Privacy Policy

th-consultant.com

Information about the responsible person and the data protection officer

In the following, we inform you about the collection of personal data when using our website.

The responsible party pursuant to Art. 4 (7) of the EU General Data Protection Regulation (the “DSGVO”) and other national data protection laws of the Member States as well as other data protection provisions is:

Treuhand Heidelberg Steuerberatungsgesellschaft mbH
Friedrich-Ebert-Anlage 46/1
69117 Heidelberg
Germany
Tel.: 06221 9043-80
Fax: 06221 9043-32

E-mail: kanzlei@th-berater.de
Website: https://th-berater.de

You can reach our data protection officer at: datenschutz@th-berater.de

General information on the processing of personal data

As a matter of principle, we collect and use personal data of our users only insofar as this is necessary for the provision of a functional website as well as our contents and services. The collection and use of our users’ personal data regularly takes place only with the user’s consent. An exception applies in those cases in which it is not possible to obtain prior consent for actual reasons and the processing of the data is permitted by legal regulations.

Insofar as we obtain the consent of the user (also referred to as “data subject”) for processing operations of personal data, Art. 6 (1) lit. a DSGVO serves as the legal basis. When processing personal data that is necessary for the performance of a contract to which the data subject is a party, Art. 6 (1) (b) DSGVO serves as the legal basis. This also applies to processing operations that are necessary for the performance of pre-contractual measures.

Insofar as the processing of personal data is necessary for the fulfilment of a legal obligation to which our company is subject, Art. 6 (1) c DSGVO serves as the legal basis.

In the event that vital interests of the data subject or another natural person make processing of personal data necessary, Art. 6 (1) (d) DSGVO serves as the legal basis.

If the processing is necessary to protect a legitimate interest of our company or a third party and the interests, fundamental rights and freedoms of the data subject do not outweigh the first-mentioned interest, Art. 6 (1) lit. f DSGVO serves as the legal basis for the processing.

The personal data of the data subject shall be deleted or blocked as soon as the purpose of the storage ceases to apply. Storage may also take place if this has been provided for by the European or national legislator in Union regulations, laws or other provisions to which the person responsible is subject. Data will also be blocked or deleted if a storage period prescribed by the aforementioned standards expires, unless there is a need for further storage of the data for the conclusion or fulfilment of a contract.

When you contact us by e-mail, the data you provide will be stored by us in order to answer your question. We delete the data accruing in this context after the storage is no longer necessary, i.e. the purpose of the storage has ceased to apply, or restrict the processing if there are statutory retention obligations.

If we use commissioned service providers for individual functions of our offer or would like to use your data for commercial purposes, we will inform you in detail about the respective processes below. In doing so, we will also state the defined criteria for the storage period.

Your rights as a data subject
You have the following rights with regard to the personal data concerning you:

  • Right to information
  • Right to rectification and/or completion or deletion
  • Right to restriction of processing
  • Right to erasure
  • Right to information
  • Right to data portability
  • Right to object to processing
  • Right to revoke the declaration of consent under data protection law
  • Automated decision-making in individual cases, including profiling
  • You also have the right to complain to a data protection supervisory authority about our processing of your personal data.

If you have any questions, comments or requests regarding the collection, processing and use of your personal data by us, please also contact us using the contact details provided above.

Collection of personal data when visiting our website
Data collection on this website

How do we collect your data?
On the one hand, your data is collected by you providing it to us. This can be, for example, data that you send us by e-mail or give us via a telephone call. Other data is collected automatically or with your consent by our IT systems when you visit the website. This is mainly technical data (e.g. internet browser, operating system or time of page view). This data is collected automatically as soon as you enter this website.

a) When visiting the website
When you visit our website, the browser used on your terminal device automatically sends information to our website server. This information is temporarily stored in a so-called log file. The following information is collected without

and stored until it is automatically deleted:

  • IP address of the requesting computer,
  • Date and time of access,
  • name and URL of the file accessed,
  • website from which the access was made (referrer URL),
  • the browser used and, if applicable, the operating system of your computer as well as the name of your access provider.

The aforementioned data is processed by us for the following purposes:

  • Ensuring a smooth connection set-up of the website,
  • Ensuring a comfortable use of our website,
  • evaluating system security and stability, and
  • for other administrative purposes.
  • The legal basis for the data processing is Art. 6 para. 1 p. 1 lit. f DSGVO. Our legitimate interest follows from the data collection purposes listed above. In no
  • case do we use the collected data for the purpose of drawing conclusions about your person.

b) Inquiry by e-mail, telephone or fax

If you contact us by e-mail, telephone or fax, your enquiry including all resulting personal data (name, enquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b DSGVO if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the enquiries addressed to us (Art. 6 (1) (f) DSGVO) or on your consent (Art. 6 (1) (a) DSGVO) if this has been requested.

The data you send to us by contact request will remain with us until you request us to delete it, revoke your consent to store it or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory statutory provisions – in particular statutory retention periods – remain unaffected.

Why do we use your data?

Some of the data is collected in order to ensure error-free provision of the website. Other data may be used to communicate with you.

Transfer of data

We do not transfer your personal data to third parties for purposes other than those listed below.
We only pass on your personal data to third parties if:

  • you have given your express consent to this in accordance with Art. 6 Para. 1 S. 1 lit. a DSGVO,
  • the disclosure is necessary for the assertion, exercise or defence of legal claims in accordance with Art. 6 Para. 1 Sentence 1 lit. f DSGVO and there is no reason to assume that you have an overriding interest worthy of protection in the non-disclosure of your data,
  • in the event that there is a legal obligation for disclosure in accordance with Art. 6 Para. 1 Sentence 1 lit. c DSGVO, as well as
    this is legally permissible and necessary for the processing of contractual relationships with you according to Art. 6 para. 1 p. 1 lit. b DSGVO.

Data security

We use the widespread SSL procedure (Secure Socket Layer) in connection with the highest encryption level supported by your browser when visiting the website. As a rule, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. You can tell whether an individual page of our website is transmitted in encrypted form by the closed display of the key or lock symbol in the lower status bar of your browser.
We also use appropriate technical and organisational security measures to protect your data against accidental or intentional manipulation, partial or complete loss, destruction or against unauthorised access by third parties. Our security measures are continuously improved in line with technological developments.

Plugins and tools

Google Web Fonts (local hosting)

This site uses so-called web fonts provided by Google for the uniform display of fonts. The Google Fonts are installed locally. There is no connection to Google servers.

Further information on Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google’s privacy policy: https://policies.google.com/privacy?hl=de.

Hosting

External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This may include, but is not limited to, IP addresses, contact requests, meta and communication data, contractual data, contact details, names, website accesses and other data generated via a website.

The hoster is used for the purpose of fulfilling the contract with our potential and existing customers (Art. 6 para. 1 lit. b DSGVO) and in the interest of a secure, fast and efficient provision of our online offer by a professional provider (Art. 6 para. 1 lit. f DSGVO).

Our hoster will only process your data insofar as this is necessary for the fulfilment of its service obligations and follow our instructions with regard to this data.

We use the following hoster:

IONOS SE
Elgendorfer Str. 57
56410 Montabaur

Order processing

We have concluded an order processing agreement (AVV) with the above-mentioned provider. This is a contract required by data protection law, which ensures that this provider only processes the personal data of our website visitors in accordance with our instructions and in compliance with the DSGVO.

Cookies

Your browser sets a session cookie when you visit our website. A session cookie stores information that associates online activity with a single browser session. Session cookies are only used to facilitate the use of a website. The session cookie is usually deleted again when the browser is closed. You do not have to actively allow session cookies. Session cookies can be disabled centrally in your browser settings and this setting then applies to all websites that you visit in succession. Under certain circumstances, certain areas or functions of other websites with deactivated session cookies may not be usable (e.g. online shops).

Data subject rights

You have the right

  • To request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you can request information about the processing purposes, the category of personal data, the categories of recipients to whom your data has been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making including profiling and, if applicable, meaningful information about its details;
  • in accordance with Art. 16 DSGVO, to demand the immediate correction of inaccurate or incomplete personal data stored by us;
    in accordance with Article 17 of the Regulation, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;
  • in accordance with Art. 18 DSGVO, to request the restriction of the processing of your personal data, insofar as the accuracy of the data is disputed by you, the processing is unlawful, but you object to its erasure and we no longer require the data, but you need it for the assertion, exercise or defence of legal claims or you have objected to the processing in accordance with Art. 21 DSGVO;
    pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, common and machine-readable format or to request that it be transferred to another controller;
  • revoke your consent at any time in accordance with Art. 7 (3) DSGVO. This has the consequence that we may no longer continue the data processing based on this consent in the future; and
  • complain to a supervisory authority in accordance with Art. 77 DSGVO.

As a rule, you can contact the supervisory authority of your usual place of residence or workplace for this purpose.

Right of objection

Insofar as your personal data is processed on the basis of legitimate interests pursuant to Art. 6 (1) sentence 1 lit. f DSGVO, you have the right to object to the processing of your personal data pursuant to Art. 21 DSGVO, insofar as there are grounds for doing so that arise from your particular situation or the objection is directed against direct advertising. In the latter case, you have a general right of objection, which is implemented by us without specifying a particular situation.
If you would like to make use of your right of revocation or objection, it is sufficient to send us an e-mail.

Up-to-dateness and amendment of this data protection declaration

This data protection declaration is currently valid and has the status May 2023.

Due to the further development of our website and offers on it or due to changed legal or official requirements, it may become necessary to change this data protection declaration. The current data protection declaration can be accessed on the website at any time.

Information on the processing of your personal data as an applicant

We hereby inform you about the processing of your personal data by Treuhand Heidelberg StBG mbH and the rights to which you are entitled under data protection law.

§ 1 Who is responsible for the processing of my personal data and how can I contact the data protection officer?

This data protection notice applies to data processing by:

Treuhand Heidelberg StBG mbH
Friedrich-Ebert-Anlage 46/1
69117 Heidelberg
06221/9043-70
06221/9043-32
kanzlei@th-berater.de

represented by: Ulrich Herzog, Hans-Jürgen Rupertus, Markus Mohr, Björn von Olnhausen, Roger Wisniowski, Louis Metz.

You can reach our data protection officer at the above contact details or at the e-mail address: datenschutz@th-berater.de

§ 2 For what purposes and on what legal basis is data processed?
The collection of this data is done,

  • to be able to identify you as an applicant
  • to contact you;
  • to carry out the application procedure;
  • to invite you to participate in the next round of the application procedure;
  • to administer and evaluate your application
  • to use the information provided to us;
  • to exercise and defend our interests, rights and claims;
  • to be able to demonstrate legally compliant behaviour if claims are made against us;
  • The data processing is carried out in response to your request and serves the following purposes pursuant to Art. 6 (1) sentence 1 lit. b of the German Data
  • Protection Regulation (DSGVO) in conjunction with Art. 88 DSGVO. Art. 88 DSGVO i.V.m. § Section 26 of the Federal Data Protection Act (BDSG) as well as all other relevant laws such as, in particular, the General Equal Treatment Act (AGG) for the appropriate processing of your application documents and for the initiation of contracts.

In addition, consent may be required in accordance with Art. 6 Para. 1 S.1 lit.a DSGVO in conjunction with Art. 88 DSGVO. Art. 88 DSGVO in conjunction with. § Section 26 (2) BDSG may constitute a legal basis.

Insofar as we are legally obliged to process data that we have received as part of the application process, we carry out this data processing on the basis of Art. 6 para. 1 sentence 1 lit. c DSGVO.

In addition, we have a legitimate interest in identifying you as an applicant in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO and to use the information you have provided that goes beyond the mandatory data. Obviously irrelevant data will be deleted by us immediately. The legitimate interest can also be based on the evaluation and management of your application.

We process personal data used for the exercise and defence of our interests, rights and claims on the basis of our legitimate interests pursuant to Art. 6 para.1 p.1 lit.f DSGVO. We also have a legitimate interest pursuant to Art.6 Abs.1 S.1 lit.f DSGVO in demonstrating legally compliant behaviour if claims are asserted against us arising from the application process.

In the case of the processing of special categories of personal data pursuant to Art. 9 DSGVO, this serves the exercise of rights or the fulfilment of legal obligations arising from labour law, social security law or social protection. The legal basis here is Art. 9 (2) lit. b DSGVO in conjunction with Art. 88 DSGVO. Art. 88 DSGVO in conjunction with. § 26 para.3 BDSG. In order to exercise or defend our legal claims, we process special categories of personal data on the basis of Art. 9 para.2 lit.f DS-GVO.

Consent to the processing of special categories of personal data is required on the basis of Art. 9 para. 2 lit. a, Art. 6 para. 1 sentence 1 lit. a, 7 DSGVO in conjunction with Art. 88 DSGVO. Art. 88 DSGVO in conjunction with. § Section 26 para. 3, para. 2 BDSG possible.

§ 3 Who receives my data?

Insofar as this is necessary for the processing of the application procedure with you, your personal data will be passed on within our company to persons and, if applicable, departments for examination; this includes in particular the personnel department, the specialist department.

We have commissioned third parties to support us in the performance of tasks. These include for example: IT services, job portals, e-mail providers, The data passed on may only be used by the third party for the agreed purposes. In the event of commissioned processing, the contractors act on our behalf and according to our instructions.

No further data will be passed on to third parties.

§ 4 What data protection rights can I assert as a data subject?

You have the right

  • In accordance with Art. 7 Para.3 DSGVO, to revoke your consent once given to us at any time. This means that we may no longer process the data based on this consent in the future; if you wish to exercise your right of revocation, simply send an e-mail to datenschutz@th-berater.de. In the event of a revocation, we may no longer be able to provide the agreed services or not to the desired extent;
  • to request information about your personal data processed by us in accordance with Art. 15 DSGVO. In particular, you may request information about the processing purposes, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the planned storage period, the existence of a right to rectification, erasure, restriction of processing or objection, the existence of a right of complaint, the origin of your data if it has not been collected by us, as well as the existence of automated decision-making, including profiling, and, if applicable, meaningful information about its details;
  • in accordance with Art. 16 DSGVO, to demand the immediate correction of inaccurate or incomplete personal data stored by us;
    in accordance with Article 17 of the Regulation, to request the erasure of your personal data stored by us, unless the processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, or for the establishment, exercise or defence of legal claims;

pursuant to Art. 18 DSGVO, to request the restriction of the processing of your personal data if the conditions set out in Art. 18 DSGVO are met; and
pursuant to Art. 20 DSGVO, to receive your personal data that you have provided to us in a structured, commonly used and machine-readable format or to request that it be transferred to another controller.

§ 6 Do I have the possibility to complain?

If you are of the opinion that the processing of your personal data by us is unlawful or, if applicable, violates data protection law for other reasons, you can complain to a supervisory authority. You may contact a supervisory authority in the member state of your place of residence, your place of work or the place of the alleged infringement.

§ 7 How long will my personal data be stored?

Your personal data collected for the application process will be deleted after four months following the sending of a rejection letter, unless we have received your consent to keep your data longer, for example for inclusion in an applicant pool.

If the application was successful and the data processing is based on our legitimate interests (Art. 6 para.1 p.1 lit.f DSGVO), the data will be stored for as long as our interests prevail and the data is required to fulfil an overriding legitimate interest.

If the data processing is based on a legal obligation to which we are subject (Art. 6 para. 1 sentence 1 lit. c DS-GVO), the data will be stored for as long as is necessary to fulfil our legal obligation. For example, we are subject to the retention periods provided for in the tax laws and the German Commercial Code.

Under certain circumstances, personal data may have to be stored in individual cases until the respective claims can no longer be asserted or are time-barred because we are defending ourselves against asserted claims.

§ 8 Will my personal data be transferred to a third country?

If we transfer personal data to service providers or affiliated companies outside the European Economic Area (EEA), the transfer will only take place if the third country has been confirmed by the EU Commission as having an adequate level of data protection or if other appropriate data protection guarantees (e.g. EU standard contractual clauses) are in place. You can also request the information using the contact information above.

§ 9 Am I obliged to provide my data?

In principle, there is no legal obligation to provide your personal data. Refusal to do so will not have any adverse legal consequences for you.

However, if you send us your application, you are initially providing us with your data on a voluntary basis. As part of the application process, it is also necessary for you to provide us with your data for the Page 4 of 4

for the proper conduct of the procedure. The processing of data for the purpose of initiating an employment relationship is legally regulated in § 26 para.1 p.1 BDSG in conjunction with § 26 para.8 p.2 BDSG. § 26 para. 8 p.2 BDSG. If you do not provide us with the data, we will unfortunately not be able to consider your application further.

§ 10 Do automated individual decisions or profiling measures take place?

No automated individual decisions or profiling measures take place in order to fulfil our contractual obligations.