To the extent that we process personal data, Compliance Solutions GmbH acts as the data controller and is responsible for determining the permissible purpose, scope and means for processing such data.
You have the right at any time to obtain confirmation of the personal data we hold about you, to review its content or to request that it be updated, restricted or deleted, as explained below.
- Types of personal data we collect and use
- The legal basis for processing your personal data
- When we may share personal data with third parties
- How we protect and store your personal data
- When we may transfer your personal data abroad
- How long we store personal data
- Your rights: to review, update, restrict the use of and/or delete your personal data and to lodge a complaint with a supervisory authority
- How you can contact us
1. Types of personal data we store and use:
- Data you provide to us: You may provide us with personal data when you contact us in person, by phone, by email, or through social media or our website. This may include information that can be used to identify you or that we can associate with you, including your name, contact information, job title and related organizations, and any other information Compliance Solutions GmbH uses to identify you in relation to our services. This information may fall into the following categories:
- Correspondence, Events and Updates – we may process information contained in or related to communications you send or otherwise provide to us, including for the purpose of subscribing to our newsletters and other publications; registering for seminars and other events, recruiting personnel, managing our contact list and other purposes.
- Requests related to our services – we may process information contained in a request you submit to us indicating your interest in our services, including the content of your request and any contact information. We process this information to respond to your request and, where appropriate, to keep you informed in relation to our services, unless you indicate that you no longer wish to hear from us.
- Contractual information – if we enter into a contract to provide legal services to you or procure services from third party providers to Compliance Solutions GmbH, we may process personal information for the purposes of that contact and our related services. This may include personal information contained in correspondence relevant to the contract, data provided for the purposes of the contract, and / or transaction data and account data for the purposes of delivery and receipt of services, payments and for accounting purposes.
- Information we obtain from third parties: We may obtain information about you from public sources or third parties that help us keep our records current and analyze them, identify potential clients, and conduct compliance and regulatory audits.
2. Legal basis for the processing of personal data:
The legal basis for the processing of your personal data, depending on the purpose of obtaining the information, is as follows:
- The performance of a contract (Art. 6 (1) sentence 1 lit. b DS-GVO) – to fulfill our obligations under a contract with you or your organization or to take action at your request before entering into a contract. This may include the processing of personal data provided during correspondence, upon request and for the purposes of contracts and other transactions.
- Your consent (Art. 6 para. 1 sentence 1 lit. a DS-GVO) – if you have expressly consented to information being used for a specific purpose, including subscribing to our newsletter and invitations to events.
- Legitimate interests (Art. 6 (1) sentence 1 lit. f DS-GVO) – if the processing is necessary for the purposes of our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms are overridden. On this legal basis, your personal data is processed for the following purposes:
- to respond to inquiries, to contact third parties interested in initiating business and to maintain existing contacts;
- the use of transaction data for the purposes of outgoing and incoming payments and for the collection of receivables;
- Enterprise data analysis to evaluate the effectiveness of our services;
- to detect, prevent, and respond to actual or potential fraud or other illegal activity or intellectual property infringement;
- for the operation of our IT and data security systems, including securing our IT systems and databases that contain personal data, to ensure the security of our IT systems and the integrity and recoverability of our data; and
- to protect and enforce our legal and other rights.
- For compliance with legal obligations (Art. 6 (1) sentence 1 lit. c DS-GVO) or to protect vital interests of the data subject or another natural person – We may process personal data to the extent necessary to comply with our legal obligations, including accounting obligations and regulatory requirements, or to protect vital interests of the data subject or another natural person.
3. When we may disclose personal data to third parties:
We may share your personal information with third parties in the following circumstances:
- on a confidential basis to our employees, partners and consultants, and to other Compliance Solutions GmbH offices, as necessary for the provision of our legal services, internal administration, billing, compliance and reporting, promotion of our events and services, and other business purposes;
- to third parties with whom we jointly provide legal services to you;
- to third parties who store and host data for us, as well as to our IT and marketing service providers and to other providers of services, including those for the collection of outstanding debts;
- to third parties for the purposes of money laundering control and other compliance checks, as well as for the purposes of combating fraud and crime;
- to our insurers and consultants to the extent necessary to obtain and maintain insurance coverage, obtain consulting services, conduct litigation, accounting and financial audits; and
- to third parties to whom we transfer our rights or obligations, or if parts of our business are sold, transferred or integrated into another entity.
Any information we share with third parties is subject to contractual agreements we have entered into that provide for processing only in accordance with our instructions for the purposes specified therein and in compliance with applicable legal requirements.
Compliance Solutions GmbH reserves the right to disclose the following information: a) to competent courts, law enforcement agencies, governmental or regulatory authorities, if required by law or if prompted by an authority; and b) in order to protect the vital interests of the data subject or another natural person.
4. How we protect and store your personal data:
We use technical and organizational measures to protect your personal data. In accordance with our internal guidelines, your personal data is kept confidential and secure to protect your personal data from accidental loss, alteration, unauthorized use, unauthorized access or unauthorized disclosure. Personal information may be stored on our IT systems, those of third party vendors, and/or in paper form. When we share information with third parties, we obtain written confirmation that they will appropriately protect the information.
Although we do our best to ensure the security of your personal information and only use reliable service providers, unfortunately, 100% security cannot be guaranteed. In particular, we are not responsible for the security of personal information that you transmit to us over networks that we do not control, including the Internet and other wireless networks. Our internal policies provide procedures for handling suspected personal data breaches. We will notify you and any appropriate authorities of breaches if and to the extent we are required to do so by law.
If you follow a link from our website to a third party website or do business with a third party mentioned on the website, you should be aware that third parties have their own privacy policies for which we are not responsible. You should ensure that you read and understand their privacy statements.
5. When we may transfer your personal data abroad:
As Compliance Solutions GmbH operates throughout the EU, we may transfer your personal data abroad for storage or processing if this is necessary for one of the above purposes, including to all EU countries in which Compliance Solutions GmbH does business. If we do so, we will comply with applicable data protection laws and take appropriate security precautions to ensure the security and integrity of your personal data. When we use third-party service providers, we will enter into confidentiality agreements, including appropriate data protection obligations.
6. How long we store personal data:
All personal data will be deleted when it is no longer required for the permissible purposes for which it was stored or, if the storage is based on your consent, you revoke your consent and we are not legally obliged or otherwise entitled to continue storing the data. To the extent necessary, we will retain your personal data until the end of the relevant retention period or until all claims have been resolved if Compliance Solutions GmbH needs to assert or defend any legal claims or otherwise enforce its rights or those of third parties. We will also retain personal data to the extent necessary to comply with our legal obligations, regulatory requirements and reporting obligations. We may also store data in backup systems that are set up to maintain the integrity of our IT systems for the duration of minimum retention periods.
7. Your rights: review, update, restrict the use and / or delete your personal data and the possibility to lodge a complaint with a supervisory authority:
If you no longer wish to receive updates and communications from us, you can let us know by sending us an email to the contact details below.
Compliance Solutions GmbH is required by law to ensure that all information you provide to us remains accurate and current. Therefore, we ask that you contact us to update or correct your information if there are any changes or if you believe that the information we have collected about you is inaccurate. You have the right at any time:
- to request details of the categories of personal data we hold about you, the purposes for which we process the data and any third parties with whom it is shared. Provided that the rights and freedoms of others are not affected, we will provide you with a copy of the data;
- to request that we update or correct your personal data, object to the use of your personal data or request that we restrict the processing of such personal data for certain purposes. You may object to the processing of personal data for direct marketing purposes and withdraw the consent you have previously given us at any time by contacting us by email at or by using the contact details provided below. If you object to the processing of data for other purposes, we will comply unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, including compliance with legal obligations and for the purposes of asserting legal claims;
- if the personal data is no longer needed for the purposes for which it was collected, you may have the right to request its deletion. However, this does not apply if the data is required for other purposes, including the fulfillment of a legal obligation or in connection with possible legal claims;
- if we store personal data with your consent or to perform a contract with you and the processing is carried out in an automated way, you may have the right to obtain from us your personal data in a commonly used format so that it can be transferred to another third party provider, provided that this does not adversely affect the rights and freedoms of others;
- file a complaint with the competent supervisory authority. Details of the competent authorities in relation to each of the Compliance Solutions GmbH companies can be found below.
If you wish to exercise your rights in relation to your personal data, please contact us by email or post using the contact details below.
9. How to contact us:
If you require further information or have any questions or comments, please contact Compliance Solutions GmbH using the contact details below.