Data Protection Declaration for the websites of RISK-CONSULTING Prof. Dr. Weyer GmbH

Data Protection

We have written this data protection declaration (version 23.07.2021) to explain to you, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679, what information we collect, how we use data and what decision-making options you have as a visitor to this website.

Note on the responsible entity

The responsible authority for data processing on this website is:

RISK-CONSULTING Prof. Dr. Weyer GmbH

Hatzfeldstraße 5
51069 Cologne

Tel: +49 221 968479 – 0
Email: ds_ext@risk-consulting.de

Responsible authority is the natural or legal person who alone or jointly with others determines the purposes and means of the processing of personal data (e.g. names, e-mail addresses, etc.).

 

Hosting and Content Delivery Networks (CDN)

External hosting

This website is hosted by an external service provider (hoster). The personal data collected on this website is stored on the hoster’s servers. This is the data described in the next section (Automatic data storage).

The hoster is used for the purpose of fulfilling the contract (Art. 6 para. 1 lit. b GDPR) and in the interest of a secure, fast and efficient provision of our online presence by a professional provider (Art. 6 para. 1 lit. f GDPR).

Our hoster will only process your data to the extent necessary to fulfill its service obligations and will follow our instructions regarding this data.

We use the following hoster:

INSIGMA IT Engineering GmbH

Europaallee 31
50226 Frechen

Conclusion of a contract on order processing

To ensure data protection-compliant processing, we have concluded a contract for order processing with our hoster.

Automatic data storage

Nowadays, when you visit websites, certain information is automatically created and stored, also on this website.

When you visit our website, as you are doing right now, our web server automatically stores data such as

  • the host name and IP address of the device from which the access is being made
  • the address (URL) of the visited website
  • browser and browser version
  • the operating system used
  • the address (URL) of the previously visited page (referrer URL)
  • date and time

in files (web server log files).

Storage period

Usually, web server log files are stored for two weeks and then automatically deleted. We do not pass on this data, but we cannot exclude the possibility that this data may be viewed in the event of unlawful behavior.

Rights under the General Data Protection Regulation

According to the provisions of the GDPR, you are generally entitled to the following rights:

  • Right to rectification (Article 16 GDPR)
  • Right to erasure (“right to be forgotten”) (Article 17 GDPR)
  • Right to restriction of processing (Article 18 GDPR)
  • Right to notification – obligation to notify in connection with the rectification or erasure of personal data or the restriction of processing (Article 19 GDPR)
  • Right to data portability (Article 20 GDPR)
  • Right to object (Article 21 GDPR)
  • Right not to be subject to a decision based solely on automated processing – including profiling (Article 22 GDPR).

If you believe that the processing of your data violates data protection law or your data protection rights have been violated in any way, you can contact the responsible supervisory authority. About this and other questions on the subject of data protection, you can contact us at any time.

TLS encryption with https

We use https to transmit data in a tap-proof manner on the Internet (data protection by design of technology Article 25(1) GDPR). By using TLS (Transport Layer Security), an encryption protocol for secure data transmission on the Internet, we can ensure the protection of confidential data. You can recognize the use of this protection of data transmission by the small lock symbol at the top left of the browser and the use of the scheme https (instead of http) as part of our Internet address.

 

Request by e-mail, telephone or letter

If you contact us by e-mail or telephone, your inquiry including all resulting personal data (name, inquiry) will be stored and processed by us for the purpose of processing your request. We do not pass on this data without your consent.

The processing of this data is based on Art. 6 (1) lit. b GDPR, if your request is related to the performance of a contract or is necessary for the implementation of pre-contractual measures. In all other cases, the processing is based on our legitimate interest in the effective processing of the requests addressed to us (Art. 6 (1) (f) GDPR) or on your consent (Art. 6 (1) (a) GDPR) if this has been requested.

The data you provide to us will remain with us until you request us to delete it, revoke your consent to store it, or the purpose for storing the data no longer applies (e.g. after we have completed processing your request). Mandatory legal provisions – in particular legal retention periods – remain unaffected.

Sources: Created with the data protection generators of e-recht24.de and by AdSimple in cooperation with slashtechnik.de.