Compliance with data protection has the utmost priority for ITB Consulting GmbH. To ensure compliance with the data protection requirements, we have a designated data protection officer and a data protection concept. For all of the services offered by ITB Consulting GmbH, there are internal procedural instructions for compliance with data protection. The services provided by ITB Consulting are in conformance with the legal data protection regulations, the European General Data Protection Regulation (EU GDPR) and the German Data Protection Act (BDSG). All of our employees who come in contact with personal data are prohibited from the unauthorized collection, processing or use of personal data. All employees have been obliged in writing in accordance with § 53 BDSG to maintain data privacy. In addition to this, our employees are regularly trained in compliance with information security and the individual requirements of data protection at ITB Consulting GmbH (information security).
Information obligations for the collection of personal data in accordance with Article 13 EU GDPR
The handling of your personal data should always be comprehensible and transparent. In the following, we inform you in accordance with Art. 13 EU GDPR about how we collect and process your personal data in compliance with the law.
Processing of personal data
According to Art. 4 (1) GDPR, “personal data” means any information relating to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Purposes and legal basis of the data processing [Art. 13 (1) c) EU GDPR]
The use of our website is largely possible without having to state personal data. We only process personal data on our website in the following cases:
- when you use our contact form
- when you write an article for the ITB blog
- when you subscribe to our newsletter
- when you contact us by e-mail
You provide your personal data on a purely voluntary basis. The personal data given by you will be used only to contact you or, where applicable, to send you our e-mail newsletter. As a visitor to our website, you can use the contact form to inform us of your enquiry. In this case, it is in our justified interest within the meaning of Art. 6 (1), sentence 1, f) EU GDPR to use the personal data provided by you so that we can contact you with reference to your enquiry. If you write an article for our ITB blog, the legal basis for the data processing is also Art. 6 (1), sentence 1, f) EU GDPR. As your blog article means that you want to participate in a discussion, it is in our justified interest to process your personal data in order to be able to communicate with you. If you are not yet our customer, you can subscribe to our newsletter after making a declaration of consent [Art. 6 (1), sentence 1, a) EU GDPR in conjunction with Art. 7 EU GDPR]. To confirm the consent, the data subject must send an e-mail confirmation of the consent (“double opt-in”). You can unsubscribe from the newsletter at any time using the unsubscribe link at the end of every e-mail. The withdrawal of the consent is also possible at any time by informal e-mail. In the case of direct contact by e-mail, the personal data that you voluntarily provide us with will be processed. This data will be collected and stored only for the purpose of contact with you. An internal set of procedural instructions determines how the sent data may be used in terms of data protection law and when it has to be deleted.
Passing on of personal data to third parties / recipients of the data [Art. 13 (1), e) EU GDPR]
Personal data that you send to us by e-mail, or that we process directly on our website within the framework of the use of our contact form, our blog or the sending of our newsletter as described above, will not be passed on to third parties without your express consent. In addition to this, our website contains links to the websites of various test procedures developed by ITB Consulting, in particular to SATs and aptitude tests. This includes, for example, BT-WISO and TM-WISO. The evaluation of such a test helps the university or institution to which you have applied to make a qualified selection of applicants for the respective courses of study. Due to the tightening of data protection law, in order to take part in this kind of test procedure, the person concerned is required, in the course of online registration for the respective test procedure, to make a qualified declaration of consent to the processing of his personal data. This consent fulfils the requirements of Art. 7 EU GDPR. You will be thoroughly informed about all the details of the declaration of consent during the online registration for the respective test procedure on the website concerned. You can view your declaration of consent there at any time and also revoke it if you wish. In order to guarantee the protection of your personal data in the context of collaboration within the framework of services offered with other institutions, e.g. our service providers, personal data may generally be passed on to third parties only once we have verified that these parties are in compliance with data protection law and a processing contract in accordance with Art. 28 EU GDPR has been signed. The authority to issue instructions regarding the handling of the personal data provided in conformance with data protection law lies with ITB Consulting GmbH.
Duration of storage and deletion of the data; right of objection and information [Art. 13 (2), a) and b) EU GDPR]
The duration of storage depends on the legal stipulations and the purpose of the data storage. If the purpose of data processing no longer applies, the data is deleted. Otherwise, collected personal data will always be deleted if the consent is withdrawn, the data is verifiably incorrect, the data was illegally collected, or no further data storage is required by law. If there are no legal grounds for storage, every data subject has the right to rectification or erasure (Art. 16, 17 EU GDPR), the right to restriction of processing (Art. 18 EU GDPR), the right to portability (Art. 20 EU GDPR) of his or her personal data as well as the right to object (Art. 21 EU GDPR). If the data subject has granted his or her consent, this consent can be withdrawn at any time without affecting the lawfulness of processing based on consent before its withdrawal (Art. 13 (2), c) in conjunction with Art. 7 (3) EU GDPR). Every data subject shall, on request, receive information about which of his or her personal data is being processed by ITB-Consulting GmbH (Art. 15 EU GDPR). Your personal data is not subject to any automated decision-making, including profiling within the framework of our processing [Art. 13 (2), f) EU GDPR].
The right to lodge a complaint with a supervisory authority [Art. 13 (2), d) EU GDPR]
Notwithstanding any other legal remedies, every data subject has the right to lodge a complaint with the relevant supervisory authority.
(State Officer for Data Protection and Freedom of Information NRW
Controller [Art. 13 (1), a) EU GDPR]
ITB Consulting GmbH
Koblenzer Str. 77
Phone: +49 228 82090-0
Fax: +49 228 82090-38
Managing Director Dr. Kristine Heilmann
Data protection officer [Art. 13 (1), b) EU GDPR]
datenschutz süd GmbH
E-mail correspondence takes place on the unsecured Internet. We hereby draw your attention to the fact that data transmission via the Internet may involve gaps in security and foolproof protection of the data against access by third parties is not possible.
Please do not send any confidential information by e-mail. With the present state of the art, it cannot be ruled out that third parties can gain illegal access to the information in the e-mail sent.
Links and integration of social networks
In some cases, it is possible to connect to our YouTube channel or our Facebook account from our website. Our website also contains links to other websites for which we are not responsible. We have no influence on their content or on the operators’ compliance with data protection regulations. Please contact these companies directly to learn about their data protection rules.
Technical and organizational measures (Art. 32 EU GDPR)
ITB Consulting GmbH uses technical and organizational measures within the meaning of Art. 32 EU GDPR to protect the personal data made available by you against destruction, loss, unauthorized access and deliberate or negligent manipulation. Compliance with the technical and organizational measures is documented and is checked at regular intervals by the data protection officer of ITB Consulting GmbH.
To assess how visitors are using our website, we use Google Analytics, a web analysis tool from Google Inc. (“Google”). Google Analytics employs “cookies”, text files which are saved to your computer and enable your use of the website to be analyzed.
The information about your use of this website generated by the cookie is transferred to and saved on a Google server in the USA. When IP anonymization is activated on this website, your IP address will be truncated in advance within Member States of the European Union or other parties to the Agreement on the European Economic Area. Only in exceptional cases is the full IP address transferred to a Google server in the USA and truncated there.
Google will use this information on behalf of the operator of this website to evaluate your usage of the website, to create reports on website activities, and to provide other services related to website and internet usage to the website operator. The IP address transmitted by your browser within the context of Google Analytics will not be combined with any other data held by Google.
You can prevent cookies from being stored on your computer by making the corresponding setting in your browser software. We would like to point out, however, that in this case you may not be able to use all of this website’s functions without restrictions. You can also prevent the collection of the data generated by the cookie and referring to your use of the website (including your IP address), as well as the processing of this data by Google, by downloading and installing the browser plug-in available at the following link:
Objection to unsolicited advertising e-mails
We hereby object to the use of the contact data on our websites to send unsolicited advertising and information material. ITB Consulting GmbH expressly reserves the right to take legal measures in the case of the unsolicited sending of advertising information, e.g. spam e-mails.