Data Protection | Datenschutz
The digital services may contain links to other third party service provider websites that are not covered by this privacy statement.
The controller for the processing of your personal data is
Pawlik Consultants GmbH
represented by the managing directors Joachim Pawlik, Layla Dolfen, Arne Adrian and Prof. Dr. Henrik Meyer-Hoeven
2. Purposes and legal basis of data processing
2.1 Data processing for the provision of contractual services
We process personal data in order to process the contractual relationships and to be able to submit contractual offers tailored to your requirements. The collection of the data takes place in particular for the conclusion and/or for the performance of a contract.
We collect with all forms obligatorily only those personal data, which are absolutely necessary for the completion of the contractual relations and/or for your information inquiry. This information is marked with an asterisk. The collection of data, which is not absolutely necessary, but in which we are interested in order to optimize the fulfilment of the purpose, is only optional. In this case you decide on a voluntary basis if and which data you want to give us.
You can contact us via our website and our contact data to request contractual services. You can also use the contact form on our website for this purpose. If you provide us with personal data this way or in another way with this purpose, we process your data for the answer of your requests, for the performance of the order/contract as well as for invoicing. We need your name, your address data as well as your e-mail address. These data are necessary to enter into a contract with us.
In addition, we collect further data you provide within the contractual initiation or performance of the contract, which are not absolutely necessary for the performance of the contract, but which support the purpose and are useful for it, in particular to be able to provide better consulting services. For example, we may collect information about contact persons in your company (name, telephone number, e-mail address, department, position in the company) and information about your company (business sector, planned measures and budget plans, if you provide them).
Depending on the order/contract, we may require additional data; we will inform you on a case-by-case basis.
In the case of suppliers/service providers, we process the provided personal data to order and claim services and to pay for the services provided. For this we need the name, the name of your company (if different) the address data as well as the bank account data. We also use further data you provide in this way or another way for this purpose, but those data are not necessary to enter into a contract. Depending on the order/contract, we may require additional data; we will inform you on a case-by-case basis.
The basis for data processing is Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
2.2 Data processing for communication with you (contact form, etc.)
In addition to the contract data, we process your communication data (names of contact persons, address, telephone number, fax number, e-mail address) in order to be able to contact you and communicate with you within the contractual relationship. Personal data that you provide to us by e-mail, the contact form on our website, by post or telephone will only be processed for correspondence with you or only for the purpose for which you have made the data available to us. For communication via the contact form on our website, we need at least your full name and your e-mail address. If you would like us to call you back, we also need your telephone number.
The basis for this data processing is also Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the performance of a contract or pre-contractual measures.
2.3 Newsletter (Performance Impulse)
If you wish to subscribe to our newsletter, we need your first and last name, an e-mail address and information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receiving the newsletter. For this purpose, we will send a confirmation e-mail with a link (double opt-in) to the registered e-mail address. Only after clicking on this link the registration will be completed. The purpose of the procedure is to prove your registration and, if necessary, to clarify any possible abuse of your personal data. We do not collect any further data in this context. We use these data exclusively for the dispatch of the requested newsletter. If we use an order processor to send the newsletter, we will of course comply with the applicable data protection laws.
If we use an order processor to send the newsletter, we will of course comply with the applicable data protection laws.
If you subscribe, you agree that we will send e-mails containing information on our Area of Expertise and on specialist blog contributions as well as on events, products and services of our company group to the deposited e-mail address on a regular basis. You can revoke your consent to receive these e-mails at any time. A text message to the contact data mentioned under point 1 (e.g. e-mail, fax, letter) is sufficient.
We analyze our newsletter campaigns with the help of our newsletter service provider based in Germany, which acts as an order processor for us. When you open an e-mail from the newsletter, a file contained in the e-mail (so-called web beacon) connects to the servers of our service provider. This allows us to determine whether a newsletter message has been opened and which links, if any, have been clicked. In addition, technical information is recorded (e.g. time of retrieval, IP address, browser type and operating system). This information cannot be assigned to the respective newsletter recipient. It is used exclusively for the statistical analysis of newsletter campaigns. The results of these analyses can be used to better adapt future newsletters to the interests of the recipients. If you enter your e-mail address and, if applicable, other data for the purpose of receiving the newsletter, this will be stored on the servers of our newsletter service provider.
The data that you provide us with for the purpose of subscribing to the newsletter will be stored by us until you unsubscribe from the newsletter and will be deleted from our servers as well as from the servers of our newsletter provider after you unsubscribe from the newsletter. Data, which were stored for other purposes, remains unaffected.
The data processing is based on your consent pursuant to Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent to the sending of a newsletter at any time and cancel the respective subscription. You can declare the revocation by clicking on the link provided in each e-mail or by sending a message to us using the contact details listed under point 1. The legality of the data processing operations already carried out remains unaffected by the revocation.
2.4 Data processing for advertising purposes
We use the provided address data to send you product/service information, current price advantages and product/service offers of our company group by post.
The basis for data processing is Art. 6 para. 1 s. 1 f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override. Our interest is the promotion and sale of our products and services.
In addition, we use your e-mail address for recommendations and information about our products and services of our company group by e-mail if you have already purchased products or services from us. You will receive these recommendations from us regardless of having subscribed to a newsletter. In this way we would like to provide you with information about other similar products and services that may be of interest to you based on your recent purchases/orders. Of course, we will strictly comply with legal requirements.
In addition, we use your telephone number to provide you with recommendations and information on our products and services by telephone. Of course we will also comply with legal requirements in this case.
If you no longer wish to receive any recommendations on products or services or any advertising messages from us, you can object at any time. A message in text form to the contact data (e.g. e-mail, fax, letter) mentioned above is sufficient.
The basis for data processing is Art. 6 para. 1 s.1 lit. f GDPR, which permits the processing of data for purposes of the legitimate interests pursued by the controller, provided that the interests or fundamental rights and freedoms of the data subject do not override Our interest is economic and lies in the promotion and sale of our products and services.
Each time our websites are accessed, usage data is transmitted by the respective Internet browser and stored in log files, the so-called server log files. The stored data records contain the following data: Browser type and browser version, operating system used, referrer URL, time of server request, shortened IP address.
These data cannot be assigned to specific persons. This data will not be merged with other data sources. We reserve the right to subsequently check this data if we become aware of concrete indications of illegal use.
The data processing is based on Art. 6 para. 1 lit. f GDPR, which permits the processing of data to safeguard the legitimate interests of the data controller, provided that the interests or fundamental rights and freedoms of the data subject do not prevail. We have an interest in the prosecution, prevention and punishment of illegal use of our offer.
We use so-called cookies on some of our websites, among other things to be able to offer you website-specific services, to recognize you when you visit our website again, and/or to adapt our offer to your personal preferences.
Cookies are small text files that are stored on a visitor’s computer and contain data on the respective user in order to enable access to various functions. Both session cookies and persistent cookies are used on our website. A session cookie is temporarily stored on your computer as you navigate through the site. A session cookie is deleted as soon as you close your Internet browser or as soon as your session has expired after a certain period of time. A persistent cookie remains on your computer until it is deleted. The storage of a cookie ensures that you do not have to repeatedly enter your personal settings and preferences every time you visit our website. This saves you time and makes using our website more convenient for you.
We may work with third parties on some of our websites and therefore, when you visit such a website, cookies from partner companies may also be stored on your hard drive (third-party cookies). We inform you below about the use of such cookies and the scope of the data collected in each case.
We use necessary cookies, which are required to enable the performance of the services we are obliged to provide. The data processing in this respect is then based on Art. 6 para. 1 s. 1 lit. b DSGVO, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
We may obtain your consent for the use of other, unnecessary cookies. The data processing is then carried out on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent at any time. The legality of the data processing already carried out remains unaffected by the revocation.
2.7 Borlabs Cookies
This website uses Borlabs cookie from Borlabs – Benjamin A. Bornschein, Georg-Wilhelm-Str. 17, 21107 Hamburg, Germany, which sets two technically necessary cookies (borlabsCookie and borlabsCookieUnblockContent) to store the cookie preference of your browser. Borlabs Cookie does not process any personal data. The borlabsCookie stores the chosen preference that was selected when you entered the website via the browser you are using. The borlabsCookieUnblockContent cookie stores which (external) media/content should always be automatically unblocked. If you wish to revoke these settings for the specific browser, simply delete the cookies in your browser. When you re-enter/reload the website, you will then be asked again for your cookie preference. For more information about Borlabs Cookie privacy, please visit https://de.borlabs.io/datenschutz/.
2.8 Google Analytics
This website may use Google Analytics – integrated via the Google Tag Manager, a web analysis service of Google Ireland Limited, Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland (hereinafter referred to as “Google”), if you have consented to this data processing. Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of this website is usually transferred to a Google server and stored there, and may also be transferred to the servers of Google LLC in the USA.
However, since IP anonymisation is activated on our website when using Google Analytics, your IP address will be shortened by Google in member states of the European Union or in other signatory states to the Agreement on the European Economic Area before this is done. Only in exceptional cases will the full IP address be transferred to a Google LLC. server in the USA and shortened there. Google will use this information for the purpose of evaluating your use of the website in question, compiling reports on website activity and providing other services relating to website activity and internet usage.
We may also use the “demographic features” feature of Google Analytics in conjunction with Google Analytics. This allows us to generate reports that include information about the age, gender and interests of site visitors. This data is derived from interest-based advertising by Google and from visitor data from third parties. This data cannot be attributed to any specific person. You can disable this feature at any time by changing the ad settings in your Google Account, or generally prohibit Google Analytics from collecting your information as shown below.
You can also prevent the collection by Google Analytics by clicking on the following link. An opt-out cookie is set to prevent future collection of your information when you visit this site:
Important in connection with data processing in the USA: According to the European Court of Justice, the data protection standard in the USA is insufficient and there is a risk that your data will be processed by US authorities, for control and monitoring purposes and possibly without any possibility of legal recourse.
The storage of Google cookies and the evaluation for statistical purposes is based on your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR and Art. 49 para. 1. s. 1 lit. a GDPR. You can revoke your consent at any time. You can revoke your consent by clicking on the aforementioned opt-out link, or by sending a message to the contact data mentioned under point 1 (e.g. e-mail, letter). The legality of the data processing operations that have already taken place remains unaffected by the revocation.
2.9 Online presence in social networks
We have set up online presences in various social networks to communicate with you, interested parties and customers and to inform them about our services and current offers. In addition to our interaction with you, the social networks process data from visitors to their websites for the purpose of market research and advertising, i.e. that from the respective visit or usage behavior and the preferences and interests of a visitor derived from this, a user profile may be created by the respective operator of the social network. Such user profiles can be used, among other things, to display advertisements within the respective social network and possibly on other websites, which are individually adapted to the respective user profile. Cookies (see above) may be stored on the visitors’ devices, with the help of which data on usage behavior can be collected. The collection of this data can, especially in the case of logged-in members of the respective social network, also be realized across several browsers and/or end devices used by a user. Even if a visitor does not have a profile with the respective social network, it cannot be ruled out that personal data on this visitor will be stored when visiting the respective website. Requests for information regarding the data stored in social networks via our online presence or the use of other relevant rights of affected persons (see below) can be addressed to the provider of the respective service. Only the providers of the social networks have access to the respective data stored there and can provide the corresponding information, etc. With regard to the purpose and scope of data processing by the various social networks, we refer additionally to their respective data protection notices and the respective contact options:
New Work SE (XING)
20354 Hamburg, Deutschland
LinkedIn Ireland Unlimited Company
Dublin 2, Irland
The processing of data in the context of our online presences in social networks takes place insofar as a data protection responsibility exists on our part due to our legitimate interest in effective information and direct communication with interested parties and customers of our company. The basis for data processing is Art. 6 (1) p. 1 lit. f DSGVO, which permits the processing of data to protect the legitimate interests of the controller, provided that the interests or fundamental rights and freedoms of the data subject are not overridden. Our interest lies in providing content and communicating with users of the respective social networks and improving the reach and effectiveness of our posts.
2.10 Data processing for the purposes of legitimate interests
We also process your data if it is necessary for purposes of legitimate interests of us or third parties. This may be the case in particular to guarantee IT security and IT operation, especially for support requests, to be able to understand and prove facts in case of legal disputes, for market and opinion surveys, to analyze the use of our website and/or to advertise other products from us or our cooperation partners.
The basis for data processing is Art. 6 para. 1 lit. f GDPR. We have a legitimate interest in the data processing listed afore. Our interest is either in IT security, in ensuring support for better usability of our website or in our legal interest or in our evaluation and advertising interest.
2.11 Other data processing based on your consent
It may also happen that we ask for your consent to process personal data. Any granting of consent and the relevant data processing is voluntary and you will not suffer any disadvantages if you do not consent.
The data processing is then carried out on the basis of your consent in accordance with Art. 6 para. 1 s. 1 lit. a GDPR. You can revoke your consent at any time with effect for the future. An informal notification to us is sufficient for this purpose. The legality of the data processing operations already carried out remains unaffected by the revocation.
2.12 Data processing for the fulfilment of legal obligations
In addition, we process your data to fulfil legal obligations (e.g. regulatory requirements, commercial and tax storage and proof obligations). For this reason we collect e.g. your VAT number for contracts, as well as the VAT ID for international contracts.
The basis for data processing is Art. 6 para. 1 s.1 lit. c GDPR, which permits processing for the fulfilment of a legal obligation.
3. Categories of recipients of the personal data
Your personal data will only be transferred or otherwise transmitted to third parties if this is necessary for the purpose of contract processing or billing or if you have previously consented or if there is a legal basis for the transfer.
Your contract and communication data will be forwarded to the responsible office and the responsible employees within our company for answering your inquiries, for communication, for the execution of the order or for the fulfilment of contractual obligations.
If necessary for the purpose of contract processing or for the dispatch and delivery of products or for the provision of our services, data is passed on to partner companies that have been commissioned to support the contract processing. Our partners commit themselves to comply with and observe the data protection regulations. Our partners are not permitted to use the data for any other purpose than the execution of the contract.
The basis for data processing is Art. 6 para. 1 s.1 lit. b GDPR, which permits the processing of data for the fulfilment of a contract or pre-contractual measures.
We disclose personal data to third parties who process personal data on their own responsibility (so-called controllers, cf. Art. 4 (7) GDPR), such as postal and delivery services, house bank, tax advisor/auditor or authorities within the scope of legal permissibility and necessity.
Insofar as we make use of the services of third parties to carry out our services, we process personal data according to the provisions of the GDPR. Service providers who support us in providing our services to you are hosting providers, e-mail service providers, IT service providers, software (SaaS) providers, consulting service providers; document shredding service providers, archiving service providers.
4. Duration of data storage
In principle, we delete your data as soon as it is no longer required for the above-mentioned purposes, unless temporary storage is still necessary. We store your data on the basis of legal proof and storage obligations, which result among other things from the German Commercial Code and the German Tax Code, according to which the storage periods are up to ten full years. In addition, we keep data for the period during which claims can be asserted against our company (statutory limitation period of three years until the end of the year).
5. Data Security
Your personal data will be transmitted securely by us through encryption. We use the coding system SSL (Secure Socket Layer). You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line. Furthermore, we secure our websites and other systems by technical and organizational measures against loss, destruction, access, alteration or distribution of your data by unauthorized persons.
6. Rights of the data subject
You have the right to request information about your stored personal data, their origin and recipients and the purpose of data processing and, if necessary, a right to correction, blocking or deletion of this data at any time within the scope of the applicable legal provisions.
You may also have the right to restrict the processing of your data and to have the data you provided received back and also transmitted in a structured, common and machine-readable format.
If you have given us your consent to process personal data for specific purposes, you can revoke your consent at any time with effect for the future.
If we process your data to protect legitimate interests, you may object to such processing for reasons arising from your particular situation.
You also have the right to contact a data protection supervisory authority and lodge a complaint.