1. Name and contact data of the controller and of the company’s Data Protection Officer
KBHT Kalus + Hilger PartG mbB
Wirtschaftsprüfer, Steuerberater, Rechtsanwälte
StB Dr. Martin Heyes
StB Volkher Schlegel
41460 Neuss / Germany
Telefon: +49 (0) 2131 / 92 43 – 0
Telefax: +49 (0) 911 / 14 75 54 92
Data Protection Officer:
You can contact the data protection officer using the aforementioned contact data while addressing your matter to the attention of the data protection officer, or by writing an email to firstname.lastname@example.org.
2. Type, scope and purpose of the collection, processing and use of personal data
a) Visiting our website
When you visit our website at www.kbht.de, the browser installed on your device automatically sends information to the server of our website. This information is stored in a “log file” for 30 days. The following information is collected without any action on your part and is stored until it is automatically deleted:
- IP address assigned to your computer,
- date and time of access,
- name and URL of the retrieved file,
- website from which access is made (referrer URL),
- the browser used and, where appropriate, the operating system of your computer and the name of your access provider.
We process this data for the following purposes:
- to ensure a smooth connection to the website,
- to make our website more user-friendly,
- to evaluate system security and stability, and
- for other administrative purposes.
The legal basis for data processing is Article 6 (1) (1) (f) of the GDPR (General Data Protection Regulation). The purposes listed above constitute legitimate interests as defined by GDPR. We will not, under any circumstances, use the data collected to identify you.
b) Using our initial consultation form
If you wish to arrange an initial consultation, you can use the form provided on our website. We require a valid email address so that we know who sent the request and can respond to it. Any other information you provide is voluntary.
We process the data you provide in the contact form in accordance with Article 6 (1) (1) (a) GDPR to establish a good business relationship.
3. Transfer of data
We will not transfer your personal data to third parties for purposes other than those listed below.
We will only disclose your personal data to third parties if
- you have given your explicit consent in accordance with Article 6 (1) (1) (a) GDPR,
- the disclosure is necessary in accordance with Article 6 (1) (1) (f) GDPR for the enforcement, exercise or defence of legal claims and there is no reason to assume that you have an overriding legitimate interest in non-disclosure of your data,
- the processing is necessary for compliance with a legal obligation as laid down in Article 6 (1) (1) (c) GDPR, and
- it is legally permissible and necessary for the performance of a contract with you in accordance with Article 6 (1) (1) (b) GDPR.
The information stored in the cookie depends on the device used to access the website. However, this does not mean that we can use this information to identify you.
The data processed by cookies are necessary for the aforementioned purposes of pursuing our and third-party legitimate interests in accordance with Article 6 (1) (1) (f) GDPR.
Most browsers accept cookies by default. You can prevent cookies from being stored on your computer by configuring your browser not to accept cookies or to notify you before websites try to set cookies. Please note that if you disable cookies altogether, you may not be able to use all functions and features of our website.
5. Analysis tools
a) Tracking tools
We use the tracking tools listed below in accordance with Article 6 (1) (1) (f) GDPR. We use tracking tools primarily to customise and optimise our website on a continuous basis. We also use tracking tools for statistical purposes to record the use of our website and to evaluate it to optimise its content. These are legitimate interests for purposes of the aforementioned regulation.
The purpose of data processing and the data categories are based on the following tracking tool.
Your IP address will not, in any case, be associated with any other user data. The IP addresses are anonymised so that they cannot be associated with any specific person (IP masking).
You can specify here whether you agree to the storage of a unique web analysis cookie in your browser, to enable the website operator to record and analyse various statistical data.
If you do not want this cookie to be stored, click the following link to store the Matomo deactivation cookie in your browser.
6. Rights of the data subject
You have the rights:
- to obtain information about your personal data we process in accordance with Article 15 GDPR. In particular, you may obtain information about the purposes of processing, the category of personal data, the categories of recipients to whom your data have been or will be disclosed, the envisaged period for which the personal data will be stored, the existence of the right to request rectification or erasure of personal data or restriction of processing of personal data or to object to such processing, the right to lodge a complaint, the source of data, where we have not collected the data, and the existence of automated decision-making, including profiling and, where appropriate, meaningful information about the details involved;
- to obtain from us without undue delay the rectification of inaccurate personal data we store on you in accordance with Article 16 GDPR;
- to obtain from us the erasure of personal data we store on you without undue delay in accordance with Article 17 GDPR, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the establishment, exercise or defence of legal claims;
- to obtain from us restriction of processing in accordance with Article 18 GDPR if you contest the accuracy of the personal data, the processing is unlawful and you oppose the erasure of the personal data and we no longer need the personal data, but you require the data for establishment, exercise or defence of legal claims or if you have objected to processing pursuant to Article 21 GDPR;
- to receive the personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller in accordance with Article 20 GDPR;
- to withdraw your consent at any time in accordance with Article 7 (3) GDPR. As a result, we will no longer be allowed to process data based on this consent going forward, and
- in accordance with Article 77 GDPR, you can contact the supervisory authority of your habitual residence or place of work or our firm’s office.
7. Right to object
If your personal data are processed based on legitimate interests pursuant to Article 6 (1) (1) (f) GDPR, you have the right to object to the processing of your personal data in accordance with Article 21 GDPR on grounds relating to your particular situation or for direct marketing purposes. In the latter case, you have a general right of objection, which we will implement without specifying the particular situation.
If you wish to object to the use of your personal data or if you wish to revoke your consent, please send an e-mail to email@example.com.
8. Data security
We use the most common SSL (Secure Socket Layer) method in connection with the highest level of encryption supported by your browser. In most cases, this is 256-bit encryption. If your browser does not support 256-bit encryption, we use 128-bit v3 technology instead. Whether a particular page of our website is transmitted in encrypted form is indicated by showing a locked key or lock symbol in the lower status bar of your browser.
We also use technical and organisational measures to protect your data against accidental or intentional manipulation, full or partial loss, destruction or unauthorised third-party access. Our security measures are revised on a continual basis and brought into line with the latest technology standards.