- Preamble
- Controller
- Overview of processing operations
- Relevant legal bases
- Security Precautions
- Transmission of Personal Data
- International data transfers
- Data Retention and Deletion
- Rights of Data Subjects
- Business services
- Business processes and operations
- Providers and services used
- Provision of online services and web hosting
- Use of Cookies
- Changes and Updates
Preamble
With the following privacy policy we would like to inform you which types of your personal data (hereinafter also abbreviated as "data") we process for which purposes and in which scope. The privacy statement applies to all processing of personal data carried out by us, both in the context of providing our services and in particular on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter collectively referred to as "online services").
The terms used are not gender-specific.
Controller
CEvidence.Consulting, LLC
3833 Powerline Road, Suite 201
Fort Lauderdale, FL 33309
Florida, United States of America
Authorised Representatives: Thomas Frank
E-mail address: thomas@cevidence.de
Phone: +1 954-874-8422
Legal Notice: cevidence.consulting/#legal
Overview of processing operations
Categories of Processed Data
- Inventory data
- Payment Data
- Contact data
- Content data
- Contract data
- Usage data
- Meta, communication and process data
- Images and/or video recordings
- Audio recordings
- Log data
Categories of Data Subjects
- Service recipients and clients
- Employees
- Prospective customers
- Communication partners
- Users
- Business and contractual partners
- Persons depicted
- Third parties
Purposes of Processing
- Provision of contractual services and fulfillment of contractual obligations
- Communication
- Security measures
- Office and organisational procedures
- Marketing
- Provision of our online services and usability
- Information technology infrastructure
- Financial and Payment Management
- Business processes and management procedures
Relevant legal bases
Relevant legal bases according to the GDPR: In the following, you will find an overview of the legal basis of the GDPR on which we base the processing of personal data. Please note that in addition to the provisions of the GDPR, national data protection provisions of your or our country of residence or domicile may apply.
- Consent (Article 6 (1) (a) GDPR) – The data subject has given consent to the processing of his or her personal data for one or more specific purposes.
- Performance of a contract and prior requests (Article 6 (1) (b) GDPR) – Performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.
- Compliance with a legal obligation (Article 6 (1) (c) GDPR) – Processing is necessary for compliance with a legal obligation to which the controller is subject.
- Legitimate Interests (Article 6 (1) (f) GDPR) – The processing is necessary for the protection of the legitimate interests of the controller or a third party, provided that the interests, fundamental rights, and freedoms of the data subject do not prevail.
Reference to the applicability of the GDPR and the Swiss DPA: This privacy policy serves both to provide information pursuant to the Swiss Federal Act on Data Protection (FADP) and the General Data Protection Regulation (GDPR).
Security Precautions
We take appropriate technical and organisational measures in accordance with the legal requirements, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, in order to ensure a level of security appropriate to the risk.
Securing online connections through TLS/SSL encryption technology (HTTPS): To protect the data of users transmitted via our online services from unauthorized access, we employ TLS/SSL encryption technology. When a website is secured with an SSL/TLS certificate, this is indicated by the display of HTTPS in the URL.
Transmission of Personal Data
In the course of processing personal data, it may happen that this data is transmitted to or disclosed to other entities, companies, legally independent organizational units, or individuals. Recipients of this data may include service providers tasked with IT duties or providers of services and content that are integrated into a website. In such cases, we observe the legal requirements and particularly conclude relevant contracts or agreements that serve to protect your data with the recipients of your data.
International data transfers
If we transfer data to a third country (i.e., outside the European Union (EU) or the European Economic Area (EEA)), this is always done in accordance with legal requirements.
For data transfers to the USA, we primarily rely on the Data Privacy Framework (DPF), which has been recognized as a secure legal framework by the EU Commission's adequacy decision of July 10, 2023. Additionally, we have concluded Standard Contractual Clauses with the respective providers.
Further information: dataprivacyframework.gov | EU Commission on international transfers
General Information on Data Retention and Deletion
We delete personal data that we process in accordance with legal regulations as soon as the underlying consents are revoked or no further legal bases for processing exist. Exceptions exist if statutory obligations or special interests require a longer retention or archiving of the data.
Data that must be retained for commercial or tax law reasons must be archived accordingly. In cases where multiple retention periods are specified, the longest period always prevails.
Rights of Data Subjects
As data subject, you are entitled to various rights under the GDPR, which arise in particular from Articles 15 to 21 of the GDPR:
- Right to Object: You have the right to object at any time to the processing of your personal data based on Article 6(1)(e) or (f) GDPR, including profiling based on those provisions.
- Right of withdrawal for consents: You have the right to revoke consents at any time.
- Right of access (Art. 15 GDPR): You have the right to request confirmation as to whether your data is being processed and to receive a copy of that data.
- Right to rectification (Art. 16 GDPR): You have the right to request the completion or rectification of incorrect data.
- Right to Erasure and Right to Restriction of Processing (Art. 17, 18 GDPR): You have the right to demand erasure or restriction of processing.
- Right to data portability (Art. 20 GDPR): You have the right to receive your data in a structured, common and machine-readable format.
- Complaint to the supervisory authority: You have the right to lodge a complaint with a data protection supervisory authority in the Member State where you habitually reside or work.
To exercise your rights: thomas@cevidence.de
Business services
We process data of our contractual and business partners within the context of contractual and comparable legal relationships as well as associated actions and communication with the contractual partners or pre-contractually, e.g. to answer inquiries.
Consulting: We process the data of our clients in order to be able to provide our services to them. The processes include: contacting and communicating with clients, conducting needs analyses, planning and implementing consulting projects, documenting project progress and results, scheduling appointments, invoicing, and quality assurance. Legal Basis: Art. 6(1)(b) GDPR.
Business processes and operations
Personal data of service recipients and clients are processed within the framework of contractual and comparable legal relationships. This includes customer management, sales, payment transactions, accounting, and project management.
Providers and services used in the course of business
As part of our business activities, we use additional services from third-party providers in compliance with legal requirements.
Provision of online services and web hosting
We process user data in order to be able to provide our online services. For this purpose, we process the IP address of the user, which is necessary to transmit the content and functions of our online services to the user's browser or terminal device.
Google Fonts: This website loads fonts via the Google Fonts API (Google LLC, Mountain View, CA 94043, USA). Your IP address is transmitted to Google in the process. No cookies are set. Legal Basis: Art. 6(1)(f) GDPR. Google Privacy Policy.
YouTube Videos
YouTube (Google LLC)
This website embeds videos hosted on YouTube (Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA). When you play a video, a connection to YouTube servers is established and your IP address and browser data are transmitted to Google. YouTube may set cookies and use the data in accordance with its privacy policy. Legal basis: Art. 6(1)(a) GDPR (consent by playing the video).
YouTube Privacy Policy: policies.google.com/privacy
Use of Cookies
This website uses cookies in accordance with legal regulations. We use only technically necessary cookies required for the operation and security of the website. No tracking cookies, analytics cookies or advertising cookies are used.
Changes and Updates
We ask you to inform yourself regularly about the content of our privacy policy. We adapt the privacy policy as soon as the changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g. consent) or other individual notification.