Enter search term

Do you have further questions, let us know!

Out of date


Your [sf-browser] may be too old to display all content of this website.
Please perform an update.

Update

Privacy Policy

We are very pleased about your interest in our company. Data protection is of particular importance to the management of Liesenfeld Executive Advisory GmbH. Using the websites of Liesenfeld Executive Advisory GmbH is generally possible without providing any personal data. However, if a data subject wishes to use special services of our company via our website, the processing of personal data may become necessary. If the processing of personal data is necessary and no legal basis exists for such processing, we generally obtain the consent of the data subject.

The processing of personal data, such as the name, address, email address, or phone number of an affected person, is always carried out in accordance with the General Data Protection Regulation (GDPR) and in compliance with the country-specific data protection regulations applicable to Liesenfeld Executive Advisory GmbH. Through this privacy policy, our company aims to inform the public about the nature, scope, and purpose of the personal data we collect, use, and process. Furthermore, data subjects are informed of their rights through this privacy policy.

Liesenfeld Executive Advisory GmbH, as the data controller, has implemented numerous technical and organizational measures to ensure the most comprehensive protection of personal data processed through this website. Nevertheless, internet-based data transmissions can generally have security vulnerabilities, so absolute protection cannot be guaranteed. For this reason, each affected person is free to transmit personal data via alternative methods, such as by telephone.

1. Definitions

The privacy policy of Liesenfeld Executive Advisory GmbH is based on the terminology used by the European legislator when issuing the General Data Protection Regulation (GDPR). Our privacy policy is intended to be easily readable and understandable for the public as well as for our customers and business partners. To ensure this, we would like to explain the terms used in advance.

In this privacy policy, we use the following terms among others:

  • a) Personal Data

    Personal data refers to all information relating to an identified or identifiable natural person (hereinafter referred to as 'data subject'). An individual is considered identifiable if they can be identified directly or indirectly, in particular by association with an identifier such as a name, identification number, location data, online identifier, or one or more factors specific to the physical, physiological, genetic, psychological, economic, cultural, or social identity of that natural person.

  • b) Data Subject

    Data subject is any identified or identifiable natural person whose personal data are processed by the data controller.

  • c) Processing

    Processing is any operation or set of operations performed with or without the aid of automated processes concerning personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.

  • d) Restriction of processing

    Restriction of processing is the marking of stored personal data with the aim of limiting their future processing.

  • e) Profiling

    Profiling is any form of automated processing of personal data that involves using such data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning work performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements of that natural person.

  • f) Pseudonymization

    Pseudonymization is the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the personal data are not attributed to an identified or identifiable natural person.

  • g) Data Controller or Responsible Person

    The data controller or responsible person is the natural or legal person, authority, agency, or other entity that alone or jointly with others determines the purposes and means of processing personal data. If the purposes and means of processing are dictated by Union law or the law of the Member States, the controller or the criteria for their designation may be specified according to Union law or the law of the Member States.

  • h) Processor

    Processor is a natural or legal person, authority, agency, or other entity that processes personal data on behalf of the controller.

  • i) Recipient

    Recipient is a natural or legal person, authority, agency, or other entity to whom personal data are disclosed, regardless of whether it is a third party or not. Authorities that may receive personal data within the scope of a specific investigation under Union law or the law of the Member States are not considered recipients.

  • j) Third Party

    Third party is a natural or legal person, authority, agency, or other entity other than the data subject, the controller, the processor, or persons authorized to process the personal data under the direct responsibility of the controller or processor.

  • k) Consent

    Consent is any voluntary, informed, and unambiguous indication of the data subject's wishes, expressed by a statement or clear affirmative action, signifying that they agree to the processing of their personal data.

2. Name and address of the data controller

Responsible within the meaning of the General Data Protection Regulation, other data protection laws applicable in the member states of the European Union, and other provisions with data protection character is the:

Liesenfeld Executive Advisory GmbH

Theodorstraße 42-90, house 6a

22761 Hamburg

Germany

Tel.: +49 40 67387358

E-mail:

Website: www.sofa53neun.de

3. Cookies

The websites of Liesenfeld Executive Advisory GmbH use cookies. Cookies are text files that are stored and saved on a computer system via an internet browser.

Many websites and servers use cookies. Many cookies contain a so-called cookie ID. A cookie ID is a unique identifier of the cookie. It consists of a string of characters that allows websites and servers to associate the cookie with the specific internet browser in which it was stored. This enables visited websites and servers to distinguish the individual browser of the affected person from other internet browsers containing different cookies. A specific internet browser can be recognized and identified via the unique cookie ID.

Through the use of cookies, Liesenfeld Executive Coaching GmbH can provide users of this website with more user-friendly services that would not be possible without setting cookies.

Using a cookie, the information and offers on our website can be optimized for the user. Cookies allow us, as mentioned before, to recognize the users of our website. The purpose of this recognition is to make it easier for users to use our website. For example, a user of a website that uses cookies does not have to re-enter their login details every time they visit the site, because this is stored by the website and the cookie stored on the user's computer system. Another example is the cookie of a shopping cart in an online shop. The online shop remembers the items a customer has placed in the virtual shopping cart via a cookie.

The affected person can prevent the setting of cookies on our website at any time by adjusting the settings of the internet browser used and thereby permanently object to the setting of cookies. Furthermore, cookies already set can be deleted at any time via an internet browser or other software programs. This is possible in all common internet browsers. If the affected person disables the setting of cookies in the used internet browser, not all functions of our website may be fully usable.

4. Collection of general data and information

The website of Liesenfeld Executive Coaching GmbH collects, with each access by an affected person or an automated system, a series of general data and information. These general data and information are stored in the server's log files. They can include (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system arrives at our website (so-called referrers), (4) the sub-websites accessed via an accessing system on our website, (5) the date and time of access to the website, (6) an internet protocol address (IP address), (7) the internet service provider of the accessing system, and (8) other similar data and information used for threat prevention in case of attacks on our IT systems.

When using this general data and information, Liesenfeld Executive Coaching GmbH makes no inferences about the affected person. Instead, this information is needed to (1) deliver the content of our website correctly, (2) optimize the content and advertising of our website, (3) ensure the permanent functionality of our IT systems and the technology of our website, and (4) provide law enforcement authorities with the necessary information in the event of a cyberattack. These anonymously collected data and information are therefore evaluated statistically by Liesenfeld Executive Coaching GmbH and additionally with the aim of increasing data protection and data security in our company, ultimately to ensure an optimal level of protection for the personal data we process. The anonymous data from server log files are stored separately from all personal data provided by an affected person.

5. Routine deletion and blocking of personal data

The data controller processes and stores personal data of the affected person only for the period necessary to achieve the purpose of storage or as provided by the European legislator or other applicable laws and regulations to which the data controller is subject.

If the storage purpose ceases to apply or a storage period prescribed by the European legislator or another competent authority expires, the personal data will be routinely and in accordance with legal requirements blocked or deleted.

6. Rights of the data subject

  • a) Right to confirmation

    Every data subject has the right granted by the European legislator to request from the controller whether personal data concerning them is being processed. If a data subject wishes to exercise this right to confirmation, they can contact an employee of the data controller at any time.

  • b) Right to access

    Every data subject has the right granted by the European legislator to obtain free of charge from the controller information about the personal data stored concerning them and a copy of this information at any time. Furthermore, the European legislator has granted the data subject access to the following information:

    • the purposes of processing
    • the categories of personal data being processed
    • the recipients or categories of recipients to whom the personal data have been disclosed or will be disclosed, especially recipients in third countries or international organizations
    • the intended duration for which the personal data will be stored, or if not possible, the criteria used to determine that duration
    • the existence of a right to rectification or erasure of personal data concerning them or to restriction of processing by the controller or a right to object to such processing
    • the existence of a right to lodge a complaint with a supervisory authority
    • if the personal data are not collected from the data subject: all available information about the source of the data
    • the existence of automated decision-making, including profiling, pursuant to Article 22(1) and (4) of the GDPR, and — at least in these cases — meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject

    Furthermore, the data subject has the right to know whether personal data have been transferred to a third country or an international organization. If so, the data subject also has the right to obtain information about the appropriate safeguards related to the transfer.

    If a data subject wishes to exercise this right of access, they can contact an employee of the data controller at any time.

  • c) Right to rectification

    Every data subject has the right granted by the European legislator to request the immediate correction of inaccurate personal data concerning them. Furthermore, the data subject has the right, considering the purposes of processing, to request the completion of incomplete personal data — including by means of an additional statement.

    If a data subject wishes to exercise this right to rectification, they can contact an employee of the data controller at any time.

  • d) Right to erasure (Right to be forgotten)

    Every data subject has the right granted by the European legislator to request the controller to delete personal data concerning them without delay, provided one of the following reasons applies and the processing is not necessary:

    • The personal data was collected for such purposes or processed in other ways, for which they are no longer necessary.
    • The data subject withdraws their consent, on which the processing pursuant to Art. 6 para. 1 letter a GDPR or Art. 9 para. 2 letter a GDPR was based, and there is no other legal basis for the processing.
    • The data subject objects to the processing pursuant to Art. 21 para. 1 GDPR, and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Art. 21 para. 2 GDPR.
    • The personal data was processed unlawfully.
    • The deletion of personal data is necessary to fulfill a legal obligation under Union law or the law of the Member States to which the controller is subject.
    • The personal data was collected concerning offered services of the information society pursuant to Art. 8 para. 1 GDPR.

    If one of the above reasons applies and a data subject wishes to request the deletion of personal data stored by Liesenfeld Executive Coaching GmbH, they can contact an employee of the data controller at any time. The employee of Liesenfeld Executive Coaching GmbH will ensure that the deletion request is fulfilled without delay.

    If the personal data has been made public by Liesenfeld Executive Coaching GmbH and our company, as the controller, is obliged under Art. 17 para. 1 GDPR to delete the personal data, Liesenfeld Executive Coaching GmbH shall take appropriate measures, including technical measures, to inform other data controllers processing the published personal data, that the data subject has requested the deletion of all links to these personal data or copies or replications of these personal data, insofar as the processing is not necessary. The employee of Liesenfeld Executive Coaching GmbH will take the necessary action on a case-by-case basis.

  • e) Right to restriction of processing

    Every data subject affected by the processing of personal data has the right granted by the European legislator to request from the controller the restriction of processing if one of the following conditions is met:

    • The accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data.
    • The processing is unlawful, the data subject opposes the deletion of the personal data and demands the restriction of their use instead.
    • The controller no longer needs the personal data for the purposes of processing, but the data subject requires them for the establishment, exercise or defense of legal claims.
    • The data subject has objected to processing pursuant to Art. 21 para. 1 GDPR, and it has not yet been determined whether the legitimate grounds of the controller override those of the data subject.

    If one of the above conditions is met and a data subject wishes to request the restriction of personal data stored by Liesenfeld Executive Coaching GmbH, they can contact an employee of the data controller at any time. The employee will implement the restriction of processing.

  • f) Right to data portability

    Every data subject affected by the processing of personal data has the right granted by the European legislator to receive the personal data concerning them, which they have provided to a controller, in a structured, common and machine-readable format. They also have the right to transmit this data to another controller without hindrance from the original controller, if the processing is based on consent pursuant to Art. 6 para. 1 letter a GDPR or Art. 9 para. 2 letter a GDPR or on a contract pursuant to Art. 6 para. 1 letter b GDPR and the processing is carried out by automated means, provided that the processing is not necessary for the performance of a task carried out in the public interest or in the exercise of official authority transferred to the controller.

    Furthermore, the data subject, in exercising their right to data portability pursuant to Art. 20 para. 1 GDPR, has the right to obtain that the personal data be transmitted directly from one controller to another, where technically feasible and where this does not affect the rights and freedoms of others.

    To exercise the right to data portability, the data subject can contact an employee of Liesenfeld Executive Coaching GmbH at any time.

  • g) Recht auf Widerspruch

    Every data subject affected by the processing of personal data has the right granted by the European legislator to object at any time to the processing of their personal data, based on reasons arising from their particular situation, when such data is processed pursuant to Art. 6(1) letters e or f GDPR. This also applies to profiling based on these provisions.

    Liesenfeld Executive Coaching GmbH will no longer process personal data in the event of an objection unless we can demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject, or the processing is necessary for the assertion, exercise, or defense of legal claims.

    If Liesenfeld Executive Coaching GmbH processes personal data for direct marketing purposes, the data subject has the right to object at any time to the processing of their personal data for such marketing. This also applies to profiling related to such direct marketing. If the data subject objects to the processing for direct marketing purposes, Liesenfeld Executive Coaching GmbH will no longer process the personal data for these purposes.

    Furthermore, the data subject has the right to object, on grounds relating to their particular situation, to the processing of their personal data by Liesenfeld Executive Coaching GmbH for scientific, historical research, or statistical purposes pursuant to Art. 89(1) GDPR, unless such processing is necessary for the performance of a task carried out in the public interest.

    To exercise the right to object, the data subject can contact any employee of Liesenfeld Executive Coaching GmbH or another staff member directly. The data subject is also free to exercise their right to object in connection with the use of information society services, regardless of Directive 2002/58/EC, through automated procedures that use technical specifications.

  • h) Automated individual decisions including profiling

    Every data subject affected by the processing of personal data has the right granted by the European legislator not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning them or similarly significantly affects them, provided that the decision (1) is not necessary for entering into or performing a contract between the data subject and the controller, or (2) is authorized by Union or Member State law to which the controller is subject and which provides for suitable measures to safeguard the data subject's rights and freedoms and legitimate interests, or (3) is based on the explicit consent of the data subject.

    If the decision (1) is necessary for the conclusion or performance of a contract between the data subject and the controller, or (2) is made with the explicit consent of the data subject, Liesenfeld Executive Coaching GmbH will take appropriate measures to safeguard the rights and freedoms and legitimate interests of the data subject, including at least the right to obtain human intervention, to express their own point of view, and to contest the decision.

    The data subject can contact a representative of the data controller at any time to exercise rights related to automated decisions.

  • i) Right to withdraw consent to data processing

    Every data subject affected by the processing of personal data has the right granted by the European legislator to withdraw their consent to the processing of personal data at any time.

    If the data subject wishes to exercise their right to withdraw consent, they can contact a representative of the data controller at any time.

7. Data protection in applications and the application process

The data controller collects and processes the personal data of applicants for the purpose of managing the application process. Processing can also be carried out electronically, especially if an applicant submits relevant application documents electronically, such as via email or through a web form on the website. If the data controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of managing the employment relationship in accordance with legal regulations. If no employment contract is concluded, the application documents will be automatically deleted two months after the rejection notice is issued, unless there are other legitimate interests of the data controller against deletion. Such legitimate interests may include, for example, the burden of proof in proceedings under the General Equal Treatment Act (AGG).

8. Legal basis for processing

Art. 6(1)(a) GDPR serves as our company's legal basis for processing activities where we obtain consent for a specific purpose. If processing personal data is necessary for the performance of a contract to which the data subject is a party, such as for the delivery of goods or the provision of other services or consideration, processing is based on Art. 6(1)(b) GDPR. The same applies to processing necessary for pre-contractual measures, such as inquiries about our products or services. If our company is subject to a legal obligation that makes processing of personal data necessary, such as to fulfill tax obligations, processing is based on Art. 6(1)(c) GDPR. In rare cases, processing of personal data may be necessary to protect vital interests of the data subject or another natural person, for example, if a visitor is injured at our premises and their name, age, health insurance data, or other vital information must be shared with a doctor, hospital, or third parties. In such cases, processing would be based on Art. 6(1)(d) GDPR. Ultimately, processing may also be based on Art. 6(1)(f) GDPR. Processing activities not covered by the above legal bases are permitted if they are necessary to pursue legitimate interests of our company or a third party, provided that the interests, fundamental rights, and freedoms of the data subject do not override those interests. Such processing activities are particularly permitted because they are explicitly mentioned by the European legislator. In this regard, it was held that a legitimate interest could be assumed if the data subject is a customer of the controller (Recital 47 sentence 2 GDPR).

9. Legitimate interests pursued by the data controller or a third party

If the processing of personal data is based on Article 6(1)(f) GDPR, our legitimate interest is to carry out our business activities for the benefit of the well-being of all our employees and shareholders.

10. Duration for which the personal data will be stored

The criterion for the duration of storage of personal data is the applicable statutory retention period. After the period expires, the relevant data will be routinely deleted, unless they are still required for contract fulfillment or contract initiation.

11. Legal or contractual provisions for providing personal data; necessity for the conclusion of the contract; obligation of the data subject to provide personal data; possible consequences of non-provision

We inform you that the provision of personal data is partly legally required (e.g., tax regulations) or may also result from contractual arrangements (e.g., information about the contractual partner). Sometimes, it may be necessary for a contract to be concluded that a data subject provides us with personal data, which we then process. The data subject is, for example, obliged to provide us with personal data if our company enters into a contract with them. Failure to provide the personal data would result in the inability to conclude the contract with the data subject. Before providing personal data, the data subject must contact one of our employees. Our employee will inform the data subject on a case-by-case basis whether the provision of personal data is legally or contractually required or necessary for the conclusion of the contract, whether there is an obligation to provide the data, and what the consequences of not providing the data would be.

12. Existence of automated decision-making

As a responsible company, we refrain from automated decision-making or profiling.