We, FACT GmbH Wirtschaftsprüfungsgesellschaft, FACT Steuerberatungsgesellschaft mbH and FACT Rechtsanwaltsgesellschaft mbH, treat your personal data confidentially in compliance with data protection regulations. Regardless of the business relationship you have with us or the context in which you contact us, we would like to explain to you below how we process your data and ensure that it is protected.
For reasons of better readability, we ask for your understanding that we have refrained from using gender-specific expressions and that we have used masculine personal designations to represent all genders.
General information on data processing
Responsible for data processing
The entity responsible for data processing is the
FACT GmbH Wirtschaftsprüfungsgesellschaft
Johanna-Waescher-Straße 13
34131 Kassel
contact
Phone: +49 (0) 561 316686-0
E-Mail: info@fact-ks.de info@fact-ks.de
In the context of data processing, we are joint controllers pursuant to Art. 26 DSGVO with FACT Steuerberatungsgesellschaft mbH and FACT Rechtsanwaltsgesellschaft mbH with regard to the joint operation of the website and the use of jointly used databases, platforms and IT systems. For this purpose, we have stipulated in a joint responsibility agreement how the respective tasks and responsibilities for the processing of personal data are structured and who fulfills which obligations under data protection law. In particular, we have determined how an appropriate level of security and your data subject rights can be ensured. The group of companies is hereinafter referred to as "FACT".
Data protection supervisor
It is important to us that data processing is secure and compliant with data protection law. In order to document this verifiably to the outside world, we have appointed an external data protection officer.
Datenschutzberatung Moers GmbH
Neue Straße 22
34369 Hofgeismar
If you have any questions regarding data protection, please contact our data protection officer at fact-ks@dsb-moers.de If you would like to address your concern directly and confidentially to the data protection officer, you will find further contact details under www.dsbmoers.de. fact-ks@dsb-moers.de gerne zur Verfügung. Möchten Sie Ihr Anliegen direkt und vertraulich an den Datenschutzbeauftragten richten, finden Sie unter www.dsb-moers.de weitere Kontaktdaten.
Purposes and legal basis of data processing
The purposes of data processing for FACT are the provision of services, fulfillment of contracts, fulfillment of legal obligations, provision of information about services of FACT, to contact us.
Apart from that, personal data is processed on the basis of one of the following legal grounds:
- Art. 6 para. 1 lit. a DSGVO for the processing of personal data with the consent of the data subject.
- Art. 6 (1) lit. b DSGVO for the necessary processing of personal data for the performance of a contract with the data subject as well as for the implementation of corresponding pre-contractual measures.
- Art. 6 para. 1 lit. c DSGVO for the necessary processing of personal data for the fulfillment of a legal obligation to which we are subject pursuant to any applicable law of the EU or pursuant to any applicable law of a country in which the DSGVO is applicable in whole or in part.
- Art. 6(1)(f) DSGVO for the necessary processing of personal data to protect the legitimate interests of us or of third parties, unless the fundamental freedoms and rights and interests of the data subject override these. Legitimate interests on our part are, in particular, our business interest in ensuring information security on our website and in our systems, providing information about our range of services and enforcing our legal claims and compliance with other legal provisions.
Data recipients
In our data processing operations, we use service providers committed to confidentiality and data protection. These categories of recipients include: IT service companies, software providers, hosting companies, data destruction companies as well as financial authorities, social security institutions, banks, business registers and external consultants. For quality control of auditing activities, data may be transferred to other auditors. Data is only passed on to public authorities in the event of overriding legal requirements. Data will only be transferred to third countries if the conditions set out in Art. 44 et seq. DSGVO. IT-Dienstleistungsunternehmen, Softwareanbieter, Hosting-Unternehmen, Datenvernichtungsunternehmen sowie Finanzbehörden, Sozialversicherungsträger, Banken, Unternehmensregister und externe Berater. Zur Qualitätskontrolle von Tätigkeiten in der Wirtschaftsprüfung kann es ggf. zur Datenübermittlung an andere Wirtschaftsprüfer kommen. Eine Weitergabe an Behörden erfolgt ausschließlich bei Vorliegen vorrangiger Rechtsvorschriften. Eine Übermittlung von Daten in Drittstaaten erfolgt nur bei Erfüllung der Voraussetzungen aus den Bestimmungen in Art. 44 ff. DSGVO.
Storage period and deletion of personal data
Your right to information, correction, deletion, objection and data portability
You can exercise your right to information, correction and deletion of data at any time. Simply contact us in the ways described above. If you wish data to be deleted but we are still legally obliged to retain it, access to your data will be restricted (blocked). The same applies in the event of an objection. You can exercise your right to data portability insofar as the technical possibilities are available at the recipient's and our end.
If we have obtained your express consent for data processing, you can revoke your consent at any time with effect for the future. The contact options described above are available to you for this purpose.
Right to appeal
Should you wish to complain regarding the processing of your data, you always have the option of contacting us directly by telephone +49 (0) 561 316686-0 or by e-mail at info@fact-ks.de. If you would like to address your concern directly and confidentially to the data protection officer, you will find further contact details at www.dsb-moers.de. Furthermore, you have the option of filing a complaint with a data protection supervisory authority. info@fact-ks.de zu kontaktieren. Möchten Sie Ihr Anliegen direkt und vertraulich an den Datenschutzbeauftragten richten, finden Sie unter www.dsb-moers.de weitere Kontaktdaten. Weiterhin steht Ihnen die Möglichkeit offen, eine Beschwerde bei einer Datenschutz-Aufsichtsbehörde einzureichen.
Provisioning obligation
Without correct information from you, the use of our services, the implementation of contractual agreements or the processing of your request is not possible. Therefore, you have the obligation to provide us with correct information within the scope of your knowledge.
Actuality and amendments of this data protection information
The status of this data protection information is 24.02.2023. The data protection information is regularly reviewed and further developed. The current version of our data protection information is available at: https://www.factks.de/de/datenschutz/. https://www.fact-ks.de/de/datenschutz/.
Privacy information for website visitors
In providing our website, we comply with the requirements of the EU General Data Protection Regulation (DSGVO), the German Federal Data Protection Act (BDSG), the German Telemedia Act (TMG) and the Telecommunications Telemedia Data Protection Act (TTDSG). The purpose of data processing on this website is to provide information about products and services of our company, combined with the possibility for users to make targeted contact with contact persons in the company.
When you visit the website, a connection is established with your browser. The following information collected in the process is temporarily stored in system files and automatically recorded: IP address of your device, date and time of access, name and URL of accessed files, website from which access is made or from which you were directed to our site (referrer URL), browser used and, if applicable, the operating system of your device and the name of your provider.
The aforementioned data is processed by us for the purpose of smooth connection establishment and system security. The accruing connection data is automatically deleted. If the website is misused, log data whose further storage is necessary for evidentiary purposes will be retained until the incident has been clarified.
Contact form
If you write to us via our contact form, your data from the form will be processed to handle your request. The legal basis for the transmission to us is consent according to Art. 6 para. 1 lit. a DSGVO. You can revoke your consent at any time with effect for the future. The data will then be deleted. If no retention obligation arises from your request, the data will be deleted after three years. Your data will be forwarded internally to the responsible contact person for processing your request. Your data will not be passed on to third parties without your permission.
Use of storage technologies on your terminal device
Use of storage technologies on your terminal device This website uses storage technologies ("cookies" and/or your browser's memory) to enable storage of your use of the website. The information generated by cookies about your usage patterns on this website is used to pursue the purpose of data processing in compliance with the respective legal basis.
If the use of storage technologies on your terminal device is necessary for the functionality of the website, we use this technology on the basis of our legitimate interests. The legal basis for data processing is then Art. 6 para. 1 lit. f DSGVO (legitimate interest in establishing a connection to and displaying our website) in conjunction with Section 25 para. 2 no. 2 TTDSG. The cookies are deleted after the end of the session.
If cookies are used which are not necessary for the operation of the website, we ask for your consent in advance. The legal basis for data processing is then Art. 6 para. 1 lit. a DSGVO in conjunction with. § 25 para. 1 TTDSG. The cookies will be deleted after 2 years at the latest. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. The data collection is anonymized; the collected data cannot be related to your person.
Google Tag Manager
We use the "Google Tag Manager" from Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland to manage the Google services. This is used to manage the Google services on our site, there is no data processing by the Google Tag Manager.
Google Ads
Für die Optimierung unserer Werbung setzen wir Google Ads-Tags von Google (Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland) ein. Dies erfolgt auf Basis Ihrer Einwilligung nach Art. 6 Abs. 1 lit. a. DSGVO zur Analyse unserer Website und wirtschaftlichen Optimierung unserer Dienste.
Die Datenverarbeitung mit Google Ads dient uns dazu, dass nur interessierten Personen Werbung angezeigt wird. Im Rahmen des Remarketings werden Code, kleine Grafiken und Cookies von Google auf unserer Website eingebunden. Durch diese wird nachvollziehbar, welche Webseiten Sie außerhalb unserer Seite besuchen und für welche Inhalte Sie sich interessieren. Somit können wir nachvollziehen, welche Werbung auf Google zu Handlungen/Bestellungen von Nutzern auf unserer Seite geführt hat. Wir erhalten lediglich die Anzahl der Nutzer, die auf eine Anzeige geklickt haben und können keine Verbindung zu Ihrer Person herstellen. Im Rahmen dieser Verarbeitung ist nicht ausgeschlossen, dass diese Informationen an einen Server von Google in den USA übertragen werden. Eine Datenübertragung in die USA erfolgt nur, wenn die Anforderungen der Art. 44 ff. DSGVO erfüllt sind. Die Inhalte werden pseudonym verarbeitet und nicht mit anderen Daten wie Ihrem Namen oder Ihrer E-Mailadresse zusammengeführt, mit Ausnahme, Sie erlauben dies Google selbst über Ihr Nutzerkonto. Weitere Informationen hierzu finden Sie in der ausführlichen Datenschutzinformation von Google (https://www.google.com/policies/privacy). Sofern Sie ein Google-Konto besitzen, können Sie die Einstellungen zu den Google-Diensten verwalten und so auch der Datenverarbeitung widersprechen: https://policies.google.com/technologies/ads.
Google Analytics
This website uses Google Analytics 4, a web analytics service provided by Google Ireland Ltd, Gordon House, Barrow Street, Dublin 4, Ireland ("Google"). The legal basis for this processing is your consent according to Art. 6 para. 1 lit. A DSGVO in conjunction with § 25 para. 1 TTDSG.
With your consent, "cookies" (text files) are stored on your terminal device to enable an analysis of the use of the website. A transmission of your IP address to Google servers in the USA takes place in anonymized form. For this purpose, we use a server-side tagging server (SSTS). On our behalf, Google uses the information to evaluate the use of the website, to compile reports on website activity and to provide us with other services related to the use of the website and the Internet. The user data will be deleted after 2 years at the latest.
You can revoke your consent at any time with effect for the future and prevent the use of data by Google by downloading and activating the available browser plugin: http://tools.google.com/dlpage/gaoptout?hl=de.
You may also refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.
Further information on data protection at Google can be found at https://policies.google.com/privacy.
Data security/encryption
This website uses "Hypertext Transfer Protocol Secure" (https). The connection between your browser and our server is encrypted.
Data processing in tax consulting
The processing of personal data in the context of the mandate for tax consultancy is carried out for the execution of the contract on the basis of Art. 6 para. 1 lit. b DSGVO as well as for the fulfillment of the tasks and legal obligations according to Art. 6 para. 1 lit. c DSGVO in connection with § 11 StBerG. In addition, we send information letters to our clients on the basis of our legitimate interest according to Art. 6 para. 1 lit. f DSGVO in order to inform them about developments at FACT and about new legal situations.
If you express your interest in a business relationship with us, we process your data to initiate the contractual relationship on the basis of Art. 6 (1) lit. b DSGVO. If you are in contact with us as a business partner, we process personal data to implement our contractual agreements with you on the basis of Art. 6 (1) lit. b DSGVO and on the basis of our legitimate interests pursuant to Art. 6 (1) lit. f DSGVO in maintaining our business relationships. This includes credit assessment, planning, management, control of business areas and quality standards and maintenance of business relationships.
Your data will be stored for the duration of the execution of the contract. If no contract is concluded, the data is deleted after 3 years. After the end of the contractual relationship, we are obliged to keep the tax-relevant documents for 10 years after the annual financial statement and the end of the calendar year. Afterwards the data will be deleted.
Data processing in audit
The processing of personal data within the scope of the audit mandate is carried out for the execution of the contract on the basis of Art. 6 para. 1 lit. b DSGVO as well as for the fulfillment of the tasks and legal obligations according to Art. 6 para. 1 lit. c DSGVO in connection with the Auditing Act. auf Basis von Art. 6 Abs. 1 lit. b DSGVO sowie zur Erfüllung der Aufgaben und rechtlichen Verpflichtungen nach dem Art. 6 Abs. 1 lit. c DSGVO in Verbindung mit dem Wirtschaftsprüfungsgesetz. Zudem senden wir an unsere Mandaten Informationsschreiben auf Basis unseres berechtigten Interesses gem. Art. 6 Abs. 1 lit. f DSGVO, um diese über Entwicklungen bei der FACT und über neue Rechtslage in Kenntnis zu setzen.
In addition, we send information letters to our clients on the basis of our legitimate interest according to Art. 6 para. 1 lit. f DSGVO in order to inform them about developments at FACT and about new legal situations. If you express your interest in a business relationship with us, we process your data for the initiation of the contractual relationship on the basis of Art. 6 para. 1 lit. b DSGVO. If you are in contact with us as a business partner, we process personal data to implement our contractual agreements with you on the basis of Art. 6 (1) lit. b DSGVO and on the basis of our legitimate interests pursuant to Art. 6 (1) lit. f DSGVO in maintaining our business relationships. This includes credit assessment, planning, management, control of business areas and quality standards and maintenance of business relationships. von Art. 6 Abs. 1 lit. b DSGVO. Stehen Sie als Geschäftspartner in Kontakt mit uns, verarbeiten wir personenbezogene Daten zur Durchführung unserer vertraglichen Vereinbarungen mit Ihnen auf Basis von Art. 6 Abs. 1 lit. b DSGVO und auf Basis unserer berechtigten Interessen gemäß Art. 6 Abs. 1 lit. f DSGVO an der Aufrechterhaltung unserer Geschäftsbeziehungen. Hierzu zählen die Bonitätsprüfung, Planung, Steuerung, Kontrolle der Unternehmensbereiche und Qualitätsstandards und Pflege der Geschäftsbeziehungen. Ihre Daten werden für die Dauer der Vertragsdurchführung gespeichert. Sofern kein Vertrag zustande kommt, werden die Daten nach 3 Jahren gelöscht. Nach Ende des Vertragsverhältnisses sind wir verpflichtet, die steuerrelevanten Unterlagen für 10 Jahre nach Jahresabschluss und Kalenderjahrende aufzubewahren. Anschließend werden die Daten gelöscht.
Data processing in legal services
The processing of personal data in the context of legal advice is carried out for the execution of the contract on the basis of Art. 6 (1) lit. b DSGVO.
If you express your interest in a business relationship with us, we process your data to initiate the contractual relationship on the basis of Art. 6 (1) lit. b DSGVO. If you are in contact with us as a business partner, we process personal data to implement our contractual agreements with you on the basis of Art. 6 (1) lit. b DSGVO and on the basis of our legitimate interests pursuant to Art. 6 (1) lit. f DSGVO in maintaining our business relationships. This includes credit assessment, planning, management, control of business areas and quality standards and maintenance of business relationships.
We process personal data only as long as necessary to achieve the purpose. If the processing purpose ceases to apply, we delete the data in accordance with the provisions of Art. 17 DSGVO. After the purpose of processing has ceased to apply, we retain the data in accordance with the statutory retention periods. Any retention beyond this shall only take place in the event of an exception pursuant to Art. 17 (3) DSGVO.
Data processing on our LinkedIn presence
If you apply to us, we process your data as part of the initiation of an employment relationship on the basis of Art. 88 (1) DSGVO in conjunction with § 26 BDSG. Data will not be passed on to other companies. Data will only be passed on to authorities in the event of overriding legal provisions.
Your data will be stored for the duration of the application process; if you take up employment with us, your application data will be stored by us for the duration of your employment. If the decision on your application leads to a rejection, we retain your data on a legal basis for a further six months and then delete it; in the case of unsolicited applications or your consent to store the data for a longer period for possible future employment, we retain your data until you revoke it or for a maximum of two years.
Data processing on our LinkedIn presence
We use our LinkedIn presence to provide information about our company, our products and services, combined with the possibility for users to interact with us in a targeted manner. The legal basis for data processing is our legitimate interest based on Art. 6 (1) lit. f DSGVO. Our legitimate interest is in particular our business interest in sharing information about our company with customers, interested parties, applicants and third parties and being able to contact them. ist unser berechtigtes Interesse auf Basis von Art. 6 Abs. 1 lit. f DSGVO. Unser berechtigtes Interesse ist insbesondere unser betriebswirtschaftliches Interesse, Informationen zu unserem Unternehmen mit Kunden, Interessenten, Bewerbern und Dritten zu teilen und mit diesen Kontakt aufnehmen zu können.
If we publish image and sound recordings of persons, this is done on the basis of consent (legal basis: Art. 6 para. 1 lit. a DSGVO) or on the basis of a contractual assignment of rights of use (legal basis: Art. 6 para. 1 lit. b DSGVO).
There is an order processing agreement between us and LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland, which can be accessed here: https://legal.linkedin.com/dpa/DE. LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Irland besteht eine Vereinbarung zur Auftragsverarbeitung, die hier abrufbar ist: https://legal.linkedin.com/dpa/DE.
It is not excluded that data from users is processed on systems outside the European Union. LinkedIn has undertaken to comply with the data protection standards of the EU. A data transfer to systems outside the EU only takes place if the requirements of Art. 44 et seq. DSGVO are complied with. You can find out more at: https://www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy&lang=de https://www.linkedin.com/help/linkedin/answer/62533?trk=microsites-frontend_legal_privacy-policy&lang=de
LinkedIn's privacy policy can be found here: https://www.linkedin.com/legal/privacy-policy?trk=homepagebasic_footer-privacy-policy. https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
Your data will only be passed on to authorities if overriding legal provisions exist. If your rights need to be asserted against LinkedIn, we will forward your request to LinkedIn.
For more information on how to exercise your data protection rights against LinkedIn, please see LinkedIn's privacy policy: https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacypolicy. https://www.linkedin.com/legal/privacy-policy?trk=homepage-basic_footer-privacy-policy.
For more information on how you can exercise or implement your data subject rights directly against LinkedIn (e.g. account settings, downloads or requests), please visit: https://www.linkedin.com/help/linkedin/answer/50191?trk=microsites-frontend_legal_privacy-policy&lang=de. https://www.linkedin.com/help/linkedin/answer/50191?trk=microsites-frontend_legal_privacy-policy&lang=de.
Use of Insight Data
We place advertisements on LinkedIn and use Insight data provided by LinkedIn to evaluate the behavior of our target group or users in the context of interaction with our site. The targeting of advertising is a legitimate interest of our company. LinkedIn users are informed of this; the responsibility for data collection lies primarily with LinkedIn. A joint responsibility agreement has been concluded with LinkedIn. Countervailing interests of users worthy of protection (display of individual target group-optimized advertising) are not predominant. The legal basis for us is Art. 6 (1) lit. F DSGVO in connection with the joint responsibility with LinkedIn. You can find the joint responsibility agreement here: https://legal.linkedin.com/pages-joint-controller-addendum. If you assert your data subject rights against us, we will forward them to LinkedIn in accordance with the agreement. https://legal.linkedin.com/pages-joint-controller-addendum. Sofern Sie Ihre Betroffenenrechte gegenüber uns geltend machen, werden wir sie entsprechend der Vereinbarung an LinkedIn weiterleiten.
8. Veranstaltung
Zu detailieren Planung der anstehenden Veranstaltung „Von Rating bis Berichterstattung – ESG-Themen richtig anpacken“, die am 12. März 2024 im Schloss Schönfeld, Kassel oder online stattfinden wird, übermitteln wir Ihre Daten an unseren Veranstaltungspartner Creditreform Kassel / Fulda Schlegel & Busold KG.