Responsibility

As long-time data protection experts, we don't need to tell you that we protect your data as best we can, because that's exactly what we do. We as Fresh Compliance operate - how could it be otherwise - the website freshcompliance.de (also a LinkedIn profile of the same name, a Twitter channel and gdpr-chatbot.com, but more about that on the respective websites). If you have any questions about data protection and your rights mentioned below, you can contact us at any time via dsb .at. freshcompliance.de

If you prefer to call us (+49 (30) THREE 2765751) or even write us a letter:
Fresh Compliance GmbH, Fürbringerstr. 15, 10961 Berlin, Germany

Your rights

Thanks to European data protection law (from DSGVO and BDSG-neu), you are entitled to comprehensive rights. Some are only relevant if you are our customer or client (and we therefore process your data):

• Right of withdrawal Art. 7 para. 3 DSGVO and § 51 para. 3 BDSG-neu (this means that you can, for example, revoke consent at any time - in our case, for example, when using the chatbot, if you clicked on "Yes" at the beginning of the chat and would like to "undo" this)
• Right to information Art. 15 DSGVO and § 57 BDSG-neu (this means that you as our customer or client may ask us at any time, for example, which applications we use and which of your data we store in them; as a visitor to this website, you also have a right to information, but we have deactivated all logging and storage functions of the server, so the answer (no!) will be short).
• Correction Art. 16 DSGVO and § 58 para. 1 BDSG-neu (this means that you can contact us if, for example, your e-mail address has changed and we should replace the old e-mail address).
• Deletion Art. 17 DSGVO and § 58 para. 2 BDSG-neu (this means that you can contact us if you have sent us a personal contact request, but it is already done for you and you therefore want it to be removed from our email inbox).
• Restriction of processing Art. 18 DSGVO and § 58 para. 3 BDSG-neu (this means that you, as our customer or client, can contact us if you would like us not to delete your e-mail address, but only to use it for sending absolutely necessary e-mails, which we already do only in this form anyway).
• Data portability Art. 20 DSGVO (this means that you as our customer or client can contact us to receive your data stored with us in a compressed format - as long as there are no standardized interfaces or useful tools for this, we will provide you with your data either unprocessed in a zip file or in an EXCEL/CSV file).
• Objection Art. 21 DSGVO (this means that you can object to certain data-processing operations, i.e. you could contact us if you do not agree with an advertising or analysis procedure, but which, as mentioned, are not used by us at all).
• Right of complaint Art. 77 (1) DSGVO, cf. Section 19 (2) BDSG-neu (this means that you can also contact the data protection supervisory authorities directly with complaints, they are required to refer you to the right place in case of doubt)

Unless you use our contact form, visiting www.freshcompliance.de is usually possible without providing personal data. You wonder what personal data is? First and foremost, all information or data, whether in digital or physical form, that allows a conclusion to be drawn about you. So what is written about you on the plastic blank of your credit card is just as much part of it as your IP address (in this case limited in time), just as a piece of paper with your name and telephone number. A legal definition can be found in Section 46 No. 1 BDSG-neu, according to which personal data can be any information "relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person".

Recruiting

Insofar as you apply to us online or otherwise respond to one of our job ads, we collect and process the personal applicant data for the purpose of handling the application process. The processing is primarily carried out electronically. This is particularly the case if corresponding application documents are submitted electronically to us, for example by e-mail or via a web form located on the website. If we conclude an employment contract, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. If we do not conclude an employment contract, the application documents will be deleted six months after notification of the rejection decision - this retention period is justified by a potential obligation to provide evidence in proceedings under the General Equal Treatment Act (AGG). If consent was given, applications may also be retained for longer than six months.

The legal basis is the establishment and performance of the employment relationship on the basis of an employment contract in accordance with Art. 6 para. 1 lit. b GDPR, Art. 88 GDPR with § 26 BDSG (Federal Data Protection Act of Germany).

General data

Technically necessary for the provision of the website is the processing of certain connection data, often also referred to as log or protocol data. Among other things, this involves the following data:

• IP address
• Timestamp with date and time
• Browser and operating system
• Transmitted data volume, if necessary further technical data

The purpose of this data is to establish a connection with our website and to display it correctly on your terminal device. The data is used to connect your browser with our web server, on which the website is stored.

The legal basis is thus the legitimate interest on your part and ours in visiting and displaying the website, as this data is technically necessary.

To protect your privacy, the aforementioned data is only stored temporarily and automatically deleted after the end of use. A so-called access log (protocol) for storing this data has been deliberately deactivated by us on the web server. Furthermore, our entire website is encrypted via https to protect the connection established to us from third parties (e.g. hackers or your neighbor in the co-working space).

Contact form

On www.freshcompliance.de the plugin “Contact Form 7”
is used to record your information in a standardized way and to send it via an integrated email function of WordPress to our own email server via Exchange. The information you provide is therefore not stored with third parties and is not accessible to them. Nevertheless, communication via unencrypted e-mail involves a residual risk to which we would like to refer at this point.

The sole purpose of the contact form is to establish contact and the subsequent contact between you and us, Fresh Compliance. We will only use your contact data for this purpose, e.g. to send you a consulting offer or to get back to you by phone, if you have indicated this.

The legal basis at this point is your voluntary decision to contact us by entering your data in the contact form. It is therefore the legitimate interest of both parties that the desired contact is established.

To protect your privacy, as already mentioned, the data entered will only be used for contacting you and the subsequent contact with you. As soon as the data is no longer needed, we remove it, for example, if you are not interested in the offer sent or it is otherwise apparent that no further communication is desired. For the encryption of all incoming and outgoing requests on our website via https, we rely on an SSL certificate from the Lets-EncryptLets-Encrypt-Initiativewhich we update regularly.

Cookies and tracking

No tracking or website analysis tools are used on www.freshcompliance.de.
However, cookies are sometimes used to ensure basic functions of the website. These are small files that are stored on your terminal device and contain certain settings and data for exchange with our system via your browser.
There are two types of cookies. Session cookies are deleted as soon as you close your browser and permanent cookies, which are stored for a longer period or indefinitely on your data carrier. This storage helps to design the website and makes it easier for you to use, for example, by storing certain entries you make so that they do not have to be entered again.
You can delete the cookies in the settings of your browser at any time and configure these settings according to your wishes. As a rule, the help function in the menu bar of your web browser will show you how to reject new cookies and delete those you have already received. However, it may then no longer be possible to use all the functions of the website.

Privacy policy status: September 2023