Data protection information

Last updated: 1 May 2022

Who is responsible for the processing of your data?

Schultze & Braun GmbH & Co. KG

together with:

Schultze & Braun Rechtsanwalts­gesellschaft für Insolvenzverwaltung mbH

Schultze & Braun GmbH Rechtsanwalts­gesellschaft Wirtschaftsprüfungs­gesellschaft

Schultze & Braun GmbH Rechtsanwalts­gesellschaft

Schultze & Braun GmbH Steuerberatungs­gesellschaft Wirtschaftsprüfungs­gesellschaft

Schultze & Braun GmbH Forensic Services Rechtsanwalts­gesellschaft

All at:

Eisenbahnstraße 19-23, 77855 Achern, Germany

Telephone: +49 7841 7080

Contact

How can you contact the data protection officer?

You can contact our data protection officer at the above address or by e-mail directly at:

Contact

What is your data needed for?

(A1)        Provision of the website and creation of log files

With each visit to our website, our system automatically collects data and information from the computer system used to access the site. The following data is collected:

  • IP address
  • Date and time of the request
  • Time zone difference to Greenwich Mean Time (GMT)
  • Content of the request (specific page)
  • Access status/HTTP status code
  • Volume of data transferred in each case
  • Website from which the request originates
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

The data is used to optimise our website and to ensure the security of our information technology systems. The data is also stored in our system's log files. (Continue to A2)

(B1)        Use of cookies

Cookies are text files that are stored in or by the internet browser on the user’s computer system.

As explained below under (G1), users can object to the pseudonymised analysis on our website, in which case a cookie (piwik_ignore) will be created to prevent future tracking.

It is also necessary to set such a cookie for the login to function (fe_typo_user) if the user has to log on to one of our pages with a user ID and password, e.g. in connection with an event.

Finally, we use a cookie (fe_typo_user) in order to prevent misuse of our forms.

(Continue to B2)             

(C1)        Requesting newsletter/information/Registering for events

Our website offers the option to subscribe to a free newsletter and to register for an event. When you subscribe, data entered in the form will be transferred to us.

This data is:

  • Title
  • First name and surname
  • E-mail address

When the message is sent, the following data will in addition be stored:

  • IP address of the originating computer
  • Date and time of registration

We process the personal data entered in the form in order to deal with the user’s request. The personal data additionally processed during transmission helps to prevent misuse of the registration form and to ensure the security of our information technology systems. (Continue to C2)

(D1)       Contact forms and e-mail contact

Contact forms on our website can be used to get in touch electronically. If a user chooses to do so, the data entered in the form will be transferred to us and stored. This data is:

  • Title
  • First name and surname
  • E-mail address
  • Message

When the message is sent, the following data will also be stored:

  • IP address of the originating computer
  • Date and time of transfer

Alternatively, contact can be made via the e-mail address provided. In this case, the user's personal data transmitted with the e-mail will be stored.

We process the personal data entered in the form in order to deal with the enquiry. The other personal data processed during transfer helps to prevent misuse of the contact form and to ensure the security of our information technology systems. (Continue to D2)

(E1)        Evaluation form

Seminar participants have the ability to provide an anonymous evaluation. When the evaluation form is sent, the following data will be stored to prevent misuse of the registration form and to ensure the security of our information technology systems:

  • IP address of the originating computer
  • Date and time of transfer

(Continue to E2)

(F1)        Podcasts

For our podcasts, we use the podcast hosting service Podigee provided by Podigee GmbH, Schlesische Straße 20, 10997 Berlin, Germany (“Podigee”). Podcasts are loaded by Podigee onto its website or broadcast by Podigee. When a podcast is accessed, Podigee will process the following data:

  • Podcast agent ID of the podcast service potentially being used if the podcast is accessed through a different service, such as Spotify, Apple or Amazon Music
  • IP address
  • Date and time of the request
  • Access status/HTTP status code
  • Volume of data transferred in each case
  • Browser
  • Operating system and its interface
  • Language and version of the browser software

Such data will be anonymised or pseudonymised by Podigee prior to being stored in the database unless it is required in order to provide the podcasts. Data is processed in order to securely and efficiently provide the podcasts for downloading/playing and to carry out aggregate statistical reach analyses, e.g. to determine access numbers in order to optimise our podcast offering. You can find further information about data protection by Podigee and about ways to object at: https://www.podigee.com/de/about/privacy/.

(Continue to F2)

(G1)       Matomo (formerly Piwik)

On this website, we use Matomo open source software (www.matomo.org), a service provided by InnoCraft Ltd., 150 Willis St, 6011 Wellington, New Zealand. When our website is accessed, the following data is stored on our server:

  • IP address, with the last two bytes truncated (anonymised)
  • Browser
  • Operating system and its interface
  • Record of sections of our website and its sub-pages viewed by the visitor

We need such data to carry out a statistical analysis of instances of visitor access so that we can optimise our website and make it more user friendly. The data collected is stored only on our server. It is not passed on to third parties. If you do not wish to participate in the pseudonymised analysis of our website, you can object to the processing of your data for this purpose by deactivating (unticking) the check box below.

Unticking the check box will store a cookie on the user’s browser to prevent future tracking. If the user has blocked cookies on his/her browser, he/she must actively permit this cookie to be installed. If cookies stored on the user’s browser are removed, this may cause the Matomo deactivation cookie for this website to be removed as well. In this case, the deactivation process must be repeated in order to opt out.

(Continue to G2)

What is the legal basis for the data processing?

(A2)        Data is stored in log files in order to ensure that the website functions properly. In addition, the data is used to optimise our website and to ensure the security of our information technology systems. These purposes constitute our legitimate interest in the data processing (Article 6(1)(f) of the General Data Protection Regulation – GDPR). (Continue to A3)

(B2)        Legitimate interest, as already indicated in (B1) (Article 6(1)(f) GDPR). (Continue to B3)

(C2)        The data entered in the form will be processed with consent to receipt of the newsletter (Article 6(1)(a) GDPR). The data from event registration will be processed for performance of a contract (Article 6(1)(b) GDPR).

The processing of the personal data additionally transmitted helps to prevent misuse of the registration form and to ensure the security of our information technology systems (legitimate interest, Article 6(1)(f) GDPR).

(Continue to C3)

(D2)       Depending on the type of message, the legal basis for processing the data entered in the form may be consent (Article 6(1)(a) GDPR), taking steps prior to entering into a contract or the performance of a contract (Article 6(1)(b) GDPR).

               The processing of the additional personal data transmitted helps to prevent misuse of the registration form and to ensure the security of our information technology systems (legitimate interest, Article 6(1)(f) GDPR).

(Continue to D3)

(E2)        The processing of the personal data transmitted helps to prevent misuse of the evaluation form and to ensure the security of our information technology systems (legitimate interest, Article 6(1)(f) GDPR). (Continue to E3)

(F2)        The use of and data processing by Podigee as sub-provider of our processor Schultze & Braun GmbH & Co. KG, Eisenbahnstraße 19- 23, 77855 Achern, Germany (“Schultze & Braun”) takes place on the basis of our legitimate interests in the secure and efficient provision, analysis and optimisation of our podcast offering (legitimate interest, Article 6(1)(f) GDPR). (Continue to F3)

(G2)       Legitimate interest, as already indicated in (G1) (Article 6(1)(f) GDPR). (Continue to G3)

Are your data passed on to other recipients?

(A3, B3, C3, D3, E3)

               No. (Continue to A4, B4, C4, D4, E4)

(F3)        The data will be processed by Podigee as sub-provider of our processor Schultze & Braun in compliance with European data protection law. A processing contract is in place both with our processor and with Podigee that governs how your personal data is processed. We ourselves remain responsible for processing your personal data even if we task other companies to do this.

If podcast access and subscription takes place through third-party podcast platform providers to which we refer on our website (e.g. Spotify, Apple or Amazon Music), usage data may be collected by these podcast platform providers and in some cases stored by them in server logs. If you click on one of these podcast platform provider buttons, your browser will establish a direct connection with the servers of the relevant podcast platform providers. We have no influence over the scope of the data collected by the podcast platform providers. Information about the data collected by third-party podcast platform providers and about how it is stored and used can be found in the data protection notices of these podcast platform providers.

(Continue to F4)

(G3)       The data collected is stored only on our own server. It is not passed on to third parties. (Continue to G4)

Blog button:

You can also access our blog using the blog button on our website. If you click on the blog button, your browser will establish a direct connection with our standalone blog site. Information about the collection and use of data on our blog site can be found here […].

Career button/application:

Clicking on the career button on our website will take you to our career site, which among other things contains job offers for you. By clicking on the button “Unsolicited applications” or one of the job offers, you will be directed to our own applicant portal, which we operate on the server of our service provider (BITE GmbH, Magirus-Deutz-Strasse 12, 89077 Ulm). Your browser will establish a direct connection with BITE GmbH’s server. Information on the collection and use of data by BITE GmbH can be found in their data protection notices at www.b-ite.de/legal-notice.html. You can then apply by clicking on one of the other buttons (E-mail application or Online application). Additional information on the collection and use of data for applicants to Schultze & Braun can be found here […….].

Social media button:

On our website, we also refer to social networks on which we maintain an online presence. If you click on one of these social media buttons, your browser will establish a direct connection with the servers of the relevant social media providers. We have no influence over the scope of the data collected by the social media providers. You can find further notices about data protection for the use of social media at Schultze & Braun here https://www.schultze-braun.de/dssocialmedia/.

CIS button:

CIS (“GIS” in German) – the online creditor information system that can be reached via our website – is operated by STP Business Information GmbH, Brauerstrasse 12, 76135 Karlsruhe, Germany. If you click on the CIS button, your browser will establish a direct connection with STP Business Information GmbH’s server. Information on the collection and use of data by STP Business Information GmbH can be found in their data protection notices at https://www.insolvenz-portal.de/datenschutz-datensicherheit.

How long is your data stored?

(A4)        Data stored in log files is deleted after seven days at the latest. A longer retention period is possible. In this case, the user's IP address will be erased or masked in order to ensure that it can no longer be associated with the contacting client. (Continue to A5)

(B4)       Cookies are only needed for the current session and are automatically deleted by the user’s browser when the session ends/when logging out.

               The cookie to prevent future tracking created as described in (G1) will remain active until the user actively deletes it from his/her browser or until the user again consents to tracking by ticking the box.

(Continue to B5)

(C4)        Requesting the newsletter/information:

               The user's data is stored until consent to receiving the newsletter is revoked by the user. The e-mail address remains stored in order to keep a record of the revocation. Other personal data collected in the course of the subscription process will be erased, generally after seven days.

Registration for events:

Data is generally stored for 6 years.

(Continue to C5)

(D4)       The date of erasing the data depends on the content of the message. If the content relates to a client relationship, for example, the data is stored for 6 years. If it involves tax matters, the retention period is 10 years. Personal data collected additionally in the course of data transfer will be erased, generally after seven days. (Continue to D5)

(E4)       Personal data collected in the course of data transfer will be erased, generally after seven days. (Continue to E5)

(F4)        All data processed in connection with providing the podcast will be erased once it is no longer needed for providing podcasts. The anonymised or pseudonymised data processed for statistical purposes will be erased once it is no longer needed for generating the statistics. You can find further information about data protection by Podigee and about ways to object at: www.podigee.com/de/about/privacy/.

Information about the storage duration for data collected in connection with the use of third-party podcast platform providers can be found in the privacy policies of these providers.

(Continue to F5)

(G4)       Stored, anonymised data will be deleted after 24 months, at the latest. (Continue to G5)

Is your data forwarded to a non-EU state or an international organisation?

(A5, B5, C5, D5, E5, G5)

               No.

(F5)        Yes. The information collected by Podigee is possibly transferred to sub-providers of Podigee that have their registered office in a third country. Podigee has committed to ensure that the required level of data protection is also guaranteed by sub-providers. To our knowledge, the transferred data is anonymised or at least pseudonymised and also does not involve personal data, meaning that the required guarantees are sufficient in any case.

Information about transfer to a third country of the data collected in connection with the use of third-party providers can be found in these providers’ data protection notices.

What rights do you have?

You have the right to information about the personal data that we process. If a request for information is not made in writing, please appreciate that we may then require proof from you that you are the person whom you claim to be.

You furthermore have a right to rectification or erasure of your personal data, or to restriction of processing, insofar as you are entitled to do so by law.

You also have a right to object to the data processing within the scope of legal requirements. The same applies to a right to data portability.

If we process your data on the basis of consent given, you may revoke this consent at any time. Processing up to the date of revocation remains lawful.

At which supervisory authority can you lodge a complaint?

You can lodge a complaint at a supervisory authority for data protection within the EU if you believe that your data is not being processed lawfully by us.