/security/privacy/). You can object to the processing of your data in the Google Cloud in accordance with the legal requirements. Incidentally, the deletion of the data within Google's cloud services is determined by the other processing processes in which the data is processed (e.g., deletion no longer required for contractual purposes or storage for the purposes of taxing required data).
The Google Cloud services are offered by Google Ireland Limited. If there is a transmission to the USA, we refer to the certification by Google USA under the Privacy Shield (https://www.privacyshield.gov/participant?id=a2zt0000000000001L5AAI&status=Aktiv) and standard protection clauses (https://cloud.google. com / terms / data-processing-terms).
§ 11 Use of our online shop
(1) Our website is accessed through the online shop of Shopify Inc. and its subsidiaries, including Shopify Data Processing (USA) Inc., Shopify Payments (USA) Inc., Shopify (USA) Inc., and Shopify International Limited ( hereinafter referred to as “Shopify”). When you fill out the order form, your data will be transmitted to Shopify and saved there. Shopify is committed to protecting the privacy of everyone who purchases from Shopify and treats personal information confidentially.
(2) If you want to order something from the online shop, you have the choice whether you only provide the data you need for the order once for this order or whether you want to create a customer account in which your data is stored for later purchases. If you do not create a customer account, Shopify stores your data for the purpose of fulfilling the contract and deletes it as soon as you are no longer legally obliged to save it. Mandatory information required for the execution of the contracts is marked separately, further information is voluntary.
When you create an account, the data you provide there will be stored revocably.
(3) Shopify will only use the data to fulfill the contract concluded with you. Further use of the data collected, for example for advertising purposes, will not take place without your consent. This consent can be withdrawn at any time by simply notifying Shopify.
(4) When transmitting personal data, Shopify uses encryption technology for maximum confidentiality. The servers use various security mechanisms and authorization procedures to make unauthorized access more difficult.
(5) With your order, you expressly agree to the collection, processing and use of personal data described above and the general terms and conditions of Shopify. Shopify is a service provider outside the EEA. For more information about Shopify, visit https://help.shopify.com/pdf/gdpr-whitepaper.pdf and https://www.shopify.com/legal/privacy.
§ 12 Use of Acuity
We process data in order to provide our (pre-) contractual services. The scope of data processing depends on the order. In addition to inventory, master data, contact details, contract data, payment data, other personal data on the characteristics and circumstances of people or their assets and debts can be processed if this is part of the order.
As part of our assignment, it may also be necessary for us to collect special categories of data in accordance with Art. 9 Para. 1 GDPR, in particular processing information about the health of a person. For this, we collect, if necessary, according to Art. 6 para. 1 lit a., Art. 7, Art. 9 para. 2 lit. a DSGVO an express consent of the customers.
If required for the fulfillment of the contract or required by law, we disclose or transmit the customer data in the context of coverage requests, conclusions and execution of contracts, data to providers of the brokered services / objects, insurers, reinsurers, technical service providers, other service providers, such as cooperating associations, as well as financial service providers, credit institutions and capital investment companies as well as social insurance institutions, tax authorities, tax consultants, legal advisers, auditors, insurance representatives and the Federal Financial Supervisory Authority (BaFin). We can also commission subcontractors, such as sub-brokers. We obtain the customer's consent if this is required for the disclosure / transmission of the customer's consent. The data will be deleted after the expiry of statutory warranty and comparable obligations, with the necessity of storing the data being checked every three years; otherwise, the statutory retention requirements apply. In the case of statutory archiving obligations, deletion takes place after its expiration.
If you book appointments with Acuity, you must enter mandatory data.
This mandatory information consists of:
• First name Last Name
• E-mail address
• Company name
• VAT identification number of the company
In addition to the mandatory information, you can provide additional information (hereinafter referred to as "voluntary information") on a voluntary basis. You can also upload files if you wish.
With the registration the registrant assures the correctness of his data and undertakes to keep his personal data up to date.
You can revoke voluntary information at any time with future effect by notifying us by email. You can view Acuity's privacy policy at https://acuityscheduling.com/privacy.php.
§ 13
We use external payment service providers, the platforms of which users and we can carry out payment transactions. These payment service providers may include, each with a link to the data protection declaration: Klarna (https://www.klarna.com/de/datenschutz/), Visa (https://www.visa.de/datenschutz), Mastercard (https: / /www.mastercard.de/de-de/datenschutz.html), American Express (https://www.americanexpress.com/de/content/privacy-policy-statement.html), Stripe (https: // stripe. com / de / privacy), Shopify Pay (https://www.shopify.de/legal/terms-payments-de), Apple Pay (https://www.apple.com/legal/privacy/de-ww/ ) and Google Pay (https://payments.google.com/payments/apis-secure/get_legal_document?ldo=0&ldt=privacynotice&ldl=de).
In the context of fulfilling contracts, we use the payment service providers on the basis of Art. 6 Para. 1 lit. b. GDPR. For the rest, we use external payment service providers based on our legitimate interests in accordance with Art. 6 para. 1 lit. f. GDPR in order to offer our users effective and secure payment options.
The data processed by the payment service providers include inventory data, such as the name and address, bank details, such as Account numbers or credit card numbers, passwords, TANs and checksums as well as the contract, sums and recipient-related information. The information is required to complete the transactions. However, the data entered will only be processed and saved by the payment service providers. I.e. we do not receive any account or credit card-related information, only information with confirmation or negative information about the payment. The data may be transmitted by the payment service provider to credit agencies. The purpose of this transmission is to verify identity and creditworthiness. For this we refer to the terms and conditions and data protection notices of the payment service providers.
The terms and conditions and the data protection notices of the respective payment service providers apply to the payment transactions, which can be called up within the respective websites or transaction applications. We also refer to these for further information and assertion of cancellation, information and other data subject rights.
§ 14 newsletter
(1) With your consent, you can subscribe to our newsletter, which we use to inform you. The specific newsletter is named in the corresponding declaration of consent.
(2) The newsletter can also contain advertisements that are clearly marked with the term "advertisement". The advertisements contain links to external third-party websites, the content of which we have no influence on. For this reason, we cannot accept any liability for this external content. The respective provider or operator of the pages is always responsible for the content of the linked pages. The linked pages were checked for possible legal violations at the time the link was created. No illegal content was discernible at the time the link was created. A permanent control of the content of the linked pages is not reasonable without concrete evidence of an infringement. As soon as we become aware of legal violations, we will remove such links immediately.
(3) The only mandatory information for sending the newsletter is your email address. The provision of further, separately marked data is voluntary and is used to be able to address you personally. After your confirmation, we will save your email address for the purpose of sending the newsletter. The legal basis is Art. 6 para. 1 sentence 1 lit. a GDPR.
(4) You can revoke your consent to the sending of the newsletter at any time and unsubscribe from the newsletter. You can declare your revocation by clicking on the link provided in each newsletter email, by email or by sending a message to the contact details given in the imprint.
(6) We would like to point out that we evaluate your user behavior when sending the newsletter. For this evaluation, the emails sent contain so-called web beacons or tracking pixels, which represent one-pixel image files that are stored on our website. For the evaluations, we link the data mentioned in § 3 and the web beacons with your email address and an individual ID. The data is only collected in a pseudonymized form, so the IDs are not linked to your other personal data. The newsletter provider stores the information collected in this way on its server.
§ 15 links to other websites, providers
Our website contains links to other websites. We have no influence on whether their operators comply with data protection regulations.
As a provider, we are responsible for our own content according to general laws. From this own content, links to the content provided by other providers may be differentiated. We assume no responsibility for third-party content that is provided for use via links and that is specially marked and do not adopt the content as our own. The provider of the websites referred to is solely liable for illegal, incorrect or incomplete content and for damage caused by the use or non-use of the information.
Section 16 Copyright
Text, images, graphics, sound, animations and videos as well as their arrangement on the websites of Westfälische Corporate Finance GmbH are protected by copyright and other protective laws. Use is only permitted for private, personal use. Any other use is not permitted unless otherwise expressly stated. We would like to point out that some of the works on the website are subject to the copyright of third parties. As a rule, Westfälische Corporate Finance GmbH cannot grant a license for use.
Anyone who violates copyright, trademark or naming law must expect the rights holder to assert injunctive relief and compensation claims, and in the event of violations of copyright and trademark law, criminal prosecution.
§ 17 responsibility / liability
(1) Westfälische Corporate Finance GmbH compiles all information and components of the website to the best of its knowledge and belief. No liability or guarantee can be assumed for the topicality, correctness and completeness of the information provided. Westfälische Corporate Finance GmbH is also not liable for any damage caused by computer viruses when accessing or downloading data. Westfälische Corporate Finance GmbH cannot guarantee the availability of the website and the functions provided on it (such as the communication system) or parts thereof.
(2) Insofar as damage claimed due to inaccurate contributions is not already excluded from liability according to other provisions of these terms of use, the amount is limited by the damage that would have occurred if other sources of information were reasonably used.
§ 18 validity of data protection regulations
The data protection regulations are to be regarded as part of the website of Westfälische Corporate Finance GmbH. If parts or individual formulations of this text should not, no longer or not completely correspond to the applicable legal situation, the remaining parts of the document remain unaffected in their content and validity. German law applies to the use of mit-bund.de.
Westfälische Corporate Finance GmbH is entitled to change these data protection provisions in whole or in part at any time.
§ 19 Accessibility of the data protection regulations
You can access and print out these data protection regulations from every page of the website under the link "data protection".
Status of data protection regulations: February 2019
Partially created with Datenschutz-Generator.de by RA Dr. jur. Thomas Schwenke.
