Privacy Policy

Data protection according to the new DSGVO of May 25, 2018 is important to us! We have updated our subsequent privacy policy for
15 May 2018, in accordance with the GDPR.

Privacy Policy

We are very pleased about your interest in our company. Data protection is of particular importance for the management of Commax Consulting GmbH & Co. KG. A use of the web pages of Commax Consulting GmbH & Co. KG is basically possible without any indication of personal data. However, if an affected person wishes to use our company's special services through our website, personal data processing may be required. If the processing of personal data is required and there is no legal basis for such processing, we generally seek the consent of the data subject. The processing of personal data, such as the name, address, e-mail address or telephone number of a data subject, is always in accordance with the General Data Protection Regulation and in accordance with the country-specific data protection provisions applicable to Commax Consulting GmbH & Co. KG. Through this privacy policy, our company seeks to inform the public about the nature, scope and purpose of the personal information we collect, use and process. Furthermore, data subjects are informed of their rights under this privacy policy. Commax Consulting GmbH & Co. KG, as the controller, has implemented numerous technical and organizational measures to ensure the most complete protection possible for personal data processed via this website. Nevertheless, Internet-based data transmissions can generally have security holes, so that absolute protection can not be guaranteed. For this reason, every person concerned is free to submit personal data to us in alternative ways, for example by telephone.

1. Definitions

The privacy policy of Commax Consulting GmbH & Co. KG is based on the terminology used by the European directive and regulatory authority in the adoption of the General Data Protection Regulation (DS-GVO). Our privacy policy should be easy to read and understand for the public as well as for our customers and business partners. To ensure this, we would like to explain in advance the terminology used. We use the following terms in this privacy policy, including but not limited to:

• a) personal data Personal data is any information relating to an identified or identifiable natural person (hereinafter the "data subject"). A natural person is considered to be identifiable who, directly or indirectly, in particular by association with an identifier such as a name, an identification number, location data, an online identifier or one or more special features, expresses the physical, physiological, genetic, mental, economic, cultural or social identity of this natural person can be identified.
• b) data subject
Affected person is any identified or identifiable natural person whose personal data is processed by the controller.
• c) Processing
Processing means any process or series of operations related to personal data, such as collecting, collecting, organizing, organizing, storing, adapting or modifying, reading, querying, using, with or without the aid of automated procedures; disclosure by submission, dissemination or other form of provision, reconciliation or association, restriction, erasure or destruction.
• d) Limitation of Processing
Restriction of the processing is the marking of stored personal data with the aim to limit their future processing.
• e) Profiling
Profiling is any kind of automated processing of personal data that consists in using that personal information to evaluate certain personal aspects relating to a natural person, in particular aspects relating to job performance, economic situation, health, personal To analyze or predict preferences, interests, reliability, behavior, whereabouts or relocation of that natural person.
• f) Pseudonymization
Pseudonymisation is the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without the need for additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data not assigned to an identified or identifiable natural person.
• g) Responsible or responsible
The controller or controller is the natural or legal person, public authority, body or body that, alone or in concert with others, decides on the purposes and means of processing personal data. Where the purposes and means of such processing are determined by Union law or the law of the Member States, the controller or the specific criteria for his designation may be provided for under Union or national law.
• h) processor
The processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of the controller.
• i) Recipient
Recipient is a natural or legal person, agency, agency or other entity to whom Personal Data is disclosed, whether or not it is a third party. However, authorities which may receive personal data under Union or national law in connection with a particular mission are not considered as beneficiaries.
• j) Third
Third is a natural or legal person, public authority, body or body other than the data subject, the controller, the processor and the persons authorized under the direct responsibility of the controller or the processor to process the personal data.
• k) Consent
Consent is any voluntarily given and unambiguously expressed in the form of a statement or other unambiguous confirmatory act by the data subject for the particular case, by which the data subject indicates that they consent to the processing of the personal data concerning him / her is.

2. Name and address of the controller

Responsible person within the meaning of the basic data protection regulation, other data protection laws valid in the member states of the European Union and other regulations with data protection character is the:

Commax Consulting GmbH & Co. KG
Southern Munich Street 10a
82031 Grünwald
Germany
Tel .: + 49-89-360384-0 E-Mail: info@commax.de
Website: commax.de

3. Name and address of the Data Protection Officer

The data protection officer of the controller is:

Kai Zimmerling
tanum consult GmbH
Zamdorfer Str. 100
81677 Munich Germany
Tel .: +49 89 4161711-0
E-Mail: info@tanum-consult.de
Website: tanum-consult.de

Any data subject can contact our data protection officer at any time with any questions or suggestions regarding data protection.

4. Collecting general data and information

The website of Commax Consulting GmbH & Co. KG collects a series of general data and information each time the website is accessed by an affected person or an automated system. This general data and information is stored in the log files of the server. The (1) browser types and versions used, (2) the operating system used by the accessing system, (3) the internet page from which an accessing system accesses our website (so-called referrers), (4) the sub-web pages which can be accessed via (5) the date and time of access to the website, (6) an Internet Protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information used in the event of attacks on our information technology systems. When using this general data and information, Commax Consulting GmbH & Co. KG does not draw conclusions about the data subject. Rather, this information is required to (1) correctly deliver the contents of our website, (2) to optimize the content of our website and to advertise it, (3) to ensure the continued functioning of our information technology systems and the technology of our website, and ( 4) to provide law enforcement authorities with the information necessary for law enforcement in the event of a cyberattack. This anonymously collected data and information are evaluated by the Commax Consulting GmbH & Co. KG on the one hand statistically and further with the aim to increase the data protection and data security in our company to ultimately ensure an optimal level of protection for the personal data processed by us , The anonymous data of the server log files are stored separately from all personal data provided by an affected person.

5. Contact via the website

Due to legal regulations, the website of Commax Consulting GmbH & Co. KG contains information that enables quick electronic contact to our company as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address) , If an affected person contacts the data controller by e-mail or through a contact form, the personal data provided by the data subject will be automatically saved. Such personal data, voluntarily transmitted by an individual to the controller, is stored for the purpose of processing or contacting the data subject. There is no disclosure of this personal data to third parties. The data processing for the purpose of contacting us is in accordance with Art. 6 para. 1 p. 1 lit. a DSGVO based on your voluntarily granted consent. The personal data collected by us for the use of the contact form will be automatically deleted after completion of the request made by you.

6. Subscribe to comments in the blog on the website

The comments made in the blog of Commax Consulting GmbH & Co. KG can basically be subscribed to by third parties. In particular, there is the possibility that a commentator subscribes to comments following a comment on a particular blog post. If an affected person decides to subscribe to the option to comment, the controller will send an automatic confirmation email to double-check whether the owner of the specified email address for that person is actually checking the email Option has been decided. The option to subscribe to comments can be terminated at any time.

7. Routine deletion and blocking of personal data

The controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of the storage or, as the case may be, by the European directives or regulations or by any other legislator in laws or regulations which the controller was provided for. If the storage purpose is omitted or if a storage period prescribed by the European directives and regulations or any other relevant legislator expires, the personal data will be routinely blocked or deleted in accordance with the statutory provisions.

8. Rights of the person concerned

• in accordance with Art. 15 DSGVO to request information about your personal data processed by us. In particular, you can provide information on the processing purposes, the category of personal data, the categories of recipients to whom your data has been disclosed, the planned retention period, the right to rectification, deletion, limitation of processing or opposition, the existence of a The right to complain, the source of their data, if not collected from us, and the existence of automated decision-making, including profiling and, where appropriate, meaningful information about their details;
• in accordance with Art. 16 DSGVO to immediately demand the correction of incorrect or complete personal data stored with us;
• in accordance with Art. 17 DSGVO to request the deletion of your personal data stored by us, unless the processing for the exercise of the right to freedom of expression and information, to fulfill a legal obligation, for reasons of public interest or to assert, exercise or Defense of legal rights is required;
• in accordance with Art. 18 GDPR to demand the restriction of the processing of your personal data, as far as the accuracy of the data is disputed by you, the processing is unlawful, but you reject their deletion and we no longer need the data, but you to Asserting, exercising or defending legal claims or you have objected to processing in accordance with Art. 21 GDPR;
• in accordance with Art. 20 GDPR to obtain your personal data provided to us in a structured, common and machine-readable format or to request the transfer to another person in charge;
• in accordance with Art. 7 para. 3 DSGVO your once granted consent to revoke against us at any time. As a result, we are not allowed to continue the data processing based on this consent for the future and
• in accordance with Art. 77 GDPR to complain to a supervisory authority. Usually, you can contact the regulator of your usual place of residence or work or our corporate office.

9. Data protection in applications and in the application process

The controller collects and processes the personal data of applicants for the purpose of processing the application process. The processing can also be done electronically. This is particularly the case if an applicant submits corresponding application documents to the controller by electronic means, for example by e-mail or via a web form available on the website. If the controller concludes a contract of employment with an applicant, the data transmitted will be stored for the purposes of the employment relationship in accordance with the law. If no employment contract is concluded with the candidate by the controller, the application documents will be automatically deleted three months after the announcement of the rejection decision, unless deletion precludes other legitimate interests of the controller. Other legitimate interest in this sense, for example, a burden of proof in a procedure under the General Equal Treatment Act (AGG).

10. Privacy Policy on Using and Using Google AdSense

The controller has integrated Google AdSense on this website. Google AdSense is an online service that provides third-party advertising mediation. Google AdSense is based on an algorithm that selects advertisements displayed on third-party websites in accordance with the contents of the respective third-party website. Google AdSense allows interest-based targeting of the Internet user, which is implemented by generating individual user profiles. The operating company of the Google AdSense component is the Alphabet Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA. The purpose of the Google AdSense component is to include advertisements on our website. Google AdSense sets a cookie on the information technology system of the data subject. What cookies are, has already been explained above. By using this cookie, Alphabet Inc. provides an analysis of the use of our website. Each visit to one of the pages of this site operated by the controller and incorporating a Google AdSense component automatically initiates the Internet browser on the information technology system of the person concerned through the respective Google AdSense component To submit data to Alphabet Inc. for purposes of online advertising and commission settlement. As part of this technical process, Alphabet Inc. gains knowledge of personal information, such as the IP address of the data subject, which is used by Alphabet Inc., inter alia, to understand the origin of visitors and clicks and, as a result, to facilitate commission settlement. The affected person can prevent the setting of cookies through our website, as shown above, at any time by means of a corresponding setting of the Internet browser used and thus permanently contradict the setting of cookies. Such a setting of the Internet browser used would also prevent Alphabet Inc. from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Alphabet Inc. can be deleted at any time via the Internet browser or other software programs. Google AdSense also uses so-called counting pixels. A counting pixel is a miniature graphic that is embedded in web pages to enable log file recording and log file analysis, whereby a statistical evaluation can be performed. Based on the embedded pixel count, Alphabet Inc. can detect if and when an internet page was opened by an affected person and which links the affected person clicked on. Counting pixels are used, among other things, to evaluate the flow of visitors to a website. Google AdSense will transfer personal information and information, including the IP address required to collect and bill the displayed advertising, to Alphabet Inc. in the United States of America. This personal information is stored and processed in the United States of America. Alphabet Inc. may transfer such personal information collected through the technical process to third parties. Google AdSense will be powered https://www.google.com/intl/en / adsense / start / explained in more detail.

11. Privacy Policy on Using and Using Google Analytics (with Anonymization Function)

The controller has integrated on this website the component Google Analytics (with anonymization function). Google Analytics is a web analytics service. Web analysis is the collection, collection and analysis of data about the behavior of visitors to websites. Among other things, a web analysis service collects data on which website an affected person has come to a website (so-called referrers), which subpages of the website were accessed or how often and for which length of stay a subpage was viewed. A web analysis is mainly used to optimize a website and cost-benefit analysis of Internet advertising. The operating company of the Google Analytics component is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA. The controller uses the addition "_gat._anonymizeIp" for web analytics via Google Analytics. By means of this addendum, the IP address of the Internet access of the data subject will be shortened and anonymised by Google if the access to our website is from a Member State of the European Union or from another state party to the Agreement on the European Economic Area. The purpose of the Google Analytics component is to analyze visitor flows on our website. Among other things, Google uses the data and information obtained to evaluate the use of our website, to compile for us online reports showing the activities on our websites, and to provide other services related to the use of our website. Google Analytics uses a cookie on the information technology system of the person concerned. What cookies are, has already been explained above. By using this cookie Google is enabled to analyze the usage of our website. Each time one of the pages of this website is accessed by the controller and a Google Analytics component has been integrated, the Internet browser on the information technology system of the person concerned is automatically initiated by the respective Google Analytics component To submit data to Google for online analysis purposes. As part of this technical process, Google will be aware of personal data, such as the IP address of the person concerned, which serve, among other things, Google to track the origin of the visitors and clicks, and subsequently make commission settlements possible. The cookie stores personally identifiable information, such as access time, the location from which access was made, and the frequency of site visits by the data subject. Each time you visit our website, your personal information, including the IP address of the Internet connection used by the data subject, is transferred to Google in the United States of America. This personal information is stored by Google in the United States of America. Google may transfer such personal data collected through the technical process to third parties. The affected person can prevent the setting of cookies through our website, as shown above, at any time by means of a corresponding setting of the Internet browser used and thus permanently contradict the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a cookie on the information technology system of the person concerned. In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.Furthermore, the data subject has the option of objecting to and preventing the collection of the data generated by Google Analytics for the use of this website and the processing of this data by Google. To do this, the person must add a browser add-on at the link https://tools.google.com/dlpage / gaoptout Download and install. This browser add-on informs Google Analytics via JavaScript that no data and information about website visits may be transmitted to Google Analytics. The installation of the browser add-on is considered by Google as a contradiction. If the data subject's information technology system is later deleted, formatted or reinstalled, the data subject must re-install the browser add-on to disable Google Analytics. If the browser add-on is uninstalled or disabled by the data subject or any other person within their sphere of control, it is possible to reinstall or reactivate the browser add-on. Additional information and Google's privacy policy can be found at https://www.google.com/ intl / de / policies / privacy / and at http://www.google .com / analytics / terms / en.html . Google Analytics will be powered by this link https://www.google.com/intl/en_uk/analytics/ explained in more detail.

12. Privacy Policy for Use and Use of Google AdWords

The controller has integrated Google AdWords on this website. Google AdWords is an Internet advertising service that allows advertisers to run both Google and Google Network search engine results. Google AdWords allows an advertiser to pre-set keywords that will display an ad on Google's search engine results only when the search engine retrieves a keyword-related search result. In the Google Network, ads are distributed on topical web pages using an automated algorithm and according to pre-defined keywords. The operating company for the services of Google AdWords is Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA. The purpose of Google AdWords is to promote our website by displaying interest-based advertising on third-party websites and in the search engine results of Google's search engine and by displaying advertisements on our website. If a data subject arrives on our website via a Google ad, a so-called conversion cookie will be stored on Google's information technology system by Google. What cookies are, has already been explained above. A conversion cookie expires after thirty days and is not used to identify the data subject. About the conversion cookie is, if the cookie has not yet expired, traced whether certain sub-pages, such as the shopping cart from an online shop system, were accessed on our website. The conversion cookie allows both us and Google to understand whether an affected person who came to our website via an AdWords ad generated revenue, ie, completed or canceled a purchase. The data and information collected through the use of the conversion cookie are used by Google to create visitor statistics for our website. These visit statistics are then used by us to determine the total number of users who have been sent to us through AdWords ads, in order to determine the success or failure of each AdWords ad and to optimize our AdWords ads for the future , Neither our company nor any other Google AdWords advertiser receives any information from Google that could identify the data subject. The conversion cookie stores personally identifiable information, such as the web pages visited by the affected person. Each time you visit our website, your personal information, including the IP address of the Internet connection used by the data subject, will be transferred to Google in the United States of America. This personal information is stored by Google in the United States of America. Google may transfer such personal data collected through the technical process to third parties. The affected person can prevent the setting of cookies through our website, as shown above, at any time by means of a corresponding setting of the Internet browser used and thus permanently contradict the setting of cookies. Such a setting of the Internet browser used would also prevent Google from setting a conversion cookie on the information technology system of the person concerned. In addition, a cookie already set by Google AdWords can be deleted at any time via the Internet browser or other software programs. Furthermore, the data subject has the opportunity to object to Google's interest-based advertising. To do this, the person concerned must access the link www.google.com/settings/ads from each of the Internet browsers they use and make the desired settings there. Additional information and Google's privacy policy can be found at https://www.google.com/ intl / de / policies / privacy / .

13. Privacy Policy for Using and Using Jetpack for WordPress

The controller has integrated Jetpack on this website. Jetpack is a WordPress plug-in, which offers additional functions to the operator of a website that builds on WordPress. Among other things, Jetpack allows the website operator an overview of the visitors to the site. By displaying related contributions and publications or the ability to share content on the site, it is also possible to increase visitor numbers. In addition, security features are integrated into Jetpack so that a Jetpack-using website is better protected against brute-force attacks. Jetpack also optimizes and speeds up the loading of images built into the website. The operating company of the Jetpack plug-in for WordPress is Automattic Inc., 132 Hawthorne Street, San Francisco, CA 94107, USA. The operating company uses the tracking technology of Quantcast Inc., 201 Third Street, San Francisco, CA 94103, USA. Jetpack places a cookie on the information technology system of the person concerned. What cookies are, has already been explained above. Each time one of the pages of this website is accessed by the controller and a Jetpack component has been integrated, the Internet browser on the information technology system of the person concerned is automatically prompted by the respective Jetpack component for analysis purposes to submit to Automattic. As part of this technical process, Automattic receives information about data that will subsequently be used to compile an overview of the website visits. The data obtained is used to analyze the behavior of the data subject who accessed the controller's website and is evaluated with the aim of optimizing the website. The data collected through the Jetpack component will not be used to identify the data subject without first obtaining the specific prior consent of the data subject. The data will also be reported to Quantcast. Quantcast uses the data for the same purposes as Automattic. The affected person can prevent the setting of cookies through our website, as shown above, at any time by means of a corresponding setting of the Internet browser used and thus permanently contradict the setting of cookies. Such a setting of the Internet browser used would also prevent Automattic / Quantcast from setting a cookie on the information technology system of the data subject. In addition, cookies already set by Automattic can be deleted at any time via the Internet browser or other software programs. Furthermore, the data subject has the option of objecting to and preventing detection of the data generated by the Jetpack cookie relating to the use of this website as well as the processing of this data by Automattic / Quantcast. To do this, the affected person must use the opt-out button at https://www.quantcast.com/ press opt-out / , which sets an opt-out cookie. The opt-out cookie set against the objection will be placed on the information technology system used by the data subject. If the cookies on the affected person's system are deleted after an appeal, the data subject must revisit the link and set a new opt-out cookie. By setting the opt-out cookie, however, it is possible that the website of the controller for the data subject is no longer fully usable. Automattic's applicable privacy policy is available at https://automattic.com/privacy/ . Quantcast's applicable privacy policy is available at https://automattic.com/privacy/ .

14. Privacy Policy for Using and Using YouTube

The controller has integrated YouTube components on this website. YouTube is an internet video portal that allows video publishers to freely watch video clips and other users for free viewing, rating and commenting. YouTube allows the publication of all types of videos, so that both complete film and television broadcasts, but also music videos, trailers or user-made videos via the Internet portal are available. YouTube's operating company is YouTube, LLC, 901 Cherry Ave., San Bruno, CA 94066, USA. YouTube, LLC is a subsidiary of Google Inc., 1600 Amphitheater Pkwy, Mountain View, CA 94043-1351, USA. Each visit to one of the pages of this site operated by the controller and incorporating a YouTube component (YouTube video) will automatically cause the Internet browser on the subject's information technology system to be represented by the respective YouTube component to download an illustration of the corresponding YouTube component from YouTube. More information about YouTube can be found at https://www.youtube.com/yt/about/en/ . As part of this technical process, YouTube and Google are aware of the specific bottom of our site visited by the person concerned. If the data subject is logged in to YouTube at the same time, YouTube recognizes by calling a sub-page containing a YouTube video, which specific bottom of our website the affected person visits. This information is collected by YouTube and Google and associated with the individual YouTube account. YouTube and Google will always receive information through the YouTube component that the data subject has visited our website if the data subject is simultaneously logged into YouTube at the time of access to our website; this happens regardless of whether the person clicks on a YouTube video or not. If such transmission of this information to YouTube and Google is not wanted by the data subject, it can prevent the transmission by logging out of their YouTube account before calling our website. YouTube's privacy policy posted at https://www.google.com/intl/ DE / policies / privacy / provide information on the collection, processing and use of personal data by YouTube and Google.

15. Legal basis of processing

Art. 6 I lit. A DS-GMO serves our company as the legal basis for processing operations where we obtain consent for a particular processing purpose. If the processing of personal data is necessary to fulfill a contract of which the data subject is a party, as is the case, for example, in processing operations necessary for the supply of goods or the provision of any other service or consideration, processing shall be based on Art. 6 I lit. b DS-GMO. The same applies to processing operations that are necessary to carry out pre-contractual measures, for example in cases of inquiries regarding our products or services. If our company is subject to a legal obligation which requires the processing of personal data, such as the fulfillment of tax obligations, the processing is based on Art. 6 I lit. c DS-GMO. In rare cases, the processing of personal data may be required to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor to our premises were injured and his or her name, age, health insurance or other vital information would have to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d DS-GMO are based. Ultimately, processing operations could be based on Art. 6 I lit. f DS-GMOs are based. On this legal basis, processing operations that are not covered by any of the above legal bases are required if processing is necessary to safeguard the legitimate interests of our company or a third party, unless the interests, fundamental rights and fundamental freedoms of the person concerned prevail. Such processing operations are particularly allowed to us because they have been specifically mentioned by the European legislator. In that regard, it considered that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, second sentence, DS-BER).

16. Eligible Interests in the Processing being Followed by the Responsible or a Third Party

Is the processing of personal data based on Article 6 I lit. f DS-GMO is our legitimate interest in conducting our business for the benefit of all of our employees and our shareholders.

17. Duration for which the personal data is stored

If your personal data are based on legitimate interests in accordance with Art. 6 para. 1 sentence 1 lit. f DSGVO are processed, you have the right to file an objection against the processing of your personal data in accordance with Art. 21 DSGVO, provided that there are reasons for this arising from your particular situation or the objection is directed against direct mail. In the latter case, you have a general right to objection, which is implemented by us without specifying any particular situation.
If you would like to exercise your right of withdrawal or objection, it will suffice, for example. an email to datenschutz (at) commax.de