Compliance Solutions Data Protection
TRUST THE GOLD STANDARD
To the extent that we process personal data, Compliance Solutions GmbH acts as the data controller and is responsible for determining the permissible purpose, scope and means for processing such data.
You have the right at any time to obtain confirmation of the personal data we hold about you, to review its content or to request that it be updated, restricted or deleted, as explained below.
This privacy statement explains the following:
- Types of personal data we collect and use
- The legal basis for the processing of your personal data
- When we may share personal data with third parties
- How we protect and store your personal data
- When we may transfer your personal data abroad
- How long we store personal data
- Your rights: review, update, restrict the use and / or delete your personal data and the possibility to lodge a complaint with a supervisory authority
- How to contact us
1. types of personal data we store and use:
- Data you provide to us: You may provide us with personal data when you contact us in person, by telephone, by email or via social media or our website. This may include information that can be used to identify you or that we can associate with you, including your name, contact information, job title and related organisations, and any other information Compliance Solutions GmbH uses to identify you in relation to our services. This information may fall into the following categories:
- Correspondence, events and updates – we may process information contained in or in relation to communications you send or otherwise provide to us, including for the purposes of subscribing to our newsletters and other publications; registering for seminars and other events, recruiting staff, managing our contact list and other purposes.
- Enquiries in relation to our services – we may process information contained in an enquiry you submit to us indicating your interest in our services, including the content of your enquiry and any contact details. We process this information to respond to your enquiry and, where appropriate, to keep you informed in relation to our services unless you indicate that you no longer wish to hear from us.
- Contractual information – when we enter into a contract to provide legal services to you or procure services from third party providers for Compliance Solutions GmbH, we may process personal information for the purposes of that contact and our related services. This may include personal information contained in correspondence relevant to the contract, data provided for the purposes of the contract, and / or transactional data and account details for the purposes of delivery and receipt of services, payments and for accounting purposes.
- Information we obtain from third parties: We may obtain information about you from public sources or third parties to help us keep our records up to date and analyse them, identify potential clients and carry out compliance and regulatory checks.
2. legal basis for the processing of personal data:
The legal basis for processing your personal data is as follows, depending on the purpose of obtaining the information:
- The performance of a contract (Art. 6 (1) sentence 1 lit. b DS-GVO) – to fulfil our obligations under a contract with you or your organisation or to take action at your request prior to entering into a contract. This may include the processing of personal data provided during correspondence, upon request and for the purposes of contracts and other transactions.
- Your consent (Art. 6 para. 1 sentence 1 lit. a DS-GVO) – if you have expressly consented to information being used for a specific purpose, including subscribing to our newsletter and invitations to events.
- Legitimate interests (Art. 6 para. 1 sentence 1 lit. f DS-GVO) – if the processing is necessary for the purposes of our legitimate interests or those of a third party, unless your interests or fundamental rights and freedoms prevail. On this legal basis, your personal data is processed for the following purposes:
- To respond to enquiries, to contact third parties interested in initiating business and to maintain existing contacts;
- The use of transaction data for the purposes of outgoing and incoming payments and for the collection of debts;
- Company data analysis to evaluate the effectiveness of our services;
- to detect, prevent and respond to actual or potential fraud or other illegal activity or infringement of intellectual property;
- for the operation of our IT and data security systems, including securing our IT systems and databases that contain personal data, to ensure the security of our IT systems and the integrity and recoverability of our data; and
- to protect and enforce our legal and other rights.
- For compliance with legal obligations (Art. 6 (1) sentence 1 lit. c DS-GVO) or to protect vital interests of the data subject or another natural person – We may process personal data to the extent necessary to comply with our legal obligations, including accounting obligations and regulatory requirements or to protect vital interests of the data subject or other natural persons.
3. when we may disclose personal data to third parties:
We may share your personal data with third parties in the following circumstances:
- on a confidential basis to our employees, partners and consultants, as well as to other Compliance Solutions GmbH offices, to the extent necessary for the provision of our services, internal administration, billing, compliance and reporting, promotion of our events and services, and other business purposes;
- to third parties with whom we jointly provide legal services to you;
- to third parties who store and host data for us, as well as to our IT and marketing service providers and to other providers of services including those for the recovery of outstanding debts;
- to third parties for the purposes of money laundering control and other compliance checks as well as for the purposes of combating fraud and crime;
- to our insurers and advisors to the extent necessary to obtain and maintain insurance coverage, obtain advisory services, conduct litigation, accounting and financial audits; and
- to third parties to whom we transfer our rights or obligations, or if parts of our business are sold, transferred or integrated into another entity.
Any information we share with third parties is subject to contractual agreements we have entered into which provide for processing only in accordance with our instructions for the purposes specified therein and in compliance with applicable legal provisions.
Compliance Solutions GmbH reserves the right to disclose the following information: a) to competent courts, law enforcement agencies, governmental or regulatory authorities if required to do so by law or if prompted to do so by an authority; and b) in order to protect the vital interests of the data subject or another natural person.
4. how we protect and store your personal data:
We use technical and organisational measures to protect your personal data. In accordance with our internal policies, your personal data is kept confidential and secure to protect your personal data from accidental loss, alteration, unauthorised use, access or disclosure. Personal data may be stored on our IT systems, those of third party providers and / or in paper form. When we share information with third parties, we obtain written confirmation that they will protect the data appropriately.
Although we do our best to ensure the security of your personal data and only use reliable service providers, unfortunately 100% security cannot be guaranteed. In particular, we are not responsible for the security of personal data that you transmit to us over networks that we do not control, including the Internet and other wireless networks. Our internal policies provide procedures for handling suspected personal data breaches. We will notify you and any relevant authorities of breaches if and to the extent we are required to do so by law.
If you follow a link from our website to a third party website or do business with a third party mentioned on the website, you should be aware that third parties have their own privacy policies for which we are not responsible. You should ensure that you read and understand their privacy statements.
5. when we may transfer your personal data abroad:
As Compliance Solutions GmbH operates across the EU, we may transfer your personal data abroad for storage or processing if this is necessary for any of the above purposes, including to any EU country where Compliance Solutions GmbH does business. If we do so, we will comply with applicable data protection legislation and take appropriate security measures to ensure the security and integrity of your personal data. When we use third-party service providers, we will enter into confidentiality agreements, including appropriate data protection obligations.
6. how long we store personal data:
All personal data will be deleted when it is no longer necessary for the permissible purposes for which it was stored or, if the storage is based on your consent, you revoke your consent and we are not legally obliged or otherwise entitled to continue storing the data. Where necessary, we will retain your personal data until the end of the relevant retention period or until all claims have been resolved if Compliance Solutions GmbH needs to assert or defend any legal claims or otherwise enforce its rights or those of third parties. We will also retain personal data to the extent necessary to comply with our legal obligations, regulatory requirements and reporting obligations. We may also store data in backup systems set up to maintain the integrity of our IT systems for the duration of minimum retention periods.
7. your rights: to review, update, restrict the use of and / or delete your personal data and to lodge a complaint with a supervisory authority:
If you no longer wish to receive updates and communications from us, you can let us know by emailing us at the contact details below.
Compliance Solutions GmbH is required by law to ensure that all information you provide to us remains accurate and up to date. We therefore ask that you contact us to update or correct your information if there are any changes or if you feel that the information we have collected about you is inaccurate. You have the right to do this at any time:
- To request details of the categories of personal data we hold about you, the purposes for which we process the data and any third parties with whom it is shared. Provided the rights and freedoms of others are not affected, we will provide you with a copy of the data;
- request that we update or correct your personal data, object to the use of your personal data or request that we restrict the processing of such personal data for certain purposes. You may object to the processing of personal data for direct marketing purposes and withdraw the consent you have previously given us at any time by sending us an email to email@example.com or contact us via the contact details below. If you object to the processing of the data for other purposes, we will comply unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, including compliance with legal obligations and for the purposes of asserting legal claims;
- if the personal data is no longer needed for the purposes for which it was collected, you may have the right to request its deletion. However, this does not apply if the data is necessary for other purposes, including the fulfilment of a legal obligation or in connection with possible legal claims;
- where we hold personal data with your consent or to perform a contract with you and the processing is carried out by automated means, you may have the right to obtain your personal data from us in a commonly used format so that it can be transferred to another third party provider, provided that this does not adversely affect the rights and freedoms of others;
- file a complaint with the competent supervisory authority. Details of the competent authorities in relation to each of the Compliance Solutions GmbH companies can be found below.
If you wish to exercise your rights in relation to your personal data, please contact us by email or post using the contact details below.
9. how to contact us:
If you require further information or have any questions or comments, please contact Compliance Solutions GmbH using the contact details below.
- By e-mail to: firstname.lastname@example.org;
- or by post to: Compliance Solutions GmbH, for the attention of the Data Protection Officer, Königstr. 80, 70173 Stuttgart, Germany.