Data Protection

1. Name and contact details of the data controller and of the company's data protection officer
This data protection information applies to data processed by the following data controller:


BANSBACH GmbH
Auditors
Tax Consultants
Gänsheidestraße 67 - 74
70184 Stuttgart
Telephone: +49 711 1646-6
Facsimile: +49 711 1646-800
Email: datenschutz@bansbach-gmbh.de

and its branch offices at

Pariser Ring 1
76532 Baden-Baden

Balinger Straße 36
72336 Balingen

Grunaer Weg 30
01277 Dresden

Ulmenstraße 22
60325 Frankfurt

Heinrich-von-Stephan-Straße 25
79100 Freiburg

Leutragraben 2 - 4
07743 Jena

Burgplatz 2
04109 Leipzig

together with the following companies:

BANSBACH Recht & Steuern GmbH
Lawyers
Tax Consultants
Gänsheidestraße 74
70184 Stuttgart

BANSBACH Unternehmensberatung GmbH
Gänsheidestraße 67 - 74
70184 Stuttgart

BTR BANSBACH GmbH
Auditors
Tax Consultants
Heinrich-von-Stephan-Straße 25
79100 Freiburg

RWS TREUHAND Verwaltungs-GMBH
Auditors
Tax Consultants
Balinger Straße 36
72336 Balingen

SLP BANSBACH GmbH
Auditors
Tax Consultants
Planckstraße 98
70184 Stuttgart

KRESTON BANSBACH GmbH
Auditors
Gänsheidestraße 67 - 74
70184 Stuttgart

The company data protection officer for BANSBACH can be contacted at the a.m. address Gänsheidestraße 67 - 74, 70184 Stuttgart, for the attention of Mrs Dagmar Brösztl-Reinsch, respectively at datenschutz@bansbach-gmbh.de.

2. Collection and storage of personal data, types of use and purposes for which such data are used
a) When you visit the website
When you access our website at www.bansbach-gmbh.de, the browser in use on your terminal equipment automatically sends information to our website server. This information is temporarily stored in a so-called log file.
At the same time, the following information is recorded without your active participation and stored until it is automatically deleted:

  • anonymised IP address of the requesting computer,
  • date and time of access,
  • name and URL of the retrieved file,
  • website from which our website is accessed (referrer-URL),
  • browser used and, where applicable, your computer's operating system and the name of your access provider.

The aforesaid data are processed by us for the following purposes:

  • to guarantee the establishment of a smooth connection to the website,
  • to guarantee the user-friendliness of our website,
  • to analyse system security and stability and
  • for further administrative purposes.


Article 6, para. 1, sub-para. 1, point f, of the GDPR forms the legal basis for the data processing. Data are collected for the purposes listed above on account of our legitimate interest. Under no circumstances do we use the data collected for the purposes of drawing conclusions about you personally.

In addition to this, when you visit our website, we use cookies and web analytics. Please refer to sections 5 and 6 of this data privacy notice for further explanations of this.

b) When you register to receive our newsletter
Provided you have given your express consent to this pursuant to Article 6, para. 1, sub-para. 1, point a, of the GDPR, we use your email address to send you our newsletter on a regular basis. To receive the newsletter, it is sufficient to provide an email address together with your first and last name.

You can unsubscribe at any time, for example through a link at the end of each newsletter.
 
We must point out to you that when we send you our newsletter, we analyse your user behaviour. For the purposes of the newsletter dispatch and of the data processing hereinafter referred to, we call in part upon the services of an outside service provider. The latter was carefully selected and commissioned by us, is bound by our instructions and regularly monitored.

To analyse the pattern of use, the emails sent contain so-called web beacons, respectively, tracking-pixels, representing one-pixel image files stored on the website of our outside service provider. To perform the analyses, we link the web beacons to your email address and an individual ID. Links received in the newsletter and/or QR codes also contain this ID. Using the data thus obtained, we produce a user profile to tailor the newsletter to your individual interests. For this, we record when you read our newsletters and which links you click on in the newsletters, and this gives us an indication of your personal interests. We link this data to what you do when you visit our website.

You can refuse to accept this tracking at any time by clicking on the special link that is provided in every email, or by using any other method of contact to inform us of this. The information is stored for as long as you remain a newsletter subscriber. After you have unsubscribed, we store the data purely for statistical purposes and in anonymous format. Such tracking is moreover not possible if you have disabled by default the display of images in your email programme. In this case, the newsletter is not fully displayed, and you may possibly not be able to use all the functions. If you manually set it to display the images, the aforementioned tracking is activated.

c) When you use our contact form

Should you have queries of any kind, we offer you the possibility of contacting us through a form provided on the website. For this, we need a valid email address and your name so that we know from whom the enquiry originated and to permit us to respond to the same. Further information may optionally be provided.
Data processed for the purposes of contacting us is processed in accordance with Article 6, para. 1, sub-para. 1, point a, GDPR, based on your freely given consent.

3. Disclosure of data
Your personal data is not transferred to third parties for any purposes other than those hereinafter indicated.
We only disclose your personal data to third parties if:

  • you have expressly given your consent to this pursuant to Article 6, para. 1, sub-para. 1, point a, GDPR,
  • the disclosure pursuant to Article 6, para. 1, sub-para. 1, point f, GDPR, is required for the exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in the non-disclosure of your data,
  • in the event that there is a legal disclosure obligation pursuant to Article 6, para. 1, sub-para. 1, point c, GDPR, and
  • provided this is statutorily permissible and is required pursuant to Article 6, para. 1, sub-para. 1, point b, GDPR, for the purposes of maintaining contractual relationships with you.

4. Hosting and collection of access data and log files
a) Hosting
The hosting services used by us permit us to make the following services available: infrastructure and platform services, computing capacity, storage space and database services, security services and technical maintenance services, which we use for the operation of this online offering.
In so doing, we, respectively our hosting provider, process user-related data, contact details, content data, contract data, usage data, meta data and communications data of customers, prospective customers and visitors to this online offering based on our legitimate interest in making this online offering available in an efficient and secure manner pursuant to Article 6, para. 1, sub-para. 1, point f, GDPR, in conjunction with Article 28 GDPR (conclusion of a contract for a processing assignment).

b) Collection of access data and log files
Based on our legitimate interest as defined by Article 6, para. 1, sub-para. 1, point f, GDPR, we, respectively our hosting provider, record data on each access made to the server on which this service is located (so-called server log files). The access data includes inter alia the retrieved web page name or file, the date and time of access, the transferred data volume, report of successful retrieval, browser type/version, the user's operating system and IP address.
Log file information is stored, for reasons of security (e.g. to shed light on any misuse or fraudulent acts), for a maximum period of 180 days, and deleted thereafter. Data which it is necessary to continue to retain for evidential purposes are excluded from the deletion process until such time as the incident in question has been finally resolved.

5. Cookies
We use cookies on our site. These are small files that are automatically created by your browser and stored on your terminal equipment (laptop, tablet, smartphone, or the like) whenever you visit our site. Cookies do not cause any damage to your terminal equipment, nor do they contain any viruses, trojans or other malware.

The cookie stores information obtained in each case in connection with the specifically deployed terminal equipment. This does not however mean that this provides us directly with the means to establish your identity.

The use of cookies serves on the one hand to enhance your user experience of our offering. Thus, we use so-called session cookies to identify the fact that you have already visited individual pages of our website. These are automatically deleted once you leave our site.

In addition to this, we use temporary cookies, again to optimise the user-friendliness of our site, which are stored for a set period on your terminal equipment. If you visit our site again in order to call upon our services, the site automatically recognises the fact that you have already been there and what information you input and the preferences you set, to prevent your having to input these once again.

On the other hand, we use cookies to record the use of our website for statistical purposes and to analyse this with a view to optimising our offering for you (cf. section 5). These cookies mean that, whenever you visit our site again, we can automatically identify the fact that you were already there.
These cookies are automatically deleted following an in each case set time period.

The data processed via cookies are required for the aforementioned purposes in order to safeguard our legitimate interests and those of the third party pursuant to Article 6, para. 1, sub-para. 1, point f, GDPR.

Most browsers automatically accept cookies. You may however configure your browser in such a way that no cookies are stored on your computer or that you are always notified before a new cookie is placed. If cookies are fully disabled, however, this may lead to a situation in which you are unable to use all the functions of our website.

6. Analysis and tracking tools / Google Analytics
The tracking measures used by us, as set out below, are implemented on the basis of Article 6, para. 1, sub-para. 1, point f, GDPR. Through the tracking measures used, we wish to ensure the needs-based design and continued optimisation of our website. On the other hand, we use the tracking measures to record the use of our website for statistical purposes and to analyse this with a view to optimising our offering for you. These interests must be viewed as legitimate interests, as defined by the aforementioned legislation.

The respective data processing purposes and data categories can be inferred from the corresponding tracking tools.

We use Google Analytics, a web analytics service from Google Inc. (https://www.google.de/intl/de/about/) 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; hereinafter, "Google") to ensure the needs-based design and continued optimisation of our sites. In this connection, pseudonymised user profiles are created and cookies (cf. under section 5) used. The information produced by the cookie on your use of this website, such as

  • browser type/version,
  • operating system used,
  • referrer-URL (previously visited site),
  • host name of the computer accessing the site (IP address),
  • time of the server enquiry,

is transferred to a Google server in the USA and stored there. The information is used to analyse the use of the website, compile reports on website activities and provide additional services linked to website use and Internet use for the purposes of market research and the needs-based design of these web pages. This information will moreover be transferred where necessary to third parties, where this is prescribed by law or where third parties process this data on our behalf. Under no circumstances will your IP address be combined with other data from Google. The IP addresses are anonymised and so no mapping is possible (IP masking).


You may prevent the installation of cookies by setting the browser software accordingly; we would however point out that in this case, it is possible that not all the functions of this website will be able to be used in full.

You may moreover prevent the recording of data related to your use of the website (incl. your IP address), as generated by the cookie, and the processing of this data by Google, by downloading and installing a browser add-on (https://tools.google.com/dlpage/gaoptout?hl=de).

As an alternative to the browser add-on, particularly when using browsers on mobile devices, you can prevent data being recorded by Google Analytics by clicking on this link. An opt-out cookie is set, preventing the future recording of your data when visiting this website. The opt-out cookie only works in this browser and only for our website and it is stored on your device. If you delete the cookies in this browser, you must reset the opt-out cookie. You can find more information on data protection in connection with Google Analytics at Google Analytics Help (https://support.google.com/analytics/answer/6004245?hl=de).

7. Rights of the data subject
You shall have the right:

  • pursuant to Article 15 GDPR, to request information on your personal data processed by us. You may in particular request information on the purposes of the processing, the categories of personal data, the categories of recipients to whom your data have been or will be disclosed, the envisaged period for which the data will be stored, the existence of a right of rectification, erasure, restriction of processing or an objection to such processing, the existence of the right to lodge a complaint, the source of your data where the data was not recorded by us, and the existence of automated decision-making, including profiling, and where applicable, meaningful information about the details of this;
  •  pursuant to Article 16 GDPR, to request without delay the rectification of inaccurate personal data or the completion of your personal data as stored by us;
  • pursuant to Article 17 GDPR, to request the erasure of your personal data as stored by us, unless the processing is required for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
  • pursuant to Article 18 GDPR, to request the restriction of the processing of your personal data if the accuracy of the data is contested by you, if the processing is unlawful, you however oppose the erasure of the data and we no longer need it, but it is required by you for the establishment, exercise or defence of legal claims, or you have objected to the processing pursuant to Article 21 GDPR;
  • pursuant to Article 20 GDPR, to receive your personal data, which you have provided us with, in a structured, commonly used and machine-readable format or to request the transfer of the data to another controller;
  • pursuant to Article 7, para. 3, GDPR, to withdraw your consent that was once given from us at any time. This will mean that we may in future no longer continue the data processing activity that was based on your consent, and
  • pursuant to Article 77 GDPR, lodge a complaint with a supervisory authority. As a rule, you may for such purposes contact the supervisory authority in the place of your habitual residence or place of work or of our company headquarters.

8. Right to object
Provided your personal data are processed based on legitimate interests pursuant to Article 6, para. 1, sub-para. 1, point f, GDPR, you have the right pursuant to Article 21 GDPR to object to the processing of your personal data on grounds relating to your particular situation or if the objection concerns direct marketing. In the last-mentioned case, you have a general right of objection, which will be actioned by us without the need to cite a particular situation.

If you wish to avail yourself of your right of withdrawal or objection, an email addressed to datenschutz@bansbach-gmbh.de will suffice.

9. Data security
Whenever you visit our website, we use the commonly used SSL (Secure Socket Layer) process in conjunction with the in each case highest level of encryption. You can see whether an individual page of our online presence is transmitted in encrypted form by the display of the locked key , respectively, padlock symbol in the bottom status bar of your browser.

We also use appropriate technical and organisational security measures to protect your data from accidental or deliberate tampering or partial or total loss or destruction, or from unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

10. Currency of this data privacy notice and amendments to the same
This data privacy notice is currently in force and is valid as of May 2018.

It may be necessary, as the result of the further development of our website and the offerings made through our website, or due to revised statutory and/or regulatory terms of reference, to amend this data privacy notice. You may at any time retrieve and print the in each case up-to-date data privacy notice on the website at www.bansbach-gmbh.de/datenschutz.html.