as amended on 25 May 2018
1. Scope of application
Compliance Alliance or MCW Consulting, operated by Dipl.-Kauffrau Marion Charlotte Willems (hereinafter referred to as “we” or “us”), the protection of your privacy and personal data is a particular concern. With this data protection declaration we would like to inform you comprehensively about how we handle your personal data.
This data protection declaration applies to the handling of your personal data when you visit our Internet pages at www.compliance-alliance.eu or www.marionwillems.de, when you have an ongoing business relationship with us or when you apply to us.
2. Who is responsible and to whom can I turn?
Dipl.-Kauffrau Marion Charlotte Willems, Am Römischen Hof 28, 61352 Bad Homburg, is responsible for the processing of personal data described in this data protection declaration.
You can contact us by post, electronically or telephone regarding all data protection enquiries:
Dipl. Kauffrau Marion Charlotte Willems
MCW Consulting and Compliance Alliance
Am Römischen Hof 28
61352 Bad Homburg
3. Which data do we process from you?
Depending on the specific processing situation, we collect and process various personal data about you. Below you will find a list of the data relating to the respective processing situation:
3.1 Which data do we process when visiting our website?
The visit to our website can basically take place without disclosing your identity. As far as you use the offers provided by us on the Internet pages without registration, we process from you among other things:
Data on the use of the Internet pages provided (e.g. browser used, operating system used, referrer url, time of server request, content retrieved, duration of use);
Other technical data comparable with the previous ones.
3.2 What data do we process when you contact us?
Depending on your request, you can contact us by e-mail via our website. We only store and process your e-mail address and the information you have provided to us.
3.3 Which data do we process within the framework of an ongoing business relationship?
If you have an ongoing business relationship with us, for example as a customer of our products and services, we regularly store the following data about you:
Contact information of a contact person (surname and first name);
Contact details (telephone number, address, fax number, e-mail address);
If applicable, further information insofar as this is required within the framework of our business relationship, such as bank information.
3.4 What data do we process when you apply to us?
You can apply to us by post or electronically, including by contacting the e-mail address provided on our website. When you apply to us, we process the following information from you, among other things, insofar as you provide us with such information as part of your application:
personal details (surname and first name);
contact details (telephone number, e-mail address);
Information that you have provided to us as part of your application documents, for example from your CV or other proof of qualification.
4. With whom do we collect your personal data?
As a rule, personal data is collected directly from you, for example by visiting our website or using the services offered, such as the opportunity to contact you by e-mail. We collect further data through the integration of cookies or comparable tracking technologies on our Internet pages in order to collect information about your visit to our Internet pages.
In addition, we receive information from publicly available information offers such as the Internet, telephone directories or the company register (www.unternehmensregister.de).
5. For what purposes do we process your data and on what legal basis?
We process your personal data exclusively in accordance with the requirements of the Data Protection Basic Regulation (“DSGVO”) and the Federal Data Protection Act (“BDSG”). In certain situations, we also process your personal data to fulfil other legal obligations or on the basis of your express consent.
5.1 Fulfilment of contractual obligations
We process your personal data to fulfil contractual or quasi-contractual obligations or to establish a contract, for example for the following purposes provision of our services, including invoicing and answering questions.
If you apply to us by post or electronically and provide us with personal data, we process your personal data exclusively for the purpose of initiating a future employment relationship.
5.2 Compliance with legal obligations
Insofar as we are subject to legal obligations which require the processing of your personal data in order to comply with them, we process your personal data on the basis of these legal obligations.
5.3 Due to legitimate interests
We also process your personal data to protect our legitimate interests, unless your interests or fundamental rights and freedoms, which require the protection of your personal data, prevail.
Subject to a weighing decision to be made in individual cases, we regularly assume that our legitimate interests will prevail in the following processing situations, which are not exhaustively listed:
Support for existing customers;
Optimization of our offers and services;
Analysis of the use of our Internet pages;
Ensuring the confidentiality and integrity of our IT systems;
Analysis of the interests of our clients in order to prepare offers and advice in line with their interests
Cooperation with state authorities.
5.4 Based on your consent
If you have given us a separate consent for the processing of your personal data, we will process your personal data within the scope and on the basis of this consent. Consents can, for example, refer to the passing on of data to cooperation partners or the evaluation of your data for the dispatch of newsletters.
Consent is always voluntary. The refusal of the consent or a revocation of the same will have no negative consequences for you.
6. To whom do we pass on your data?
If necessary for the establishment, execution or termination of a contract or a legal relationship similar to a contract, we pass on your personal data to our cooperation partners.
Insofar as we process your personal data in connection with the contractual obligation to provide our services, we may forward your personal data to cooperation partners or shipping companies such as DHL, FedEx.
To process your data, we also use external service providers, to whom we forward your personal data, which is contractually secured and only process the data on our behalf. In addition, contract processors are contractually obliged, for example, to either delete or return the data at the end of the contract. We cooperate with the following contract processors for the following purposes:
IT service provider for the maintenance of the website (Strato AG).
6.1 Passing on due to legal obligations or to protect legitimate interests
Insofar as we are obliged to do so by law, by court order or on the basis of an enforceable official order, we will transfer your personal data to bodies entitled to receive such information. In addition, we also cooperate voluntarily with government investigation authorities upon request.
6.2 Other disclosures
If you have given us a separate declaration of consent for the use and disclosure of personal data, your personal data may be disclosed to the recipients named there. In the context of the provision of third-party services on our Internet pages, personal data may in some cases be passed on to third parties. You will find detailed information on this under section 12. In addition, no personal data will be passed on to third parties unless there is a separate legal basis for the transfer in individual cases and your interests or fundamental rights and freedoms do not prevail.
7. Do we transfer your data to third countries?
In the case of international orders, we must transfer your personal data to countries outside the European Union or the European Economic Area, so-called third countries. This applies, for example, to the transfer of personal data in connection with a specific project or order to cooperation partners.
8. How long do we store your personal data?
We process and store your personal data only for as long as is necessary for our processing purposes.
We will delete the data collected and stored within the framework of the use and provision of our Internet pages at any time and independently and regularly within a few days on request, unless we have a special interest in a particular case.
As part of our business relationship, we store your personal data only for a maximum of four years after termination of your business relationship with us. We store contact data and information about customer interests as long as we can usually expect new inquiries or an interest in our services.
If you have applied for a job with us and you do not take up employment with us, we will store your data for a maximum period of nine months, unless you give us separate permission to continue storing it for the purpose of applying for other positions.
If a longer storage period is required due to legal storage and documentation obligations or to protect our legitimate interests, e.g. in the event of possible legal disputes, your personal data will also be stored and processed after expiry of the above-mentioned period. Once a contract or similar relationship has been fully processed, we will, as far as possible, immediately block your personal data from further processing.
A final deletion takes place after expiry of the periods resulting from the legal storage and documentation obligations, which amount to between two and ten years and result among other things from the tax code or the commercial code.
9. Your rights
Below you will find a summary of your rights regarding the processing of your personal data by us:
9.1 Rights of access, cancellation, rectification, limitation of processing and data portability
Pursuant to Art. 15 DSGVO, you have a right to information according to which you can request confirmation as to whether we process your personal data. If this is the case, you have the right to request comprehensive information on this personal data from us.
Pursuant to Art. 16 DSGVO, you may request that incorrect data concerning you be corrected without delay.
Pursuant to Art. 17 DSGVO, you have the right to request the deletion of your personal data if (i) it is no longer required for the purposes for which it was collected, (ii) you have revoked your consent to its processing, (iii) you have objected to the processing under Art. 21 (1) DSGVO and there are no overriding legitimate reasons for continued processing, (iv) your personal data have been unlawfully processed, (v) the deletion of the personal data is necessary to comply with a legal obligation under Union law or the law of the Member States to which we are subject, or (vi) the personal data have been collected in relation to Information Society services provided pursuant to Article 8(1) DSGVO.
Pursuant to Art. 18 DSGVO, you have the right to demand the restriction of processing under the following conditions. Such a right exists if (i) you have either disputed the accuracy of your personal data, (ii) the processing is unlawful and you refuse to delete the personal data and instead request the restriction of use, (iii) the data is no longer required for the purposes of the processing but you need it for the assertion, exercise or defence of legal claims, or (iv) you have lodged an objection against the processing pursuant to Art. 21 para. 1 DSGVO until it is established whether we have legitimate reasons for the processing which outweigh yours.
According to Art. 19 DSGVO, you have the right to request information about the recipients of data who have been informed of a correction, deletion of your personal data or a restriction of processing.
According to Art. 20 DSGVO you have the right to receive your personal data from us in a structured, common and machine-readable format and to forward this data to another responsible person.
If the processing or transmission of your personal data is based on your declared consent, you can revoke this consent at any time with effect for the future.
In addition, you have the right to lodge a complaint with the State Commissioner for Data Protection and Freedom of Information Hessen, P.O. Box 3163, 65021°Wiesbaden, against the processing of your data or a decision made by us with regard to one of the rights exercised by you.
For the assertion of your rights listed under section 9.1, you may informally apply by post, fax or e-mail to the address listed under section 9.1. 2 to the contact details listed under point 9.1.
9.3 Right of objection pursuant to Art. 21 DSGVO
9.3.1 Opposition on the grounds of your particular situation
According to Art. 21 para. 1 DSGVO you have the right, for reasons arising from your particular situation, to object at any time to the processing of your personal data if this processing is carried out for the purpose of our legitimate interests, including a profiling based on this (e.g. for credit rating). Further processing of your personal data will then no longer take place unless we can prove compelling reasons for processing worthy of protection which outweigh your interests, rights and freedoms, or the processing serves the assertion, exercise or defence of legal claims.
9.3.2 Opposition to direct advertising
Pursuant to Art. 21 para. 2 DSGVO, you have the right at any time to object to the use of your personal data for the purpose of direct marketing. This also applies to profiling insofar as it is connected with such direct advertising. If you object to the processing for purposes of direct marketing, we will no longer process your personal data for these purposes.
9.3.3 Contact possibility
You can declare your opposition informally by mail or e-mail, addressed to:
Dipl. Kauffrau Marion Charlotte Willems
MCW Consulting and Compliance Alliance
Am Römischen Hof 28
61352 Bad Homburg
10. Is there an obligation on your part to provide personal data?
There is neither a contractual nor a legal obligation to provide us with your personal data for the use of our website. However, if you wish to contact us or establish a business relationship with us, certain details are required so that we can process your enquiry.
11. Is processing based on automated decision-making or profiling?
You have the right not to be subject to a decision based solely on automated processing, including profiling, if the decision is not necessary for the conclusion or performance of a contract, is not required by mandatory law, or is not based on your express consent.
We do not use any automated decision making process, including profiling.
12. What type of cookies and tracking technology do we use?
You can limit the use of tracking technology by changing your browser settings. You can determine what access you allow us to your devices and whether and for how long cookies can be stored on your device. You can also delete cookies that have already been saved at any time. Please note that the functionality of our website may be impaired if all cookies are deactivated. Similar functions (e.g. Flash cookies), which are used by so-called browser add-ons, can be deactivated or deleted by changing the settings of the browser add-ons or via the website of the browser add-ons manufacturer.
12.1 What are cookies?
A cookie is a small file that is transferred from the website’s host server during the use of a website and stored on the user’s device (desktop computer, laptop, tablet, smartphone, other Internet-enabled devices) by the browser used. Cookies are used to store information about the user and to retrieve it when the website is called up again.
12.2 What are cookies used for?
Cookies help us to understand the use of our websites, analyze trends, administer the website, track a user’s progress on our website, gather demographic information about our user base as a whole, navigate you efficiently between pages, remember your preferences and settings on our websites and generally improve your browsing experience. We process the information collected through tracking technologies to (i) remember information so that you do not need to re-enter it during your visit or a return visit, (ii) monitor the functionality and performance of our Web Sites, (iii) collect aggregated metrics such as total number of visitors, traffic, usage and demographic patterns on our Web Sites, (iv) diagnose and troubleshoot technical problems, and (v) implement other plans and improvements to our Web site.
12.3 What types of cookies are used on our websites?
The cookies used on our website can usually be divided into one of the following categories: Mandatory cookies, analysis cookies, function-related cookies or cookies from social networks.
12.3.1 Mandatory Cookies
These cookies are essential for the functioning of our website and enable you to move around our website and use its functions. Without these cookies, certain services necessary for the full use of our website cannot be provided.
12.3.2 Analysis Cookies
With the help of these cookies, we collect information about how users use our Internet pages, e.g. which pages are accessed and read most frequently, or how users move from one link to the next. All information that this type of cookie collects does not relate to a single user, but is aggregated with information from other users and processed. Cookies provide us with analytical data on how our websites work and how we can improve them.
12.3.3 Functional Cookies
These cookies allow us to store a specific selection made by you and to adapt our Internet pages in such a way that they offer you extended functions and content. These cookies can be used, for example, to store your language selection or country selection.
12.3.4 Social Network Cookies
To facilitate the exchange of content on the Internet, some of our Web pages may contain small third-party software applications, such as Facebook, Twitter, LinkedIn or Google+, for the exchange of information. Cookies are not stored by us, but by the third party on your device. We cannot control these cookies. You should therefore visit the third-party websites for further information.
12.4 How long are cookies stored on my devices?
The duration of storage depends essentially on whether it is a “persistent” or “session-related” cookie. Session-related cookies are deleted after you leave the website that set the cookie. Persistent cookies remain on your device even after you have stopped surfing until they are deleted or until they expire.
12.5 Third-party cookies – use of Google Analytics
In the course of the provision of our Internet pages, cookies of the third party provider Google are used. Their use is explained below:
The data processed by us within the framework of Google Analytics will be automatically deleted after the expiry of the shortest option provided by Google (14 months). You can object to the processing of your data within the framework of “Google Analytics” at any time with effect for the future by calling up the following link
http://tools.google.com/dlpage/gaoptout?hl=de and following the instructions contained therein.
http://www.google.com/analytics/terms/de.html and https://www.google.de/intl/de/policies/ respectively.
12.6 Integration of third-party services and content into our website
Through the integration of third-party content and services, personal data may be collected from you and processed by third parties.
In the context of the representation of our Internet sides we use the service Google Fonts of Google Inc. for the graphic organization. (1600 Amphitheatre Parkway Mountain View, California 94043, USA) (hereinafter “Google”). When you access the Internet pages, the integrated fonts are downloaded from Google’s servers, among other things, in order to display the Internet pages on your device as intended by us. We use Google’s service in order to ensure a uniform presentation of our Internet pages on different devices.
When the fonts are loaded, numerous technical information is exchanged with Google’s servers, e.g. technical information on the hardware and software you use or your IP address. The exchange of this data is mandatory so that the service offered by Google can be us. More information about Google Fonts can be found at https://fonts.google.com/about and in Google’s privacy statement at https://policies.google.com/privacy?hl=de